Product Cyber Team

Cyber Security Architect

Tel Aviv-Yafo, Israel

Create a gold standard for Secure Software Development Lifecycle in SOMPO HD. Engage with developers and relevant stakeholders to provide services such as architecture review, threat modeling, secure code review and others.  

What Will You Do?

  • Perform Security Architecture reviews and Threat Modeling to existing and new software products and features developed internally.

  • Provide vulnerability remediation guidance, vulnerability escalation handling and mentoring to multiple development software teams.

  • Drive security solution design for the security architecture framework (e.g., credential management, access provisioning, authentication and authorization, data security, network security, application security, infrastructure security, security monitoring, and operations security).

  • Define and educate application security best practices.

  • Deliver system security architecture diagrams and security architecture specification per security architecture standards.

  • Design applications, integrations, and automation to improve security operations and governance.

  • Support deployment of automated security tools throughout the development lifecycle.

  • Research of new technologies, architectural trends and security practices.

  • Training and mentoring peers, Dev and DevOps engineers.

Requirements

 

  • 5+ years of experience in the Application Security domain.

  • B.Sc. Computer Science/Engineering or equivalent knowledge.

  • Understanding of Software Security Architecture and Design, SSDLC and the ability to clearly Architectural best practices for Application Security.

  • Vast experience in running threat modeling.

  • Deep knowledge about the OWASP Top 10 and how to identify and remediate them.

  • Ability to define problems, collect data, establish facts and draw valid conclusions and solutions.

  • Technical knowledge of access control mechanisms, intrusion detection and prevention, encryption, digital certificates and trust-based authentication.

  • Experience in working with software development groups and development executives.

  • Advanced interpersonal skills, including conflict resolution and virtual team management.

  • Advanced communication skills to a wide variety of audiences. (e.g. written, verbal, presentation).