לוח משרות דרושים DevSecOps Engineer

Realize your potential by joining the leading performance-driven advertising company!
The ideal candidate will bridge high-level security governance with hands-on, automated security implementation across the Software Development Life Cycle (SDLC).
This individual will be a critical enabler, empowering teams to move swiftly and deliver exceptional value to our clients, all while upholding the required security standards. A proven track record in successfully balancing rapid innovation with robust security practices is essential for this role.
How youll make an impact:
As the DevSecOps Engineer, you will be responsible for creating a secure-by-design culture and leading the operational implementation of our security strategy. You will:
Build the Secure SDLC (SSDLC) Strategy: Develop, own, and execute the companys comprehensive DevSecOps strategy, focusing on automation to manage security at scale from code check-in to production deployment.
Lead Key Security Engineering Initiatives: Lead and manage security engineering programs, including:
Maturing the security tools stack (e.g., implementing WAF, and automating SCA/SAST tools).
Owning the bug bounty and responsible disclosure programs triage and remediation tracking.
Enhancing the Identity and Access Management (IAM) framework through concepts like Just-In-Time (JIT) and Zero Trust principles.
Operationalize CVE Tracking and Remediation: Design and implement a scalable system for discovering, tracking, and prioritizing Common Vulnerabilities and Exposures (CVEs) in third-party and custom code. Drive the engineering teams to achieve security risk remediation goals by providing clear, actionable data and automated patching mechanisms.
Measure & Drive Improvement: Develop and maintain key DevSecOps metrics (e.g., Mean Time To Detect/Remediate - MTTD/MTTR, percentage of code coverage by SAST/SCA tools) to measure the effectiveness of automated controls and provide a data-driven picture of the application security posture.
Embed Security Engineering: Spearhead R&D DevSecOps initiatives, partnering directly with engineering teams to select, deploy, and maintain security tools, establishing security gates and best practices throughout the product development lifecycle.

Required DevSecOps
About the Role:
As a DevSecOps engineer you will be a part of our DevOps group and play a critical role in designing and implementing application and infrastructure security programs that will make sure that our systems continue to be secure and compliant with our clients high bar.
You will work closely with developers and DevOps engineers to help identify and remediate application and infrastructure security issues.
What youll do:
Implement an application security program
Design and implement security automation and controls within CI/CD pipelines utilizing SAST, DAST and SCA tools
Collaborate on architecture reviews, threat modeling, and developer security training sessions to elevate AppSec maturity
Implement an infrastructure security program
Integrate and implement CSPM controls within a high scale cloud environment.
Own strategy for security in IAM, secret management and similar security-critical components
Own security training and review for DevOps teams.
Orchestrate execution of penetration testing on infrastructure and application and a bug bounty program
Own compliance processes within DevOps
Build and continuously improve SOC2 compliance processes and audit readiness tooling
Lead technical responses for internal and external audits, working closely with GRC, engineering, and cloud teams to resolve gaps and strengthen security posture.​

Required DevSecOps Engineer
as a DevSecOps Engineer in the company's internal platform engineering team (ipe), youll play a pivotal role in ensuring the company's infrastructure and applications are resilient, scalable, and secure.
in your day-to-day, you will:
build and set up infrastructure for various internal uses using iac (terraform, terragrunt)
automate and improve development, security, and ci/cd processes
work with cutting-edge technologies to enhance the company's infrastructure and security
build and maintain multi-k8s environments and microservices (using helm charts)
provide ai-based solutions for automation and monitoring resilience
at the company, we believe our best work happens together. our work model is fully in person, with 5 days a week from our office. flexibility remains a core value at the company and special requests are handled thoughtfully at the team level.
were the company's internal platform engineering team. were an innovative, dynamic team who are focused on security and available, scalable, and performant microservices. we use cutting-edge technologies such as opa, terraform, kubernetes, istio, and argo to solve complex problems related to distributed systems. were responsible for shaping the architecture of our backend microservices with a focus on complexity and security.

We are looking for a Junior IT SecOps Specialist with at least 1-2 years of hands‑on experience in security operations or IT security. The role is ideal for someone who already has foundational security skills and wants to grow into advanced SecOps responsibilities while working alongside experienced specialists within our global hybrid environment.
This position aligns with the responsibilities defined for the SecOps team, including monitoring, incident response, and implementation of security technologies
What will you do?
Security Platforms & Daily Operations:
Assist in operating and maintaining security solutions such as EDR/EPP, MFA, NAC, IPS, and secure DNS platforms.
Support onboarding and configuration tasks for new or existing security tools.
Perform routine health checks on security systems and escalate anomalies as needed.
Monitoring, Detection & Incident Handling:
Monitor alerts and events from our security platforms.
Perform first‑level triage, document findings, and escalate incidents to senior SecOps members
Participate in remediation activities with guidance (e.g., addressing misconfigurations or legacy system exposures similar to past findings)
Infrastructure Hardening & Compliance Support:
Assist in applying IT security standards and guidelines across systems and environments.
Support the implementation of secure configurations for endpoints, servers, and cloud workloads under supervision.
Team Collaboration:
Work closely with the CISO and senior SecOps team to support ongoing security initiatives and improvements
Collaborate with IT Infrastructure, Network, and Cloud teams to troubleshoot and secure operational environments.