דרושים » מחשבים ורשתות » Senior DevSecOps Engineer

we are looking for a DevSecOps.
As a DevSecOps engineer you will be a part of our DevOps group and play a critical role in designing and implementing application and infrastructure security programs that will make sure that our systems continue to be secure and compliant with our clients high bar.
You will work closely with developers and DevOps engineers to help identify and remediate application and infrastructure security issues.
What youll do:
Implement an application security program
Design and implement security automation and controls within CI/CD pipelines utilizing SAST, DAST and SCA tools
Collaborate on architecture reviews, threat modeling, and developer security training sessions to elevate AppSec maturity
Implement an infrastructure security program
Integrate and implement CSPM controls within a high scale cloud environment.
Own strategy for security in IAM, secret management and similar security-critical components
Own security training and review for DevOps teams.
Orchestrate execution of penetration testing on infrastructure and application and a bug bounty program
Own compliance processes within DevOps
Build and continuously improve SOC2 compliance processes and audit readiness tooling
Lead technical responses for internal and external audits, working closely with GRC, engineering, and cloud teams to resolve gaps and strengthen security posture.​

We are seeking a talented Senior DevSecOps Engineer / Security Architect to act as the primary security owner and focal point for the Velocity R&D organization. The ideal candidate will possess a background in IT and security platforms, strong coding skills, the ability to independently learn new technologies, an unwavering commitment to quality, a collaborative work ethic, and a profound passion for securing complex infrastructures.
Main Responsibilities:
Security Strategy & Architecture
Own and continuously improve Velocitys overall security posture, including risk assessment, prioritization, and long-term planning.
Design and guide secure architectures for new and existing systems and features, aligned with best practices and compliance requirements.
Lead threat modeling efforts and drive proactive validation against emerging attack techniques.
Evaluate, introduce, and develop security solutions tailored to Velocitys environment.
Design and implement security controls for emerging technologies, including agentic AI systems, addressing risks such as misuse, data leakage, and adversarial manipulation.
Security Engineering & DevSecOps
Embed security across the development lifecycle, including CI/CD pipelines, infrastructure, and application layers.
Enhance logging, auditing, and detection capabilities, and design detection strategies tailored to the platform.
Own and optimize security tooling, ensuring strong integration, visibility, and coverage across systems.
Incident Response & Operations
Investigate and respond to security incidents and alerts, leveraging deep system understanding.
Perform root cause analysis and drive improvements to prevent recurrence.
Collaboration & Enablement
Partner closely with R&D, IT, Product, and the CISO to ensure secure design and day-to-day operations.
Support compliance initiatives (e.g., SOC 2) and security reviews with internal and external stakeholders.
Assist in customer-facing security processes, including questionnaires and evaluations.
Promote security awareness and provide guidance across the organization.

We're on a mission to redefine vehicle safety and reliability on a global scale. Founded in 2016, we have pioneered the world's first fully automated suite of vehicle inspection systems. At the heart of this innovation lies our advanced AI-centric technology, representing the pinnacle of computer vision, Machine Learning, and generative AI within the automotive sector.
With over $380M in funding and strategic partnerships with industry giants such as Toyota, Amazon, General Motors, Volvo, and Hertz, our technology is utilized in manufacturing plants, dealerships, wholesale auctions, delivery fleets, seaports, and more. Our growing global team of over 200 employees is committed to creating a workplace that celebrates diversity, encourages teamwork, and strives for excellence.
We seek a dedicated and proactive Senior SecOps Engineer to join our InfoSec team and take ownership of all security-related tasks across the organization. In this role, you will be key in aligning security goals with infrastructure, R&D and IT requirements. You will be responsible for integrating security into our CI/CD pipelines, managing cloud infrastructure security, ensuring compliance with security standards, and protecting our infrastructure from vulnerabilities.
A day in the life and how youll make an impact:
* Implement and manage security tools such as static code analysis, cloud posture monitoring, and penetration testing tools.
* Embed security into the DevOps lifecycle, including CI/CD pipelines, IaC (Infrastructure as Code), and software development workflows.
* Design and enforce security policies for cloud architecture, ensuring secure configurations and monitoring.
* Lead incident response activities, vulnerability management, and forensic investigations to mitigate threats.
* Drive compliance efforts (ISO 27001, SOC 2, GDPR, etc.) and audit readiness for the organization.
* Work closely with stakeholders ( CISO, COO, system Architects, DevOps, IT, Finance, HR, etc) to identify requirements and prioritize security needs.
* Continuously monitor systems and infrastructure for vulnerabilities, intrusions, and misconfiguration.
* Perform or manage penetration testing initiatives to identify security weaknesses.

We are looking for people who are passionate about leading technology to the extreme.
If you are striving to develop an innovative product, make an impact, and work with the industrys brightest talent as part of one of the fastest-growing and successful startups around - where you want to be!
As part of the Security Cloud Engineering team, youll do the following:
Promote a strong security culture using security-driven awareness and best practices for continual security improvement across the business.
Ensure that security countermeasures, mitigations, and containment strategies are implemented on both infrastructure and applications.
Leverage AI within the DevOps and DevSecOps landscapes to maximize security ROI while driving innovation across the global company.
Secure and optimize our cloud services, to ensure robust security and compliance.
Establish and enforce DevSecOps best practices within our CI/CD pipelines and automation processes.
Automate the deployment of security controls and processes to ensure consistent and scalable protection for all security layers.
Develop and implement strategies for proactive threat detection and risk mitigation.
Collaborate with Security, Engineering, and DevOps teams to define and execute security strategy.

We are looking for a security-driven DevSecOps Engineer to join our engineering team.
The ideal candidate has a strong security mindset, the ability to independently research and learn new tools and techniques, and hands-on experience embedding security into software delivery pipelines.
Key Responsibilities
Integrate security tools (SAST, DAST, SCA, secret scanning) into CI/CD pipelines
Identify, research, and evaluate new security tooling and industry best practices independently
Assist in hardening AWS environments (IAM, Security Hub, GuardDuty, CloudTrail)
Enforce security policies across GitHub organization (branch protection, access controls, Actions governance)
Write Python scripts to automate security scanning, reporting, and remediation
Participate in security reviews for infrastructure and application changes
Collaborate with AppSec and platform engineering teams on vulnerability management
Maintain runbooks and documentation for the security toolchain.

As a DevSecOps Engineer in our companys Internal Platform Engineering team (IPE), youll play a pivotal role in ensuring our companys infrastructure and applications are resilient, scalable, and secure.
In your day-to-day, you will:
Build and set up infrastructure for various internal uses using IaC (Terraform, Terragrunt)
Automate and improve development, security, and CI/CD processes
Work with cutting-edge technologies to enhance our company infrastructure and security
Build and maintain multi-K8s environments and microservices (using Helm Charts)
Provide AI-based solutions for automation and monitoring resilience.

we are looking for a Platform Security Engineer.
As a dedicated Platform Security Engineer, you will bridge the gap between code and infrastructure to build a fortress around our creators' content.
Youll spend your time defining and implementing high-level security processes while rolling up your sleeves to fix vulnerabilities alongside our DevOps team. From architecting DSPM strategies for massive distributed video data to hardening our SDLC, you will be the ultimate owner of our security posture. You wont just be monitoring dashboards; youll be collaborating directly with developers to ensure security is a fundamental part of our engineering.