Senior Security Engineer, InfraSec
Israel - Tel Aviv
Applications have closed
About us
Forter provides new-generation fraud prevention to meet the challenges faced by modern enterprise e-commerce. Only Forter provides fully automated, real-time Decision as a Service™ fraud prevention, with approve/decline decisions backed by a 100% chargeback guarantee. The system eliminates the need for rules, scores, or manual reviews, making fraud prevention friction-free. The result is fraud prevention that is invisible to buyers and empowers merchants with increased approvals, smoother checkout, and the near elimination of false positives - meaning more sales and happier customers.
About the team
Forter has a complex set of cloud applications and infrastructure with petabytes of sensitive data flowing through numerous datastores and thousands of cloud compute instances providing logic for real-time decision making. Securing this system in a way that makes the perimeter and the internals safe from sophisticated attackers, satisfies its customers, and still provides the engineers with a smooth development experience is a world-class challenge. The Security Team’s mission is to help design secure products and features from the very start while engaging with every engineering team, as well as evaluating and overhauling everything that has been built over the years. The team also develops security features to add to Forter’s infrastructure, choosing and deploying external security tools to complement its abilities where needed.
What you'll be doing:
- Represent the Security Team as point of contact and source of knowledge in Design Review meetings across Engineering
- Perform threat analysis, define security controls and security KPIs for implementation and tracking across the organization
- Improve the company’s security standing by developing security features for use in the company’s cloud infrastructure (identity and access management, key and secret management, security monitoring, production machine access)
- Select and deploy tools from external vendors for continuous application and infrastructure security scanning, tracking, and resolution (SAST, IDS, IPS, DDoS, etc.)
You'll be expected to:
- Work very well cross-functionally, think rigorously, and make hard decisions despite tradeoffs
- Perform risk assessments and prepare recommendations for how to invest security resources
- Design, build, evangelize, and maintain security infrastructure and tools that all Forter's engineering teams will enjoy using
- Mentor engineers to design secure applications, provide design reviews
- Work in “brownfield” environments, imagining the next evolution of legacy systems alongside new ones
What you'll need:
- 6+ years of experience working with public clouds (AWS / GCP / Azure)
- Experience with complex software projects (Python / Ruby / Go / NodeJS / etc.) or infrastructure as code tools (Cloudformation / Terraform / Pulumi / etc.)
- Extensive knowledge of every layer of the stack (Hardware / OS / Network / Application / Database / Storage / etc.)
- Hold yourself and others to a high bar when working with production
- Fluent written and spoken English, excellent listening and presentation skills
- Experience leading cross-team efforts (champion an idea, get buy-in, reach widespread adoption)
We would especially love to hear if you:
- Have experience with threat modeling, performing security audits, penetration testing, and SAST tools.
- Have production experience with CNCF technologies like Kubernetes, Istio, Prometheus, Vault, Consul, etc.
- Have experience developing multi-cloud SAAS platforms.
- Contributed to open-source application security tooling or standards.
- Have experience with certification and compliance programs such as PCI-DSS, SOC II, and ISO27001.
Why Forter:
In Forter, engineers who have founders’ mentality thrive. With many technical challenges alongside complex systems, developers get to lead and impact as much as they can and want. From leading cross-team, highly coordinated projects, to deeply technical and highly challenging, long-term projects.
We work together. It’s important for us to cultivate the team mindset and know that people care about our well-being and are there to help when needed. We try as best as we can to keep office politics outside.
We don’t have QA, we don’t have Architects (“CTO team”), we don’t have a NOC or SOC team. We look at our team as part of the system that we build, so we optimize the process and tools to fit our team. Most of our team has a generalist mindset, but our system is vast and we have people developing expertise in areas they are passionate about.
We are big believers in having Skin in the game as a way of setting the alignment of incentives to build things right, and picking boring technology as we respect the complexity of our system and business.
At Forter, we believe unique people create unique ideas, and valuable experience comes in many forms. So, even if your background doesn't match everything we have listed in the job description, we still encourage you to apply and tell us why your skills and values could be an asset to us. By welcoming different perspectives, we grow together as humans and as a company.
Forter is an Equal Employment Opportunity employer that will consider all qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits AWS Azure Cloud Compliance DDoS E-commerce GCP IDS IPS ISO 27001 KPIs Kubernetes Monitoring Node.js Pentesting Prometheus Python Ruby SaaS SAST Terraform
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs