Share this Job

Manager, Software Cyber Security

Location: 

Rehovot, IL, IL

Job ID:  43064
Category:  Information Technology

 

The Application Security Manager, Works as a part of our security team and will collaborates with, Software Engineers, R&D Teams, Product Managers and  othe IT professionals to ensure that our applications, Products & Software Solutions are protected and secure. contributing to our Cloud/On-prem strategic security program, Start by defining the need, map the gaps and implement Secure Development into the SDLC process according the Security Standards, regulations & Compliance and industry best practices.

 

Responsibilities

  • Developing and maintaining software application security Standards, policies and procedures
  • Providing security technical leadership, guidance, and direction to various teams across the Product & Software Development process
  • Work with the R&D and SW Engineering teams to identify, capture, escalate, and close security vulnerabilities found in Stratasys products. Analyzing system services, spotting security issues in code, networks and applications
  • Developing and maintaining documentation of security controls in application, software and solution
  • Be part and contribute in designing technical solutions to address security weaknesses
  • Participate in and support application security reviews and threat modelling, including code review and dynamic testing.
  • Own and perform application security vulnerability management.
  • Facilitate and support the preparation of Software releases from security POV and be part of the PLCM processes.
  • Be a focal point and Subject Expert Metter, Guide, advise and Support development and Software engineer teams in the area of application security and in address security weaknesses
  • Create a Continues Improvement atmosphere and building and managing security training program.
  • Assist in development of automated security testing, DAST to validate that secure coding best practices are being used.
  • Support the bug bounty program.

 

Requirements

  • At least 6 years Technical experience with any combination of the following: threat modelling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
  • Demonstrate experience integrating security into product development, CI/CD pipelines and Infrastructure-as-code
  • At least 2 years’ experience with a strong understanding of common attack vectors, vulnerabilities, and mitigations
  • Set security controls and design requirements during the software creation and development stage of the software lifecycle
  • Knowledge & Experience in identifying security issues through code review, automated test tools / DAST.
  • A thorough understanding of the NIST, OWASP and SANS frameworks
  • At least 2 years Experience working with developers and Software Engineering Teams
  • Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
  • Ability to learn on the job