We are looking for a highly skilled Product Security Architect to join our team. This role is pivotal in ensuring the security of our applications from inception to production and beyond. The ideal candidate will have a solid development background that has evolved into security expertise, enabling them to work closely with development teams to implement security best practices and develop protection mechanisms.
Why join us?
We are one of the worlds fastest-growing fintech companies. We free finance professionals to lead by modernizing the entire payables operation. We are a well-funded, late-stage start-up backed by high-profile investors. Our 2021 Series F funding round raised $270 million, valuing us at over $8.3 billion. With total funding of just over $550 million, and with more than 3000 global customers, We are one of the most valuable private fintech companies in the world.
We pride ourselves on our collaborative culture, the quality of our product and the capabilities of our people. employyes are passionate about the work they do, and keen to get the job done. We offer competitive benefits, a flexible workplace, career coaching, and an environment where diverse individuals can thrive and make an impact. Our culture ensures everyone checks their egos at the door and stands ready to reach for success together.
Founded in Israel in 2010, we are a global business headquartered in the San Francisco Bay Area (Foster City) with offices in Tel Aviv, Plano, Toronto, Vancouver, London, Amsterdam and Tbilisi.
In this role, you will be responsible for:
Partner with all development teams to establish and govern security practices from the outset of development to production.
Conduct application security assessments, including architecture design reviews and threat modeling.
Act as a security advisor to cross-functional teams, including product, engineering, and others, to support secure software development.
Design, build, and implement advanced application security solutions.
Lead security audits, vulnerability assessments, and code reviews.
Develop and share software security guidelines, including training materials, secure coding checklists, best practices, and reusable code.
Ensure ongoing compliance with security policies and procedures in support of regulatory requirements.
Elevate security awareness across the SSDLC, defining tailored training roadmaps as needed.
Manage and review security issues in products, analyzing severity and risk, and recommending remediation steps.
Establish, manage, and lead a VDP/Bug Bounty program.
Requirements: Minimum of 3 years of security architectural experience, including threat modeling and design reviews of complex products Must
Experience in SaaS application development (2+ years) Optional
Development expertise in one of the following: .NET or JavaScript one of them is a Must
In-depth knowledge of end-to-end security architectural considerations.
Proven ability to establish and manage security policies, acting as the central security contact for all S-SDLC tasks, challenges, and requirements.
Strong understanding of the OWASP Top 10 application security risks and the ability to address them.
Experience with cloud-native infrastructure architecture (e.g., containers, Kubernetes).
Solid knowledge of Cloud Security Architecture, particularly with AWS and Azure.
Proficient in microservice architecture, web technologies, and APIs.
Excellent communication skills, with the ability to effectively convey information to both technical and non-technical stakeholders, from developers to senior management.
Hands-on experience with at least two application security tools, such as SAST, API Security, DAST, WAF. - Must.
This position is open to all candidates.
