דרושים » אבטחת מידע וסייבר » Application Security Engineer

we are looking for a Senior Information Security Engineer.
As a Senior Information Security Engineer, youll be on the front lines of protecting the systems, users, and data at scale. This role is about turning strategy, architecture, and intent into enforced controls, effective detections, and resilient operations. Youll work hands-on with the tools, signals, and incidents that define our real security posture.
If you believe security should be practical, measurable, and embedded into daily operations-and not just documented-we want you on the team.
What the Role Looks Like in Practice
You will be the technical anchor of our internal security posture:
Architectural Ownership: Deploy, manage, and tune enterprise-grade security stacks (EDR, DLP, IAM, CASB, MDM) with a focus on deep integration and automation.
The AI Frontier: Lead the charge on AI Security. You will implement and secure AI-driven workflows, ensuring LLM use is governed and protected against emerging threats such as data leakage and prompt injection.
Proactive Defense: Build and maintain high-fidelity detections and guardrails that align with real-world attack techniques.
Cross-Functional Synergy: Partner as a peer with Engineering, IT, and DevOps to ensure security controls are frictionless, automated, and effective.

Were seeking a Security Lead to join our team. This role is ideal for someone who can shape security foundations from the ground up. Youll solely build, lead and scale our security program across product, infrastructure and internal operations. This is a hands-on leadership role in which you will define our security strategy, drive execution, take ownership of maintaining security within our cloud environment and ensure that our customers, partners and employees can trust our platform and data handling.

Responsibilities

Embed secure-by-design and secure-by-default practices into the SDLC, partnering with engineering on threat modeling, secure code reviews, SAST/DAST, vulnerability management, and integrating practical, developer-first security solutions directly into development workflows.
Manage hands-on application and cloud security execution, reviewing code, hardening services, improving AWS/GCP configurations, IAM, networking, and secrets management, building cloud posture management, and integrating security into CI/CD, containers, and infrastructure-as-code.
Drive LLM and GenAI security innovation, implementing guardrails, prompt injection protections, MCP authorizations, and AI-specific security controls to ensure resilient and safe AI-powered systems.
Own incident response and security operations end-to-end, including preparation, detection, mitigation, root-cause analysis, remediation, communications, and developing internal standards, playbooks, and automation to scale the function from scratch.
Lead privacy, data lifecycle, and compliance initiatives, owning SOC 2, ISO 27001, GDPR, and regulatory readiness, while representing security in customer and partner discussions and translating technical controls into business assurance.

At our company, we are building an open and flexible Agentic Engineering Platform for modern engineering organizations. Following our recent $100M Series C funding round, we are in a phase of rapid hypergrowth with strong enterprise momentum.
We act as the central nervous system for engineering, enabling platform teams to unify their stack and expose it as a governed layer through golden paths for developers and AI agents. By combining rich engineering context, workflows, and actions, we help organizations transition from manual processes to autonomous, AI-assisted engineering workflows while maintaining control and accountability.
As a product-led company, we believe in building world-class platforms that fundamentally shape how modern engineering organizations operate.
About Your Day-to-Day
As a Security Specialist, you will play a meaningful role in shaping how our company operates and scales its security posture. You will be the hands-on backbone of our security team, you will keep our systems running, respond to alerts, and ensure our SDLC is secure from commit to production.
You will work closely with R&D, DevOps, and the IT team, take ownership over daily security operations and automations, and help transform complex security threats into clear, structured outcomes.
Responsibilities
Own and execute daily security operations with independence and accountability, including monitoring, triaging, and responding to alerts across all platforms.
Collaborate with R&D and DevOps to align security priorities within the CI/CD pipeline and embed secure coding practices into the development lifecycle.
Turn ambiguity into structured processes by building SOAR playbooks to automate repetitive tasks and creating detection rules tuned to our companys environment.
Drive high-quality execution in vulnerability management, coordinating remediation with engineering teams according to strict SLA timelines.
Communicate clearly by documenting incident root causes, maintaining security dashboards (MTTD/MTTR), and reporting on security metrics.
Continuously improve workflows by tuning security tools (EDR, CNAPP, IAM), suppressing false positives, and automating evidence collection for compliance.
What Success Will Look Like
Success in this role means becoming a trusted, reliable contributor who brings clarity and stability to our companys security environment.
Within the first months, you are expected to:
Take full ownership over the security alert workflow and operate independently in incident investigation.
Deliver consistent, high-quality outcomes in managing our security tooling stack (EDR, IAM, and secrets management).
Proactively identify gaps in the SDLC security gates or inefficiencies in manual triage and address them through automation.
Build strong working relationships with the Engineering and IT teams based on trust and accountability.
Contribute to a calmer, more predictable, and better-organized security environment by reducing noise and automating toil.

our company is the world leader in accelerated computing, defining the future of ai and high-performance networking. we are seeking a highly skilled and proactive senior Cyber security threat intelligence (cti) analyst to join the networking product security team. in this critical role, you will function as a key defender of the technologies powering the worlds largest ai clusters. you will act as the eyes and ears of our product security organization, conducting investigative research into sophisticated adversaries and translating complex threat data into actionable intelligence. this is a hands-on role where your insights will directly influence our defensive posture and help eliminate threats before they manifest in the core of global ai infrastructure.
what you will be doing:
you will serve as the intelligence core of our team dedicated to identifying, analyzing, and mitigating threats against our products and ecosystem:
lead deep-dive osint and webint research to identify emerging threats, conducting intelligence collection and analysis that leads to clear, actionable mitigation recommendations.
leverage scripting ( Python, bash, etc.) and generative ai tools to automate intelligence collection, triage, and analysis workflows.
analyze advanced persistent threats (apts) and sophisticated adversaries, collaborating with multi-functional teams to detect, track, and eliminate potential risks to our networking portfolio.
apply extensive insight into cyber operation phases to map adversary behavior, anticipate future movements, and harden our product development lifecycle with adoption of security improvements.
drive threat hunting methodologies, proactively searching for indicators of compromise (iocs) and hidden vulnerabilities within the products.
translate complex technical findings into strategic intelligence reports for both technical collaborators and leadership, ensuring a clear and unified insight into the threat landscape.
collaborate closely with incident response and engineering teams to ensure intelligence findings are seamlessly coordinated into other defensive tools and product security processes.

We are looking for a Security Engineer to join us. In this role, you will take part in securing our companys production environments across network, data, and AI domains. You will work closely with SRE, DevOps, platform, and internal security teams to design, operate, and continuously improve security controls, reduce risk, and strengthen our detection and response capabilities in a fast-growing, cloud-native environment.
Responsibilities
Support, maintain, and operate network, data, and AI security controls across our companys production environments, and continuously improve protection, detection, and response capabilities.
Design, implement, and troubleshoot network security mechanisms, including segmentation, access controls, and traffic inspection, to reduce attack surface and lateral movement.
Secure sensitive data and databases by enforcing encryption, permissions, and access governance, auditing, and monitoring to prevent data leakage and misuse.
Identify security risks related to AI systems, data pipelines, and inference services, and help define controls to protect models, training data, and AI-driven workflows.
Collaborate with engineering, SOC, and platform teams to identify high-risk assets, abuse scenarios, and attack paths, and translate them into actionable security controls and detections.
Support incident response activities by serving as an escalation point for complex network, data, and AI-related security incidents.
Contribute to improving security visibility, detection logic, and response processes, including documentation and knowledge sharing across the Cyber Defense Group.

Were looking for a Staff Application Security Engineer to join our IT and Security team. This role is ideal for a hands-on security professional who is passionate about working closely with engineering teams to design secure software, fix vulnerabilities, and promote a culture of security across the organization.

Youll be responsible for shaping and owning our Secure Software Development Lifecycle (SSDLC), managing security tooling, and leading the assessment of application and API security across our products and services.

Here are a few of the things you will do:
Collaborate directly with engineering teams to define remediation strategies, track implementation, and validate security fixes across the application stack.

Design, implement, and drive SSDLC practices across the company-from security design reviews and threat modeling to proactive triaging in production.

Conduct threat modeling, architecture reviews, and security assessments of cloud-based applications and services, including those leveraging emerging technologies.

Manage HoneyBooks bug bounty program, validating reports and coordinating response and resolution.

Own and operate our suite of AppSec tools including SAST, ASPM, and other security scanners-triaging findings, prioritizing issues, and guiding engineering toward resolution.

Review source code and applications to identify vulnerabilities and collaborate with dev teams on remediation.

Act as the point of contact for findings from penetration tests, automated scanners, and external assessments, helping manage triage and ensure timely fixes.

Continuously research and stay current with application security trends, frameworks, vulnerabilities, and best practices.

Promote a strong security culture across HoneyBook by educating and enabling engineers, architects, and DevOps teams to build secure software from the ground up.

As a Security Specialist, you will play a meaningful role in shaping how our company operates and scales its security posture. You will be the hands-on backbone of our security team, you will keep our systems running, respond to alerts, and ensure our SDLC is secure from commit to production.
You will work closely with R&D, DevOps, and the IT team, take ownership over daily security operations and automations, and help transform complex security threats into clear, structured outcomes.
Responsibilities
Own and execute daily security operations with independence and accountability, including monitoring, triaging, and responding to alerts across all platforms.
Collaborate with R&D and DevOps to align security priorities within the CI/CD pipeline and embed secure coding practices into the development lifecycle.
Turn ambiguity into structured processes by building SOAR playbooks to automate repetitive tasks and creating detection rules tuned to our companys environment.
Drive high-quality execution in vulnerability management, coordinating remediation with engineering teams according to strict SLA timelines.
Communicate clearly by documenting incident root causes, maintaining security dashboards (MTTD/MTTR), and reporting on security metrics.
Continuously improve workflows by tuning security tools (EDR, CNAPP, IAM), suppressing false positives, and automating evidence collection for compliance.
What Success Will Look Like
Success in this role means becoming a trusted, reliable contributor who brings clarity and stability to our companys security environment.
Within the first months, you are expected to:
Take full ownership over the security alert workflow and operate independently in incident investigation.
Deliver consistent, high-quality outcomes in managing our security tooling stack (EDR, IAM, and secrets management).
Proactively identify gaps in the SDLC security gates or inefficiencies in manual triage and address them through automation.
Build strong working relationships with the Engineering and IT teams based on trust and accountability.
Contribute to a calmer, more predictable, and better-organized security environment by reducing noise and automating toil.

Were a team of smart, curious engineers building scalable, reliable systems that power content creation for millions. We work with modern web technologies, tackle real-world challenges in distributed systems, and keep things practical - no overengineering, just solid solutions. If you love solving tough problems, moving fast, and building tech that creators actually use, youll fit right in.
On your day to day:
As a dedicated Platform Security Engineer, you will bridge the gap between code and infrastructure to build a fortress around our creators' content. Youll spend your time defining and implementing high-level security processes while rolling up your sleeves to fix vulnerabilities alongside our DevOps team. From architecting DSPM strategies for massive distributed video data to hardening our SDLC, you will be the ultimate owner of our security posture. You wont just be monitoring dashboards; youll be collaborating directly with developers to ensure security is a fundamental part of our engineering.

We are seeking a Cyber Research Architect to join our cutting-edge Research Group. This is a full-time hybrid role where you will play a key part in shaping how our products evolve from a cyber perspective, operating as an innovation hub within the company.

You will have the freedom to explore new domains, identify gaps in our products, and pioneer techniques that will directly shape our product architecture and capabilities. From researching emerging technologies to discovering vulnerabilities and developing advanced attacks, you will push the boundaries of whats possible in automated offensive security.

Roles and Responsibilities:

Lead offensive research and vulnerability discovery across diverse and emerging technologies, identifying novel attack surfaces and spearheading new research domains.
Pioneer research into AI/ML systems and LLM-based applications, uncovering adversarial tactics and developing unique attack vectors.
Directly shape product architecture by converting research insights into scalable, high-fidelity offensive capabilities and sophisticated attack modules.
Architect and build advanced tools and frameworks that automate and scale security research operations across the organization.
Identify and emulate the most sophisticated real-world cyber attacks to continuously evolve the company's automated security validation engine.

Were looking for a Senior Security Platform Engineer to join our team and work at the intersection of Security technology, and business. This role is about impact - not just ownership, not just execution, but building solutions that actually get used.
This role is based in Tel Aviv. We work in a hybrid model, with 3 days a week in the office.
Your impact and responsibilities:
Support, maintain, and operate network, data, and AI security controls across our company production environments, and continuously improve protection, detection, and response capabilities.
Design, implement, and troubleshoot network security mechanisms, including segmentation, access controls, and traffic inspection, to reduce attack surface and lateral movement.
Secure sensitive data and databases by enforcing encryption, permissions, and access governance, auditing, and monitoring to prevent data leakage and misuse.
Identify security risks related to AI systems, data pipelines, and inference services, and help define controls to protect models, training data, and AI-driven workflows.
Collaborate with engineering, SOC, and platform teams to identify high-risk assets, abuse scenarios, and attack paths, and translate them into actionable security controls and detections.
Support incident response activities by serving as an escalation point for complex network, data, and AI-related security incidents.
Contribute to improving security visibility, detection logic, and response processes, including documentation and knowledge sharing