Cybersecurity Engineer (SaaS and Infrastructure Security)
Herzliya, Tel Aviv District, Israel
Pontera
Pontera enables advisors to manage and trade their clients’ retirement accounts including 401(k)s and 403(b)s as part of a holistic portfolioPontera is a fintech company on a mission to help people retire better. Our software platform enables retirement savers to get the help they need managing their 401(k) and other retirement plan accounts as part of a personalized strategy by their trusted financial advisor.
Pontera is used by financial advisors across the nation– from SMB to Fortune 500 RIA firms, independent broker-dealers, plan custodians, and plan advisors.
Backed by leading venture capital firms including ICONIQ Growth and Lightspeed Venture Partners, Pontera is built by talented individuals who share a dedication to helping people retire with greater security.
Our team is fast-growing and driven to become one of the largest fintech companies in the world. Our culture is built on a people-first principle: in a complex and numbers-driven industry, we never lose sight of the people we serve and work alongside. That’s where you come in.
At Pontera, we leverage cutting-edge cloud technologies and maintain a robust internal IT infrastructure to propel our business operations forward. We are seeking a versatile Cybersecurity Engineer who specializes in SaaS security and is proficient in broader system, network, and data security. This role is critical in protecting our digital assets, both in the cloud and across other IT resources, and involves collaboration with various teams to fortify our cybersecurity framework.
JOB RESPONSIBILITIES
- Risk Assessment and System Security: Conduct risk assessments for SaaS and non-cloud environments. Develop and refine mitigation strategies to enhance the security and compliance of operational systems continuously.
- Secure Architecture Design: Analyze and design secure architectures for SaaS initiatives and non-cloud projects. Ensure architectural decisions consistently support optimal security standards and reflect the latest industry best practices.
- Security Project Leadership: Lead projects from the selection through to the implementation of security systems. Manage project timelines, resources, and team coordination, ensuring that all integrations align with business objectives and infrastructure requirements.
- Incident Response, Detection, and Compliance: Design and configure systems to align with incident response playbooks and security standards. Participate in incident response activities as necessary, and conduct regular security audits to analyze security events and logs.
- Engineering and Automation: Utilize programming expertise to automate security processes across SaaS and traditional IT environments.
- Cross-Functional Collaboration: Work collaboratively with IT, DevOps, GRC, DevSecOps, and business units to ensure a unified approach to security practices across all platforms.
- Education and Training: Lead educational initiatives to raise security awareness and skills, focusing on both SaaS and general IT security among all staff.
REQUIREMENTS:
- Bachelor’s or master’s degree in Computer Science, Information Security, or a related field; further certifications in cloud and cybersecurity (e.g., CISSP, CISM, CCSP, CCSK) are highly desirable.
- Minimum of 5 years of cybersecurity experience with significant expertise in securing SaaS applications and broader IT infrastructures. Strong preference for candidates with proven experience implementing solutions such as CASB, SSPM, and DSPM.
- Familiarity with major SaaS platforms such as GSuite, Atlassian, Salesforce, and HubSpot is beneficial. More importantly, candidates should demonstrate the ability to quickly adapt to and secure various SaaS environments according to best security practices.
- In-depth knowledge of secure architecture practices, particularly in cloud and SaaS environments.
- Deep understanding of risk assessment techniques and proven experience in implementing mitigation strategies across various IT platforms.
- Proficiency in security frameworks and regulatory compliance, including but not limited to ISO 27001, NIST, GDPR, and SOC 2.
- Exceptional analytical and problem-solving skills, capable of performing under pressure.
- Strong communication and interpersonal skills, with a proven track record of effective collaboration in a team-oriented environment.
WHAT WE OFFER
- Opportunity: Have a major impact at a fast-growing startup that is revolutionizing the FinTech industry
- Team Culture: A collegial, collaborative, fun work environment with frequent team events
- Equity: All new hires are eligible for equity grant participation
- Professional Development: Sponsored learning & development program
- Work Flexibility: A hybrid office work model (In-Office Mon/Tues/Weds and WFH Sun//Thurs)
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation CASB CCSK CCSP CISM CISSP Cloud Compliance Computer Science DevOps DevSecOps DSPM FinTech GDPR Incident response ISO 27001 IT infrastructure NIST Risk assessment SaaS SOC SOC 2 Strategy
Perks/benefits: Career development Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Security Consultant jobs
- Open Security Operations Analyst jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open SaaS-related jobs
- Open DevSecOps-related jobs