Max Cohen

Cybersecurity professional able to bridge AI/ML to detect online threats. Team- and people-oriented, eager to tackle novel technical challenges.

Israel

About

I'm fascinated by systems and how bad actors exploit them. Whether it's a web app, network infrastructure, or an entire social media platform, there's always someone trying to make your system do something it wasn't designed to do. With 8 years of experience in offensive cybersecurity, I am committed to strengthening defenses by strategically identifying and resolving vulnerabilities before the bad guys can exploit them. I've gained extensive hands-on experience leading dozens of Red Team and penetration testing assessments, as well as working with decision makers on how to approach cyber from a more strategic perspective by incorporating threat modeling and security into their software development lifecycle. My master's research bridges cybersecurity, machine learning, and social media, where I'm exploring frameworks to detect online inauthentic coordinated activity. I'm currently seeking my next challenge. If you'd like to talk, please PM me!

Experience

  • Cyber Architect at Phoenix Financial
    Aug 2025 - Present · 1 yr

    Leading Phoenix Group's enterprise API security initiative across on-prem and cloud environments. Building observability and anomaly detection in Datadog, defining API security and monitoring processes, and embedding automated security testing into the SDLC alongside development, DevOps, and pentesting functions.

  • Fellow at Nevo Network
    Sep 2024 - Present · 1 yr 11 mos

    The Nevo Fellows are a select group of diverse Olim in tech who participate in a 10-month program of mentorship, coaching, and network building to grow the next generation of leaders and create impact in the Israeli tech ecosystem.

  • Senior Red Team Member at Sompo Digital Lab Tel Aviv
    Aug 2021 - Jun 2025 · 3 yrs 11 mos

    Led dozens of web application and infrastructure pentesting assessments across 20+ Sompo subsidiaries. Embedded security into the SDLC through threat modeling, secure code review, and automated security testing across development teams. Ran the Cyber Center’s data strategy, driving high-impact analytics that informed executive decision-making on cybersecurity investments.

  • Information Security Consultant at EY
    Mar 2017 - Aug 2021 · 4 yrs 6 mos

    Planned and led comprehensive offensive security assessments (external, internal, red team, phishing, web application, Wi-Fi) for enterprise and US government clients. Authored and maintained External pentesting methodology, ensuring consistency and quality across engagements. Managed and mentored a team of penetration testers; onboarded and trained new team members.

  • Americorps Member at City Year
    Jan 2016 - Jun 2016 · 6 mos

    - Served on a team of 9 focused on creating academic, behavior, and course performance initiatives for 300+ students at Savoy Elementary, an underperforming school in Southeast D.C. - Designed and implemented daily English language lesson plans to a focus group of six 1st grade students - Developed Attendance Raffle and AttenDance initiatives that incentivized students to attend school daily