Share this Job
Manager, Software Cyber Security
Location:
Rehovot, IL, IL
Job ID:
43064
Category:
Information Technology
The Application Security Manager, Works as a part of our security team and will collaborates with, Software Engineers, R&D Teams, Product Managers and othe IT professionals to ensure that our applications, Products & Software Solutions are protected and secure. contributing to our Cloud/On-prem strategic security program, Start by defining the need, map the gaps and implement Secure Development into the SDLC process according the Security Standards, regulations & Compliance and industry best practices.
Responsibilities
- Developing and maintaining software application security Standards, policies and procedures
- Providing security technical leadership, guidance, and direction to various teams across the Product & Software Development process
- Work with the R&D and SW Engineering teams to identify, capture, escalate, and close security vulnerabilities found in Stratasys products. Analyzing system services, spotting security issues in code, networks and applications
- Developing and maintaining documentation of security controls in application, software and solution
- Be part and contribute in designing technical solutions to address security weaknesses
- Participate in and support application security reviews and threat modelling, including code review and dynamic testing.
- Own and perform application security vulnerability management.
- Facilitate and support the preparation of Software releases from security POV and be part of the PLCM processes.
- Be a focal point and Subject Expert Metter, Guide, advise and Support development and Software engineer teams in the area of application security and in address security weaknesses
- Create a Continues Improvement atmosphere and building and managing security training program.
- Assist in development of automated security testing, DAST to validate that secure coding best practices are being used.
- Support the bug bounty program.
Requirements
- At least 6 years Technical experience with any combination of the following: threat modelling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
- Demonstrate experience integrating security into product development, CI/CD pipelines and Infrastructure-as-code
- At least 2 years’ experience with a strong understanding of common attack vectors, vulnerabilities, and mitigations
- Set security controls and design requirements during the software creation and development stage of the software lifecycle
- Knowledge & Experience in identifying security issues through code review, automated test tools / DAST.
- A thorough understanding of the NIST, OWASP and SANS frameworks
- At least 2 years Experience working with developers and Software Engineering Teams
- Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
- Ability to learn on the job