דרושים » אבטחת מידע וסייבר » Head of Application Security

We are seeking a highly skilled and experienced Application Security Expert to join our dynamic team.

This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools.

Key Responsibilities
Contribute to design and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Promote a culture of security awareness and continuous improvement within the organization.

Were looking for a Staff Application Security Engineer to join our IT and Security team. This role is ideal for a hands-on security professional who is passionate about working closely with engineering teams to design secure software, fix vulnerabilities, and promote a culture of security across the organization.
Youll be responsible for shaping and owning our Secure Software Development Lifecycle (SSDLC), managing security tooling, and leading the assessment of application and API security across our products and services.
Here are a few of the things you will do:
Collaborate directly with engineering teams to define remediation strategies, track implementation, and validate security fixes across the application stack.
Design, implement, and drive SSDLC practices across the companyfrom security design reviews and threat modeling to proactive triaging in production.
Conduct threat modeling, architecture reviews, and security assessments of cloud-based applications and services, including those leveraging emerging technologies.
Manage our bug bounty program, validating reports and coordinating response and resolution.
Own and operate our suite of AppSec tools including SAST, ASPM, and other security scannerstriaging findings, prioritizing issues, and guiding engineering toward resolution.
Review source code and applications to identify vulnerabilities and collaborate with dev teams on remediation.
Act as the point of contact for findings from penetration tests, automated scanners, and external assessments, helping manage triage and ensure timely fixes.
Continuously research and stay current with application security trends, frameworks, vulnerabilities, and best practices.
Promote a strong security culture across by educating and enabling engineers, architects, and DevOps teams to build secure software from the ground up.

Required Application Security Engineer
The Gist
We are one of the fastest-growing healthtech companies, building the technology that connects every part of the healthcare ecosystem. Were solving one of the toughest problems in healthcare: how to make systems, apps, and data truly interoperable.
Our platform enables real-time collaboration between doctors and innovators, with secure data exchange and workflow integrations that happen directly inside clinical systems. In simple terms: we help healthcare work better. By streamlining workflows and reducing complexity, we help organizations focus on what really matters - delivering better care for patients.
Connect & Canvas
At the heart of our platform is Connect, a connectivity layer that links healthcare applications to patient healthcare management systems providers use in real time. Its designed for scale, reliability, and developer experience, powering millions of data interactions every day.

With our recently launched developer platform, were expanding that capability to innovators everywhere, making it possible to build healthcare applications that plug directly into real-world clinical workflows. Our team leads the way in designing, architecting, and scaling these products, experimenting fast, shipping with impact, and shaping the future of healthcare connectivity.
The Role
The ideal candidate will have a strong background in application security, coupled with expertise in product security, infrastructure management, and DevOps practices.
You should be comfortable wearing multiple hats and thrive in a fast-paced, collaborative environment.
Pioneer new approaches to application security, including leveraging AI for advanced automations and process optimizations.
If you're ready to push the boundaries of application security and contribute to a culture of uncompromising quality, we want you on our team.
Join us in our relentless pursuit of robust security and a continuously hardening application landscape.
What you will do
Conduct internal penetration testing against our applications and APIs.
Design, build, and implement the Secure SDLC process, integrating security into all stages of the software development lifecycle.
Evaluate product design and architecture against security best practices, offering guidance on prioritization and remediation.
Build and automate security testing as part of our CICD pipeline and cloud environments based on automation workflows leveraging AI.
Develop and lead projects, implementing various security tools and technologies, such as: AI agents context-aware, SAST, SCA, vulnerability scanners, and Kubernetes (K8s) security tooling.
Mentor development teams through training and hackathons.
Support security incident response in a cross-functional environment.

We are seeking a highly skilled and experienced Principal Architect to join our dynamic team. As the Principal Architect, you will be responsible for overseeing the design, development, and implementation of our API security platform. You will play a critical role in defining the technical vision and roadmap, leading architectural decisions, and ensuring the scalability, performance, and security of our products.

Responsibilities:
Lead the technical architecture and design of Salt Security's API security platform, working closely with cross-functional teams, including engineering, product management, and security operations.
Define and drive the technical vision, strategy, and roadmap for the platform, aligning it with business objectives and customer needs.
Provide technical leadership and mentorship to the engineering team, promoting best practices, code quality, and continuous improvement.
Collaborate with stakeholders to gather requirements, analyze technical feasibility, and identify areas for innovation and differentiation.
Evaluate and select appropriate technologies, frameworks, and tools to support the development of robust, scalable, and secure solutions.
Ensure architectural consistency and integrity across different components, modules, and systems.
Conduct regular code reviews, architectural reviews, and performance assessments to maintain high standards of software quality.
Stay up-to-date with industry trends, emerging technologies, and best practices in API security and cloud computing, and apply that knowledge to enhance our platform.

We seek a dedicated and proactive Senior SecOps Engineer to join our InfoSec team and take ownership of all security-related tasks across the organization.
In this role, you will be key in aligning security goals with infrastructure, R&D and IT requirements. You will be responsible for integrating security into our CI/CD pipelines, managing cloud infrastructure security, ensuring compliance with security standards, and protecting our infrastructure from vulnerabilities.
A day in the life and how youll make an impact:
Implement and manage security tools such as static code analysis, cloud posture monitoring, and penetration testing tools.
Embed security into the DevOps lifecycle, including CI/CD pipelines, IaC (Infrastructure as Code), and software development workflows.
Design and enforce security policies for cloud architecture, ensuring secure configurations and monitoring.
Lead incident response activities, vulnerability management, and forensic investigations to mitigate threats.
Drive compliance efforts (ISO 27001, SOC 2, GDPR, etc.) and audit readiness for the organization.
Work closely with stakeholders (CISO, COO, System Architects, DevOps, IT, Finance, HR, etc) to identify requirements and prioritize security needs.
Continuously monitor systems and infrastructure for vulnerabilities, intrusions, and misconfiguration.
Perform or manage penetration testing initiatives to identify security weaknesses.

The CSO Office is seeking an Application Security Engineer. In this role, you will contribute to driving security across the SDLC at scale, empowering developers, and enabling secure development through automation, process, and tooling. Youll work as part of a team of security engineers focused on SSDLC automation, vulnerability management, and proactive engagement with R&D.

This is a hands-on technical role that combines architecture, coding, and collaboration, working closely with Product, Engineering, DevOps, and Security stakeholders.

As an Application Security Engineer you will...
Assist in the development of internal security tools and AI agents.
Support the design and implementation of SSDLC practices and automated security controls across the CI/CD pipeline.
Contribute to building and operating scalable vulnerability management frameworks across cloud-native services and SaaS products.
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA.
Develop Internal application security Tools and Automations.
Partner with development and DevOps teams to embed security early and often.
Contribute to secure code reviews and assist with remediation strategies.
Track, triage, and report vulnerabilities across product lines.
Support the adoption of secure development best practices.

We are looking for an experienced Security Architect to lead the design and implementation of advanced security solutions across our infrastructure, products, and cloud environments. In this role, you will work closely with engineering, DevOps, product, and SOC teams to ensure end-to-end protection, threat resilience, and security-by-design architecture.

Your Chain of Impact:

Design and implement scalable, secure architectures across cloud, application, and data environments
Lead security reviews, threat modeling, and risk assessments for new and existing systems.
Collaborate with R&D and DevOps to embed security best practices into development and deployment processes.
Define and maintain security standards, policies, and frameworks (Zero Trust, IAM, network controls, data protection, etc.)
Oversee integration of security controls, monitoring systems, and automated detection capabilities.
Partner with SOC teams to enhance detection, response, and incident management workflows.
Evaluate new security tools and technologies; lead POCs and drive strategic decisions.
Provide security guidance during architecture planning, code reviews, and product design.

We're looking for an Infrastructure Security Architect to join us. In this role, you will design and validate secure cloud and corporate infrastructures, drive security best practices, and solve complex network and cloud-security challenges across the organization.
Responsibilities:
Design and architect secure infrastructures across cloud, and corporate environments, with strong emphasis on scalable AWS networking.
Lead network-security architecture reviews for new and existing technologies, systems, and product features.
Develop and maintain security reference architectures, guidelines, and best practices for cloud and network environments.
Review, design, and enhance cloud network architecture (VPC topology, segmentation, routing, connectivity, hardening).
Evaluate and run PoCs for security and cloud-networking products to strengthen our companys cloud security posture.
Perform Infra threat modeling and risk assessments for network and cloud architecture designs.
Collaborate with DevOps, SRE, R&D, and IT to integrate security into infrastructure design, deployments, and engineering processes.
Troubleshoot complex network and cloud-security issues across corporate and product environments.
Oversee IoT network security, including segmentation and monitoring strategies.
Provide clear, structured feedback to product teams on architecture, design trade-offs, and real-world operational impact.
Act as a senior escalation point for network-related security alerts and incident response within the security operations team.

By joining our management team as the R&D director, you will take full responsibility of the email and collaboration product family R&D, manage a growing global team of over 50 professionals, and be at the top of technology for cloud SaaS high scale/high velocity AI/ML based security solutions, serving tens of thousands of global enterprise customers.

If you want to make a real global impact, making the world a safer place join us !

Key Responsibilities
Product Development:
Oversee the design, development, maintenance and deployment of cutting-edge cloud based email security products and features, serving tens of thousands of global enterprise customers.
Ensure products meet market needs and regulatory requirements while maintaining the highest security and coding standards.
Ensure products are developed in the most cost effective manner, deployed over multiple regions utilizing cutting edge cloud infrastructure and technologies.
Ensure products are robust, built to scale and support dynamic architecture changes for fast growing changing environments.
Ensure product is fully monitored at the highest level 24/7 by actively implementing a reliable monitoring system across multiple domains and regions.
Team Management:
Lead, mentor, and develop a growing high-performing R&D team of over 50 high skill professionals, across the globe. including group and team leaders, software engineers, data scientists, and cybersecurity experts.
Foster collaboration and cross-functional integration between R&D, product management, customer success, and other departments.
Manage our R&D team building. Recruit and support extending our R&D ever growing team to catch up with product growth.
Monitor and report on R&D performance metrics and project progress to the executive team.
Research & Innovation:
Drive research initiatives to explore new technologies, threats, and opportunities in cloud, AI/ML and email security.
Maintain a strong understanding of industry trends, emerging threats, and competitive landscape.
Drive innovation through threat modeling, prototyping, and validating emerging technologies.
Quality Assurance:
Ensure rigorous testing and validation processes to guarantee the reliability, performance, and security of products.
Implement best practices for software development and quality assurance utilizing advanced automation technologies.
Implement full system monitroing to assure production top availability and performance.
Strategic Leadership:
Develop and implement the R&D strategy in alignment with the company's product vision and business objectives.
Adopt AI/ML to enhance threat detection, anomaly detection, and behavior analysis for better email security.
Foster a culture of innovation, continuous improvement, and excellence within the R&D team.
Manage and mentor cross-functional teams of researchers, engineers, and data scientists.
Foster a culture of continuous learning, experimentation, and technical excellence.
Budget Management:
Manage the R&D budget, ensuring effective allocation of resources to projects and initiatives.
Manage email security cloud cost and drive cloud cost optimization initiatives and activities.

Our Security Engineer
Job Description
Join our Internal Platform Engineering team! As a Security Engineer, you'll be at the forefront of developing and implementing security capabilities to support secure and efficient service delivery. You'll be responsible for ensuring that the tools, approaches, and infrastructure used meet the highest security standards. In your day-to-day, you will:
Drive the development of new security capabilities to support delivery and ensure that the tools and approaches used are effective
Support the efficient delivery of services by employing industry best practices for the automated build and deployment of security infrastructure and code
Support Cloud Technology deployments, lift and shift migrations and transformation of Cloud solutions that manage hybrid and on-premises infrastructure
Assist with the execution of architecture blueprints and brings security into a DevOps mindset and culture
Collaborate with Product teams to support the evaluation of planned changes, to minimize security risk
Provide advice on security to contribute to different projects and product development.