A leading video streaming company located in Tel Aviv is looking for a Director of Security to join their growing team!
What you’ll do:
- Reporting directly to the' CTO, this is a rare opportunity to build from the ground up and drive the technical direction, roadmap, and architectural blueprints of the organization's security programs. You will drive initiatives which scale application security and holistically address threats and vulnerabilities.
- Have significant ownership over security training with multiple development teams that serve millions of content creators worldwide.
- Define the secure software development life-cycle processes and lead the bug bounty program.
- Join a team of R&D individuals who understand the importance of IT security.
- Act as the champion for user data and privacy GDPR/CCPA rights
- Lead design security reviews and mentor team members with your expertise and knowledge
- Review, analyze, and evaluate internally-developed services and products to address security recommendations and requirements
- Answer clients and partners questions regarding data privacy and security measures
- Develop company-wide security initiatives to discover security defects in source code, dependencies, and other artifacts
- Work alongside engineering, providing expert leadership and advice on secure architecture, design, and implementation
- Provide software engineering guardrails to mitigate application security vulnerabilities
- 5+ years of experience as a security engineer, analyst, researcher, consultant or software engineer
- Experience with GDPR/CCPA regulations
- Solid understanding of application security, especially web applications and services
- Hands-on knowledge of information security technologies such as security design review, threat modeling, and software testing techniques
- Deep understanding of authentication protocols and frameworks to include OAuth, SSO/SAML
- Experience in web application design, penetration testing, and application risk assessment
- Experience with SAST, DAST, IAST, SCA and fuzz testing tools
- Excellent engineering-level understanding of web applications, layer 7 application technologies, encryption standards, frameworks, and protocols.
- Great communication skills, with the ability to influence at all levels of the organization
- Ability to own and oversee numerous initiatives, while working collaboratively with a variety of stakeholders, and adjust priorities upon evolving business needs
- A data-driven, decision-making mindset
- Experience working with distributed teams and other cross-functional stakeholders