דרושים » אבטחת מידע וסייבר » Application Security Engineer

we are looking for an experienced Application Security Architect to join our Cybersecurity team. In this role, you will be instrumental in building and advancing our companys application security programs. Working closely with talented engineers, product managers, and platform teams, youll play a key role in ensuring the security of our software development lifecycle (SDLC).
Youll provide security services including secure coding practices, architecture reviews, awareness and training initiatives, and tool implementation. From threat modeling to secure development education, your contributions will directly impact the safety and resilience of our companys products.
What am I going to do?
Lead Secure SDLC Initiatives: Drive security throughout the software development lifecycle (S-SDLC), including threat modeling, risk assessments, and mitigation planning for new and existing applications.
Embed Secure Design Practices: Guide development teams on implementing secure architectural patterns, design principles, and coding standards, with emphasis on OWASP and industry best practices.
Security Tooling Strategy: Define and manage the integration of Static (SAST), Dynamic (DAST), and Software Composition Analysis (SCA) tools into our companys CI/CD pipelines, ensuring scalable, platform-agnostic coverage and effective vulnerability management.
Security Testing & Remediation: Perform and oversee application security testing, ensuring timely remediation of identified vulnerabilities.
Develop Security Standards: Create and maintain secure coding standards, best practices, and development guidance tailored to our companys tech stacks.
Code Reviews: Conduct in-depth manual and automated security code reviews for critical components, offering practical and constructive feedback to engineering teams.
API & Mobile App Security: Design and assess security for APIs and mobile applications, ensuring robust authentication, authorization, and data protection in line with industry standards.
Third-Party Risk Management: Evaluate the security posture of third-party libraries, components, and services integrated into our company's applications.
Cloud Security Collaboration: Partner with Cloud Security Architects to ensure secure application deployment in cloud environments (e.g., AWS, GCP), offering expert advice on cloud-native security practices.
Team Enablement & Education: Mentor development teams on emerging threats, secure coding techniques, and security-first development approaches.
Bug Bounty Program Leadership: Manage and evolve our companys bug bounty program, working with researchers and internal teams to resolve findings efficiently.

We are looking for a Senior Application Security Engineer.
As an Application Security Engineer , you will play a pivotal role in safeguarding our products against security threats and vulnerabilities. You will work closely with our development teams to integrate security best practices into the software development lifecycle, conduct thorough security assessments, and implement robust security measures to protect our applications and data.
Key Responsibilities:
Collaborate with development teams to integrate security controls into the software development lifecycle (SDLC)
Conduct regular security assessments, including code reviews, vulnerability scans, and penetration testing, to identify and remediate security vulnerabilities in applications
Design and implement security solutions to protect against common security threats, such as SQL injection, cross-site scripting (XSS), and authentication bypass
Conduct threat modeling and architecture security review
Develop and maintain secure coding standards and guidelines for application developers
Monitor and analyze security incidents and provide timely response and resolution
Stay current with emerging threats, vulnerabilities, and industry best practices in application security
Participate in security incident response activities and contribute to post-incident reviews and remediation efforts
Collaborate with cross-functional teams to ensure security requirements are effectively integrated into product development processes
Deliver secured development training to developers

the original API Security vendor pioneering the market as the first vendor in 2018. Since then we have exhibited hyper-growth in a number of customers, threats stopped, and revenue. We saw API security as the security battleground of the future years ago as APIs started to form the foundation of the application innovation needed to drive business success today. Across banks, retail and transportation, IoT, autonomous vehicles, and smart cities, every modern app depends on APIs. Attackers realize APIs are the conduits to all sorts of valuable data and services within the year, APIs are predicted to be the number one application threat vector. Without secure APIs, businesses cannot rapidly innovate. delivered the only patented solution to discover all APIs and their exposed data, stop API attackers, and provide remediation details for dev teams to write more secure APIs.

At Salt, were passionate about what we do. We work as a team and embrace new ideas, wherever they come from. We also enjoy all the benefits of a startup environment, including quickly seeing the results of your work, making an outsized impact on our company, and solving diverse challenges.
Want to make a big difference? We encourage you to apply!

About us
APIs form the foundation of the application innovation needed to drive business success today. Across banks, retail and transportation, IoT, autonomous vehicles, and smart cities, every web and mobile app depends on APIs. Without secure APIs, businesses cannot rapidly innovate. has delivered the only patented solution to identify and prevent API attacks, using Big Data and AI to thwart this top threat to businesses today.

About the position
We are seeking a Cloud Security Engineer to join our growing team. The ideal candidate will be responsible for ensuring the security of our infrastructure and data, as well as managing the day-to-day operation and maintenance of our Cloud/ SaaS Security systems. The ideal candidate should have public cloud experience and expertise in SaaS security, Cloud security, ZTNA systems and concepts, DLP, CASB, SIEM, MDM (Jumpcloud), and EDR.

What will you do?
Design & implement, and maintain security measures, including firewalls, intrusion detection systems, and access controls for cloud environments.
Provide expertise and support for SaaS security, Cloud security, ZTNA systems and concepts, DLP, CASB, SIEM, Application Security Systems.
Develop and maintain documentation for our security systems and security procedures for cloud environments.
Collaborate with other teams to ensure the integration of security into all aspects of our IT & Security infrastructure and operations for cloud environments.
Stay up-to-date on the latest security trends, technologies, and best practices

the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. we believe its not just about finding risk, but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders.
We are honored to serve more than 1,800 customers, which includes 40 percent of all Fortune 100 companies including Siemens, Airbus, SalesForce, Stellantis, Adidas, Wal-Mart and Sanofi.

About the Team
Our team is passionate about software security, focusing on Software Supply Chain Security (SSCS). With the growing attention in the industry on Application and software security, we are always driving for innovation and focusing on making a market leader in all SSCS domains.

What are we looking for

We are looking for a Senior Product Manager to join our team and drive our Software Supply Chain Security Solution to success. You should bring strong technical expertise in Software Supply chain Security, specifically with the SLSA framework, and Open-source security tools, Teamwork and collaborative nature, Problem-solving mindset, and ability to discuss and communicate technical requirements effectively. If you're prepared to make a substantial impact, we invite you to apply and join our team.

Responsibilities:
Create a clear product vision and strategy for our Software Supply Chain Security solutions.
Stay informed about industry trends and competition to ensure our products remain at the forefront of the market.
Translate customer feedback, needs and pain points into actionable product features.
Prioritize issues, feature requests and product questions from all sources.
Partner with the marketing team to roll out new features that drive desired outcomes.
Gather feedback on adoption and monitor usage metrics.
Lead product prioritization discussions. Base recommendations on company goals, user problems, user data, and product knowledge.
Be an active participant in the SDLC and contribute to high-quality delivery. Work with developers to refine requirements, optimizing customer value with feasibility.

the original API Security vendor pioneering the market as the first vendor in 2018. Since then we have exhibited hyper-growth in a number of customers, threats stopped, and revenue. We saw API security as the security battleground of the future years ago as APIs started to form the foundation of the application innovation needed to drive business success today. Across banks, retail and transportation, IoT, autonomous vehicles, and smart cities, every modern app depends on APIs. Attackers realize APIs are the conduits to all sorts of valuable data and services within the year, APIs are predicted to be the number one application threat vector. Without secure APIs, businesses cannot rapidly innovate. delivered the only patented solution to discover all APIs and their exposed data, stop API attackers, and provide remediation details for dev teams to write more secure APIs.
At Salt, were passionate about what we do. We work as a team and embrace new ideas, wherever they come from. We also enjoy all the benefits of a startup environment, including quickly seeing the results of your work, making an outsized impact on our company, and solving diverse challenges.

Want to make a big difference? We encourage you to apply!
About the position:
We are seeking a highly skilled and experienced Principal Architect to join our dynamic team. As the Principal Architect, you will be responsible for overseeing the design, development, and implementation of our API security platform. You will play a critical role in defining the technical vision and roadmap, leading architectural decisions, and ensuring the scalability, performance, and security of our products.
Responsibilities:
Lead the technical architecture and design of API security platform, working closely with cross-functional teams, including engineering, product management, and security operations.
Define and drive the technical vision, strategy, and roadmap for the platform, aligning it with business objectives and customer needs.
Provide technical leadership and mentorship to the engineering team, promoting best practices, code quality, and continuous improvement.
Collaborate with stakeholders to gather requirements, analyze technical feasibility, and identify areas for innovation and differentiation.
Evaluate and select appropriate technologies, frameworks, and tools to support the development of robust, scalable, and secure solutions.
Ensure architectural consistency and integrity across different components, modules, and systems.
Conduct regular code reviews, architectural reviews, and performance assessments to maintain high standards of software quality.
Stay up-to-date with industry trends, emerging technologies, and best practices in API security and cloud computing, and apply that knowledge to enhance our platform.

the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. we believe its not just about finding risk, but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders.
We are honored to serve more than 1,800 customers, which includes 40 percent of all Fortune 100 companies including Siemens, Airbus, SalesForce, Stellantis, Adidas, Wal-Mart and Sanofi.

What are we looking for?
We are looking for a passionate Software Developer to join our AI & Secure Coding team. This role is ideal for a developer who wants to be at the forefront of innovation, building tools that merge AI capabilities with secure software development practices.
How will you make an impact?
In this role, you will be responsible for:
Leading AI-driven initiatives by integrating LLMs, prompt engineering, and agent-based architectures into security tools.
Developing and refining tools that empower developers to write secure code effortlessly.
Collaborating closely with cross-functional teams to design and implement real-world solutions.
Contributing to the MCP server and internal tooling.

The Worlds Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth.

we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - were looking for lifelong learners and people who can make us better with their unique experiences.
Join our team! Were building a world where Identity belongs to you.

The Worlds Identity Company. We free everyone to safely use any technologyanywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security and growth.
we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - were looking for lifelong learners and people who can make us better with their unique experiences.
Join our team! Were building a world where Identity belongs to you.

The ISPM Team
We are revolutionizing the field of identity security, providing comprehensive solutions to address the challenges faced by modern organizations. Our platform offers security leaders end-to-end contextual visibility of their identity landscape, reducing risks, improving operational efficiency, and ensuring compliance.

With an exceptional team dedicated to pushing boundaries and achieving remarkable results, we are seeking a talented engineer to join us in shaping the future of identity security.

What youll be doing
As a Staff Software Engineer at the ISPM team, you will play a critical role in building our platform. Your expertise and contributions will directly impact the success and effectiveness of our product. Specifically, your responsibilities will include:

Developing and maintaining a robust and scalable platform while solving complex customer problems.
Collaborating with product and R&D engineers to translate product requirements into technical solutions.
Ensuring high code quality through testing, code reviews, and documentation.
Identifying and resolving technical issues and performance bottlenecks.
Staying up to date with the latest industry trends and technologies to continuously improve our products.

we are on a mission to reverse the adversary advantage by empowering defenders with ingenuity and technology to end cyber attacks.
We have the technology, and now we are looking to expand our talent! - Come and talk to us about joining a market leader and a diverse team of passionate people who win as one, ensuring a customer-first approach is core to everything we do and never giving up on reversing the adversary advantage.
Our Israeli site is located in Tel Aviv at Alon 1 tower, next to Hashalom train station
Hybrid work model
Flexible working hours
Best high tech companies to work for (by Duns100)
Top companies leading women representation (by Power in Diversity)
Youll be part of our Technical Delivery group
A high paced, ever evolving group that makes sure everything is running. We perform all technical operations end-to-end assuring customer's success and satisfaction
We are focused on our on-premises customers end to end experience
This is a unique opportunity to work on customers site and be their main our company's focal point
In this position you will
our company's security analyst dedicated to a major our company's customer
Be on the customer site 4 days a week leading all their company's related activities and will be the liaison between our company and the customer, will translate their security needs to features and work closely with our Product, Security, SOC, Dev teams on implementing the requirements
Implement customized rules to match security needs for the customer
Perform ongoing security analysis and triage of escalated and critical endpoint alerts
Participate in various stages of incident investigations and threat hunting.

the original API Security vendor pioneering the market as the first vendor in 2018. Since then we have exhibited hyper-growth in a number of customers, threats stopped, and revenue. We saw API security as the security battleground of the future years ago as APIs started to form the foundation of the application innovation needed to drive business success today. Across banks, retail and transportation, IoT, autonomous vehicles, and smart cities, every modern app depends on APIs. Attackers realize APIs are the conduits to all sorts of valuable data and services within the year, APIs are predicted to be the number one application threat vector. Without secure APIs, businesses cannot rapidly innovate.
delivered the only patented solution to discover all APIs and their exposed data, stop API attackers, and provide remediation details for dev teams to write more secure APIs.
At Salt, were passionate about what we do. We work as a team and embrace new ideas, wherever they come from. We also enjoy all the benefits of a startup environment, including quickly seeing the results of your work, making an outsized impact on our company, and solving diverse challenges.

Want to make a big difference? We encourage you to apply!
About the position:
We are looking for a visionary Chief Architect to help us shape the future of API security. This is a strategic and hands-on role for a candidate possessing significant experience in the successful design and implementation of complex systems a senior technologist driving innovation, able to work with engineering teams, senior management, and customers. An owner of the technical strategy across an entire company.

What will you do?
Define and guide the architecture of Salts next-generation API security platform, focusing on scalability, performance, and innovation.
Work closely with engineering teams to design robust, scalable, and elegant solutions, acting as a hands-on partner and trusted advisor.
Identify architectural gaps and lead technical modernization and evolution.
Spearhead deep-tech and innovation initiatives.
Bring startup-level creativity and a CTO mindset propose bold ideas, evaluate emerging technologies, and bring them to life.
Act as an elite task force for complex or high-impact projects.
Mentor and grow our architectural team, including direct management of senior architects.

Prisma-Photonics is a rapidly growing startup company, developing the next-generation smart-infrastructure solution based on novel fiber-sensing technology (smart roads, smart cities, perimeters, and grid monitoring, etc.). The company offers an award-winning disruptive solution; a “sensor free” approach to smart infrastructure. The company is VC backed and in the revenues stage.
Combining pioneering technology in optical fiber sensing with state-of-the-art machine learning, we help prevent environmental disasters, protect human lives, and keep critical energy and transportation backbones running smoothly.
We are seeking a talented, self-driven and passionate Senior Infrastructure Engineer to build and maintain the cloud infrastructure for our highly available SaaS application as well as our machine learning and data engineering stack. As a Senior Infrastructure Engineer, you will be responsible for designing, implementing, and maintaining the cloud infrastructure and DevOps processes that power our products and internal tooling. You will work closely with all data and development teams and lead the company’s security and compliance vectors. You will ensure a highly reliable, scalable, and secure infrastructure that supports our rapid growth and product innovation, while maintaining observability and cost-effectiveness of our cloud resources and data.

Manager:
Oded Messer

What You’ll Do:

* Cloud Infrastructure Management: Architect, deploy, and manage our cloud infrastructure (AWS), ensuring high availability, scalability, and security.
* Software Engineering: Be a top notch SW engineer, harnessing your coding and architectural skills, as well as researching skills, for our infra stack.
* Infrastructure as Code (IaC): Define and maintain infrastructure using tools like Terraform, CloudFormation, or Pulumi to manage resources efficiently and reproducibly.
* Monitoring & Incident Management: Build and manage monitoring and alerting systems to ensure uptime, and respond to incidents with root cause analysis and remediation.
* DevOps & Automation: Implement and maintain CI/CD pipelines to streamline development workflows and automate deployment processes across development, staging, and production environments, and across different parts of our solution. While our development teams are expected to write and maintain their own CI, you will act as a supervisor and professional authority, and maintain cross team and complex automation.
* Collaboration and technical leadership: Partner with software engineers, data engineers, and machine learning teams to support their infrastructure needs and guide the evolution of our infrastructure team.
* Cost Optimization: Monitor cloud spend and optimize resources to ensure cost-effective infrastructure without sacrificing performance or security.
* Security & Compliance: Implement security best practices, including access control, network security, monitoring and ensuring the infrastructure is compliant with relevant industry standards (e.g., SOC2, GDPR).


What You Bring::

* 5+ years of hands-on experience in cloud infrastructure, DevOps and platform engineering in production environments.
* Expertise in managing cloud infrastructure on at least one of the major providers: AWS, GCP, Azure. Proficient in Infrastructure as Code tools such as Terraform, CloudFormation, or Pulumi.
* Solid experience with Docker and Kubernetes.
* Monitoring & Logging: Hands-on experience with monitoring tools (Prometheus, Grafana) and logging systems (ELK, Splunk, or equivalent).
* Proficient Software engineering, architecture, as well as scripting languages such as Python, Bash, or Go. Full control of version control systems such as Git.
* Strong experience with CI/CD pipelines and automation using Jenkins, CircleCI, GitHub Actions, GitLab CI, or similar.
* Strong understanding of cloud networking, VPNs, VPCs, DNS, and firewalls