Who we are:
Allot is an established industry leader in network intelligence and security solutions for service providers and enterprises around the world.
We believe in giving our Tier-1 customers around the world real value by offering them cutting-edge solutions that make their networks smarter and their users more secure.
At Allot, you’ll have the opportunity to develop professionally and personally in a dynamic environment with like-minded people who always go the extra mile to succeed.
What we’re looking for:
We are looking for an Application Security Team Leader for full responsibility for Allots’ product security and to lead a team of AppSec experts. The AppSec team at Allot is responsible for ensuring the solution consisting of Cloud/On-prem deployment is secure and resilient to a variety of cyberattacks, from the OS layer all the way to the application level attacks, that developers introduce fewer new security bugs, and that we leverage best practices and tools for security. The successful candidate will be responsible for driving our Cloud/On-prem strategic security program across the product development lifecycle.
What you’ll do:
- Develop and lead the strategic vision to manage both internal and external risks associated with Allot products and solutions, both on-prem and cloud.
- Lead a team of application security experts
- Proactively advise stakeholders on how to maintain compliance with appropriate regulatory or industry best practices
- Drive secure development lifecycle (SSDLC) and integration of security features into all phases of software design and development
- Identify and facilitate remediation of application and cloud security exposures and vulnerabilities
- Conduct cloud security strategy, readiness, and discovery assessments; be familiar with cloud security frameworks, compliance requirements, and security operations
- Research new application security tools and technologies as requested, and evaluate options that enhance security capabilities
- Work closely with R&D to enhance application security on all layers
- Work with R&D teams to review code for security vulnerabilities manual and automated
- Perform periodic application level penetration tests on major features and versions.
- Evaluate the security posture of various 3rd party tools, libraries, and vendors from an application security perspective.
- Drive and track the progress of security bug resolution with R&D and DevOps teams.
- Work on RFP and Audit responses as needed.
What you should have:
- 4+ years of experience in Product security / Cloud security tech lead within R&D or product management
- 2+ years of Leadership experience
- Certified in IT Security e.g., CISSP, CISM, CCSP
- Thorough understanding of cybersecurity frameworks, such as NIST CSF, CIS CSC, etc.
- Experience in Cloud technologies and SaaS environments
- Experience with web & application security, familiar with OWASP frameworks, solutions, and initiatives
- Experience with security solutions such as Web application firewalls, DB Firewalls, Vulnerability scanners, and RASP/DAST/SAST solutions
- Experience in implementation of Secure Development LifeCycle
- Technical experience in network security technologies or security operations with a proven ability to engage and drive product and engineering priorities
- Educate key stakeholders on the program, risks, and the importance of security in Varonis products & solutions.
- Identify, capture, escalate, and close security vulnerabilities found in Allot products.
- Leverage tools to deliver vulnerability information back to the development organization for remediation.
- Coordinate security risk assessments for new products & solutions through the risk assessment team.