DevSecOps Engineer

Gong is one of Israel’s most valued private software companies. Our solution uses machine learning and AI to automate big parts of customer-facing roles. Over 2000 innovative companies like Zillow, Slack, PayPal, Twilio, Shopify, Hubspot, SproutSocial, Zoominfo, Outreach, MuleSoft, and LinkedIn trust Gong to power their customer reality.
At Gong, we’re building new-generation, machine-learning based software that automates big parts of customer-facing roles by “understanding” their conversations and related work.
Our solution guides sales professionals, coaches them on how to become better, performs tasks for them, and directs them to the best actions.
As a DevSecOps engineer, you'll play a key role in securing, defining, optimizing, and building our rapidly expanding cloud, infrastructure, and internal tools, with a deep focus on security tools, methodologies, and best practices. 

You will be a part of our DevOps team, adding to our cloud infrastructure expertise with special focus on security related fields, such as:

•  Helping to secureour growing fleet of cloud services.  
• Guiding the security and architecture of new services. 
• Supporting our monitoring and alerting systems. 
• Developing threat detection strategies to identify potential risks. 
• Automating all aspects of security control deployment. 
• Acting as focal point for security and compliance-related queries and strategies.

Basic Qualifications:

• 3+ years of DevOps, with a deep understanding of cloud security and best practices. 
• Ability to identify common security risks, and to formulate and execute security strategies.
• Experience with market-leading security tools and providers Scripting & development skills, preferably in Python. 
• Extensive knowledge of Internet protocols, architectures, and security design principles.
• Experience with AWS security & encryption components such as IAM Policy, KMS, GuardDuty, Cloudtrail, SSO, etc. (or equivalent).
• Hands on experience with 3rd party security solutions, such as Snyk / Wiz / Orca / AquaGood understanding of security projects that address risks, including patching, secure build, vulnerability scanning and remediation, logging and monitoring, threat management, and user awareness.
• Proven ability of gathering and maintaining evidence for security and compliance.
• Self-motivated with the drive to keep moving things forward

Preferred Qualifications:

• One or more security-related certifications, such as CISSP, CEH, CISA, CISM, SECURITY+ or similar. 
• Experience in triaging security alerts and executing incident response.
• Experience with virtualization technologies, especially with AWS services .
• Strong sense of ownership, urgency, and drive 
• Experience in Compliance Requirements (e.g. SOC2, ISO27001, HIPAA, PCI, etc.)

Here at Gong, we like to encourage our employees to express their personality and identity (whether gender, ethnic, religious, or sexual), and we ensure fairness and equal opportunities. 
If this consideration is important to you when choosing a work place, we'd love to see you with us.