Application Security Engineer

About Atera

Atera is inventing a new way of managing IT end-to-end for IT professionals and teams worldwide.

By creating an AI-powered IT platform, Atera's all-in-one Remote Monitoring and Management (RMM) Helpdesk, Ticketing, and Reporting solution helps more than 23,000 IT pros achieve 10X operational efficiency, cut down time-to-resolution, and deliver better outcomes faster. Located in the heart of Tel Aviv, our team of passionate, like-minded individuals is driven by a shared mission to unleash everyone's potential and constantly innovate. We create an open, transparent, and supportive environment that gives our teams the autonomy, resources, and freedom to thrive.

We are looking for an experienced Application Security Engineer to join our team! As an Application Security Engineer, you will work with our security and R&D teams and collaborate with other IT professionals to ensure that our application, the product, the services, and the data are protected.

This is a full-time and onsite (hybrid-remote) role at our Tel Aviv office.

Responsibilities

- Providing technical leadership, guidance, and direction to the DevOps, Development, and Product teams on secure code programming based on industry best practices.
- Developing and maintaining specific documentation of application security controls, policies, and procedures and ensuring their implementation.
- Designing technical solutions to address security weaknesses.
- Analyzing system services and spotting issues in code, infrastructure, and applications.
- Develop and implement continuous service improvements to the Application Security Management program.
- Deliver next-generation application security controls, solve technical barriers with tools and processes, and align with application teams to ensure strong adoption.
- Perform threat modeling, static and/or dynamic analysis, application security validation (negative and positive), source code review, and app PenTests to provide development guidance based on security best practices.
- Update the library of information security documentation with application standards, work instructions, and training materials.
- Develop communication plans for the enterprise security application function by partnering with business and enterprise architects.
- Conducting pilot or POC with selected vendors for threat modeling, architecture reviews, code scanning, and penetration testing.
- Collaborating with cross-functional teams and getting their cooperation.

REQUIREMENTS

Requirements:

- 4+ years of overall technical experience in system design, project development, and production support of large cloud-native web applications/systems.
- Secure software development framework experience and adherence to industry benchmarks (OWASP top 10, SANS top 25, MS SDL, CWE 25).
- Application penetration testing experience.
- Experience working with static/dynamic analysis tools - SAST/DAST (such as BlackDuck, SonarQube, Seeker, Coverity).
- We are looking for a self-motivated person who is flexible and adaptive to a busy work environment!
- A bachelor's or master's degree in computer science, information security, or other related fields- an advangate

More about our benefits

Atera is highly collaborative and, yes, fun! To support you at work (and play), we offer some fantastic perks: ample time to learn from your teammates, time off to relax and recharge, community volunteer days, an annual budget to support your learning & growth, a company-paid trip, and more.