דרושים » מחשבים ורשתות » DevSecOps Engineer

We are looking for a passionate and experienced Senior DevSecOps Engineer to join our growing team!

In this pivotal role, you will take part in designing, leading planning, and implementing robust security strategies across our cloud infrastructure. Youll be at the forefront of integrating security into every stage of our development and deployment processes - working closely with development teams, security teams and DevOps team, ensuring our systems are secure, scalable, compatible, and aligned with best practices.

This is a unique opportunity to shape the security architecture of a fast-moving, innovative company, and to work closely with engineering, IT, and security teams to drive a culture of security-first development.

Responsibilities:
Craft and implement cutting-edge cloud security controls and technologies.
Lead design, implementation, and integration of various cloud security tools.
Identify new technologies and security tools and lead operationalization solutions from POC to Production.
Help build infrastructure, tools, and services to improve delivery and availability.
Work closely with DevOps, Engineering and product teams to define security strategy and controls and execute on it.
Collaborate with R&D teams on designing and the implementation of new features.
Stakeholder Collaboration:
Act as the main point of contact between DevOps and external/internal stakeholders: Banks, Regulators, Security teams, NOC/SOC, and Development teams.
Communicate clearly on priorities, incidents, risks, timelines, and platform status.
Represent DevOps in cross-functional planning and reviews.
Process & Standards:
Define and evolve the DevOps teams SDLC, deployment standards, and incident response processes.
Drive best practices in monitoring, alerting, and reliability engineering.
Champion a culture of ownership, transparency, and continuous improvement.

We are looking for a Principal Security Engineer (DevSecOps) to work in the Cortex DevSecOps group to help secure our immense cloud and on-prem deployments, and will be a security advisor for all infrastructure and application related new developments, as well as overseeing all current infrastructure and processes security improvements.
Helping guide new security initiatives in the product group and thinking outside the box for any new attack vectors as they appear in the wild.
The Cortex group specializes in analysis and visualization of complex cyber-data gathered by the products. It combines high-performance algorithms, deep understanding of modern databases, advanced visualization and high-end UI/UX.
Your Impact
Participate in meetings with stakeholders to provide balanced insights on feature requirements and security implications.
Act as a bridge between security, development, and operations teams to ensure security best practices are integrated into all phases of the development lifecycle.
Collaborate with cross-functional teams to develop pragmatic security solutions that do not hinder agility and innovation.
Work closely and in full coordination with multiple product engineering groups and DevOps teams to produce highly secure features
Handle, prioritize and effectively bring security vulnerabilities to resolution for multiple products
Build out security processes and perform threat modeling to all ongoing development and operations.

As a Senior DevOps Engineer, you will be pivotal in designing, implementing, and maintaining our cloud infrastructure. You will join a highly technological team responsible for managing our cloud environments, optimizing infrastructure, and ensuring security and cost efficiency. In this role, you will collaborate with key stakeholders across the company, including R&D, Security, and Product teams, to automate processes, streamline operations, and drive impactful changes in our cloud strategy.

Key Responsibilities:

Cloud Infrastructure Design & Implementation: Lead the design and implementation of our cloud infrastructure, ensuring it is secure, scalable, and cost-effective.
Automation & Streamlining: Help automate and streamline our operations and processes, enhancing efficiency and reducing manual intervention.
Cross-Functional Collaboration: Work closely with all major stakeholders in the company, including R&D, Security, Product, and more, to ensure seamless integration of DevOps practices.
Impactful Contribution: Play a major part in shaping the companys cloud strategy, focusing on innovation and long-term success.

We are looking for a Principal Security Engineer (DevSecOps) to work in the Cortex DevSecOps group to help secure our immense cloud and on-prem deployments, and will be a security advisor for all infrastructure and application related new developments, as well as overseeing all current infrastructure and processes security improvements.
Helping guide new security initiatives in the product group and thinking outside the box for any new attack vectors as they appear in the wild.
The Cortex group specializes in analysis and visualization of complex cyber-data gathered by the products. It combines high-performance algorithms, deep understanding of modern databases, advanced visualization and high-end UI/UX.
Your Impact
Participate in meetings with stakeholders to provide balanced insights on feature requirements and security implications.
Act as a bridge between security, development, and operations teams to ensure security best practices are integrated into all phases of the development lifecycle.
Collaborate with cross-functional teams to develop pragmatic security solutions that do not hinder agility and innovation.
Work closely and in full coordination with multiple product engineering groups and DevOps teams to produce highly secure features
Handle, prioritize and effectively bring security vulnerabilities to resolution for multiple products
Build out security processes and perform threat modeling to all ongoing development and operations.

Required Security DevOps Engineer
Realize your potential by joining the leading performance-driven advertising company!
The ideal candidate will bridge high-level security governance with hands-on, automated security implementation across the Software Development Life Cycle (SDLC).
This individual will be a critical enabler, empowering teams to move swiftly and deliver exceptional value to our clients, all while upholding the required security standards. A proven track record in successfully balancing rapid innovation with robust security practices is essential for this role.
How youll make an impact:
As the DevSecOps Leader / Program Manager, you will be responsible for creating a secure-by-design culture and leading the operational implementation of our security strategy.
You will:
Build the Secure SDLC (SSDLC) Strategy: Develop, own, and execute the companys comprehensive DevSecOps strategy, focusing on automation to manage security at scale from code check-in to production deployment.
Lead Key Security Engineering Initiatives: Lead and manage security engineering programs, including:
Maturing the security tools stack (e.g., implementing WAF, and automating SCA/SAST tools).
Owning the bug bounty and responsible disclosure programs triage and remediation tracking.
Enhancing the Identity and Access Management (IAM) framework through concepts like Just-In-Time (JIT) and Zero Trust principles.
Operationalize CVE Tracking and Remediation: Design and implement a scalable system for discovering, tracking, and prioritizing Common Vulnerabilities and Exposures (CVEs) in third-party and custom code. Drive the engineering teams to achieve security risk remediation goals by providing clear, actionable data and automated patching mechanisms.
Measure & Drive Improvement: Develop and maintain key DevSecOps metrics (e.g., Mean Time To Detect/Remediate MTTD/MTTR, percentage of code coverage by SAST/SCA tools) to measure the effectiveness of automated controls and provide a data-driven picture of the application security posture.
Embed Security Engineering: Spearhead R&D DevSecOps initiatives, partnering directly with engineering teams to select, deploy, and maintain security tools, establishing security gates and best practices throughout the product development lifecycle.

Required SRE Security
Realize your potential by joining the leading performance-driven advertising company!
The ideal candidate will bridge high-level security governance with hands-on, automated security implementation across the Software Development Life Cycle (SDLC).
This individual will be a critical enabler, empowering teams to move swiftly and deliver exceptional value to our clients, all while upholding the required security standards. A proven track record in successfully balancing rapid innovation with robust security practices is essential for this role.
How youll make an impact:
As the DevSecOps Leader / Program Manager, you will be responsible for creating a secure-by-design culture and leading the operational implementation of our security strategy. You will:
Build the Secure SDLC (SSDLC) Strategy: Develop, own, and execute the companys comprehensive DevSecOps strategy, focusing on automation to manage security at scale from code check-in to production deployment.
Lead Key Security Engineering Initiatives: Lead and manage security engineering programs, including:
Maturing the security tools stack (e.g., implementing WAF, and automating SCA/SAST tools).
Owning the bug bounty and responsible disclosure programs triage and remediation tracking.
Enhancing the Identity and Access Management (IAM) framework through concepts like Just-In-Time (JIT) and Zero Trust principles.
Operationalize CVE Tracking and Remediation: Design and implement a scalable system for discovering, tracking, and prioritizing Common Vulnerabilities and Exposures (CVEs) in third-party and custom code. Drive the engineering teams to achieve security risk remediation goals by providing clear, actionable data and automated patching mechanisms.
Measure & Drive Improvement: Develop and maintain key DevSecOps metrics (e.g., Mean Time To Detect/Remediate MTTD/MTTR, percentage of code coverage by SAST/SCA tools) to measure the effectiveness of automated controls and provide a data-driven picture of the application security posture.
Embed Security Engineering: Spearhead R&D DevSecOps initiatives, partnering directly with engineering teams to select, deploy, and maintain security tools, establishing security gates and best practices throughout the product development lifecycle.

Required DevSecOps Engineer
Realize your potential by joining the leading performance-driven advertising company!
The ideal candidate will bridge high-level security governance with hands-on, automated security implementation across the Software Development Life Cycle (SDLC).
This individual will be a critical enabler, empowering teams to move swiftly and deliver exceptional value to our clients, all while upholding the required security standards. A proven track record in successfully balancing rapid innovation with robust security practices is essential for this role
How youll make an impact:
As the DevSecOps Leader / Program Manager, you will be responsible for creating a secure-by-design culture and leading the operational implementation of our security strategy.
You will:
Build the Secure SDLC (SSDLC) Strategy: Develop, own, and execute the companys comprehensive DevSecOps strategy, focusing on automation to manage security at scale from code check-in to production deployment.
Lead Key Security Engineering Initiatives: Lead and manage security engineering programs, including:
Maturing the security tools stack (e.g., implementing WAF, and automating SCA/SAST tools).
Owning the bug bounty and responsible disclosure programs triage and remediation tracking.
Enhancing the Identity and Access Management (IAM) framework through concepts like Just-In-Time (JIT) and Zero Trust principles.
Operationalize CVE Tracking and Remediation: Design and implement a scalable system for discovering, tracking, and prioritizing Common Vulnerabilities and Exposures (CVEs) in third-party and custom code. Drive the engineering teams to achieve security risk remediation goals by providing clear, actionable data and automated patching mechanisms.
Measure & Drive Improvement: Develop and maintain key DevSecOps metrics (e.g., Mean Time To Detect/Remediate MTTD/MTTR, percentage of code coverage by SAST/SCA tools) to measure the effectiveness of automated controls and provide a data-driven picture of the application security posture.
Embed Security Engineering: Spearhead R&D DevSecOps initiatives, partnering directly with engineering teams to select, deploy, and maintain security tools, establishing security gates and best practices throughout the product development lifecycle.

We are looking for an experienced DevSecOps engineer to join our DevOps Group , newly created IT team.
Who has a passion for security , living security standards and best practices. Who has a desire to find the right solution with the available tools, not compromise on highest standards and allowing developers quick and easy way to progress.
In this position you will use your expertise in Azure, SSO, authorizations, SonarQube and more.
Key Responsibilities
Design and Build and manage one click joining / removing users from all the 3rd party integrated systems.
Get an experience with many 3rd party system, access, user groups and permissions. You will have a great opportunity to grow and create impact.
Analyze GitHub repos usage, permissions, PRs and build unified best practice for all.