לוח משרות דרושים מהנדס סייבר בשרון

Application Security Engineer

Raanana, Israel

In this mission critical role as an Application Security Engineer, you will be part of a dynamic global application security team, working directly with software architects and software engineers to perform penetration testing on software solutions developed within the company. In addition, youll collaborate with engineering to triage security findings and review remediation techniques in order to harden and improve the security of software across multiple types of products.

With NCR Voyix as a software-focused company, youll work in a fast-paced environment, helping enable teams to work in a DevSecOps model in a world of containers, automated pipelines, and rapid deployments. And youll be instrumental in helping teams add in security testing as part of their build and release pipelines. produces hardware and software for major companies in Retail, Restaurants, and Digital Banking come help secure the state-of-the-art!

Responsibilities:

Conducting manual penetration tests of software
Assessing risk level of security findings using standard methodologies
Running automated application security tools
Writing and presenting pen test reports to development teams
Consulting with development teams on remediation techniques and defensive coding
Validation testing to confirm findings are closed
Develop, integrate, and enable security engineering test automation into a CI/CD pipeline
Perform proof-of-concept and proof-of-technology testing for integrating new 3rd party security products into the development and deployment processes

Our Security team is looking for a security savvy person to join as an Cloud Security Engineer to help validate our services and environments according to the highest security standards. You will work closely with our R&D and Security teams, and solve complex security problems.
The ideal candidate is highly motivated, demonstrates a can do' attitude and needs to have a combination of technical and communication skills, as well as the ability to handle a mix of multiple tasks including projects and technical work. This role will provide career growth opportunities as you develop & acquire new security skills in the course of your duties.
What youll do:
Manage the Cloud & Data Security Governance program for AWS/GCP
Design and implement our cloud/data security benchmarks
Own the cloud organization operations including Identity & Access Management and Securing Cloud Accounts/Projects
Build processes to effectively manage cloud and data risks across AWS/GCP environments
Partner closely with our security and devops teams to detect, prevent and remediate cloud & data risks
Provide mentorship & training around securing our cloud & data to stakeholders including Security & R&D teams.

we are looking for a Senior Security Engineer.
The Security Architect plays a pivotal role in defining and advancing our
security posture.
This individual will lead and manage security projects from inception to rollout and will be responsible for designing, developing, and implementing a robust security architecture aligned with our business goals and risk management strategies. Adept at data security and well-versed in emerging cybersecurity trends, the ideal candidate will ensure the resilience and security of our systems against evolving threats.
Responsibilities:
Design and Develop Security Architecture:
Lead the development and maintenance of a comprehensive security architecture framework, aligning with our business objectives and risk tolerance.
Design security models and controls, ensuring the security, integrity, and confidentiality of sensitive data and our systems.
Security Solutions & Project Management:
Evaluate, recommend, and lead the implementation of advanced security solutions.
Manage security projects from inception to rollout, collaborating with IT, development, and various business units to ensure secure and timely delivery.
Threat and Risk Assessment:
Proactively identify and assess security risks, vulnerabilities, and formulate mitigation strategies.
Conduct regular vulnerability assessments and drive remediation activities, focusing on data security aspects.
Policy Development and Compliance:
Develop, refine, and maintain security policies, standards, and procedures with an emphasis on data security.
Ensure compliance with internal security policies and applicable laws and regulations, addressing both organizational and data-centric security needs.
Stakeholder Collaboration & Communication:
Engage with a range of stakeholders including CISO, IT, legal, and business units, to align security initiatives with business goals.
Clearly communicate security concepts, risks, and mitigations to both technical and non-technical stakeholders.
Security Awareness & Culture:
Develop and deliver security awareness training focusing on data security.
Foster a culture of security mindfulness across the organization.