Product Security Architect
Tel Aviv District, Israel
Tipalti
Product Security Architect
We are looking for a highly skilled Product Security Architect to join our team at Tipalti. This role is pivotal in ensuring the security of our applications from inception to production and beyond. The ideal candidate will have a solid development background that has evolved into security expertise, enabling them to work closely with development teams to implement security best practices and develop protection mechanisms.
Why join Tipalti?
Tipalti is one of the world’s fastest-growing fintech companies. We free finance professionals to lead by modernizing the entire payables operation. We are a well-funded, late-stage start-up backed by high-profile investors. Our 2021 Series F funding round raised $270 million, valuing us at over $8.3 billion. With total funding of just over $550 million, and with more than 3000 global customers, Tipalti is one of the most valuable private fintech companies in the world.
At Tipalti, we pride ourselves on our collaborative culture, the quality of our product and the capabilities of our people. Tipaltians are passionate about the work they do, and keen to get the job done. Tipalti offers competitive benefits, a flexible workplace, career coaching, and an environment where diverse individuals can thrive and make an impact. Our culture ensures everyone checks their egos at the door and stands ready to reach for success together.
In this role, you will be responsible for:
- Collaborate closely with all Tipalti development teams to build and govern security from day one to production, following best practices.
- Perform application security assessments, including architecture design reviews and threat modeling.
- Provide secure software guidance and act as a business enabler to cross-functional teams, including product, engineering, etc.
- Design, build, and implement best-in-class application security solutions.
- Lead and promote security audits, vulnerability assessments and code reviews.
- Develop software security guidance, including training material, best practices, secure coding checklists, and reusable code.
- Validate ongoing compliance with policies and procedures in support of regulations.
- Raise the overall security awareness for the Secure-SDLC and define training roadmaps based on needs.
- Work with different entities in the company to ensure S-SDLC compliance with company rules and industry standards.
- Review & manage security issues identified in products, analyze severity and risk, and provide recommendations for remediation.
- Establish, manage, and lead a bug bounty program
About you
- 3+ years of security architectural experience, conducting threat modeling and design reviews of complex products - Must.
- 2+ years of experience in the development of SaaS applications - Advantage.
- In-depth knowledge of security architectural considerations from an end-to-end security perspective.
- Expertise in building and implementing security policies, serving as a single point of contact for security in all S-SDLC tasks, challenges, and requirements.
- Understanding of the OWASP Top 10 application security risks and proficiency in addressing them.
- Knowledge of cloud-native infrastructure architecture (containers, Kubernetes).
- Solid knowledge of Cloud Security Architecture, particularly AWS and Azure.
- Knowledge of microservice architecture, web technologies, and APIs.
- Excellent communication skills, with the ability to communicate and present effectively to stakeholders at all levels, from developers to senior management.
- Hands-on experience with at least 2 Application security tools such as SAST, API Security, DAST, WAF.
Our tech teams are the engine behind our business. Tipalti’s tech ecosystem is extremely rich and we continually add new features to our products, ensuring that we respond to our clients’ needs at scale. Our tech teams retain a fast-paced, start-up vibe that encourages innovation and critical thinking. At Tipalti, you’ll have the opportunity to work with a diverse, global team of engineers, developers and product leaders who are collectively building the future of our best-in-class product suite as we transform financial operations for the future.
#LI-IG1
#LI-hybrid
Interested in learning more about us?
Tipalti is the only company handling both global partner payments and accounts payable workflows for high-velocity companies across the entire financial operations cycle: onboarding and managing global suppliers, instituting procurement controls, streamlining invoice processing and approvals, executing payments around the world, and reconciling payables data across a multi-subsidiary finance organization. Tipalti enables companies to scale quickly by making payables strategic with operational, compliance, and financial controls. Through Tipalti, our clients can efficiently and securely pay thousands of partners and suppliers in 196 countries within minutes.
Tipalti is fueled by a commitment to our customers and a desire to build lasting connections. Our client portfolio includes high-velocity businesses such as Amazon Twitch, GoDaddy, Roku, WordPress.com, and ZipRecruiter. We work hard for our 98% customer retention rate which is built on trust, reliability and innovation. Tipalti means we handled it" - a mission to which we are constantly committed.
Job Candidate Privacy Notice | Tipalti
www.tipalti.com/privacy/job-candidate-privacy-notice/
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security Audits AWS Azure Cloud Compliance DAST Finance FinTech Kubernetes OWASP Privacy Product security SaaS SAST SDLC Security assessment
Perks/benefits: Career development Competitive pay Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs