Our Cybersecurity Team & Credentials | AlphaDevs
About our team

Senior cybersecurity practitioners. Real engagement history.

AlphaDevs’s cybersecurity practice is led by experienced operators with engagements across Israeli finance, government, and defense. The certifications are real, the engagement history is verifiable, and every project is delivered by named accountable practitioners — not anonymous staff augmentation.

Leadership.

Two leaders, two complementary disciplines. Strategy and client relationships on one side. Cybersecurity operations and delivery on the other.

CEO & Founder

Lior Lasry

Founder & Managing Partner, AlphaDevs

Lior founded AlphaDevs and leads its strategy, growth, and senior client relationships. A veteran technology executive with over 25 years in the industry, he has co-founded and scaled multiple startup ventures, built engineering organizations from founding stage through enterprise delivery, and consulted to companies across financial services, defense, and technology on architecture, R&D, and delivery operations at scale.

His operational expertise spans software development and systems architecture, R&D leadership and team scaling, technology consulting, offshore and outsourced delivery models, technical research and proof-of-concept programs, and growing engineering operations from early-stage through global delivery.

At AlphaDevs, he owns the strategic direction across the company’s cybersecurity and engineering practices, every senior client relationship, and the operational standards by which engagements are delivered.

Career: 25+ years technology executive · Multiple co-founded startup ventures · Disciplines: Software architecture · R&D leadership · Scaling · Offshore & outsourced delivery · Enterprise consulting · Technology research & POCs
Director of Cybersecurity

Raphy Bitton

Director of Cybersecurity, AlphaDevs

Raphy directs AlphaDevs’s cybersecurity practice. With 13+ years in operational cybersecurity, he has led engagements across Israeli national security, financial services, and critical infrastructure. He sets the technical standards, methodology, and delivery quality for every cyber project.

He brings hands-on experience from classified government work, penetration testing on critical defense systems, and security architecture across Israel’s largest financial institutions.

Certifications: CISO, CISSP, CISM, CCSK. Sectors led: Banking, government, defense, healthcare, critical infrastructure.

Our practitioners.

Behind every project is a team of named, accountable specialists. Below are the senior roles that staff our engagements — each has the certifications, the hands-on engagement history, and the sector experience to deliver at audit-grade quality.

Offensive Security

Lead Penetration Tester

Leads web application, network, cloud, and mobile penetration testing engagements. Has executed assessments against banking infrastructure, government systems, and critical defense platforms.

12+ years · OSCP · CEH · CCSK
Compliance & Risk

GRC & Compliance Lead

Directs governance, risk, and compliance engagements for regulated industries. DORA-ready, ISO 27001 auditor, with deep experience in financial services and insurance regulatory landscapes.

12+ years · CISM · ISO 27001 Lead Auditor · CRISC
Cloud Security

Cloud Security Architect

Designs and assesses cloud security architectures across AWS, Azure, and GCP. Specializes in IAM, network segmentation, encryption posture, and compliance for cloud-native fintech.

10+ years · CCSK · AWS Security · Azure Security
Infrastructure

Infrastructure Security Specialist

Hardens servers, networks, endpoints, and operational technology environments. Background in industrial control systems and SCADA for defense and manufacturing clients.

14+ years · CISSP · CCNA Security · OT Security
DevSecOps

DevSecOps Engineer

Embeds security into client CI/CD pipelines. Operates Gitleaks, Semgrep, Trivy, Snyk at scale. Builds shift-left security programs that don’t slow developer velocity.

8+ years · CKS · Security+ · Gitleaks/Semgrep/Trivy/Snyk
Incident Response

Incident Response Lead

Leads embedded recovery engagements during and after active incidents. Forensic analysis, containment, eradication, and post-incident hardening. Has led recovery for regulated enterprise clients.

11+ years · GCIH · GCFA · CISSP

Certifications held across the practice.

These are the credentials our practitioners actively hold. Every named role above is staffed by someone holding at least three of these certifications. We re-verify currency annually.

CISSP
CISM
CISO
CCSK
OSCP
CEH
Security+
ISO 27001 LA
LPIC-1
MCSE
CCNA
CCSE
VCP
NCDA
CKS
GCIH
GCFA
CRISC

Industries we’ve served.

High-security and high-compliance sectors, with vertical-specific methodology in financial services and defense.

Finance & Banking
Insurance
Defense & Military
Government
Healthcare
SaaS & Technology
Manufacturing
Critical Infrastructure

How we work.

Three commitments that hold across every engagement, regardless of the service line.

1

Named, accountable practitioners.

Every engagement has a named lead. You know who is doing your work, what their certifications are, and how to reach them directly. No anonymous staff augmentation.

2

Audit-grade deliverables.

Every assessment ends with a written report your regulators, auditors, and board can read. Evidence pack, remediation roadmap, prioritized findings, executive summary — built to be filed, not just read.

3

Operator language, not vendor speak.

Our practitioners have been on the buyer side. We write the way CISOs and security teams actually think — risk transfer, control evidence, audit posture — not the way marketing departments wish they thought.

Want to meet the team behind a specific engagement?

If you’re evaluating us for a specific project, we’ll arrange a 30-minute call with the practitioner who would lead it. You’ll see their certifications, their engagement history, and how they think about your problem — before any contract.

Meet the practitioner Read a case study