Data has never been more valuable and vulnerable. As cybercriminals become more sophisticated and regulations become stricter, organizations struggle to answer one key question: Is my data safe?
we see the world of cybersecurity differently. Instead of chasing threats, we believe that the most practical approach is to protect data from the inside out. Weve building the industrys first fully autonomous data security platform to help our customers dramatically reduce risk with minimal human effort.
we move fast. Were an ultra-collaborative company with brilliant people who care deeply about the details. Together, were solving interesting and complex puzzles to keep the worlds data safe.
We work in a flexible, hybrid model, so you can choose the home-office balance that works best for you.
We are looking for an Application Security Architect to join the Product Security team and be responsible for the overall security of products and services. The successful candidate will be responsible for contributing to our Cloud/On-prem strategic security program.
The candidate will be reporting to the Director of Product Security.
Responsibilities
Work to obtain the right mandate to ensure new products or services are launched with the appropriate security controls
Provide security standards, requirements, and guidelines for securing the products.
Take a part in the development lifecycle and integration of security features into all phases of software design and development
Assist with reviewing architecture and design for new products, features, and services.
Identify and facilitate remediation of application and cloud security exposures and vulnerabilities, including code reviews.
Conduct cloud security strategy, readiness, and discovery assessments; be familiar with cloud security frameworks, compliance requirements, and security operations
Research new application security tools and technologies and evaluate options that enhance security capabilities
Work closely with different interfaces in the company, mainly R&D and Product, to enhance application security on all layers
we see the world of cybersecurity differently. Instead of chasing threats, we believe that the most practical approach is to protect data from the inside out. Weve building the industrys first fully autonomous data security platform to help our customers dramatically reduce risk with minimal human effort.
we move fast. Were an ultra-collaborative company with brilliant people who care deeply about the details. Together, were solving interesting and complex puzzles to keep the worlds data safe.
We work in a flexible, hybrid model, so you can choose the home-office balance that works best for you.
We are looking for an Application Security Architect to join the Product Security team and be responsible for the overall security of products and services. The successful candidate will be responsible for contributing to our Cloud/On-prem strategic security program.
The candidate will be reporting to the Director of Product Security.
Responsibilities
Work to obtain the right mandate to ensure new products or services are launched with the appropriate security controls
Provide security standards, requirements, and guidelines for securing the products.
Take a part in the development lifecycle and integration of security features into all phases of software design and development
Assist with reviewing architecture and design for new products, features, and services.
Identify and facilitate remediation of application and cloud security exposures and vulnerabilities, including code reviews.
Conduct cloud security strategy, readiness, and discovery assessments; be familiar with cloud security frameworks, compliance requirements, and security operations
Research new application security tools and technologies and evaluate options that enhance security capabilities
Work closely with different interfaces in the company, mainly R&D and Product, to enhance application security on all layers
Requirements:
5+ years of experience in Application Security / Cloud Security within R&D
Experience in Cloud technologies and SaaS environments
Thorough understanding of cyber security frameworks, such as NIST CSF, CIS CSC
Deep knowledge in web & application security, familiar with OWASP frameworks, solutions, and initiatives
knowledge And experience in Cloud Native Application (K8s, AWS , Azure)
Great verbal and written communication skills
Coordinate, participate, and deliver risk assessments and threat modeling for given\new designs and architectures
Technical experience in network security technologies or security operations with a proven ability to engage and drive product and engineering priorities
Work with the business to identify, capture, escalate, and close security vulnerabilities found in Varonis products
Advantages
CISSP, CISM, CCSP, OSCP is an advantage
knowledge in security solutions such as Web application firewalls, DB Firewalls, Vulnerability scanners, and RASP/DAST/SAST solutions
knowledge of CI tools/methodologies
Technical background as a SW developer, malware reverser, or penetration testing
5+ years of experience in Application Security / Cloud Security within R&D
Experience in Cloud technologies and SaaS environments
Thorough understanding of cyber security frameworks, such as NIST CSF, CIS CSC
Deep knowledge in web & application security, familiar with OWASP frameworks, solutions, and initiatives
knowledge And experience in Cloud Native Application (K8s, AWS , Azure)
Great verbal and written communication skills
Coordinate, participate, and deliver risk assessments and threat modeling for given\new designs and architectures
Technical experience in network security technologies or security operations with a proven ability to engage and drive product and engineering priorities
Work with the business to identify, capture, escalate, and close security vulnerabilities found in Varonis products
Advantages
CISSP, CISM, CCSP, OSCP is an advantage
knowledge in security solutions such as Web application firewalls, DB Firewalls, Vulnerability scanners, and RASP/DAST/SAST solutions
knowledge of CI tools/methodologies
Technical background as a SW developer, malware reverser, or penetration testing
This position is open to all candidates.
