TL;DR

DevSecOps Engineer (Cloud Security): Securing massively scalable, global production systems and organizational security across identity, endpoints, SaaS, and risk with an accent on cloud and Kubernetes security operations, incident response, and delivery pipeline hardening. Focus on building and tuning security automations, leading cloud/K8s/serverless hardening, and evolving organizational security posture.

Location: Onsite in Israel

Company

%hirify_global% is a company specializing in end-to-end media management solutions that power tens of thousands of websites and apps.

What you will do

Own day-to-day security operations for cloud and Kubernetes workloads, including threat detection, alert triage, incident response, and forensics.
Build and tune security detections and automations (SOAR/runbooks, detection-as-code) to reduce response times and eliminate noisy alerts.
Harden CI/CD and software supply chain (secrets, SBOMs, artifact signing), driving "secure by default" patterns in build/deploy.
Lead cloud, Kubernetes, and serverless hardening through IaC reviews, policy-as-code, and admission controls.
Partner with IT/SRE to evolve identity & access, endpoint/EDR posture, and email & SaaS security, as well as third-party/vendor risk.
Run vulnerability management end-to-end, including scanning, prioritization, remediation SLAs, and executive reporting.

Requirements

5+ years in Security Operations, Cloud Security, or Blue Team roles, with deep, hands-on experience in AWS (IAM/GuardDuty/CloudTrail/CloudWatch) and Kubernetes/containers.
Strong incident response skills across detection, investigation, containment, and recovery in complex cloud-native environments.
Proficiency building security automations and tools in Python or Go; experience with SOAR and API-driven workflows.
Practical expertise with SIEM/log analytics (e.g., ELK/OpenSearch, Splunk), EDR, CSPM/CNAPP, and secrets management (e.g., Vault).
Solid grasp of CI/CD security, supply-chain risks (SAST/DAST/IAST, dependency scanning, artifact signing), and IaC (Terraform) security reviews.
Networking & Linux fundamentals; proven ability to partner with DevOps/SRE/R&D and communicate risk clearly to non-security stakeholders.
Willingness to participate in a shared on-call rotation for security incidents.