דרושים » הנדסה » Application Security Engineer

We are looking for a Senior Application Security Engineer.
As an Application Security Engineer , you will play a pivotal role in safeguarding our products against security threats and vulnerabilities. You will work closely with our development teams to integrate security best practices into the software development lifecycle, conduct thorough security assessments, and implement robust security measures to protect our applications and data.
Key Responsibilities:
Collaborate with development teams to integrate security controls into the software development lifecycle (SDLC)
Conduct regular security assessments, including code reviews, vulnerability scans, and penetration testing, to identify and remediate security vulnerabilities in applications
Design and implement security solutions to protect against common security threats, such as SQL injection, cross-site scripting (XSS), and authentication bypass
Conduct threat modeling and architecture security review
Develop and maintain secure coding standards and guidelines for application developers
Monitor and analyze security incidents and provide timely response and resolution
Stay current with emerging threats, vulnerabilities, and industry best practices in application security
Participate in security incident response activities and contribute to post-incident reviews and remediation efforts
Collaborate with cross-functional teams to ensure security requirements are effectively integrated into product development processes
Deliver secured development training to developers

We are looking for a Product Security Engineer to join our growing team!
Responsibilities
Implement and maintain security controls for applications and systems.
Conduct DAST, SAST, vulnerability scans, and penetration tests.
Develop and enforce security policies and best practices.
Monitor logs, investigate incidents, and respond to threats.
Collaborate with development teams to ensure secure coding practices.
Stay updated on emerging threats and industry standards.

Prisma-Photonics is a rapidly growing startup company, developing the next-generation smart-infrastructure solution based on novel fiber-sensing technology (smart roads, smart cities, perimeters, and grid monitoring, etc.). The company offers an award-winning disruptive solution; a “sensor free” approach to smart infrastructure. The company is VC backed and in the revenues stage.
Combining pioneering technology in optical fiber sensing with state-of-the-art machine learning, we help prevent environmental disasters, protect human lives, and keep critical energy and transportation backbones running smoothly.
We are seeking a talented, self-driven and passionate Senior Infrastructure Engineer to build and maintain the cloud infrastructure for our highly available SaaS application as well as our machine learning and data engineering stack. As a Senior Infrastructure Engineer, you will be responsible for designing, implementing, and maintaining the cloud infrastructure and DevOps processes that power our products and internal tooling. You will work closely with all data and development teams and lead the company’s security and compliance vectors. You will ensure a highly reliable, scalable, and secure infrastructure that supports our rapid growth and product innovation, while maintaining observability and cost-effectiveness of our cloud resources and data.

Hiring Manager:
Oded Messer

What You’ll Do:

* Cloud Infrastructure Management: Architect, deploy, and manage our cloud infrastructure (AWS), ensuring high availability, scalability, and security.
* Software Engineering: Be a top notch SW engineer, harnessing your coding and architectural skills, as well as researching skills, for our infra stack.
* Infrastructure as Code (IaC): Define and maintain infrastructure using tools like Terraform, CloudFormation, or Pulumi to manage resources efficiently and reproducibly.
* Monitoring & Incident Management: Build and manage monitoring and alerting systems to ensure uptime, and respond to incidents with root cause analysis and remediation.
* DevOps & Automation: Implement and maintain CI/CD pipelines to streamline development workflows and automate deployment processes across development, staging, and production environments, and across different parts of our solution. While our development teams are expected to write and maintain their own CI, you will act as a supervisor and professional authority, and maintain cross team and complex automation.
* Collaboration and technical leadership: Partner with software engineers, data engineers, and machine learning teams to support their infrastructure needs and guide the evolution of our infrastructure team.
* Cost Optimization: Monitor cloud spend and optimize resources to ensure cost-effective infrastructure without sacrificing performance or security.
* Security & Compliance: Implement security best practices, including access control, network security, monitoring and ensuring the infrastructure is compliant with relevant industry standards (e.g., SOC2, GDPR).


What You Bring::

* 5+ years of hands-on experience in cloud infrastructure, DevOps and platform engineering in production environments.
* Expertise in managing cloud infrastructure on at least one of the major providers: AWS, GCP, Azure. Proficient in Infrastructure as Code tools such as Terraform, CloudFormation, or Pulumi.
* Solid experience with Docker and Kubernetes.
* Monitoring & Logging: Hands-on experience with monitoring tools (Prometheus, Grafana) and logging systems (ELK, Splunk, or equivalent).
* Proficient Software engineering, architecture, as well as scripting languages such as Python, Bash, or Go. Full control of version control systems such as Git.
* Strong experience with CI/CD pipelines and automation using Jenkins, CircleCI, GitHub Actions, GitLab CI, or similar.
* Strong understanding of cloud networking, VPNs, VPCs, DNS, and fi

We are disrupting the Cyber Security industry! We are looking for a Product Security Engineer to join our Product Security team. Youll work with all product engineering teams to provide assistance and guidance on how to secure our products. If you are a fast learner and passionate about Cyber Security, this is a great opportunity for you.
Your Impact:
Application Security Tooling
Build risk driven intelligent automation to optimize Security findings and remediations
Work with security engineers and product development teams to fine-tune tools to provide accurate and actionable results
Collaborate with Product Engineering teams on security tool integration.
Security Services Development
Take part in developing security services that provide product engineering teams with easily consumable, top notch security implementations.
Contribute to designing modular application sub-architectures that enable product teams to easily adopt integrated security capabilities.
Consulting & Support:
Evangelize and lead the adoption of Secure SDLC and security best practices across the entire SDLC. Youre someone that possesses strong knowledge of security from code to cloud and wants to help people apply it.
Quantify risk and clearly articulate security trade-offs that balance robust protection with business continuity.
Implement programs to automate complex data analysis for high priority security missions.
Build tools/reports to support urgent requests.

We're looking for a Security Engineer - Product to spread the power.
The ideal candidate will have experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. Youll get to collaborate with our software development and DevOps teams to secure our products, CI/CD infrastructure, and production infrastructure. Youll also have the opportunity to influence our product roadmap by utilizing to assess, monitor, and harden our environments.
WHAT YOULL DO
Lead threat modeling and security review exercises across our production and CI/CD environments identifying and mitigating risks in our products and the cloud services that support them
Drive vulnerability management and remediation efforts prioritizing issues, implementing mitigations, and designing strategic preventative controls
Extend our detection and response capabilities building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
Collaborate with our Federal team extending our DevSecOps and Product Security practices to our FedRAMP environment and ensure it meets key security requirements
Build deep functional partnerships with our engineering and operations teams helping them deliver secure-by-design solutions

Were seeking an experienced Security Solutions Engineer to help us create new automations and scalable solutions for our customers. Your role will be both strategic and tactical, as youll be working directly with customers to understand their requirements, design solutions, and implement security controls. Join us on our mission to help every security team achieve operational excellence.

Your responsibilities


Design and implement security solutions to automate the real-world customer pains.
Provide expert advice and recommendations for security solutions that can achieve customer objectives.
Collaborate with the Sales team to establish a reputation for technical excellence and trustworthiness with potential customers.
Work jointly with other Solutions Engineers & Architects to support the Sales team with technical content and call support.
Establish and maintain a knowledge hub or repository of security best practices, resources, and insights.
Collaborate with the marketing team to generate demos, case studies, blogs, and videos.

As a Cyber Security Engineer in a fast-expanding operation team, you will be responsible for onboarding new global clients to the MXDR services, developing and maintaining detection scenarios and alerts, analysing the client's environment, and providing technical support and guidance to clients. To excel in this role, you will demonstrate strong technical aptitude, dedication to delivering high-quality work, and a cooperative approach to teamwork.

Main Responsibilities:
Lead the onboarding process for all new clients joining the MXDR services, working closely with the clients IT and security teams to ensure smooth implementations.
Develop detection scenarios and alerts for our XDR solution (Velocity) to ensure effective threat detection and response.
Oversee Velocity KPIs and measurements set by the client, adjusting, analyzing and maintaining them according to their needs and tracking the impact of the platform on the client's networks, endpoints, applications, and cloud environments.
Continuously improve Velocity monitoring capabilities and keep up-to-date with the latest developments in the cyber threat landscape.
Provide technical support and guidance to clients on Velocity security-related issues, including implementing security best practices and ensuring compliance with industry standards.

Were looking for an Application Engineer to join the CTO team and spread the power.
In this role, you will focus on building internal tools, automating workflows, and enabling data-driven decision-making. Youll collaborate with internal stakeholders to solve technical challenges, improve processes, and deliver scalable solutions. Were particularly interested in candidates who have a deep understanding of designing and implementing tools and solutions for internal teams.
WHAT YOULL DO
Design, develop, and maintain internal tools and automation systems.
Collaborate with internal teams to identify inefficiencies and deliver technical solutions.
Automate repetitive tasks and improve workflows across the organization.

As a Security Infra Engineer, youll design, build, and manage security aspects of our cloud-based and physical environments to ensure compliance and integrity. In your day-to-day, you will:
Design, implement, and maintain platforms for investigating and analyzing security incidents, performing root cause analysis, and coordinating remediation efforts
Design, implement, and maintain security tools and controls for cloud-based infrastructure, Kubernetes clusters, and services, ensuring compliance with industry standards
Build tools and scripts using Golang, Python, or Node.js
Collaborate with all infrastructure groups (cloud, networking, DB, DevEx, etc.) and the Chief Information Security Officer group (for example, for incident response)
Align with other infrastructure standards, including efficiency, reliability, and cost
Work closely with cross-functional teams to design, implement, maintain, and manage security solutions that ensure the integrity and confidentiality of our systems.

Were looking for a Security Operations Engineer to lead our monitoring and detection efforts across our global FinTech environment. Youll be responsible for implementing and operating a robust SIEM solution, managing alerting pipelines, and ensuring security visibility across our SaaS platforms, cloud environments (AWS,GCP), and one physical on-prem location. This role is mission-critical to maintain our compliance, protect our customer data, and support our global operations.
Responsibilities:
Lead the implementation and ongoing operations of the company-wide SIEM solution
Build and tune detection rules, alerts, and incident workflows
Monitor cloud (AWS, GCP) and SaaS environments for anomalies and threats
Integrate logs from production systems, cloud platforms, SaaS tools, and on-prem infrastructure
Respond to security incidents and perform forensic investigations
Partner with Engineering, IT, and GRC to ensure logging and alerting coverage
Continuously improve our detection capabilities and response processes
Ensure monitoring meets compliance frameworks (SOC2, PCI-DSS, etc.)