SecOps Engineer (Cybersecurity)

TL;DR

SecOps Engineer (Cybersecurity): Securing hirify.global's cloud-native platform and protecting customer data with an accent on embedding security across the engineering lifecycle from design to runtime, continuous security improvements across cloud environments, and integrating security practices into CI/CD pipelines. Focus on proactive security measures, vulnerability management, incident response, and leveraging AI-assisted threat detection.

Location: Hybrid work in Israel

Company

hirify.global is on a mission to help deliver the world's most effective behavioral care through data, measurement, and personalization, supporting clinicians in their vital work.

What you will do

• Drive continuous security improvements across cloud environments, spanning CSPM, SIEM, software supply chain, edge, DDoS protection, and runtime application security.
• Integrate security practices into CI/CD pipelines using a shift-left approach.
• Conduct regular vulnerability scans across networks, containers, and cloud infrastructure, collaborating with R&D for effective remediation.
• Respond to security events and incidents, including post-incident reviews for lasting improvements.
• Monitor networks, systems, and pipelines for anomalous behavior and proactively investigate irregularities.
• Contribute to threat modeling and security design reviews for new and existing systems.
• Support the evaluation, onboarding, and operationalization of new security tools and procedures, including AI-assisted threat detection platforms.
• Review and harden infrastructure-as-code, container configurations, and Kubernetes environments to reduce attack surface.

Requirements

• At least 5 years of hands-on experience as a SecOps or DevSecOps engineer in a cloud-native environment.
• Strong depth in AWS with multi-cloud experience; well-versed in cloud security best practices including IAM, network segmentation, and data protection.
• Proven experience managing and monitoring security platforms including CSPM, SIEM, and vulnerability management tooling.
• Familiarity with container and Kubernetes security, infrastructure-as-code review and hardening, and CI/CD pipeline security integration.
• Experience with security automation and scripting (Python, Bash, or similar).
• Strong communication skills, able to present risk in business terms to leadership and work collaboratively with developers.
• Hybrid work in Israel required.

Nice to have

• Hands-on experience with AI/ML security considerations, including securing LLM-based applications and managing AI supply chain risks.
• Prior experience in a healthtech, medtech, or other regulated SaaS company.
• Familiarity with zero-trust network architecture principles and experience driving their implementation.

Culture & Benefits

• A product that positively impacts people's mental health every single day.
• A team of amazing people with a shared vision and drive.
• Significant equity offering.
• Opportunity to build, grow and shape how technology can increase therapy effectiveness.
• Hybrid work opportunities.
• Mental health days off you can take any given moment.