Product Security Architect

Summary

Join Axonius, a rapidly growing cybersecurity company, as a Product Security Architect (Application Security) in Tel Aviv, Israel. This role focuses on strengthening Axonius' Application Security practice by working closely with the R&D team to integrate security into the SDLC. You will establish security requirements, conduct threat modeling, review deployments, ensure CI/CD security, design security features, perform code reviews, and align products with industry standards. The ideal candidate possesses at least 3 years of software engineering experience with a focus on application security, strong understanding of modern application security principles, and excellent communication skills. Axonius offers a flexible work culture, remote work options, and various employee benefits.

Requirements

• At least 3 years of hands-on experience in software engineering, with a subsequent focus on application security
• Familiarity with Threat modeling models like STRIDE
• Proficient in software engineering, with a preference for experience in Python, JavaScript, and Bash scripting
• Familiarity with Cloud architecture like AWS, Azure, GCP
• Strong understanding of Networking, Operation systems, containerization (Docker and Kubernetes)
• Background in modern application security principles, especially for web applications (the OWASP Top Ten Risks and beyond)
• Excellent English written and verbal communication
• A proactive learner with a strong interest in adopting new technologies and methodologies in application security
• Ability to work independently with a strong sense of ownership

Responsibilities

• Establish and maintain a set of security requirements and best practices in SDLC
• Work closely with engineering teams to provide relevant security requirements and ensure that security considerations are integrated into software development projects
• Threat modeling of new and existing features and products
• Review the deployment of Axonius products
• Ensure the security of CI/CD
• Design and architect new security features for the Axonius Platform
• Conduct security code reviews
• Align Axonius products with recognized security benchmarks and standards within the industry
• Develop supporting security tools

Preferred Qualifications

• Prior experience working as Security Architect, Security Engineer or Software Architect
• Experience with the following technologies: OIDC, OAuth, SAML, PKI, TLS, DNS
• Professional certifications like Certified Information Systems Security Professional (CISSP) or Offensive Security Certified Professional (OSCP) are a plus
• Experience with containerized and microservice application architectures
• Demonstrated security research activities (e.g. participation in bug bounties or credit for reporting CVEs)
• Examples of thought leadership activities in the security space (e.g. blog posts or conference talks)

Benefits

• Yearly budget to every employee, enabling them to invest in their own growth and learning according to their specific needs and aspirations
• Three long weekends throughout the year
• Special parental leave policy which allows both primary caregiver and secondary caregiver to spend substantial time with their newborn
• Extra vacation days for the following important life events: marriage, birth of a grandchild, special milestones related to your children, loss of pregnancy and bereavement
• Psychological support services and support services
• Flexible working culture
• Majority of our employees work remotely, regardless of their location around the globe
• English lessons