Join the Application Security (AppSec) team to ensure the security of Allot’s products. Collaborate closely with Development and DevOps teams to integrate security into applications, infrastructure, and workflows, while proactively addressing vulnerabilities and strengthening our systems.
Key Responsibilities
- Analyze CIS benchmarks; prioritize critical security controls.
- Execute Security scans per release. Proactively address security vulnerabilities by developing countermeasures and implementing industry-leading solutions. Assess third-party image vulnerabilities and recommend secure alternatives
- Contribute to product architecture and infrastructure design, with focus on backend and security aspects.
- Collaborate with development engineers and provide mitigation recommendations.
- Solve security-related challenges in OS hardening, network segmentation, and protocols. Evaluate regulatory compliance requirements and define security controls.
- Research, review, and integrate new security controls for operating systems and applications.
- Explore and implement new security automation tools.
Requirements :
Requirements
- 3+ years of relevant experience as a Cybersecurity engineer and knowledge of Linux systems administration.
- Experience using SAST, DAST & other Security tools for application security testing.
- Ability to support application security reviews: threat modeling, code review, dependencies, authentication/authorization flows, data privacy (encryption, anonymization).
- Experience building and maintaining infrastructure, tools, and services to enhance delivery and availability.
- Strong background with containerized and microservices environments (Docker, Kubernetes).
- Experience with cloud architecture (AWS preferred).
- Strong programming and scripting skills (Python, Bash, etc.).
- Excellent problem-solving skills and ability to work independently.
- Experience in domains such as secure execution, container security, penetration testing, or security audits.
- Familiarity with cryptographic algorithms, authentication protocols, transport layer security, Linux OS hardening (e.g., SELinux), and secure coding practices (SSDLC).
