Security Manager
Tel Aviv-Yafo, IL
Description
What do we do at Cyera ?
Cyera is reshaping the reality of cloud data security. Backed by the world’s leading cyber investors and led by a solid and dynamic team of technical and industry experts, Cyera is scaling fast and gaining incredible market traction.
Our customers trust us to keep their transactions and private information secure due to the high standards of security embedded in Cyera's technology. As we continue to innovate rapidly to meet the evolving needs of our customers, our application security program ensures that any software developed or acquired meets stringent security standards.
As a Security Manager, you will:
Integrate Security Across the Product Lifecycle:
- Embed security tools, standards, and processes into the product lifecycle (PLC).
- Ensure developers and QA personnel have the security knowledge needed for daily activities.
Maintain and Enhance Security Posture:
- Configure, troubleshoot and collaborate with teams to maintain the security of our infrastructure, software, and hardware.
- Installed and managed software to monitor systems and networks for security breaches and intrusions.
- Monitor systems for irregular behavior and implement preventive measures.
Drive and Support Security Initiatives:
- Assist in planning, developing, implementing, and updating the company's information security strategy.
- Improve and support application security tool deployments, including static analysis and runtime testing tools.
- Enhance and maintain secure development standards.
- Support incident response and architecture review processes where application security expertise is needed.
Lead Penetration Testing and Vendor Security Activities:
- Manage annual penetration testing services, including expert consulting and managed services.
- Provide internal business and technology partners manual penetration testing and standards gap analysis.
- Oversee application framework and perimeter security improvement projects.
- Support Vendor Security activities to ensure third-party software and development meet Cyera's security standards.
Integrate Threat Modeling and Security Metrics:
- Incorporate threat modeling practices into the product lifecycle.
- Define security requirements for test-driven design.
- Produce metrics reporting the state of application security programs and the performance of development teams against requirements.
Requirements
What you bring:
Security Expertise & Evangelism:
- A deep understanding of security concepts and the ability to communicate them effectively to diverse audiences, including business and technical leaders and individual contributors.
- A risk management approach to application security, avoiding purely academic thinking.
Leadership & Communication:
- Strong leadership skills with the ability to manage highly technical individuals.
- Excellent verbal and written communication skills, including experience speaking in public forums and contributing to technical publications.
Development Process Familiarity:
- Experience with waterfall and agile development processes and integrating secure development practices into both.
Technical Proficiency:
- Hands-on experience writing and testing web applications and services in programming languages such as C/C++, Java, and JavaScript.
- Familiarity with a variety of development and testing tools, including Eclipse, GIT, GCC, JIRA, Subversion, Maven, ClearQuest/Case, Silk, FindBugs, HP/Fortify SCA, IBM AppScan, and HP WebInspect.
Education & Industry Knowledge:
- A bachelor's degree or higher in computer science or equivalent in the industry is required.
- Ability to explain vulnerabilities and weaknesses in OWASP Top 10, WASC TCv2, and CWE 25 and discuss effective defensive techniques.
- Familiarity with industry standards and regulations, including PCI, FFIEC, SOX, and ISO27001, is desired.
Join Us at Cyera:
If you’re passionate about security and want to make a significant impact in the world of cloud data security, come join our fast-growing team at Cyera.
Please apply if your experience is close but doesn’t fulfill all requirements. Cyera is building a diverse and inclusive company, and we’re hiring Cyerans with different backgrounds, perspectives, and experiences.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security C Cloud Computer Science FFIEC Incident response ISO 27001 Java JavaScript Jira Maven OWASP Pentesting Risk management Security strategy SOX Strategy Vulnerabilities
Perks/benefits: Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.