Application Security Expert
About The Position
Coralogix is rebuilding the path to observability using a real-time streaming analytics pipeline that provides monitoring, visualization, and alerting capabilities without the burden of indexing.
By enabling users to define different data pipelines per use case, we provide deep Observability and Security insights, at an infinite scale, for less than half the cost.
Coralogix is a real-time insights and trend analysis for logs, metrics, tracing, and security data with no reliance on storage or indexing.
Coralogix is hiring an Application Security Expert to join our growing Platform Engineering Group.
- Lead in-depth security assessments, architecture reviews, threat modeling of the application stack, including applications built on cloud and emerging technologies.
- Review applications and source code for potential security issues.
- Helping manage, triage, and provide remediation guidelines for findings from various sources like penetration tests, automated scanners, etc.
- Research the latest security standard methodologies, trends, threats and vulnerabilities, and technology frameworks.
- Actively promote improving the security culture and education within the organization while working closely with software architects, developers and DevOps.
- Lead security projects from end-to-end (from analysis and POC to implementation).
- 5+ years of experience in web application security, SSDLC, Threat Modeling (as an application security expert/architect).
- Have a deep understanding and keep up with industry trends of web/mobile application security threats, exploits, and prevention.
- Experience in penetration testing, code auditing, and vulnerability scanning with S/D/IAST tools.
- Experience in working with containerized environments (Docker, K8S, EKS).
- Knowledge of DevSecOps methodologies, tools and technologies (e.g. CI/CD).
- Ability to work in a self-directed environment that is highly collaborative and cross-functional.
- Having a background in web application development.
- Experience in writing scripts and automated tools in at least one of the following languages - Python, Bash, NodeJS and Go.
- Experience securing infrastructure in a public cloud (e.g. AWS, Azure, Google Cloud).
- Experience in networking concepts (firewalls, load balancers, etc) – an advantage.
- Bachelor’s degree in computer-science\information-systems
- Familiarity with the principles of CI/CD pipelines, including familiarity with scripting languages
- Experience in Automation tools