דרושים » מחשבים ורשתות » DevSecOps Engineer

we are seeking a seasoned DevSecOps Engineer with deep expertise in AWS and GCP cloud infrastructure to join our growing security team. In this role, you will take the lead in safeguarding, designing, automating, and supporting the security of our companys cloud-native and IT environments.
As a key contributor to our cloud security strategy, you will conduct security assessments, manage vulnerabilities, and drive detection and response activities across our environments. You'll collaborate closely with our software development and DevOps teams to secure our CI/CD pipelines, production infrastructure, and core platform.
Additionally, you'll work alongside DevOps and IT teams to protect our companys scalable marketplace backend and massive data processing pipelinehandling billions of daily events and supporting hundreds of microservices.
What am I going to do?
CI/CD Security: Design, build, and maintain secure CI/CD pipelines with integrated automated security testing (e.g., SAST, DAST, SCA, container scanning) for our company's broad range of applications and services.
Threat Modeling & Risk Mitigation: Lead security reviews and threat modeling efforts across CI/CD and production environments, identifying and addressing risks to our companys products and supporting services.
Infrastructure as Code (IaC) Security: Define and implement best practices for secure IaC (e.g., Terraform, Ansible), including static analysis, misconfiguration detection, and compliance validation.
Container Security: Deploy and manage security solutions for containerized environments, focusing on secure image management, runtime protection, and policy enforcement.
Secrets Management: Establish and manage secure secrets management infrastructure (e.g., HashiCorp Vault or equivalent platform-agnostic solutions) across DevOps workflows.
Security Automation: Automate key security operations, including vulnerability scanning, compliance auditing, configuration checks, and incident response playbooks.
Cross-Functional Collaboration: Partner with DevOps and engineering teams to embed security into the development lifecycle, offering hands-on guidance and secure coding best practices.
Tooling & Innovation: Evaluate, implement, and maintain modern security tools to bolster our companys DevSecOps capabilities, with an emphasis on automation and operational efficiency.
Compliance & Governance: Ensure development and deployment workflows align with applicable security standards, corporate policies, and regulatory requirements.
Incident Handling: Contribute to security incident investigations and response activities.
Training & Enablement: Educate and train internal stakeholders on cloud infrastructure and IT security best practices.

Required DevSecOps Solution Engineer
As the DevSecOps Solution Engineer, you will be instrumental in driving the security aspects of software development and distribution for some of the world's leading organizations. Your role will focus on delivering hands-on presales support and Proof of Concept (POC) implementations, ensuring that our clients can seamlessly integrate our security solutions into their DevSecOps practices. You will work closely with a dynamic team and collaborate across departments to enhance the security posture of our clientele.
As a DevSecOps Solution Engineer you will...
Deliver POCs and Hands-On Support:
Lead the technical delivery of security-focused POC projects, demonstrating the value and functionality of our security solutions.
Provide hands-on technical assistance to clients, ensuring successful integration and deployment of security features within their existing DevOps workflows.
Provide project management through the POC process, ensuring timely delivery and alignment with client expectations.
Technical Expertise and Guidance:
Act as a subject matter expert in DevSecOps, guiding clients and internal teams on best practices for integrating security into the software development lifecycle.
Develop and maintain standardization guides and documentation to ensure consistent implementation of security practices across projects.
Create and maintain a technical best practices repository, including security playbooks and implementation guides for both internal teams and clients.
Collaboration and Communication:
Work closely with the sales team to understand client requirements and tailor security solutions to meet their specific needs.
Collaborate with product management, R&D, and marketing teams to ensure alignment and support for our security solutions.
Strategize with Customer Success to ensure smooth customer onboarding
Gather and consolidate product feedback from clients and share insights with the product development team to drive continuous improvement.
Training and Enablement:
Provide training sessions and workshops for clients and internal teams to enhance their understanding of our security solutions and best practices in DevSecOps.
Develop and deliver enablement programs and materials, including a skills matrix, to ensure customers and partners are proficient in using our security features.
Create and maintain a demo repository to facilitate effective demonstrations and training.

As a Senior DevSecOps Engineer, you'll tackle complex security challengesfrom securing our cloud infrastructure to optimizing security controlscrafting inventive strategies that drive operational efficiency across our expanding systems. You'll work closely with cross-functional teams to shape and implement security practices that ensure the safety and compliance of our business. If you thrive on ownership, collaboration, and pushing security boundaries in a dynamic environment, this role offers an opportunity to make a significant impact.

You will be responsible for:

Securing and optimizing our cloud services, with a primary focus on AWS, to ensure robust security and compliance.
Following alignment with industry security best practices for DevOps services and tools.
Supporting and enhancing our monitoring and alerting systems to detect and respond to threats together with our ProdSec team.
Developing and implementing threat detection strategies to identify and mitigate potential risks.
Automating the deployment of security controls to ensure consistent and scalable protection.
Acting as a focal point for security and compliance-related queries and strategies within the DevSecOps team in our DevOps group, driving smarter security decisions that align with business goals.

we are on a mission to reverse the adversary advantage by empowering defenders with ingenuity and technology to end cyber attacks.
We have the technology, and now we are looking to expand our talent! - Come and talk to us about joining a market leader and a diverse team of passionate people who win as one, ensuring a customer-first approach is core to everything we do and never giving up on reversing the adversary advantage.
we are looking for passionate and talented individuals with a strong background in cloud-based applications and infrastructure to join our team and help shape the future of cybersecurity.
In this position you will:
Design, implement, and maintain robust security measures across our cloud environments, protecting our services and data against evolving threats.
Collaborate with software development and DevOps teams to secure our companys products, CI/CD pipelines, and production environments.
Become an integral part of an autonomous, cross-functional agile team.
Partner with engineers, product owners, and designers to tackle complex cybersecurity challenges.
Engage with a team of experienced engineers in a fast-paced CI/CD environment using cutting-edge technologies.
Take ownership of projects from conception through development, quality assurance, and deployment.
Work in a dynamic environment that supports personal and professional growth.

We are seeking a highly motivated and experienced SecOps Engineer to join our dynamic security team. In this role, you will be responsible for ensuring and enhancing the overall security posture of our cloud-native environment. Your responsibilities will include monitoring security systems, detecting and responding to incidents, and automating key security operations tasks. You will collaborate closely with other members of the security team, as well as development and operations teams, to ensure a secure and resilient infrastructure.
What am I going to do?
Security Tool Management: Configure and optimize security tools to ensure maximum visibility and effectiveness.
Security Monitoring: Continuously monitor logs and alerts from security platforms (e.g., SIEM, IDS/IPS, EDR, and cloud monitoring tools) to identify potential incidents.
Threat Detection & Analysis:Investigate security events and alerts to identify threats and vulnerabilities, prioritizing remediation efforts.
Incident Response:Support the incident response process, including containment, eradication, and recovery, under the guidance of the Incident Response Manager.
Vulnerability Management (Infrastructure): Conduct vulnerability scans and coordinate the remediation of findings across infrastructure components, including servers, networks, and cloud services.
Cloud Security Monitoring: Oversee the security posture of cloud environments (AWS, GCP) and respond to cloud-specific security incidents.
Security Automation: Automate recurring security operations tasks such as vulnerability scanning, incident triage, and configuration management.
Cross-Team Collaboration: Partner with development, operations, and security stakeholders to implement and maintain effective security controls.
Security Processes: Develop and refine processes to keep the team updated on evolving cybersecurity threats, technologies, and best practices.
Tooling & Innovation: Research and integrate new security tools and technologies to enhance our overall security capabilities.

We are looking for a Product Security Specialist with a strong background in cloud-native applications and DevOps practices to help secure our products throughout the software development lifecycle. You will partner with engineering and DevOps teams to identify risks, improve resilience, and embed security into every phase of the product pipeline.
This role is ideal for someone who thrives at the intersection of security and engineering and is passionate about securing modern, scalable applications.
Key Responsibilities:
Security Risk Analysis: Evaluate new features, services, and architectural changes for potential security risks in cloud-native environments (e.g., Kubernetes, serverless, microservices).
Threat Modeling: Lead and facilitate threat modeling sessions with engineering teams to identify potential risks and mitigation strategies early in the design process.
Security Review & Assessment: Conduct in-depth security reviews of cloud infrastructure, CI/CD pipelines, and application designs.
Vulnerability & Patch Management: Collaborate with DevOps and SRE teams to monitor vulnerabilities, manage security patches, and improve response times across containers, runtimes, and third-party libraries.
Security Automation & Scanning: Integrate and analyze results from automated security tools (e.g., SAST, DAST, SCA) in CI/CD pipelines, and guide teams on remediation.
DevSecOps Enablement: Champion secure coding and DevSecOps practices by working closely with developers and DevOps teams to implement security controls as code.