דרושים » אבטחת מידע וסייבר » DevSecOps Engineer for a Leading FinTech Company in Tel Aviv

we are looking for a passionate, experienced, and curious DevSecOps Engineer with proven expertise in securing production-level financial systems to take an active part in designing, implementing, and maintaining secure, compliant, and robust infrastructures in a highly regulated environment. This role focuses on embedding security into development and deployment workflows while supporting governance, risk, and compliance (GRC) efforts.

Key Responsibilities

Design, deploy, and manage advanced security solutions to protect cloud and IT environments supporting high-value financial transactions.
Conduct and facilitate remediation of findings from web application penetration tests and cloud infrastructure security scans.
Integrate security best practices into CI/CD pipelines, infrastructure automation, and containerized microservices orchestration.
Proactively monitor and enhance security posture, addressing vulnerabilities and emerging threats to ensure robust protection.
Collaborate with Engineering, DevOps, and Operations teams across New York, London, and Tel Aviv to embed security into development and operational workflows.
Support responses to customer security questionnaires from Tier 1 financial institutions, ensuring accurate and timely input.
Maintain and improve infrastructure automation and configuration management tools with a security-first approach.
Support, enhance, and maintain production-level observability with a focus on security monitoring.
Contribute to updating and improving our DevSecOps technology stack: AWS, Operating Systems, Kubernetes, Helm, Terraform, Python, Jenkins, and more.
Participate in mutual SOC 2 Type II efforts, assisting with evidence collection and control implementation as part of a collaborative team.

we are disrupting the Cyber Security industry! We are looking for a Senior Enterprise Information Security Engineer to join our Infosec team that owns, securing and delivering security for our Enterprise, SaaS, and Public Cloud security services. With your networking, firewall, cloud, and development skills, youll design, build automation and integrate along with our secure programs scale and secure our infrastructure and application in a Google Cloud Platform environment as well as collaborate with other team members. In this role, you will provide technical leadership in the development of Security programs by helping to drive the disruptive vision, technology planning, and estimation. If you are a fast learner and passionate about Cyber Security, this is a great opportunity for you
Your Impact
Providing advanced operations and engineering support for critical systems and services, including application and security infrastructure on-prem and in the cloud.
Responsible for assessing and reviewing the security and cloud infrastructure in both IT and production environments.
Coordinates with various teams to ensure appliances and services are configured with the correct posture to support business requirements.
In-depth knowledge of designing and implementing a Zero Trust Network Architecture, including network and identity segmentation.
Continuous monitoring and improvement of IT support practices to enhance scalability, reliability, and performance in the product infrastructure.
Assist in maintaining strong oversight of cloud computing solutions to safeguard against undue risks from third-party or external integrations.
Develop automation using SOAR tools to streamline repetitive tasks and improve the overall efficiency of the security team.
Collaborate with teams outside the Security Fusion Center, including Vulnerability Management, Network Engineering, OS Engineering, and product SRE.
Prioritize and respond to critical vulnerabilities and data exposures with urgency and effective risk mitigation strategies.
Develop and maintain security baselines for infrastructure components (e.g., VMs, containers, network devices) in alignment with CIS Benchmarks, NIST, and internal standards.
Support incident response activities, including containment, forensic investigation, root cause analysis, and post-incident documentation.
Perform regular policy and firewall rule reviews to ensure alignment with access requirements and enforcement of Zero Trust principles.
Contribute to governance, risk, and compliance (GRC) efforts, including audit participation, third-party risk assessments, and evidence collection for SOC 2, ISO 27001, or FedRAMP certifications.

Our team is at the forefront of ensuring the security and resilience of this critical infrastructure, and we're looking for a visionary Security Architect to play a pivotal role in designing and implementing robust security solutions across our infrastructure and applications.

If you have a passion for building secure-by-design systems, a deep understanding of both infrastructure and application security principles, and the ability to translate complex requirements into actionable blueprints, we want to hear from you. You'll be instrumental in shaping our security landscape, ensuring our platform remains a trusted and secure environment for our global users.

What You'll Be Doing:
This is a hands-on position. You need to love writing Python, working with APIs, and codifying infrastructure. Lead the architectural design and implementation of security solutions for our cloud infrastructure, network, and applications.
Get your "hands dirty", fearlessly working on our most complex and risky problems involving production systems and networks.
Constantly push optimizations and best practices. Define and maintain security standards, frameworks, and best practices across the organization.
Collaborate closely with engineering, product, and operations teams to integrate security seamlessly into the development lifecycle and infrastructure deployments.
Evaluate and recommend security technologies and tools to enhance our security posture.
Develop security reference architectures and patterns to guide engineering teams in building secure solutions.
Participate in threat modeling and risk assessment activities to proactively identify and mitigate potential security threats.
Provide expert guidance and mentorship to engineering teams on security-related topics.
Stay current with the latest security trends, threats, and technologies, and translate them into actionable strategies for us.

We are looking for a talented and experienced DevSecOps Engineer to join our company's IT Security group and help secure our large-scale, hybrid and multi-cloud environments.
We're a hands-on DevSecOps team embedded in the core of IT Security, focused on protecting infrastructure and network layers while building scalable, resilient systems. From AI security and data protection to CTEM (Continuous Threat Exposure Management), we lead POCs and transform innovative ideas into production-ready solutions. Were passionate about automating manual processes, driving operational excellence, and continuously evolving our security posture through cutting-edge technologies.
Key Responsibilities
Plan, Design, implement and maintain security standards and solutions across network, cloud, applications, CI/CD pipelines and secrets management all with a hands-on approach
Develop and own automation for SecOps operations, CTEM workflows and proactive security monitoring and remediation
Analyze complex system behaviors to identify performance, reliability and security issues in large-scale, live environments
Collaborate closely with SecOps and DevOps teams to align security with speed, scale and resilience
As a DevSecOps Engineer, youll play a critical role in protecting our hybrid cloud infrastructure, while shaping the future of security automation at scale.

At our company, we're on a mission to redefine vehicle safety and reliability on a global scale. Founded in 2016, we have pioneered the world's first fully automated suite of vehicle inspection systems. At the heart of this innovation lies our advanced AI-driven technology, representing the pinnacle of Machine Learning, GenAI, and computer vision within the automotive sector. With close to $400M in funding and strategic partnerships with industry giants such as Amazon, General Motors, Volvo, and CarMax, we stand at the forefront of automotive technological advancement. Our growing global team of over 200 employees is committed to creating a workplace that celebrates diversity and encourages teamwork. Our drive for innovation and pursuit of excellence are deeply Embedded in our vibrant company culture, ensuring that each individual's efforts are recognized and valued as we unite to build a safer automotive world.
We seek a highly skilled and proactive Senior SecOps Engineer to join our Security team and lead security operations across the organization. In this role, you will report directly to our CISO and work in close collaboration with the DevOps and R&D teams to embed security into every stage of the software lifecycle, protect our multi-cloud infrastructure, and ensure compliance with leading industry standards.
A day in the life and how youll make an impact:
* Report directly to the CISO and collaborate with DevOps and R&D teams to embed security into every stage of the SSDLC.
* Integrate security into CI/CD pipelines, Infrastructure as Code (Terraform, Helm, GitOps), and development workflows.
* Design, enforce, and monitor secure cloud configurations (AWS, GCP), including networking, IAM, encryption, and Kubernetes hardening.
* Implement and manage application security controls (SAST, DAST, SCA, code reviews).
* Lead incident response activities, including forensic investigations, vulnerability management, and threat mitigation.
* Deploy and operate CSPM tools (Wiz, Prisma, Orca), SIEM, WAF, and runtime security solutions.
* Drive compliance with ISO 27001, SOC 2, GDPR, ensuring audit readiness.

We are looking for a passionate and experienced Senior DevSecOps Architect to join our growing team!

In this pivotal role, you will take the lead in designing, planning, and implementing robust information security strategies across our infrastructure. Youll be at the forefront of integrating security into every stage of our development and deployment processes ensuring our systems are secure, scalable, and aligned with best practices. This is a unique opportunity to shape the security architecture of a fast-moving, innovative company, and work closely with engineering, IT, and security teams to drive a culture of security-first development.

Responsibilities
Craft and implement cutting-edge cloud security controls and technologies.
Lead design, implementation, and integration of various cloud security tools.
Monitor security events and perform triage analysis.
Identify new technologies and security tools and lead operationalization solutions from POC to Production.
Help build infrastructure, tools, and services to improve delivery and availability.
Work closely with DevOps, Engineering and product teams to define security strategy and controls and execute on it.
Collaborate with R&D teams on designing and the implementation of new features.

We are looking for a Principal Security Engineer (DevSecOps) to work in the Cortex DevSecOps group to help secure our immense cloud and on-prem deployments, and will be a security advisor for all infrastructure and application related new developments, as well as overseeing all current infrastructure and processes security improvements.
Helping guide new security initiatives in the product group and thinking outside the box for any new attack vectors as they appear in the wild.
The Cortex group specializes in analysis and visualization of complex cyber-data gathered by the company's products. It combines high-performance algorithms, deep understanding of modern databases, advanced visualization and high-end UI/UX.
Your Impact
Participate in meetings with stakeholders to provide balanced insights on feature requirements and security implications.
Act as a bridge between security, development, and operations teams to ensure security best practices are integrated into all phases of the development lifecycle.
Collaborate with cross-functional teams to develop pragmatic security solutions that do not hinder agility and innovation.
Work closely and in full coordination with multiple product engineering groups and DevOps teams to produce highly secure features
Handle, prioritize and effectively bring security vulnerabilities to resolution for multiple products
Build out security processes and perform threat modeling to all ongoing development and operations.

Were looking for a highly skilled and motivated DevSecOps Engineer to join our dynamic team. As a DevSecOps Engineer, you will be responsible for ensuring the secure and efficient operation of our software development and deployment processes. You will collaborate with cross-functional teams to integrate security practices into the development lifecycle and foster a culture of security awareness.
The ideal candidate will have a strong software development background, SDLC security principles, and threat modeling for application-based features.
What You'll Do:
Design, develop, and implement secure software development and deployment pipelines, incorporating security best practices, automation, and continuous integration/continuous deployment (CI/CD) methodologies.
Collaborate with development, operations, and security teams to identify and prioritize security vulnerabilities/issues and requirements and integrate security controls into the development lifecycle.
Perform vulnerability assessments and security code reviews to identify and address security vulnerabilities and risks.
Implement and manage security tools and technologies such as SCA, SAST, IaC Security, etc.
Develop and enforce security policies, standards, and guidelines to ensure compliance with regulatory requirements and industry best practices.
Stay updated with the latest security trends, vulnerabilities, and threat intelligence to proactively identify emerging risks and recommend security enhancements.
Collaborate with cross-functional teams to conduct security awareness training and promote a culture of security within the organization.
Evaluate blockchain protocol repositories for in-depth security and resiliency analysis reporting.
Use market data analysis to identify risk vectors for various crypto assets.
Understand complex protocol governance structures to prepare concise reporting for executive consumption and decision-making.
Analyze crypto asset data across various sectors to provide recommendations for the organization based on variable risk tolerances and use cases.
Take part in various tasks related to custody operations.

We're looking for a Security Engineer
WHAT YOULL DO

Lead threat modeling and security review exercises across production and CI/CD environments identifying and mitigating risks in our products and the cloud services that support them
Drive vulnerability management and remediation efforts prioritizing issues, implementing mitigations, and designing strategic preventative controls
Extend our detection and response capabilities building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
Collaborate with our Federal team extending our DevSecOps and Product Security practices to FedRAMP environment and ensure it meets key security requirements
Build deep functional partnerships with Wizs engineering and operations teams helping them deliver secure-by-design solutions