Product Security Engineer

Summary

Join Axonius, a rapidly growing cybersecurity company, as a Product Security Engineer in Tel Aviv. This role focuses on enhancing the security of Axonius' products by implementing and maintaining security tools, processes, and practices throughout the software development lifecycle. You will conduct vulnerability management, stay updated on application security threats, develop security automation, and collaborate with R&D teams. The ideal candidate possesses 2-3 years of application security experience, software engineering proficiency, and strong knowledge of application security principles. Axonius offers a flexible work culture, professional development opportunities, and various employee benefits, including long weekends, parental leave, and psychological support services.

Requirements

• 2-3 years of experience in application security, with a strong focus on securing web applications and APIs
• Hands-on experience as a software engineer, with proficiency in modern programming languages such as Python, JavaScript, or similar
• Strong knowledge of application security principles, including the OWASP Top Ten, secure coding practices, and vulnerability assessment techniques
• Familiarity with security tools such as SAST, DAST, and SCA, and experience integrating them into CI/CD pipelines
• Experience with vulnerability management practices, including triage and remediation workflows
• Experience with cloud environments (AWS, GCP) and modern DevOps tools (e.g., Terraform, Docker, Kubernetes)
• Excellent English and Hebrew communication skills, both written and verbal
• Strong sense of ownership and ability to work independently or collaboratively in a team

Responsibilities

• Implement and maintain security tools (e.g., SAST, DAST, SCA) as part of the SDLC and to provide developers with actionable insights
• Conduct vulnerability management activities, including monitoring, triaging, and coordinating remediation efforts with development teams
• Stay up-to-date with the latest application security threats, tools, and techniques to continuously improve Axonius' security practices
• Develop and maintain security automation scripts and integrations to streamline processes and enhance security coverage
• Assist in the coordination of external penetration testing engagements and manage findings
• Collaborate with R&D teams and external partners to strengthen product security practices
• Support the development and implementation of initiatives, including bug bounty programs, internal penetration testing, and related efforts

Preferred Qualifications

• Hands-on experience with penetration testing tools and techniques, such as Burp Suite, Metasploit, or similar
• Familiarity with offensive security concepts and methodologies (e.g. MITRE ATT&CK, PTES)
• Contributions to the security community, such as participating in bug bounties or reporting CVEs
• Demonstrated thought leadership, such as writing blog posts, presenting at conferences, or conducting research
• Experience with containerized and microservice architectures, including securing them
• Experience with designing or managing bug bounty programs

Benefits

• Yearly budget to every employee, enabling them to invest in their own growth and learning according to their specific needs and aspirations
• Three long weekends throughout the year
• Special parental leave policy which allows both primary caregiver and secondary caregiver to spend substantial time with their newborn
• Extra vacation days for the following important life events: marriage, birth of a grandchild, special milestones related to your children, loss of pregnancy and bereavement
• Psychological support services and support services
• Flexible working culture
• Majority of our employees work remotely
• English lessons