דרושים»אבטחת מידע וסייבר» Security Lead

לפני 17 שעות חברה חסויה Location: Job Type: Were seeking a Security Lead to join our team. This role is ideal for someone who can shape security foundations from the ground up. Youll solely build, lead and scale our security program across product, infrastructure and internal operations. This is a hands-on leadership role in which you will define our security strategy, drive execution, take ownership of maintaining security within our cloud environment and ensure that our customers, partners and employees can trust our platform and data handling.

Responsibilities

Embed secure-by-design and secure-by-default practices into the SDLC, partnering with engineering on threat modeling, secure code reviews, SAST/DAST, vulnerability management, and integrating practical, developer-first security solutions directly into development workflows. Manage hands-on application and cloud security execution, reviewing code, hardening services, improving AWS/GCP configurations, IAM, networking, and secrets management, building cloud posture management, and integrating security into CI/CD, containers, and infrastructure-as-code. Drive LLM and GenAI security innovation, implementing guardrails, prompt injection protections, MCP authorizations, and AI-specific security controls to ensure resilient and safe AI-powered systems. Own incident response and security operations end-to-end, including preparation, detection, mitigation, root-cause analysis, remediation, communications, and developing internal standards, playbooks, and automation to scale the function from scratch. Lead, data lifecycle, and compliance initiatives, owning SOC 2, ISO 27001,, and regulatory readiness, while representing security in customer and partner discussions and translating technical controls into business assurance.Requirements: Strong hands-on application and security engineering experience, with deep expertise in modern cloud environments, cloud-native security, and secure software development Proven ownership of end-to-end security programs, including defining and executing roadmaps, policies, and cross-domain security initiatives Deep knowledge of SDLC security and DevSecOps, covering CI/CD, container security, infrastructure-as-code, and embedded security controls in engineering workflows Hands-on experience with application security tooling, including SAST, DAST, SCA, runtime monitoring, vulnerability management, and threat modeling Practical experience leading incident response and remediation, including preparation, detection, post-incident improvements, and guiding developers through secure coding and remediation discussions Ability to review and understand code in at least one modern programming language, and work closely with developers on secure code reviews and implementation fixesThis position is open to all candidates. Hide