דרושים » ניהול ביניים » Senior Product Security Engineer

Required Senior Product Security Architect
As a Product Security Architect, you will shape how security is built, not just review it. Youll work closely with engineering to influence architecture, guide design decisions, and ensure security is embedded across our platform from the earliest stages where decisions matter most, not just where they are validated. Youll take on complex, real-world challenges across cloud-native systems and AI-driven features, where security must evolve alongside scale and speed. This role is not about checklists or gatekeeping, but about applying strong technical judgment, making pragmatic trade-offs, and enabling teams to build secure systems by design. If youre looking to have a meaningful impact on a real product, collaborate with high-caliber engineering teams, and help define modern product security at scale, youll find this role both challenging and rewarding.
What Makes This Role Unique
A product where security decisions truly matter - processes and analyzes highly sensitive customer conversations at scale, creating unique challenges around data protection, privacy, and trust.
AI is core to the product, not a side project - Youll work in an environment where AI/ML is deeply embedded, addressing real-world security challenges that go beyond traditional application security.
A platform operating at a meaningful scale - Youll deal with high-volume data, distributed systems, and production environments where security decisions have immediate and visible impact.
The opportunity to shape a growing security domain - Product security is still evolving, giving you the ability to influence direction, introduce new ideas, and build things the right way.
A culture that values practical, engineering-driven security - Security is approached with a focus on real risk and practical solutions, not just compliance or process.
High ownership with room to grow - Youll have the autonomy to take initiative, drive changes, and expand your impact as the company and platfWhat Youll Do
Shape security architecture where it matters most, partner with engineers early in the design phase to influence system architecture, define secure patterns, and make critical decisions before code is written
Work hands-on with engineering teams to secure real systems review designs, dive into code and PRs when needed, and build small tools or proofs-of-concept to validate security assumptions
Lead threat modeling and deep design reviews identify trust boundaries, abuse cases, and high-impact attack paths, and ensure controls hold up in real production environments
Own security design for authentication, authorization, and APIs, including identity flows (OAuth/OIDC), session management, and multi-tenant access control.

We are looking for a highly skilled Cloud Security Engineer who can embed security across cloud infrastructure, CI/CD pipelines, applications, and AI-enabled environments. This role is ideal for someone with deep hands-on experience in cloud security, automation, and secure software delivery, combined with growing or strong specialization in AI/ML security, LLM security, and modern data platform protection.
The ideal candidate will help design, implement, and scale security controls across our cloud-native ecosystem while partnering closely with engineering, platform, data, and AI teams to ensure security is built into every stage of development and deployment.
Job responsibilities
Design, implement, and manage security controls across cloud environments such as AWS, Azure, or GCP
Secure cloud infrastructure, Kubernetes clusters, containers, storage, networking, IAM, and secrets management
Define and enforce cloud security baselines, guardrails, and best practices using infrastructure-as-code and policy-as-code
Monitor cloud environments for misconfigurations, threats, and anomalous behavior, and drive remediation efforts
Support incident response, threat detection, vulnerability management, and post-incident reviews for cloud systems
Integrate security into CI/CD pipelines and software delivery processes
Implement automated security testing such as SAST, DAST, SCA, container scanning, IaC scanning, and secrets detection
Partner with engineering teams to improve secure SDLC practices and reduce security friction
Build reusable security automation and self-service controls for developers and platform teams
Collaborate with DevOps, SRE, and engineering teams to harden deployment pipelines and production environments
Partner with AI and data teams to secure AI/ML workflows, model development, and deployment pipelines
Define security controls for LLM applications, training data, vector databases, APIs, model endpoints, and agent-based systems
Help assess and mitigate AI-specific risks such as prompt injection, model abuse, sensitive data leakage, insecure plugins/tools, supply chain risks, and unauthorized model access.

We are looking for a Security Engineer to join our Security Engineering team. This is a generalist, "all-rounder" role - you will work across all security domains, while leading and owning a specific security domain based on your expertise.
You will define and drive security programs, design and implement security controls, and make architecture-level decisions across your domain. You will work closely with R&D, DevOps, and engineering teams, embedding security into how we build and operate at scale, and help shape a security-first culture across the organization.
What You'll Work On:
Define and maintain security standards, policies, and controls across all security domains - including SSDLC processes and secure development standards across R&D
Work hands-on alongside R&D, engineering, and IT teams to implement security controls, drive adoption, and ensure execution
Lead and contribute to large-scale security projects with real organizational impact
Evaluate, integrate, and operate industry-leading security tooling and platforms - including emerging startups with cutting-edge technologies
Build automation, tools, internal processes, Terraform modules, GitHub Actions, and AI agents for engineering teams and for your own team
Conduct security assessments and threat modeling.
Lead containment, investigation, and forensic analysis during security incidents
Identify security gaps and misconfigurations across cloud environments, infrastructure, and internal processes - and drive remediation through scalable, long-term solutions
Contribute across all security domains - cloud, application, AI security, detection engineering, IT, and more

We are seeking a talented Senior DevSecOps Engineer / Security Architect to act as the primary security owner and focal point for the Velocity R&D organization. The ideal candidate will possess a background in IT and security platforms, strong coding skills, the ability to independently learn new technologies, an unwavering commitment to quality, a collaborative work ethic, and a profound passion for securing complex infrastructures.
Main Responsibilities:
Security Strategy & Architecture
Own and continuously improve Velocitys overall security posture, including risk assessment, prioritization, and long-term planning.
Design and guide secure architectures for new and existing systems and features, aligned with best practices and compliance requirements.
Lead threat modeling efforts and drive proactive validation against emerging attack techniques.
Evaluate, introduce, and develop security solutions tailored to Velocitys environment.
Design and implement security controls for emerging technologies, including agentic AI systems, addressing risks such as misuse, data leakage, and adversarial manipulation.
Security Engineering & DevSecOps
Embed security across the development lifecycle, including CI/CD pipelines, infrastructure, and application layers.
Enhance logging, auditing, and detection capabilities, and design detection strategies tailored to the platform.
Own and optimize security tooling, ensuring strong integration, visibility, and coverage across systems.
Incident Response & Operations
Investigate and respond to security incidents and alerts, leveraging deep system understanding.
Perform root cause analysis and drive improvements to prevent recurrence.
Collaboration & Enablement
Partner closely with R&D, IT, Product, and the CISO to ensure secure design and day-to-day operations.
Support compliance initiatives (e.g., SOC 2) and security reviews with internal and external stakeholders.
Assist in customer-facing security processes, including questionnaires and evaluations.
Promote security awareness and provide guidance across the organization.

Were looking for a Senior Security Researcher to drive high-impact research across cloud, runtime, and application environments, and translate it into product-grade detections. This is a hands-on role for someone who can lead investigations end-to-end: from understanding attacker tradecraft and vulnerabilities, through building reliable detection logic, to influencing product direction.
On a typical day youll :
Lead deep-dive research into real-world attacks, vulnerabilities, and emerging cloud and runtime techniques
Own complex investigations (DFIR, threat hunting, root-cause analysis) and convert learnings into durable detections
Design and implement advanced detection logic and analytics across cloud assets, containers, Kubernetes, and Linux runtime telemetry
Build prototypes and production-ready components that improve detection accuracy, fidelity, and coverage
Partner closely with engineering and product to shape roadmap priorities and guide implementation details
Develop research methodologies, testing frameworks, and validation processes for new detections
Mentor and level up other researchers and engineers through reviews, knowledge sharing, and technical guidance
Represent the team externally through publications, technical blogs, and conference talks

We're looking for a security practitioner who wants to go deeper than monitoring dashboards and triaging alerts. Someone who understands what good detection looks like, knows their way around a SIEM, and isn't afraid to roll up their sleeves with APIs and automation. You'll be the bridge between the security products our customers already trust and the our company platform that validates whether those products are actually doing their job.

Opportunity Highlights
Our integrations team is responsible for connecting our company with the security products that make up enterprise defense stacks worldwide - EDR and XDR platforms, SIEMs, vulnerability management tools, threat intelligence platforms, email security products, and cloud security solutions.

You'll own the full lifecycle of these integrations: building new ones, keeping existing ones healthy, and setting up realistic lab environments that mirror what our customers actually run. When something breaks in the field (or can't be reproduced internally) you'll be the one figuring it out.

You won't be doing this alone. You'll work closely with our Product, Engineering, and Security teams, and you'll have access to modern AI-powered development tools that let you move fast without sacrificing quality.

The Impact You Will Have

Design, build, and maintain integrations with leading third-party security products
Own the full lifecycle of existing integrations - maintenance, bug fixes, upgrades, and reliability improvements
Research vendor APIs, authentication flows, event schemas, and product capabilities to unlock new integrations
Translate complex security telemetry into normalized, actionable data
Build and maintain lab environments that mirror real enterprise security deployments
Reproduce field scenarios, validate detections, and troubleshoot integration behavior end-to-end
Investigate issues in customer-like environments when they can't be reproduced internally
Continuously evaluate new security technologies and identify integration opportunities
Use modern AI-driven development tools to accelerate delivery and improve quality

We're looking for a Security Engineer - our company Product to spread the power of our company. The ideal candidate will have experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. Youll get to collaborate with our software development and DevOps teams to secure our companys products, CI/CD infrastructure, and production infrastructure. Youll also have the opportunity to influence our product roadmap by utilizing our company-for-our company to assess, monitor, and harden our environments.
WHAT YOULL DO
Lead threat modeling and security review exercises across our companys production and CI/CD environments - identifying and mitigating risks in our products and the cloud services that support them
Drive vulnerability management and remediation efforts - prioritizing issues, implementing mitigations, and designing strategic preventative controls
Extend our detection and response capabilities - building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
Collaborate with our company Federal team - extending our DevSecOps and Product Security practices to our companys FedRAMP environment and ensure it meets key security requirements
Build deep functional partnerships with our companys engineering and operations teams - helping them deliver secure-by-design solutions.

Were looking for an Application Security Engineer with a passion for AppSec to join our growing team.
Responsibilities:
‍‍Build and maintain an advanced security research lab to test, evaluate, and supercharge detection tools.
Analyze tools across multiple domains: SAST, SCA, DAST, Secret Detection, IaC Scanning, Container Scanning, CSPM, and more.
Identify detection gaps and develop techniques and rules to close them.
Leverage Python and AI practices to automate research and drive smarter detection strategies.
Monitor emerging threats, CVEs, and high-profile incidents - and develop relevant detection content and platform enhancements.
Collaborate closely with engineering, product, and marketing

Required AI Security - Field AI Engineer
Location: Tel Aviv District, Israel
Welcome to the future of cloud networking and security!
This is your opportunity to get on the rocket ship and join a company that is building a cutting-edge enterprise network and secure cloud platform, and is on a fast track to becoming the worldwide market leader - dont miss it!
The Field AI Engineering team is a unique group of professionals combining strong technical expertise, rooted in a software engineering background, with excellent customer-facing skills.
In this role, you will lead major customer engagements, both remotely and on-site, and tackle the most complex challenges faced by our customers. Some of these challenges will be addressed in-house by designing and developing tailored solutions for customer environments. Others will require close collaboration with our R&D and Product teams to deliver scalable and impactful solutions.
This position is ideal for someone who enjoys solving hard technical problems while working directly with customers and influencing product direction.
Responsibilities
Drive AI Security deal success by handling complex technical sales engagements.
Lead and participate in customer meetings, including technical deep dives, solution design sessions, and executive-level discussions, both remotely and on-site.
Collaborate closely with cross-functional teams, including Sales, Product, R&D, Marketing, Customer Success, and Professional Services, to deliver end-to-end customer solutions.
Design and develop custom features, integrations, and tailored solutions to address customer-specific environments and challenges.
Lead and support complex customer deployments, from initial design through implementation and validation.
Act as a hands-on technical expert throughout the customer lifecycle, contributing wherever needed to ensure successful outcomes.

Required Tetragon Senior Linux Security Engineer
Job Description
About this role:
Cilium Tetragon is a flexible, Kubernetes-aware security tool, with real-time observability and enforcement. Leveraging the power of eBPF, Tetragon offers a low-overhead, in kernel solution that enhances security posture by monitoring system behaviors such as process executions, system call activities, and both network and file access events.
Tetragon Threat Detection Engineers primarily focus on creating and maintaining
Tetragon runtime security policies, based on the latest threat intelligence, vulnerability disclosures, and their own research.
Policies can act either as a mitigation to known vulnerabilities or as monitoring and protection against unknown security issues.
What youll do:
Develop and maintain Tetragon runtime security policies to ensure customers have good visibility of suspicious activity on their infrastructure and are protected against the latest emerging threats
Help design frameworks and architectures that allow customers to easily consume policies and understand their overall security posture
Monitor vulnerability disclosures (CVEs) and the latest threat intelligence to develop Tetragon runtime security policies
Work with software engineers at Isovalent to improve and enhance the capabilities of Tetragon security policies
Interact with solution architects and customers as necessary to support and deploy Tetragon security policies in production
Publish content and give talks based on your work.