Senior Application Security Engineer
657115
We are building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely.
The Role
We’re seeking a Senior Application Security Engineer who is first and foremost a teacher, advisor, and enabler for our development teams.
Rather than owning security alone, you’ll embed secure-by-design thinking across engineering by mentoring developers, guiding architecture decisions, and making secure development intuitive and frictionless.
You’ll serve as the go-to partner for developers and engineering leaders, offering clear direction, practical solutions, and hands-on mentorship that strengthens our secure SDLC.
Who You Are
- A proactive self-starter with deep expertise in application and cloud security
- Passionate about secure development and enabling engineers through thoughtful guardrails
- Clear and confident communicator who can influence across technical and non-technical teams
- Curious about emerging threats and excited by the challenges of blockchain security
- Committed to excellence, with a strong sense of ownership and a drive to build secure systems that scale
What You’ll Actually Be Doing
- Mentor, coach, and educate developers on secure coding through workshops, training sessions, pair reviews, and ongoing guidance
- Lead and scale a Security Champions program embedded within engineering teams
- Facilitate threat modeling sessions and design reviews, partnering with teams early in the process to improve security outcomes
- Collaborate with engineering leadership to ensure secure architecture patterns, API security practices, and design principles are built in from day one
- Integrate and tune developer-friendly AppSec guardrails into CI/CD pipelines (SAST, SCA, IaC, secret scanning) while minimizing noise for developers
- Translate vulnerabilities into clear, actionable remediation guidance that developers can easily implement
- Support security awareness across engineering by building engaging internal content, best-practice playbooks, and reusable patterns
- Partner with compliance teams to produce documentation and SDLC evidence supporting FFIEC, PCI DSS, and SOC 2 requirements
- Stay current on emerging threats, developer tooling, and secure engineering patterns — sharing insights regularly with the team
Requirements
- Native level fluency in English and Hebrew (written and verbal) - Must
- 7+ years in software security engineering, including 4-5 years in AppSec of secure development enablement roles
- Strong coding ability in one or more modern languages (JavaScript/TypeScript, Python, Go, Java, C#)
- Proven experience teaching, mentoring, or enabling developers through training, code reviews, threat modeling, internal talks, or champion programs
- Deep understanding of secure coding principles, common vulnerability classes, API security, and secure design techniques
- Hands-on Experience with AppSec tooling (SAST, SCA, IaC scanners, secret scanning) and integrating them into the developer workflows
- Experience with cloud native architectures and security in AWS or Azure
- Familiarity with compliance and security frameworks (PCI DSS, SOC 2, FEIEC, NIST, OWASP, ASVS)
- Excellent communication and storytelling skills - able to break down complex issues into simple, practical guidance
- A collaborative mindset and passion for building a positive, empowering security culture
Flexible hybrid model: 3 days a week in the Jerusalem office
Please send CV to [email protected]
