דרושים » אבטחת מידע וסייבר » Application Security Researcher

At our company, were reinventing DevOps to help the worlds greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit, and just all-around great people. Here, if youre willing to do more, your career can take off. And since software plays a central role in everyones lives, youll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust our company to manage, accelerate, and secure their software delivery from code to production -- a concept we call liquid software. Wouldn't it be amazing if you could join us on our journey?The companyCSO Security team is looking for a Senior Application Security Researcher. In this role, you will perform vulnerability research, assess existing architectures, and build and run tools to secure the company application landscape at scale. You will work closely with R&D and DevOps teams and be the focal point for identifying and solving complex security challenges. This is a hands-on, development-focused role with the goal of ensuring our company products adhere to the stringent security requirements of our thousands of customers.
As a Senior Application Security Researcher at our company you will
Continuously assess and challenge our companys overall security posture to ensure optimal and up-to-date platform security in our products and systems
Evaluate architecture, design, and code to ensure they are free from potential vulnerabilities and security risks
Train and mentor developers about security frameworks, testing, vulnerabilities, and best practices to ensure code compliance
Evaluate new technologies and standards in the application security domain
Plan and lead cross-company efforts with the R&D that will improve our companys security posture.

Required Application Security Engineer
The Gist
We are one of the fastest-growing healthtech companies, building the technology that connects every part of the healthcare ecosystem. Were solving one of the toughest problems in healthcare: how to make systems, apps, and data truly interoperable.
Our platform enables real-time collaboration between doctors and innovators, with secure data exchange and workflow integrations that happen directly inside clinical systems. In simple terms: we help healthcare work better. By streamlining workflows and reducing complexity, we help organizations focus on what really matters - delivering better care for patients.
Connect & Canvas
At the heart of our platform is Connect, a connectivity layer that links healthcare applications to patient healthcare management systems providers use in real time. Its designed for scale, reliability, and developer experience, powering millions of data interactions every day.

With our recently launched developer platform, were expanding that capability to innovators everywhere, making it possible to build healthcare applications that plug directly into real-world clinical workflows. Our team leads the way in designing, architecting, and scaling these products, experimenting fast, shipping with impact, and shaping the future of healthcare connectivity.
The Role
The ideal candidate will have a strong background in application security, coupled with expertise in product security, infrastructure management, and DevOps practices.
You should be comfortable wearing multiple hats and thrive in a fast-paced, collaborative environment.
Pioneer new approaches to application security, including leveraging AI for advanced automations and process optimizations.
If you're ready to push the boundaries of application security and contribute to a culture of uncompromising quality, we want you on our team.
Join us in our relentless pursuit of robust security and a continuously hardening application landscape.
What you will do
Conduct internal penetration testing against our applications and APIs.
Design, build, and implement the Secure SDLC process, integrating security into all stages of the software development lifecycle.
Evaluate product design and architecture against security best practices, offering guidance on prioritization and remediation.
Build and automate security testing as part of our CICD pipeline and cloud environments based on automation workflows leveraging AI.
Develop and lead projects, implementing various security tools and technologies, such as: AI agents context-aware, SAST, SCA, vulnerability scanners, and Kubernetes (K8s) security tooling.
Mentor development teams through training and hackathons.
Support security incident response in a cross-functional environment.

We're looking for an Infrastructure Security Architect to join us. In this role, you will design and validate secure cloud and corporate infrastructures, drive security best practices, and solve complex network and cloud-security challenges across the organization.
Responsibilities:
Design and architect secure infrastructures across cloud, and corporate environments, with strong emphasis on scalable AWS networking.
Lead network-security architecture reviews for new and existing technologies, systems, and product features.
Develop and maintain security reference architectures, guidelines, and best practices for cloud and network environments.
Review, design, and enhance cloud network architecture (VPC topology, segmentation, routing, connectivity, hardening).
Evaluate and run PoCs for security and cloud-networking products to strengthen our companys cloud security posture.
Perform Infra threat modeling and risk assessments for network and cloud architecture designs.
Collaborate with DevOps, SRE, R&D, and IT to integrate security into infrastructure design, deployments, and engineering processes.
Troubleshoot complex network and cloud-security issues across corporate and product environments.
Oversee IoT network security, including segmentation and monitoring strategies.
Provide clear, structured feedback to product teams on architecture, design trade-offs, and real-world operational impact.
Act as a senior escalation point for network-related security alerts and incident response within the security operations team.

The company CSO Office is seeking an Application Security Engineer. In this role, you will contribute to driving security across the SDLC at scale, empowering developers, and enabling secure development through automation, process, and tooling. Youll work as part of a team of security engineers focused on SSDLC automation, vulnerability management, and proactive engagement with R&D.
This is a hands-on technical role that combines architecture, coding, and collaboration, working closely with Product, Engineering, DevOps, and Security stakeholders.
As an Application Security Engineer at our company you will...
Assist in the development of internal security tools and AI agents
Support the design and implementation of SSDLC practices and automated security controls across the CI/CD pipeline
Contribute to building and operating scalable vulnerability management frameworks across cloud-native services and SaaS products
Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA
Develop Internal application security Tools and Automations
Partner with development and DevOps teams to embed security early and often
Contribute to secure code reviews and assist with remediation strategies
Track, triage, and report vulnerabilities across product lines
Support the adoption of secure development best practices.

If you're looking for an exciting opportunity to make a significant impact and grow with a passionate team, we are the place to be.
What Youre About::
As a Security Research Engineer, you will be a driving force behind innovation, researching and prototyping the next generation of security features for our AI-native ASPM platform. This role is directly shaping the future of our product and the security industry.
You'll work on novel solution approaches to application security that go beyond traditional AppSec tooling, implementing POCs for advanced prevention, detection, triage, and remediation features.
This role combines deep security research with hands-on engineering. You'll prototype new capabilities, validate their effectiveness, and work with product and engineering teams to bring successful POCs into the platform. It requires both security expertise and strong building skills.

We are seeking a Senior AI Product Security Engineer to join our innovative team at our company . As our Senior AI Security Engineer, you will lead the development and implementation of security frameworks for our AI systems, combining strategic thinking with hands-on technical expertise. This role presents an outstanding opportunity for a professional who is passionate about AI security and driven to advance the field. Working alongside professionals who share your commitment to excellence, you will be at the forefront of securing our AI products. We value professionals who embrace challenges and demonstrate the ability to quickly adapt to and master new technologies.

Key Responsibilities:

Lead security evaluation and enhancement initiatives across our AI products
Drive innovation through research and implementation of advanced AI security technologies
Conduct comprehensive code reviews, threat modeling, and vulnerability assessments
Design and implement robust security architectures for AI systems
Collaborate with cross functional teams to track security defects and align with them on remediation steps.
Provide technical leadership and mentorship in AI security best practices

Were looking for a top-notch Threat Detection Researcher to join our team and spread the power of our company. In this role, you will further develop the company Runtime Sensor as part of our threat research team.
WHAT YOULL DO
Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research.

Required Principal Security Researcher, Data & AI (Cortex)
Your Career
Are you passionate about using cutting-edge technology to help protect the world against cyber threats? Do you live and breathe the cyber security world? Do you want to take part in an innovative and disruptive AI security group that has an impact on many customers?
You will be part of a strong security research and data science team who solve highly complex security challenges using disruptive technologies, ML algorithms and a lot of data.
As part of that, you will take part in the design and development of new groundbreaking AI security solutions which make a direct impact on many customers.
We value diverse viewpoints and experiences, as we are solving complex cyber security challenges. We are committed to a safe and inclusive workspace.
Your Impact
Transform Data into Defense:Take the lead in creating high-fidelity security incidents from a massive stream of alerts generated by our industry-leading advanced security solutions
Innovate with AI: Actively participate in cutting-edge research projects focused on creating novel prevention content at scale using state-of-the-art AI and Large Language Models (LLMs)
Drive Security Efficacy: Analyze complex threat data to identify attacker patterns, develop new prevention methodologies, and enhance automated flows to rapidly protect Cortex platform customers
Collaborate and Lead: Work side-by-side with top-tier data scientists, engineers, and product managers to translate research ideas into tangible, customer-facing security protections.

We are looking for a SecOps Engineer to join our Security Operations team. In this role, you will help defend the organization end-to-end, from IT security to cloud security - while performing third-party and internal security reviews, handling incident response, conducting threat hunting, and supporting GenAI security work.

Responsibilities:
Design, operate, and improve security infrastructure by maintaining core controls, hardening systems, and leading cloud security efforts to address misconfigurations, vulnerabilities, and identity risks.
Monitor, investigate, and remediate security alerts and threats by performing DFIR, analyzing attack vectors, proactively hunting adversary activity, and leading incident response.
Perform security reviews of third-party vendors, SaaS platforms, and internal applications, assessing architectures, data flows, integrations, and risk exposure.
Defend the organization end-to-end across endpoints, identities, applications, and cloud by operating and advancing SecOps controls (SIEM/EDR/CSPM), building automations, enforcing best practices, and partnering cross-functionally to drive security outcomes.

Required Security Research Manager - Cloud - Security Automation ( Cortex)
Your Career
Are you excited about leading a team of researchers who are redefining how cloud security is automated? Do you want to shape the future of an Autonomous SOC by building the next generation of remediation and response content?
As the Cloud Cybersecurity Research Manager, you will lead a team of talented researchers creating autonomous remediation plans for cloud runtime and posture issues. You will drive innovation, mentor researchers, and ensure our automation content is precise, safe, and impactful. This role combines hands-on technical knowledge with strategic leadership, empowering your team to deliver solutions that protect customers at scale.
Your Impact
Lead and mentor a team of cloud security researchers, fostering technical excellence, innovation, and collaboration
Define research priorities and guide the design of robust, testable, and autonomous remediation plans for cloud runtime and posture issues (CSPM, DSPM, CIEM, CNAPP, IAM, etc.)
Ensure high-quality delivery of SOAR playbooks and automation content aligned with customer needs and company vision
Collaborate with product, engineering, and threat research teams to maximize the impact of remediation content
Establish processes, KPIs, and best practices to continuously improve research output, playbook quality, and operational efficiency
Stay up to date with attacker TTPs, cloud-native threats, and emerging technologies to guide team direction.