Application Security Team Lead (SaaS)

TL;DR

Application Security Team Lead (SaaS): Leading a team of security engineers to embed security into every phase of the SDLC for an AI Work Platform with an accent on a secure-by-design culture and global AppSec program execution. Focus on integrating automated security testing into CI/CD pipelines, conducting architectural threat modeling, and managing vulnerability remediation.

Location: Tel-Aviv, Israel

Company

A fast-growing global SaaS company providing an AI Work Platform that democratizes software building for organizations.

What you will do

• Define and execute a scalable application security roadmap aligned with multi-product growth.
• Mentor, scale, and lead a high-performing team of AppSec engineers.
• Integrate automated security testing (SAST, SCA, Secrets) seamlessly into CI/CD pipelines.
• Lead threat modeling sessions and architectural reviews for major platform shifts and new features.
• Oversee the bug bounty program, penetration testing, and risk-based vulnerability remediation.
• Partner with GRC teams to ensure compliance with SOC 2, ISO 27001, GDPR, and HIPAA.

Requirements

• 8+ years of experience in dedicated application security roles.
• 3+ years of experience managing and scaling AppSec teams in a modern cloud/SaaS environment.
• Deep expertise in securing cloud-native applications (AWS preferred) and knowledge of OWASP Top 10.
• Proficiency in Node.js, Ruby on Rails, React, Kubernetes, and Docker.
• Proven track record of implementing AppSec tooling directly into DevOps pipelines (GitHub, CI/CD).
• Ability to translate complex security concepts into actionable business context for developers and executives.