Location: Petach Tikva (Work in Client's site. Hybrid, one day work from home)

Job Description:

• Provide end-to-end guidance for technology projects on application security aspects, from initiation to production, while defining security policies.
• Draft security guidelines for development teams to ensure secure coding practices, address vulnerabilities and security gaps in development and production environments and implement technological security solutions in application domains.
• Collaborate in designing secure architectures aligned with company policies.
• Identify application-level security gaps and define required controls.
• Monitor and ensure compliance with cybersecurity risk management directives issued by the regulatory authority, organizational procedures, and security guidelines for various business and technology units.
• Support application security assessments, including scope definition, validation of findings, and oversight of remediation efforts to close exposures.
• Draft requirement documents for security products and innovative technologies.

Requirements:

• Proven experience in managing information security projects.
• Employment history in large organizations.
• Experience in risk management and security controls.
• Solid understanding of information systems and security standards, regulations, and procedures.
• Full proficiency in Application Security domains and secure development methodologies.
• Experience working with development and infrastructure teams.
• Hands-on experience in API Management and API Security (e.g., APIGEE, DataPower, etc.).
• In-depth knowledge of cloud technologies and cloud-native applications, with emphasis on Containers, Kubernetes (K8s), Serverless, etc.
• Practical experience with CI/CD systems, GIT tools, code and version management repositories, and Infrastructure as Code (IaC) implementation.
• Hands-on experience implementing security tools such as CWPP, SAST, DAST, OSS, etc.
• Strong familiarity with OWASP Top 10.
• Proven knowledge in Mobile Security.
• Experience with Threat Modeling.

Advantages:

• Security-related courses and certifications such as CISSP, CISM, CISA.
• Practical background in software development and coding.
• Experience working in institutional organizations.
• Strong familiarity with technological regulations for institutional entities.

Sapiens is an E-Verified & Equal Opportunity / Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.