דרושים » מחשבים ורשתות » Senior DevSecOps Engineer

We are looking for a passionate, experienced, and curious DevSecOps Engineer with proven expertise in securing production-level financial systems to take an active part in designing, implementing, and maintaining secure, compliant, and robust infrastructures in a highly regulated environment. This role focuses on embedding security into development and deployment workflows while supporting governance, risk, and compliance (GRC) efforts.

Key Responsibilities:
Design, deploy, and manage advanced security solutions to protect cloud and IT environments supporting high-value financial transactions.
Conduct and facilitate remediation of findings from web application penetration tests and cloud infrastructure security scans.
Integrate security best practices into CI/CD pipelines, infrastructure automation, and containerized microservices orchestration.
Proactively monitor and enhance security posture, addressing vulnerabilities and emerging threats to ensure robust protection.
Collaborate with Engineering, DevOps, and Operations teams across New York, London, and Tel Aviv to embed security into development and operational workflows.
Support responses to customer security questionnaires from Tier 1 financial institutions, ensuring accurate and timely input.
Maintain and improve infrastructure automation and configuration management tools with a security-first approach.
Support, enhance, and maintain production-level observability with a focus on security monitoring.
Contribute to updating and improving our DevSecOps technology stack: AWS, Operating Systems, Kubernetes, Helm, Terraform, Python, Jenkins, and more.
Participate in mutual SOC 2 Type II efforts, assisting with evidence collection and control implementation as part of a collaborative team.

As a Senior DevOps Engineer, you will be pivotal in designing, implementing, and maintaining our cloud infrastructure. You will join a highly technological team responsible for managing our cloud environments, optimizing infrastructure, and ensuring security and cost efficiency. In this role, you will collaborate with key stakeholders across the company, including R&D, Security, and Product teams, to automate processes, streamline operations, and drive impactful changes in our cloud strategy.

Key Responsibilities:

Cloud Infrastructure Design & Implementation: Lead the design and implementation of our cloud infrastructure, ensuring it is secure, scalable, and cost-effective.
Automation & Streamlining: Help automate and streamline our operations and processes, enhancing efficiency and reducing manual intervention.
Cross-Functional Collaboration: Work closely with all major stakeholders in the company, including R&D, Security, Product, and more, to ensure seamless integration of DevOps practices.
Impactful Contribution: Play a major part in shaping the companys cloud strategy, focusing on innovation and long-term success.

Required Security DevOps Engineer
Realize your potential by joining the leading performance-driven advertising company!
The ideal candidate will bridge high-level security governance with hands-on, automated security implementation across the Software Development Life Cycle (SDLC).
This individual will be a critical enabler, empowering teams to move swiftly and deliver exceptional value to our clients, all while upholding the required security standards. A proven track record in successfully balancing rapid innovation with robust security practices is essential for this role.
How youll make an impact:
As the DevSecOps Leader / Program Manager, you will be responsible for creating a secure-by-design culture and leading the operational implementation of our security strategy.
You will:
Build the Secure SDLC (SSDLC) Strategy: Develop, own, and execute the companys comprehensive DevSecOps strategy, focusing on automation to manage security at scale from code check-in to production deployment.
Lead Key Security Engineering Initiatives: Lead and manage security engineering programs, including:
Maturing the security tools stack (e.g., implementing WAF, and automating SCA/SAST tools).
Owning the bug bounty and responsible disclosure programs triage and remediation tracking.
Enhancing the Identity and Access Management (IAM) framework through concepts like Just-In-Time (JIT) and Zero Trust principles.
Operationalize CVE Tracking and Remediation: Design and implement a scalable system for discovering, tracking, and prioritizing Common Vulnerabilities and Exposures (CVEs) in third-party and custom code. Drive the engineering teams to achieve security risk remediation goals by providing clear, actionable data and automated patching mechanisms.
Measure & Drive Improvement: Develop and maintain key DevSecOps metrics (e.g., Mean Time To Detect/Remediate MTTD/MTTR, percentage of code coverage by SAST/SCA tools) to measure the effectiveness of automated controls and provide a data-driven picture of the application security posture.
Embed Security Engineering: Spearhead R&D DevSecOps initiatives, partnering directly with engineering teams to select, deploy, and maintain security tools, establishing security gates and best practices throughout the product development lifecycle.

Required SRE Security
Realize your potential by joining the leading performance-driven advertising company!
The ideal candidate will bridge high-level security governance with hands-on, automated security implementation across the Software Development Life Cycle (SDLC).
This individual will be a critical enabler, empowering teams to move swiftly and deliver exceptional value to our clients, all while upholding the required security standards. A proven track record in successfully balancing rapid innovation with robust security practices is essential for this role.
How youll make an impact:
As the DevSecOps Leader / Program Manager, you will be responsible for creating a secure-by-design culture and leading the operational implementation of our security strategy. You will:
Build the Secure SDLC (SSDLC) Strategy: Develop, own, and execute the companys comprehensive DevSecOps strategy, focusing on automation to manage security at scale from code check-in to production deployment.
Lead Key Security Engineering Initiatives: Lead and manage security engineering programs, including:
Maturing the security tools stack (e.g., implementing WAF, and automating SCA/SAST tools).
Owning the bug bounty and responsible disclosure programs triage and remediation tracking.
Enhancing the Identity and Access Management (IAM) framework through concepts like Just-In-Time (JIT) and Zero Trust principles.
Operationalize CVE Tracking and Remediation: Design and implement a scalable system for discovering, tracking, and prioritizing Common Vulnerabilities and Exposures (CVEs) in third-party and custom code. Drive the engineering teams to achieve security risk remediation goals by providing clear, actionable data and automated patching mechanisms.
Measure & Drive Improvement: Develop and maintain key DevSecOps metrics (e.g., Mean Time To Detect/Remediate MTTD/MTTR, percentage of code coverage by SAST/SCA tools) to measure the effectiveness of automated controls and provide a data-driven picture of the application security posture.
Embed Security Engineering: Spearhead R&D DevSecOps initiatives, partnering directly with engineering teams to select, deploy, and maintain security tools, establishing security gates and best practices throughout the product development lifecycle.

Required DevSecOps Engineer
Realize your potential by joining the leading performance-driven advertising company!
The ideal candidate will bridge high-level security governance with hands-on, automated security implementation across the Software Development Life Cycle (SDLC).
This individual will be a critical enabler, empowering teams to move swiftly and deliver exceptional value to our clients, all while upholding the required security standards. A proven track record in successfully balancing rapid innovation with robust security practices is essential for this role
How youll make an impact:
As the DevSecOps Leader / Program Manager, you will be responsible for creating a secure-by-design culture and leading the operational implementation of our security strategy.
You will:
Build the Secure SDLC (SSDLC) Strategy: Develop, own, and execute the companys comprehensive DevSecOps strategy, focusing on automation to manage security at scale from code check-in to production deployment.
Lead Key Security Engineering Initiatives: Lead and manage security engineering programs, including:
Maturing the security tools stack (e.g., implementing WAF, and automating SCA/SAST tools).
Owning the bug bounty and responsible disclosure programs triage and remediation tracking.
Enhancing the Identity and Access Management (IAM) framework through concepts like Just-In-Time (JIT) and Zero Trust principles.
Operationalize CVE Tracking and Remediation: Design and implement a scalable system for discovering, tracking, and prioritizing Common Vulnerabilities and Exposures (CVEs) in third-party and custom code. Drive the engineering teams to achieve security risk remediation goals by providing clear, actionable data and automated patching mechanisms.
Measure & Drive Improvement: Develop and maintain key DevSecOps metrics (e.g., Mean Time To Detect/Remediate MTTD/MTTR, percentage of code coverage by SAST/SCA tools) to measure the effectiveness of automated controls and provide a data-driven picture of the application security posture.
Embed Security Engineering: Spearhead R&D DevSecOps initiatives, partnering directly with engineering teams to select, deploy, and maintain security tools, establishing security gates and best practices throughout the product development lifecycle.

We are looking for a Principal Security Engineer (DevSecOps) to work in the Cortex DevSecOps group to help secure our immense cloud and on-prem deployments, and will be a security advisor for all infrastructure and application related new developments, as well as overseeing all current infrastructure and processes security improvements.
Helping guide new security initiatives in the product group and thinking outside the box for any new attack vectors as they appear in the wild.
The Cortex group specializes in analysis and visualization of complex cyber-data gathered by the products. It combines high-performance algorithms, deep understanding of modern databases, advanced visualization and high-end UI/UX.
Your Impact
Participate in meetings with stakeholders to provide balanced insights on feature requirements and security implications.
Act as a bridge between security, development, and operations teams to ensure security best practices are integrated into all phases of the development lifecycle.
Collaborate with cross-functional teams to develop pragmatic security solutions that do not hinder agility and innovation.
Work closely and in full coordination with multiple product engineering groups and DevOps teams to produce highly secure features
Handle, prioritize and effectively bring security vulnerabilities to resolution for multiple products
Build out security processes and perform threat modeling to all ongoing development and operations.

We are looking for a Principal Security Engineer (DevSecOps) to work in the Cortex DevSecOps group to help secure our immense cloud and on-prem deployments, and will be a security advisor for all infrastructure and application related new developments, as well as overseeing all current infrastructure and processes security improvements.
Helping guide new security initiatives in the product group and thinking outside the box for any new attack vectors as they appear in the wild.
The Cortex group specializes in analysis and visualization of complex cyber-data gathered by the products. It combines high-performance algorithms, deep understanding of modern databases, advanced visualization and high-end UI/UX.
Your Impact
Participate in meetings with stakeholders to provide balanced insights on feature requirements and security implications.
Act as a bridge between security, development, and operations teams to ensure security best practices are integrated into all phases of the development lifecycle.
Collaborate with cross-functional teams to develop pragmatic security solutions that do not hinder agility and innovation.
Work closely and in full coordination with multiple product engineering groups and DevOps teams to produce highly secure features
Handle, prioritize and effectively bring security vulnerabilities to resolution for multiple products
Build out security processes and perform threat modeling to all ongoing development and operations.

we are a fast-growing digital health SaaS company thats on a mission to enhance the primary care experience by transforming the way physicians interact with patient data. Our proprietary AI models are specifically designed to understand the language of primary care, transforming complex and fragmented patient data into a concise patient portrait" and actionable clinical insights at the point of care. This allows physicians to get the full picture of their patients and act on their health status instantly and accurately. Built by physicians for physicians, our AI platform reduces physician burnout, while helping healthcare organizations thrive in value-based care. Thousands of clinicians across the United States are using our companys AI-powered clinical intelligence solution to improve preventative care, reduce missed diagnoses, and reclaim time with their patients.
our company has been named one of the Top 100 AI companies globally by CB Insights, and made the list of the Top 50 Digital Health startups. We are already working with industry leading health systems and value-based organizations including Privia Health and Tampa General Hospital.
we are looking for a talented and hands-on SecOps Specialist to join its core InfoSec & IT department.
Responsibilities
The position is designed to be hands-on, focusing on the operational aspects of security and compliance within the organization. It is essential for supporting our companys strategic vision, ensuring effective and efficient implementation of security and compliance initiatives.
As a SecOps Specialist you will be responsible for executing the operational aspects of information security and support security strategies formulated with the CISO.
This role requires a strong focus on the day-to-day management and monitoring of security practices, the integration of security within the software development lifecycle, ensuring the organizations policies, procedures, and different systems are aligned with customers requirements, regulatory requirements and industry best practices.

We are looking for an experienced DevSecOps engineer to join our DevOps Group , newly created IT team.
Who has a passion for security , living security standards and best practices. Who has a desire to find the right solution with the available tools, not compromise on highest standards and allowing developers quick and easy way to progress.
In this position you will use your expertise in Azure, SSO, authorizations, SonarQube and more.
Key Responsibilities
Design and Build and manage one click joining / removing users from all the 3rd party integrated systems.
Get an experience with many 3rd party system, access, user groups and permissions. You will have a great opportunity to grow and create impact.
Analyze GitHub repos usage, permissions, PRs and build unified best practice for all.