CrawlJobs Logo
Fullpath Logo Fullpath · IT - Administration

AppSec Engineer

Israel, Tel Aviv · Job Posted February 01, 2026
Apply Position
Job Link Share

Job Description

Fullpath is an AI-first tech company in the automotive space with hubs across the US and Israel. Our mission is to constantly disrupt the industry by creating new, groundbreaking technologies to help dealers build stronger, more resilient businesses. Our work happens in the fast lane as we work to bring AI and data-driven solutions to a quickly evolving industry. Our team at Fullpath is made up of curious and creative individuals who are always looking to achieve the impossible. We are bold, collaborative, and goal driven, and, at our core, we believe every voice has value and can impact our bottom line. We are looking for an AppSec Engineer to join our team and make a real impact on our Secure Software Development Lifecycle! As an AppSec Engineer your mission will be to be the driving force behind our secure development lifecycle. You won’t just find bugs; you will help build the systems that prevent them. You will have the opportunity to help navigate the "Agentic Era" by building autonomous security guardrails, securing LLM-based workflows, and empowering developers to move fast without breaking security.

Job Responsibility

  • Build & automate: Develop and maintain internal security tooling, automated workflows, and AI security agents
  • Code integrity: Execute secure code reviews and provide actionable remediation guidance to engineering teams
  • Vulnerability management: Lead the tracking, triaging, and reporting of security flaws across all product lines
  • Best practice advocacy: Drive the adoption of secure coding standards, partnering with R&D and DevOps teams to embed security early and often
  • Extend our D&R capabilities: Build scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
  • Document: Draft requirement documents for security products and innovative technologies

Requirements

  • 2-4 years experience as an Application Security Engineer or similar role from a Software Development Company
  • In-depth knowledge in threat modeling, risk management, and security controls
  • Experience with AI Security and Security AI
  • Proficiency with OWASP Top 10: API, LLM, and Agentic applications
  • Hands-on competency integrating security tools such as SAST, DAST, SCA, and API security testing
  • Familiarity with CI/CD pipelines and Infrastructure as Code implementation
  • Practical background in software development and coding
  • Extensive knowledge of cloud technologies and cloud-native applications, AWS and GCP
  • Cybersecurity certifications such as OSCP, GPEN, CSSLP - big advantage!
  • Fluent communication in Hebrew and English

Nice to have

  • Endless curiosity and passion for emerging technology
  • Ability to handle prioritize and execute multiple tasks simultaneously
  • Ability to work collaboratively across multiple departments
  • Fluent in Hebrew & English - ability to lead meetings and present
  • Strong communication and collaboration skills

What we offer

  • Family-friendly environment and flexible working hours
  • Learning and growth opportunities within a fast-paced tech startup environment
  • Clear career advancement path for strong performers
  • Cibus and lots of yummy treats in the kitchen
Fullpath - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

AppSec Engineer

8 matching positions

Senior Application Security (AppSec) Engineer

Location
Location
Japan , 東京23区
Salary
Salary:
10000000.00 - 16000000.00 JPY / Year
https://www.randstad.com Logo
Randstad
Expiration Date
April 30, 2027
Flip Icon
Requirements
Requirements
  • 3+ years of experience in the applications security (AppSec) domain, including hands-on experience in code analysis, threat modelling, and an understanding of pentesting
  • Familiarity with key application security principles, frameworks, and technologies (e.g., CWE, MITRE, OWASP, CIS Benchmarks)
  • Strong communication skills and confidence to work closely with leads, senior devs, and the CTO, while being mature enough to handle reasonable pushbacks
  • Experience building security controls into CI/CD pipelines (GitHub actions, CircleCI, GitLab CI/CD)
Job Responsibility
Job Responsibility
  • Flexible working style: Flex-time and hybrid working style
  • English & Japanese Useage: This position regularly coordinates with overseas stakeholders, and would be a great opportunity to utilize your English and Japanese abilities on a regular basis
  • Global Tech Environment: Support a diverse team in a industry-leading global company
What we offer
What we offer
  • 健康保険
  • 厚生年金保険
  • 雇用保険
  • 土曜日
  • 日曜日
  • 祝日
  • Fulltime
Read More
Arrow Right

Senior Backend Engineer - AppSec ShiftLeft (Cortex Cloud)

ShiftLeft is building the cloud security platform for developers (AppSec). Our p...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in backend development, with a strong foundation in designing and maintaining scalable systems
  • 2+ years of hands-on experience with TypeScript and Node.js in production environments
  • Experience working with databases such as BigQuery, MongoDB, or relational SQL systems
  • Experience with cloud infrastructure (preferably GCP) and cloud-native architectures
  • A self-driven, independent, leader and fast learner with a proactive approach to solving problems
  • Experience with high scale production systems
  • Excellent collaboration and communication skills with team members and product team
Job Responsibility
Job Responsibility
  • Shaping the future of our code security products
  • Building robust and scalable backend features
  • Driving performance, reliability, and innovation across our systems
  • Owning and leading the department’s data pipelines, databases, and enrichment and persistence flows
  • Fulltime
Read More
Arrow Right

Security Engineer, AppSec and Cloud

The Security Engineer, AppSec and Cloud will be responsible for securing applica...
Location
Location
Salary
Salary:
Not provided
aciinfotech.com Logo
ACI Infotech
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in application or cloud security roles
  • Expertise in SSO, RBAC, and secrets management
  • Strong knowledge of cloud security controls (IAM, KMS, VPC, WAF)
  • Hands-on experience with threat modeling and vulnerability scanning
  • Experience partnering with engineers to implement secure defaults
  • Ability to translate risk into actionable remediations
  • Strong skills in documentation and incident response
Job Responsibility
Job Responsibility
  • Perform security reviews across code, infrastructure, and deployments
  • Implement SAST, DAST, and dependency scanning at scale
  • Harden identity, network, data, and secrets management
  • Define and enforce zero-trust security patterns
  • Conduct threat modeling workshops for critical flows
  • Drive secure SDLC adoption with automated checks
  • Partner with engineering to ensure secure-by-default practices
  • Fulltime
Read More
Arrow Right
New

Enterprise Account Manager

This is a high-impact, quota-carrying role at the forefront of one of the fastes...
Location
Location
United States , California
Salary
Salary:
Not provided
checkmarx.com Logo
Checkmarx
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven track record of exceptional pipeline generation with a drive to continuously develop new opportunities
  • Demonstrated success in channel sales and strategic partner engagement
  • Strong account management skills with experience navigating complex enterprise relationships
  • Sales experience in Application Security preferred
  • Cybersecurity, DevSecOps, or software development tools also valued
  • Active practitioner of MEDDIC / Force Management sales methodology
  • 3+ years of success selling SaaS, subscription, or cloud-based solutions to large enterprise accounts, with consistent 100%+ quota attainment
  • Demonstrated success operating across a dual-motion territory — driving net-new logo acquisition while expanding and retaining a portfolio of existing enterprise accounts
  • Experience selling to CISO, AppSec, engineering VP-level, and Developer buyers across DevSecOps environments
  • Excellent communication, negotiation, and executive presence with ability to influence technical and business stakeholders
Job Responsibility
Job Responsibility
  • Own and grow a portfolio of enterprise accounts across Northern California and the Pacific Northwest
  • Identify, qualify, and close new business opportunities across a dual-motion territory of net-new and expansion accounts
  • Apply a value selling sales methodology to manage complex, multi-stakeholder deals to close
  • Build strong executive-level relationships with CISOs, AppSec leaders, engineering VPs, and Developer teams, acting as a trusted advisor
  • Develop and execute strategic account and territory plans aligned to customer business outcomes
  • Partner with SDRs, Sales Engineering, Marketing, and Customer Success to deliver winning solutions
  • Deliver compelling presentations and product demonstrations that drive demand and expansion
  • Maintain accurate pipeline, forecasts, and account data in Salesforce
  • Stay current on AppSec market trends, the evolving threat landscape, and the competitive environment
  • Represent Checkmarx at select industry events and trade shows
What we offer
What we offer
  • Medical
  • dental
  • vision
  • 401(K)
  • additional incentives
  • Culture of community and opportunity to work in a growing organization
  • Room for career growth and professional development
  • Training and educational opportunities
  • Fulltime
Read More
Arrow Right

Application Security Engineer, AI Security

Notion is looking for security engineers that have a passion for securing comple...
Location
Location
United States , San Francisco
Salary
Salary:
230000.00 - 280000.00 USD / Year
notion.so Logo
Notion
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Security Architecture expertise: You have at least 6+ years of experience working with product teams to design and/or build secure software
  • Thoughtful problem-solving
  • Impact-driven approach to technology
  • Pragmatic and business-oriented
  • Empathetic communication
  • Startup mentality
  • You don’t need to be an AI expert, but you’re curious and willing to adopt AI tools to work smarter and deliver better results
Job Responsibility
Job Responsibility
  • Help define the security models for Notion’s products as they ship, giving guidance to engineering and product teams to ensure new features meet strict enterprise security requirements
  • Perform hands on testing and develop automated red teaming for AI and agentic features, especially focused on AI specific risks like prompt injection
  • Make the secure path the easy path for product teams by providing design guidance and finding architectural solutions that eliminate classes of vulnerabilities
  • Provide developers guidance and education on security and privacy best practices that prevent the authoring of vulnerabilities
  • leverage skills, MCP enabled tools, and hooks to help prevent vulnerabilities for developers using agentic coding tools
  • Participate in and drive mitigation strategies during AppSec related incident responses
What we offer
What we offer
  • Highly competitive cash compensation, equity, and benefits
  • Fulltime
Read More
Arrow Right

Head of Product Security

The Head of Product Security leads the pillar responsible for ensuring everythin...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • CSSLP, OSCP or similar certifications
  • Experience with PCI Software Security Framework (SSF) and its application to payment processing software
  • Previous career as a software engineer or developer before moving into security — you understand the developer experience from the inside
  • Experience with bug bounty programme management
  • Payments acquiring, FinTech, E-Pay - application security experience
  • Contributions to open-source security tools, OWASP projects, or published security research
  • Experience with security tooling for Kubernetes-native applications
  • Several years of progressive experience in application security or product security, with a number of years in a leadership role managing a product security or AppSec team
  • Deep understanding of modern application security: OWASP Top 10, API security (REST, gRPC, GraphQL), microservices security, container security, and secure coding practices
  • Proven experience building and running a security champions programme in an agile engineering organisation
Job Responsibility
Job Responsibility
  • Own and drive the shift-left security programme, ensuring security is integrated into the earliest stages of the software development lifecycle through threat modelling, secure design patterns, and automated tooling
  • Manage the security champions programme, recruiting, training, and supporting champions across all product squads
  • Own the developer security toolchain (SAST, DAST, SCA, secrets scanning) and ensure it is integrated into all CI/CD pipelines with minimal developer friction and calibrated thresholds to avoid noise
  • Establish and operate the vulnerability management lifecycle, including scanning orchestration, triage, prioritisation, SLA assignment, remediation tracking, and exception management
  • Chair the weekly Vulnerability Review Board, making prioritisation decisions on critical and high-severity findings in collaboration with engineering leads
  • Define and publish the security engagement model for product and engineering teams, including trigger points (new service, new integration, pre-release), SLAs, and escalation paths
  • Oversee threat modelling for new services and major changes, ensuring threat models are completed before development progresses beyond initial design
  • Own the security sign-off process for production releases, providing risk-based release decisions (approved, approved with conditions, deferred, escalated) rather than binary pass/fail gates
  • Provide self-service security capabilities to product teams: threat model templates, security stories backlog, secure coding guides, and accessible tooling documentation
  • Produce security assurance reporting for the CISO, including vulnerability trends, SDLC integration metrics, champion programme health, and developer satisfaction with security
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Enterprise Account Executive

Your mission is to grow GitGuardians presence across enterprise accounts in your...
Location
Location
United States , Denver
Salary
Salary:
155000.00 - 175000.00 USD / Year
gitguardian.com Logo
GitGuardian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated success as an Enterprise Account Executive in a DevOps and/or AppSec environment
  • At least 5 years of enterprise software or security sales experience, with a track record of managing complex, multi-stakeholder sales cycles
  • Experience selling into Security, Engineering, or IT leadership (Application Security, DevSecOps, Cloud Security, Identity/IAM/NHI, or developer tooling is a strong plus)
  • Demonstrated success generating pipeline independently and achieving quota
  • Comfort running multi-threaded enterprise deals with nuanced procurement processes
  • Strong communication skills: You're clear and credible with executive audiences
  • A willingness to travel (up to 25%)
  • Proficiency with MEDDIC or MEDDPICC sales frameworks
Job Responsibility
Job Responsibility
  • Identify, engage, and build rapport with enterprise prospects through outbound hunting, channel relationships, and events
  • Own end-to-end sales cycles, aligning multiple stakeholders across large buying teams: from CISOs and CTOs to Security, Engineering, and DevOps leads
  • Scope and run complex POCs and POVs alongside your Sales Engineer
  • Build proposals and manage multi-stakeholder negotiations in partnership with internal and external procurement teams
  • Maintain disciplined pipeline management and accurate forecasting
  • Evangelize GitGuardians growing product line, including our NHI Governance and secrets detection capabilities
What we offer
What we offer
  • 25 days of PTO
  • 9 public holidays
  • Health, Dental & Vision insurance (80% coverage), for individuals and their families
  • Short term & long term disability insurance (100% paid)
  • Travel policy including to annual off-sites
  • Up to $300 towards home office set-up
  • Monthly remote work stipend $70
  • Complimentary access to Talk Space
  • Referral bonus of $4000
  • Pre-tax commuter plan access
  • Fulltime
Read More
Arrow Right

Lead Application Security Architect

The Application Security Architect is a senior, influential role responsible for...
Location
Location
United Kingdom; Sweden; Poland , London; Stockholm; Łódź
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in technology, with at least 7 years in a dedicated application security or product security role
  • Demonstrated experience designing and implementing a Secure SDLC in a cloud-native environment (GCP, AWS)
  • Hands-on experience with the architecture and strategy of AppSec tools (e.g., Snyk, Checkmarx, Veracode,)
  • Experience with securing microservices architectures, APIs, and modern web/mobile applications
  • Experience with securing AI/ML systems
  • A Bachelor’s degree in a relevant field or equivalent professional experience
Job Responsibility
Job Responsibility
  • Champion and orchestrate the definition of Arrive’s global Secure Software Development Lifecycle (SSDLC), from threat modeling to secure release, in close partnership with key stakeholders across Engineering and IT
  • Develop and maintain a comprehensive set of global security standards, baselines, and guidelines for secure coding, vulnerability management, and secure architecture
  • Create and champion the strategy for our application security tooling, including SAST, DAST, IAST, and Software Composition Analysis (SCA)
  • Define and manage the application security standards for Mergers & Acquisitions, establishing clear requirements and guiding the architectural integration of acquired technologies
  • Act as a lead security consultant and strategic partner for product and engineering teams, providing expert guidance on secure design patterns and vulnerability remediation
  • Forge a dynamic partnership with the Platform Security team: co-design the security tooling roadmap, consume their platforms where they meet global standards, and introduce new architectural patterns where needed
  • Lead security architecture reviews and threat modeling sessions for new applications and high-risk features
  • Act as a senior mentor and advocate for security engineers and champions across the organization, helping to grow our security talent
  • Stay at the forefront of emerging application security threats, with a particular focus on the risks associated with AI/ML systems
  • Collaborate with Data & AI teams to develop security principles and architectural patterns for securely integrating AI into our products
  • Fulltime
Read More
Arrow Right