דרושים » תוכנה » Application Security Engineer

Were looking for a highly skilled and motivated DevSecOps Engineer to join our dynamic team. As a DevSecOps Engineer, you will be responsible for ensuring the secure and efficient operation of our software development and deployment processes. You will collaborate with cross-functional teams to integrate security practices into the development lifecycle and foster a culture of security awareness.
The ideal candidate will have a strong software development background, SDLC security principles, and threat modeling for application-based features.
What You'll Do:
Design, develop, and implement secure software development and deployment pipelines, incorporating security best practices, automation, and continuous integration/continuous deployment (CI/CD) methodologies.
Collaborate with development, operations, and security teams to identify and prioritize security vulnerabilities/issues and requirements and integrate security controls into the development lifecycle.
Perform vulnerability assessments and security code reviews to identify and address security vulnerabilities and risks.
Implement and manage security tools and technologies such as SCA, SAST, IaC Security, etc.
Develop and enforce security policies, standards, and guidelines to ensure compliance with regulatory requirements and industry best practices.
Stay updated with the latest security trends, vulnerabilities, and threat intelligence to proactively identify emerging risks and recommend security enhancements.
Collaborate with cross-functional teams to conduct security awareness training and promote a culture of security within the organization.
Evaluate blockchain protocol repositories for in-depth security and resiliency analysis reporting.
Use market data analysis to identify risk vectors for various crypto assets.
Understand complex protocol governance structures to prepare concise reporting for executive consumption and decision-making.
Analyze crypto asset data across various sectors to provide recommendations for the organization based on variable risk tolerances and use cases.
Take part in various tasks related to custody operations.

At our company, we're on a mission to redefine vehicle safety and reliability on a global scale. Founded in 2016, we have pioneered the world's first fully automated suite of vehicle inspection systems. At the heart of this innovation lies our advanced AI-driven technology, representing the pinnacle of Machine Learning, GenAI, and computer vision within the automotive sector. With close to $400M in funding and strategic partnerships with industry giants such as Amazon, General Motors, Volvo, and CarMax, we stand at the forefront of automotive technological advancement. Our growing global team of over 200 employees is committed to creating a workplace that celebrates diversity and encourages teamwork. Our drive for innovation and pursuit of excellence are deeply Embedded in our vibrant company culture, ensuring that each individual's efforts are recognized and valued as we unite to build a safer automotive world.
We seek a highly skilled and proactive Senior SecOps Engineer to join our Security team and lead security operations across the organization. In this role, you will report directly to our CISO and work in close collaboration with the DevOps and R&D teams to embed security into every stage of the software lifecycle, protect our multi-cloud infrastructure, and ensure compliance with leading industry standards.
A day in the life and how youll make an impact:
* Report directly to the CISO and collaborate with DevOps and R&D teams to embed security into every stage of the SSDLC.
* Integrate security into CI/CD pipelines, Infrastructure as Code (Terraform, Helm, GitOps), and development workflows.
* Design, enforce, and monitor secure cloud configurations (AWS, GCP), including networking, IAM, encryption, and Kubernetes hardening.
* Implement and manage application security controls (SAST, DAST, SCA, code reviews).
* Lead incident response activities, including forensic investigations, vulnerability management, and threat mitigation.
* Deploy and operate CSPM tools (Wiz, Prisma, Orca), SIEM, WAF, and runtime security solutions.
* Drive compliance with ISO 27001, SOC 2, GDPR, ensuring audit readiness.

we are disrupting the Cyber Security industry! We are looking for a Senior Enterprise Information Security Engineer to join our Infosec team that owns, securing and delivering security for our Enterprise, SaaS, and Public Cloud security services. With your networking, firewall, cloud, and development skills, youll design, build automation and integrate along with our secure programs scale and secure our infrastructure and application in a Google Cloud Platform environment as well as collaborate with other team members. In this role, you will provide technical leadership in the development of Security programs by helping to drive the disruptive vision, technology planning, and estimation. If you are a fast learner and passionate about Cyber Security, this is a great opportunity for you
Your Impact
Providing advanced operations and engineering support for critical systems and services, including application and security infrastructure on-prem and in the cloud.
Responsible for assessing and reviewing the security and cloud infrastructure in both IT and production environments.
Coordinates with various teams to ensure appliances and services are configured with the correct posture to support business requirements.
In-depth knowledge of designing and implementing a Zero Trust Network Architecture, including network and identity segmentation.
Continuous monitoring and improvement of IT support practices to enhance scalability, reliability, and performance in the product infrastructure.
Assist in maintaining strong oversight of cloud computing solutions to safeguard against undue risks from third-party or external integrations.
Develop automation using SOAR tools to streamline repetitive tasks and improve the overall efficiency of the security team.
Collaborate with teams outside the Security Fusion Center, including Vulnerability Management, Network Engineering, OS Engineering, and product SRE.
Prioritize and respond to critical vulnerabilities and data exposures with urgency and effective risk mitigation strategies.
Develop and maintain security baselines for infrastructure components (e.g., VMs, containers, network devices) in alignment with CIS Benchmarks, NIST, and internal standards.
Support incident response activities, including containment, forensic investigation, root cause analysis, and post-incident documentation.
Perform regular policy and firewall rule reviews to ensure alignment with access requirements and enforcement of Zero Trust principles.
Contribute to governance, risk, and compliance (GRC) efforts, including audit participation, third-party risk assessments, and evidence collection for SOC 2, ISO 27001, or FedRAMP certifications.

We are making the future of Mobility come to life starting today. At our company we support the worlds largest vehicle fleet operators and transportation providers to optimize existing operations and seamlessly launch new, dynamic business models - driving efficient operations and maximizing utilization.
We are seeking a highly skilled and experienced Information Security Specialist to join
our company's security team. This role is critical in ensuring the security and integrity of our companys infrastructure, services and endpoints. The ideal candidate will have a deep understanding of security principles, architectures, and technologies, endpoint and site security, along with hands-on experience.
As the Information Security Specialist, you will be responsible for designing, implementing, and maintaining robust security measures to protect our assets and data. Working closely with various international stakeholders to integrate security best practices in all stages of the design and operating model, from design and deployment to monitoring and incident response.
What You'll Do:
Design and maintain the company's security model, ensuring alignment with best practices and regulatory requirements.
Manage and maintain our companys security, including the site and endpoints employees use.
Assist with the deployment and assurance activities associated with Security controls with our company. .
Continuously monitor environments, detect threats, and lead effective incident response and remediation efforts.
Ensure compliance with global standards (e.g., GDPR, ISO 27001, NIST) by driving audits, risk assessments, and security governance processes.
Co-ordinate offensive security activities including penetration testing, red team exercises, and third-party risk evaluations.
Drive continuous improvement of security operations, championing automation, zero-trust architecture, and emerging security capabilities.

were on a mission to help engineering teams build secure software, faster.
Were looking for an Application Security Engineer with a passion for AppSec to join our growing team and push the boundaries of modern application security.

Responsibilities
‍‍Build and maintain an advanced security research lab to test, evaluate, and supercharge detection tools.
Analyze tools across multiple domains: SAST, SCA, DAST, Secret Detection, IaC Scanning, Container Scanning, CSPM, and more.
Identify detection gaps and develop techniques and rules to close them.
Leverage Python and AI practices to automate research and drive smarter detection strategies.
Monitor emerging threats, CVEs, and high-profile incidents - and develop relevant detection content and platform enhancements.
Collaborate closely with engineering, product, and marketing

we are the leader in Behavioral Biometrics, a technology that leverages machine learning to analyze an online users physical and cognitive digital behavior to protect individuals online. our companys mission is to unlock the power of behavior and deliver actionable insights to create a digital world where identity, trust, and ease coexist.Today, 34 of the world's largest 100 banks and 210 total financial institutions rely on our companyConnect to combat fraud, facilitate digital transformation, and grow customer relationships.. our companys Client Innovation Board, an industry-led initiative including American Express, Barclays, Citi Ventures, and National Australia Bank, helps our company to identify creative and cutting-edge ways to leverage the unique attributes of behavior for fraud prevention. With over a decade of analyzing data, more than 80 registered patents, and unparalleled experience, our company continues to innovate to solve tomorrows problems.
We are looking for a proactive and skilled Software Infrastructure Developer to join our team, focusing on building robust and scalable infrastructure to support seamless automation and reliability across systems. This role is essential in ensuring efficient integration within our CI/CD pipelines, creating tools and frameworks for end-to-end automation, and working with engineering teams to continuously enhance system stability. The ideal candidate will bring strong technical expertise in automation, CI/CD (with hands-on knowledge of Jenkins), containerization, and cloud infrastructure, along with proficiency in Python and Node.js.
Key Responsibilities:
Software Infrastructure Design: Design, build, and maintain scalable automation infrastructure and frameworks to ensure consistency and reliability on various systems.
Tool and Library Development: Develop libraries and tools to simplify the creation and management of end-to-end automation, enabling efficiency and ease of use.
CI/CD Integration: Integrate and optimize automation frameworks within CI/CD pipelines to streamline deployment and operational workflows.
Feature Ownership: Take ownership of new features and products from design to production, ensuring high-quality, reliable releases.
Cross-Team Collaboration: Collaborate with cross-functional engineering teams to gather insights and requirements, driving continuous improvement of automation tools and frameworks.
Documentation and Knowledge Sharing: Document best practices and usage guidelines for libraries and tools to promote effective adoption and knowledge sharing across teams.
Technology Evaluation: Continuously research, evaluate, and implement new technologies to maximize development efficiency and innovation.

we are looking for a Product Security Engineer to join our growing team!
This is a great opportunity to be part of one of the fastest-growing infrastructure companies in history, an organization that is in the center of the hurricane being created by the revolution in artificial intelligence.
"our company's data management vision is the future of the market."- Forbes
we are the data platform company for the AI era. We are building the enterprise software infrastructure to capture, catalog, refine, enrich, and protect massive datasets and make them available for real-time data analysis and AI training and inference. Designed from the ground up to make AI simple to deploy and manage, our company takes the cost and complexity out of deploying enterprise and AI infrastructure across data center, edge, and cloud.
Our success has been built through intense innovation, a customer-first mentality and a team of fearless company ronauts who leverage their skills & experiences to make real market impact. This is an opportunity to be a key contributor at a pivotal time in our companys growth and at a pivotal point in computing history.
Responsibilities
Implement and maintain security controls for applications and systems.
Conduct DAST, SAST, vulnerability scans, and penetration tests.
Develop and enforce security policies and best practices.
Monitor logs, investigate incidents, and respond to threats.
Collaborate with development teams to ensure secure coding practices.
Stay updated on emerging threats and industry standards.

The Offensive Security team is seeking a Sr. Staff Offensive Security Engineer to join the team responsible for testing the security of all the products and services that make up the company's portfolio.
We're seeking innovative cybersecurity professionals to lead our advanced threat assessment program. In this role, you'll spearhead continuous internal security evaluations and coordinate with elite external partners to execute comprehensive penetration testing strategies. Your expertise will be crucial in identifying potential vulnerabilities and guiding both internal and external teams to explore the full spectrum of our attack surface. This position requires a deep understanding of application security offensive security techniques, coupled with the ability to strategically direct resources for maximum impact. Ideal candidates will possess a passion for uncovering system weaknesses, a talent for thinking like an adversary, and the skills to translate technical findings into actionable intelligence. Join us in crafting a robust, proactive security posture that stays ahead of emerging threats and keeps our defenses at the cutting edge of cybersecurity.
The successful candidate will thrive in a fast-paced environment where energy, drive, and a collaborative approach are key to success. And of course, a passion for bug hunting.
Your Impact
Conduct penetration tests against our company's products including appliances, applications, cloud services, and APIs
Engage with business owners in pre-engagement activities including scope definition, environment setup and scheduling
Prepare and deliver technical reports to business owners and InfoSec partners
Assist, as a subject matter expert, in remediation planning and execution
Perform security assessments, root-cause analysis and corrective measures as required
Occasionally plan and manage engagements to be executed by external partners when needed
Assist in the management of application security programs like continuous scanning, bug bounty, secure development lifecycle and others
Stay current on exploitation and post-exploitation techniques and incorporate them into the penetration testing arsenal.

We're looking for a Cyber Researcher who will be responsible for identifying, analyzing, and providing mitigation options for emerging cyber threats and vulnerabilities in SaaS environments. As a Cyber Researcher, youll lead and contribute to discovering new attack vectors, developing detection and defense techniques, and providing actionable intelligence to strengthen our products and protect our customers.
You will:
Conduct proactive research on emerging threats, vulnerabilities, and attack techniques relevant to SaaS and cloud environments.
Collaborate with engineering and product teams to translate research findings into product features and security controls.
Develop proof-of-concept and detection mechanisms to validate and demonstrate risks.
Stay up-to-date with the latest trends in cyber threats, security tools, and industry best practices.

We are looking for a Cyber Security Manager.
The cyber security manager implements, and monitors security policies and procedures, and ensures compliance with relevant standards and regulations. The Cyber Security Manager Serves as a team member for Information Technology Services (ITS) and Information Security Officer team at the Israel member firm. Specifically, he will be responsible for Leading various cyber security projects/ areas & Improving Cyber Security IL MFs posture.
The manager works with the member firm to identify areas of potential risk, potential cost savings, and operational efficiencies that will reduce the overall risks to client and firm data resources, and May participate in projects with participants from other countries in cross border operations.
The position will also work closely with the US Member Firm team The position is open to both women and men.