דרושים » אבטחת מידע וסייבר » Security Engineer - Product

Required Senior Application Security Engineer
As an Application Security Engineer, you will play a pivotal role in safeguarding our products against security threats and vulnerabilities. You will work closely with our development teams to integrate security best practices into the software development lifecycle, conduct thorough security assessments, and implement robust security measures to protect our applications and data.
Key Responsibilities:
Collaborate with development teams to integrate security controls into the software development lifecycle (SDLC)
Conduct regular security assessments, including code reviews, vulnerability scans, and penetration testing, to identify and remediate security vulnerabilities in applications
Design and implement security solutions to protect against common security threats, such as SQL injection, cross-site scripting (XSS), and authentication bypass
Conduct threat modeling and architecture security review
Develop and maintain secure coding standards and guidelines for application developers
Monitor and analyze security incidents and provide timely response and resolution
Stay current with emerging threats, vulnerabilities, and industry best practices in application security
Participate in security incident response activities and contribute to post-incident reviews and remediation efforts
Collaborate with cross-functional teams to ensure security requirements are effectively integrated into product development processes
Deliver secured development training to developers.

We are looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering. Youll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against our systems. You will be working across engineering teams supporting Production and Corporate systems to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. Youll generate detection ideas utilizing some of the worlds largest data sets and build on top of hyper-scale data pipelines.
Security Engineer - Surface Coverage, Detection Engineering Responsibilities
Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
Review security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controls
Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
Support security incident response in a cross-functional environment and drive incident resolution
Design and implement attack testing automation to validate detection coverage
Build logging pipelines using our custom datasets and infrastructure.

We are looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering.
Youll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against our systems. You will be working across engineering teams supporting Production and Corporate systems to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. Youll generate detection ideas utilizing some of the worlds largest data sets and build on top of hyper-scale data pipelines.
Security Engineer - Surface Coverage, Detection Engineering Responsibilities:
Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
Review security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controls
Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
Perform analysis against logs from a variety of sources (e.g. individual host logs, network traffic logs) to identify potential threats and detection ideas
Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
Support security incident response in a cross-functional environment and drive incident resolution
Design and implement attack testing automation to validate detection coverage
Build logging pipelines using our custom datasets and infrastructure.

We're looking for a hands-on Security Operations Engineer based in Israel to strengthen our detection and response capabilities. In this role, you will be the frontline defender of our cloud infrastructure, leading incident management and response efforts while continuously improving our security posture. You will report directly to our Security leadership team and play a critical role in safeguarding our customers' most sensitive data.

What You'll Do

Lead Incident Response: Serve as primary responder to security alerts, perform initial triage, conduct thorough investigations, and coordinate remediation efforts
Enhance Detection Capabilities: Design, implement, and fine-tune detection rules and alerts across our cloud environment to identify potential security threats
Manage Security Monitoring: Maintain and optimize our SIEM/SOAR platforms to ensure comprehensive visibility into our security posture
Drive Threat Hunting: Proactively search for indicators of compromise and potential security gaps within our cloud infrastructure
Automate SecOps Workflows: Develop and implement automation to improve identification and response times for security events
Improve Cloud Security Monitoring: Develop and run tools to gather security telemetry data from cloud production systems
Conduct Investigations: Perform forensic analysis of security incidents, document findings, and communicate effectively to stakeholders
Enhance Response Protocols: Continuously refine incident response procedures and runbooks to ensure swift and effective handling of security events

Required Security Production Engineer
Job Description
As a Security Infra Engineer, youll design, build, and manage security aspects of our cloud-based and physical environments to ensure compliance and integrity. In your day-to-day, you will:
Design, implement, and maintain platforms for investigating and analyzing security incidents, performing root cause analysis, and coordinating remediation efforts
Design, implement, and maintain security tools and controls for cloud-based infrastructure, Kubernetes clusters, and services, ensuring compliance with industry standards
Build tools and scripts using Golang, Python, or Node.js
Collaborate with all infrastructure groups (cloud, networking, DB, DevEx, etc.) and the Chief Information Security Officer group (for example, for incident response)
Align with other infrastructure standards, including efficiency, reliability, and cost
Work closely with cross-functional teams to design, implement, maintain, and manage security solutions that ensure the integrity and confidentiality of our systems.

Were looking for an exceptional Senior Cloud Security Researcher to join our growing team.
We are looking for a Cloud Security Researcher who will join our mission to revolutionize cyber defense through innovative research and cutting-edge technology. As part of our research work, you'll investigate cyberattacks targeting cloud and SaaS (Software as a Service) environments, enhancing expertise and contributing directly to the evolution of our CDR (Cloud Detection and Response) platform. Youll collaborate with cross-functional teams, bridging knowledge and aligning efforts across the organization.

What You'll Do
Lead innovative research into cyber threats targeting cloud platforms, SaaS applications, Kubernetes, and emerging technologies by leveraging state-of-the-art tools and methodologies.
Develop and refine cutting-edge detection algorithms and forensic investigation techniques to uncover and mitigate sophisticated attacks in cloud and SaaS environments.
Conduct comprehensive investigations of real-world cloud security incidents, transforming insights into actionable strategies that continually evolve our threat detection capabilities.
Share your research accomplishments and innovative findings with the security community through blog posts, conference presentations, and other professional forums, enhancing our industry reputation and fostering collaborative growth.
Contribute your expertise to shape the strategic direction and ongoing development of CDR product suite, ensuring our offerings stay ahead of evolving cyber threats.
Work closely with cross-functional teams to identify novel techniques and implement robust defenses, uniting diverse expertise to secure cloud and SaaS infrastructures.

We seek a dynamic and experienced Cloud Security Engineer to join us!
This role presents an exciting opportunity to work in a fast-growing company with great opportunities to make a difference.
In this role, you will be responsible for:
Design and implement cloud security architectures and controls for multi cloud env
Maintain and manage security tools within our cloud environment, such as Firewall, WAF, CDN, API Security, Runtime Protection, CSPM, DSPM, and SSPM.
Identify and remediate vulnerabilities and misconfiguration findings in our cloud environments.
Monitor and optimize cloud architecture connectivity in the environment to comply with our compliance and policies.
Administer and control our security cloud accounts.
Lead and execute cross-organizational security projects and initiatives.
Collaborate with internal teams to enhance cloud security measures.

We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security frameworks such as SALSA. This position reports directly to an R&D VP.

Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.
Job Id: 22784

We are looking for a highly skilled Application Security Engineer to join our team .
In this role, you will be responsible for:
Partner with all development teams to establish and govern security practices from the outset of development to production.
Conduct application security assessments, including architecture design reviews and threat modeling.
Act as a security advisor to cross-functional teams, including product, engineering, and others, to support secure software development.
Design, build, and implement advanced application security solutions.
Lead security audits, vulnerability assessments, and code reviews.
Develop and share software security guidelines, including training materials, secure coding checklists, best practices, and reusable code.
Ensure ongoing compliance with security policies and procedures in support of regulatory requirements.
Elevate security awareness across the SSDLC, defining tailored training roadmaps as needed.
Manage and review security issues in products, analyzing severity and risk, and recommending remediation steps.
Establish, manage, and lead a VDP/Bug Bounty program.

Security is at the core of our operations, and we are seeking a Security & IT Specialist to take full ownership of cybersecurity, IT infrastructure, and data protectionensuring that our systems, data, and operations are protected both internally and externally against unauthorized access, cyber threats, and data breaches.
Key Responsibilities
Cybersecurity & data Protection (Internal & External)
Enforce strict in-house security policies to prevent unauthorized internal data access, copying, or extraction by employees or external parties. Implement DLP ( data Loss Prevention) systems to monitor and restrict data transfers, ensuring no FINQ data is leaked or misused. Secure network infrastructure, cloud environments, and endpoint devices from external cyber threats. Oversee network security, endpoint security, cloud security, IAM, and SOC tools. Regularly assess and update security protocols to stay ahead of cyber threats. Manage IAM policies, ensuring employees can only access data relevant to their role. Monitor third-party integrations, vendors, and service providers to ensure compliance with FINQs security standards.?? IT Infrastructure & Security Operations
Monitor and document availability of all systems and external service providers by direct observation, remote connection, and through alerting systems and respond immediately to security or usability concerns. Troubleshoot operational issues rapidly and analyze and resolve underlying issues to restore production systems and maintain continuity of business. Maintain and optimize FINQs IT infrastructure, ensuring all systems, networks, and databases are secure. Implement secure cloud Storage policies and encryption techniques to protect sensitive financial data. Manage user permissions, multi-factor authentication (MFA), and identity & access management (IAM) systems. Oversee backup and disaster recovery strategies to ensure business continuity.?? Security Compliance & Risk Management
Ensure compliance with financial security regulations, including SOC2, ISO 27001, GDPR, and other industry standards. Conduct security audits, vulnerability assessments, and penetration tests to identify and mitigate risks. Implement cybersecurity awareness training for employees to prevent internal security threats (e.g., phishing, insider threats). Stay updated on emerging threats and security technologies, providing recommendations for continuous improvements.?? Incident Response & Threat Mitigation
Develop and maintain incident response protocols to quickly detect, contain, and remediate cyberattacks. Investigate and respond to security breaches, data leaks, or unauthorized access attempts. Work with law enforcement and regulatory bodies when necessary to handle security incidents.