לוח משרות דרושים DevSecOps Engineer משרה מלאה

we are a fast-growing digital health SaaS company thats on a mission to enhance the primary care experience by transforming the way physicians interact with patient data. Our proprietary AI models are specifically designed to understand the language of primary care, transforming complex and fragmented patient data into a concise patient portrait" and actionable clinical insights at the point of care. This allows physicians to get the full picture of their patients and act on their health status instantly and accurately. Built by physicians for physicians, our AI platform reduces physician burnout, while helping healthcare organizations thrive in value-based care. Thousands of clinicians across the United States are using our companys AI-powered clinical intelligence solution to improve preventative care, reduce missed diagnoses, and reclaim time with their patients.
our company has been named one of the Top 100 AI companies globally by CB Insights, and made the list of the Top 50 Digital Health startups. We are already working with industry leading health systems and value-based organizations including Privia Health and Tampa General Hospital.
we are looking for a talented and hands-on SecOps Specialist to join its core InfoSec & IT department.
Responsibilities
The position is designed to be hands-on, focusing on the operational aspects of security and compliance within the organization. It is essential for supporting our companys strategic vision, ensuring effective and efficient implementation of security and compliance initiatives.
As a SecOps Specialist you will be responsible for executing the operational aspects of information security and support security strategies formulated with the CISO.
This role requires a strong focus on the day-to-day management and monitoring of security practices, the integration of security within the software development lifecycle, ensuring the organizations policies, procedures, and different systems are aligned with customers requirements, regulatory requirements and industry best practices.

We seek a highly skilled and experienced Solution Architect with a deep understanding of SecOps principles and practices to join our team. In this role, you will be responsible for designing and implementing robust and secure solutions that protect our customers cloud infrastructure and applications from cyber threats. You will work closely with clients to understand their security needs, translate them into technical requirements, and architect comprehensive security architectures that seamlessly integrate with DevOps processes.
Key Responsibilities:
Collaborate with clients to gather security requirements and understand
their threat landscape.
Design and implement end-to-end SecOps solutions, including security
monitoring, threat detection, vulnerability management, and incident
response.
Leverage cloud security technologies and best practices to architect
secure and compliant cloud environments.
Automate security processes and integrate security into DevOps
pipelines to enable continuous security.
Conduct security assessments and penetration tests to identify and
mitigate vulnerabilities.
Stay up-to-date with the latest security threats, trends, and
technologies.
Provide technical guidance and mentorship to other team members.

We are looking for a passionate, experienced, and curious DevSecOps Engineer with proven expertise in securing production-level financial systems to take an active part in designing, implementing, and maintaining secure, compliant, and robust infrastructures in a highly regulated environment. This role focuses on embedding security into development and deployment workflows while supporting governance, risk, and compliance (GRC) efforts.

Key Responsibilities:
Design, deploy, and manage advanced security solutions to protect cloud and IT environments supporting high-value financial transactions.
Conduct and facilitate remediation of findings from web application penetration tests and cloud infrastructure security scans.
Integrate security best practices into CI/CD pipelines, infrastructure automation, and containerized microservices orchestration.
Proactively monitor and enhance security posture, addressing vulnerabilities and emerging threats to ensure robust protection.
Collaborate with Engineering, DevOps, and Operations teams across New York, London, and Tel Aviv to embed security into development and operational workflows.
Support responses to customer security questionnaires from Tier 1 financial institutions, ensuring accurate and timely input.
Maintain and improve infrastructure automation and configuration management tools with a security-first approach.
Support, enhance, and maintain production-level observability with a focus on security monitoring.
Contribute to updating and improving our DevSecOps technology stack: AWS, Operating Systems, Kubernetes, Helm, Terraform, Python, Jenkins, and more.
Participate in mutual SOC 2 Type II efforts, assisting with evidence collection and control implementation as part of a collaborative team.

we are looking for a Senior SecOps Engineer to be our eyes and ears on securityend to end.
Youll be embedded in the DevOps team and partner with our existing SecOps engineer to secure massively scalable, global production systems that power tens of thousands of websites and apps, while also tackling organizational security across identity, endpoints, SaaS, and risk. This is a hands‑on role with broad ownership and real impact across R&D, Production, and the business.
What Youll Do
Detect, protect, and respond (hands‑on)
Own day‑to‑day security operations for cloud and Kubernetes workloads (threat detection, alert triage, incident response, forensics, and post‑incident learning).
Build and tune detections and automations (SOAR/runbooks, detection‑as‑code, Sigma/queries) to reduce MTTA/MTTR and eliminate noisy alerts.

Secure our delivery pipelines & runtime
Harden CI/CD and software supply chain (secrets, SBOMs, artifact signing, SLSA/Cosign), and drive secure by default patterns in build/deploy.
Lead cloud/K8s/serverless hardening (IaC reviews, policy‑as‑code, admission controls, least privilege, network segmentation)

Raise the bar across the organization (beyond prod)
Partner with IT/SRE to evolve identity & access (SSO/MFA/JIT/JEA), endpoint/EDR posture, email & SaaS security, and third‑party/vendor risk.
Run vuln management end‑to‑end: scanning, prioritization, remediation SLAs, and executive reporting.
Contribute to security governance (policies, standards, tabletop exercises, BCP/DR inputs) and support compliance efforts (e.g., SOC 2/ISO 27001).

Influence, automate, and measure
Build security tooling and integrations (preferably Python or Go) that engineers love to use.
Define metrics/KPIs (coverage, drift, exposure, response times) and regularly communicate risk & progress to engineering and leadership.
Mentor engineers on secure design and champion a positive, enablement‑first security culture.

Required Senior DevSecOps Engineer
We're revolutionizing how the world moves money with our unified global payments platform. Our team is at the forefront of ensuring the security and resilience of this critical infrastructure, and we're looking for a visionary Security Architect to play a pivotal role in designing and implementing robust security solutions across our infrastructure and applications.
If you have a passion for building secure-by-design systems, a deep understanding of both infrastructure and application security principles, and the ability to translate complex requirements into actionable blueprints, we want to hear from you. You'll be instrumental in shaping our security landscape, ensuring our platform remains a trusted and secure environment for our global users.
What You'll Be Doing:
This is a hands-on position. You need to love writing Python, working with APIs, and codifying infrastructure. Lead the architectural design and implementation of security solutions for our cloud infrastructure, network, and applications.
Get your "hands dirty", fearlessly working on our most complex and risky problems involving production systems and networks.
Constantly push optimizations and best practices. Define and maintain security standards, frameworks, and best practices across the organization.
Collaborate closely with engineering, product, and operations teams to integrate security seamlessly into the development lifecycle and infrastructure deployments.
Evaluate and recommend security technologies and tools to enhance our security posture.
Develop security reference architectures and patterns to guide engineering teams in building secure solutions.
Participate in threat modeling and risk assessment activities to proactively identify and mitigate potential security threats.
Provide expert guidance and mentorship to engineering teams on security-related topics.
Stay current with the latest security trends, threats, and technologies, and translate them into actionable strategies for us.

We are looking for a highly motivated Security Operations (SecOps) Engineer to join our growing security team. The ideal candidate will bring 34 years of hands-on experience in cybersecurity operations and incident response, with strong expertise in cloud environments. You will play a key role in designing, implementing, and managing security monitoring, detection, and response capabilities that safeguard our organizations assets, data, and customers.


Key Responsibilities
Design and maintain monitoring flows and detection use-cases across SIEM and related systems.
Develop, optimize, and tune security rules, alerts, and dashboards.
Integrate threat intelligence feeds into monitoring tools.
Lead and support security investigations, from triage to remediation.
Coordinate with internal teams and external partners to contain and resolve incidents.
Create and maintain playbooks, runbooks, and IR documentation.
Build and maintain security automation and orchestration workflows to accelerate response.
Ensure compliance with security policies, frameworks, and regulatory requirements (SOC 2, ISO 27001, GDPR, etc.).
Maintain clear documentation of procedures, incidents, and improvements.