Application Security Team Leader
Israel - Tel Aviv
Applications have closed
Cybereason
Cybereason AI-Driven XDR Platform provides predictive prevention, detection and response that is undefeated against modern ransomware and advanced attack techniques.Who we are
Cybereason is the champion of today’s cyber defenders, providing operation-centric attack protection. Our Defence Platform moves beyond endless alerting to instead recognize, expose, and end malicious operations before they take hold. Cybereason is an international company who defends the world's top brands in more than 50 countries.
Nice to know
- Our Israeli site is located in Tel Aviv at Alon 1 tower, next to Hashalom train station
- Hybrid work model
- Flexible working hours
- “Best high tech companies to work for” (by Dun’s100)
You’ll be part of our Infrastructure Security group
The Infrastructure Security group, protects our own infrastructure, collaborates with our research and development on product security, manages certifications related to Governance, Risk, and Compliance (GRC) and security value. The team works closely with our internal Information Technology team to defend employees across the globe and promote security awareness. The security team also embraces thought leadership and develops policies to promote a more secure world.
In this position you will
- Work closely with Product, R&D and DevOps teams to define high level and detailed security requirements for various features.
- Lead the AppSec team of Engineers and Offensive security to collaboratively build the Cybereason security posture.
- Build, maintain, and improve AppSec processes & tools.
- Work with R&D teams to review code for security vulnerabilities (manual and automated)
- Perform periodic application level penetration tests on major features and versions.
- Evaluate the security posture of various 3rd party tools, libraries and vendors from application security perspective.
- Drive and track the progress of security bug resolution with R&D and DevOps teams.
- Work on RFP and Audit responses as needed.
What We’re Looking For
- 4+ years of experience in hands-on application security field including SDLC process.
- 2+ years of Leadership experience.
- Deep knowledge of common application level vulnerabilities and mitigation (OWASP top 10, SANS 25, etc).
- Strong manual code review skills in Java, C/C++, Python, Node.js.
- Good knowledge of secure coding best practices and ability to guide R&D teams on how to write secure code.
- Experience with SAST tools
- Familiarity with docker containers, Kubernetes, etc.
More About Cybereason:
Our culture and how we operate reflects in our shared values. Our #Defenders are individuals with diverse skill sets and backgrounds who are driven to innovate and scale with our growing organization. We are a team that strives to learn from each other, solve challenging problems, and work collaboratively toward our goal of reversing the adversary advantage.
Core Values:
- Win As One: The power of an individual is less than the power of a team.
- Ever Evolving: Change keeps us at the forefront, so we encourage it.
- Daring: To achieve the impossible, we must dare to be different.
- Obsessed with Customers: We believe gaining our customers’ trust is the most important part of what we do.
- Never Give Up: We are tenacious and resilient, and we never stop.
- UbU: We believe people can only unlock their full potential when they work somewhere that accepts who they are.
If these values resonate with you and our vision excites you, join us today and help us end cyber attacks from the endpoint to everywhere! #Defenders
Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At Cybereason we are dedicated to building a diverse, inclusive, and authentic workplace (#uBu), so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security C Compliance DevOps Docker Governance Java Kubernetes Node.js Offensive security OWASP Product security Python R&D RFPs SANS SAST SDLC Vulnerabilities
Perks/benefits: Flex hours
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs