דרושים»תוכנה» Senior Application Security Engineer

לפני 20 שעות חברה חסויה Location: Job Type:

and Were seeking a Senior Application Security Engineer who is first and foremost a teacher, advisor, and enabler for our development teams. Rather than owning security alone, youll embed secure-by-design thinking across engineering by mentoring developers, guiding architecture decisions, and making secure development intuitive and frictionless. Youll serve as the go-to partner for developers and engineering leaders, offering clear direction, practical solutions, and hands-on mentorship that strengthens our secure SDLC. What Youll Actually Be Doing: Mentor, coach, and educate developers on secure coding through workshops, training sessions, pair reviews, and ongoing guidance Lead and scale a Security Champions program embedded within engineering teams Facilitate threat modeling sessions and design reviews, partnering with teams early in the process to improve security outcomes Collaborate with engineering leadership to ensure secure architecture patterns, API security practices, and design principles are built in from day one Integrate and tune developer-friendly AppSec guardrails into CI/CD pipelines (SAST, SCA, IaC, secret scanning) while minimizing noise for developers Translate vulnerabilities into clear, actionable remediation guidance that developers can easily implement Support security awareness across engineering by building engaging internal content, best-practice playbooks, and reusable patterns Partner with compliance teams to produce documentation and SDLC evidence supporting FFIEC, PCI DSS, and SOC 2 requirements Stay current on emerging threats, developer tooling, and secure engineering patterns - sharing insights regularly with the teamRequirements: Native level fluency in English and Hebrew (written and verbal) - Must 7+ years in software security engineering, including 4-5 years in AppSec of secure development enablement roles Strong coding ability in one or more modern languages (JavaScript/TypeScript, Python, Go, Java, C#) Proven experience teaching, mentoring, or enabling developers through training, code reviews, threat modeling, internal talks, or champion programs Deep understanding of secure coding principles, common vulnerability classes, API security, and secure design techniques Hands-on Experience with AppSec tooling (SAST, SCA, IaC scanners, secret scanning) and integrating them into the developer workflows Experience with cloud native architectures and security in AWS or Azure Familiarity with compliance and security frameworks (PCI DSS, SOC 2, FEIEC, NIST, OWASP, ASVS) Excellent communication and storytelling skills - able to break down complex issues into simple, practical guidance A collaborative mindset and passion for building a positive, empowering security cultureThis position is open to all candidates. Hide