Plus
Включить Plus
Назад
Company hidden
1 день назад

SRE Security (Cybersecurity)

Формат работы
hybrid
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
Israel
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

SRE Security (DevSecOps): Developing and executing a comprehensive DevSecOps strategy to automate security across the SDLC with an accent on vulnerability management and supply chain security. Focus on embedding automated security controls into CI/CD pipelines and operationalizing CVE tracking and remediation.

Location: Hybrid in Tel Aviv, Israel (3 days in-office)

Company

hirify.global is a leading performance-driven advertising company that empowers businesses to grow through ad technology delivering measurable outcomes at scale.

What you will do

  • Develop, own, and execute the company's comprehensive DevSecOps and Secure SDLC (SSDLC) strategy.
  • Embed automated security controls such as SAST, DAST, SCA, and IAST into CI/CD pipelines to shift security left.
  • Manage open-source software dependencies and maintain an accurate Software Bill of Materials (SBOM).
  • Design and implement a scalable system for discovering, tracking, and prioritizing CVEs in third-party and custom code.
  • Automate evidence collection for security audits and certification programs including SOC 2 and ISO 27001.
  • Enhance the Identity and Access Management (IAM) framework using Zero Trust and Just-In-Time (JIT) principles.

Requirements

  • 5+ years of experience in a senior DevSecOps or Application/Product Security role.
  • Deep working knowledge of DevSecOps principles and the modern application threat landscape (e.g., OWASP Top 10).
  • Hands-on expertise with Software Composition Analysis (SCA) tools like Snyk, Black Duck, or Dependency-Check.
  • Proven ability to drive engineering teams toward security risk remediation using automation and SLOs.
  • Experience managing security audits and compliance through "security as code" principles.
  • Strong leadership skills to build consensus and partner with R&D, Platform Engineering, and IT teams.

Culture & Benefits

  • Hybrid work schedule with 3 days in-office.
  • Opportunity to work with major global publishers and advertisers like Yahoo, NBCU, and ESPN.
  • Culture of empowerment, continuous learning, and growth.
  • Inclusive and diverse work environment.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →