Senior Application Security Engineer

  • pin_dropמיקוםרמת גן
  • bubble_chartקטגוריהפיתוח תוכנה
  • schoolנסיון5+ שנות ניסיון
  • workסוג משרהמשרה מלאה

תיאור משרה

We are looking for a talented Senior Application Security Engineer to develop, design and implement security touch points into the Sisense product and support the trajectory of our new unified cloud product while maturing the existing on-premise product. This role will primarily focus on application security, and there will be plenty of opportunities to expand into other areas of Security Operations (vulnerability management, bug bounty, and Incident response) and Security IT (configurations, SaaS security tooling, and overall automation).

What will you do?

  • Partner with the security team to understand the organizational mission, attack surface and help define the appropriate risk-based security initiatives
  • Spend time with the engineering and product team to get up-to-speed on our technology stacks and current security controls
  • Have a solid fundamental understanding of our products, people, processes, and technologies
  • Perform an initial assessment on the strengths and weaknesses of the current stack through static analysis, automated scanning, and/or custom attacks
  • Provide recommendations for identified opportunities from the current state processes
  • Code review and other production changes to ensure no security issues are introduced
  • Work with key stakeholders to ensure compliance of Sisense's internal procedures and compliance goals (SOC2, HIPAA, ISO, GDPR, CCPA)
  • Drive security improvements to production environments and the deployment processes
  • Perform targeted offensive security testing 
  • Promote better security throughout the company
  • Implement continuous monitoring systems and tools to automatically identify potential security issues at the code, application and infrastructure layers
  • Support external and internal penetration testing efforts and assist with driving issues to closure 
  • Assist with our bug bounty program and maturation of Hacker powered security
  • Promote a security-first culture and ensure that all employees at Sisense are able to protect the organization from threats

דרישות תפקיד

  • Experience working as a security engineer, consultant or similar position
  • Security mindset as a business enabler and as part of the core security foundation
  • Effective communication style and action- driven abilities
  • Hands-on experience in configuring and hardening cloud-based infrastructure (AWS, Google Cloud, Azure, etc.)
  • Experience with container technology (Kubernetes)
  • Strong experience in Python, Java, JavaScript, Go and Ruby on Rails
  • Demonstrated capability in secure coding (input validation, session management, etc.) and performing automated or manual static analysis
  • Hands-on experience in conducting penetration testing and vulnerability assessment at the network and application layers
  • Ability to dissect new systems, product requirements, features to identify and develop security requirements
  • Basic understanding of security processes (access management, incident management, data security, etc.)
  • Security certifications such as OSCP, CISSP, CEH, GWAPT, etc.


על החברה

עם מעל 800 עובדים בשמונה משרדים ברחבי העולם, מניו-יורק, דרך טוקיו, לונדון, ומלבורן, וגיוס כספים של כ-200 מיליון דולר, חברת Sisense מציבה רף חדש בתחום ה-BI: הכלי שפיתחה החברה הוא אחד מ-5 כלי ה-BI המובילים בעולם. הרעיון לפיתוח מערכת שמאפשרת למשתמשים עסקיים לנהל ולנתח מידע (Data) נולד עוד בשנת 2004 תחת קורות המרכז הבינתחומי בהרצליה. מאז עברו הרבה מים בנהר והחברה משתייכת כיום למועדון הנחשק של חדי - הקרן: חברות ששוויין גבוה ממיליארד דולר.

account_balanceעוד על Sisense