CrawlJobs Logo

AppSec Engineer

fullpath.com Logo

Fullpath

Location Icon

Location:
Israel , Tel Aviv

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Fullpath is an AI-first tech company in the automotive space with hubs across the US and Israel. Our mission is to constantly disrupt the industry by creating new, groundbreaking technologies to help dealers build stronger, more resilient businesses. Our work happens in the fast lane as we work to bring AI and data-driven solutions to a quickly evolving industry. Our team at Fullpath is made up of curious and creative individuals who are always looking to achieve the impossible. We are bold, collaborative, and goal driven, and, at our core, we believe every voice has value and can impact our bottom line. We are looking for an AppSec Engineer to join our team and make a real impact on our Secure Software Development Lifecycle! As an AppSec Engineer your mission will be to be the driving force behind our secure development lifecycle. You won’t just find bugs; you will help build the systems that prevent them. You will have the opportunity to help navigate the "Agentic Era" by building autonomous security guardrails, securing LLM-based workflows, and empowering developers to move fast without breaking security.

Job Responsibility:

  • Build & automate: Develop and maintain internal security tooling, automated workflows, and AI security agents
  • Code integrity: Execute secure code reviews and provide actionable remediation guidance to engineering teams
  • Vulnerability management: Lead the tracking, triaging, and reporting of security flaws across all product lines
  • Best practice advocacy: Drive the adoption of secure coding standards, partnering with R&D and DevOps teams to embed security early and often
  • Extend our D&R capabilities: Build scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
  • Document: Draft requirement documents for security products and innovative technologies

Requirements:

  • 2-4 years experience as an Application Security Engineer or similar role from a Software Development Company
  • In-depth knowledge in threat modeling, risk management, and security controls
  • Experience with AI Security and Security AI
  • Proficiency with OWASP Top 10: API, LLM, and Agentic applications
  • Hands-on competency integrating security tools such as SAST, DAST, SCA, and API security testing
  • Familiarity with CI/CD pipelines and Infrastructure as Code implementation
  • Practical background in software development and coding
  • Extensive knowledge of cloud technologies and cloud-native applications, AWS and GCP
  • Cybersecurity certifications such as OSCP, GPEN, CSSLP - big advantage!
  • Fluent communication in Hebrew and English

Nice to have:

  • Endless curiosity and passion for emerging technology
  • Ability to handle prioritize and execute multiple tasks simultaneously
  • Ability to work collaboratively across multiple departments
  • Fluent in Hebrew & English - ability to lead meetings and present
  • Strong communication and collaboration skills
What we offer:
  • Family-friendly environment and flexible working hours
  • Learning and growth opportunities within a fast-paced tech startup environment
  • Clear career advancement path for strong performers
  • Cibus and lots of yummy treats in the kitchen

Additional Information:

Job Posted:
February 01, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Fullpath - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for AppSec Engineer

Appsec Engineer

This role will focus on preventing and protecting Fever from security threats, v...
Location
Location
Spain , Madrid
Salary
Salary:
Not provided
https://feverup.com/fe Logo
Fever
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on expertise in vulnerability management for cloud environments, containers, and applications
  • Proficiency in scripting for automation and security operations (Python, Go or similar)
  • Strong experience with AWS cloud infrastructure security including configurations, networking, Identities, etc.
  • Deep understanding of cloud security frameworks, best practices and secure architecture principles
  • Ability to analyze security threats and implement proactive defense mechanisms
  • Strong analytical and problem-solving skills
  • Ability to work cross-functionally to drive security initiatives
  • 4+ years of experience in cloud security and/or cybersecurity roles
  • Bachelor or Master’s Degree in Computer Science, Information Security, or another similar relevant degree (or equivalent experience in a technical security role)
  • Fluent in english
Job Responsibility
Job Responsibility
  • Manage and improve the vulnerability management process for cloud environments including containers, hosts and applications
  • Conduct regular security assessments to identify vulnerabilities and misconfigurations in the AWS ecosystem
  • Enforce AWS security best practices, including secure configurations, architecture and processes
  • Perform risk assessments based on cloud architecture best practices to provide technical security expertise to stakeholders in implementing secure solutions
  • Develop and deploy automated security solutions to improve vulnerability reporting, tracking and remediation processes
  • Collaborate with DevOps and engineering teams to integrate security best practices into cloud environments
  • Monitor performance of vulnerability management, secure configuration and architecture implementations
What we offer
What we offer
  • Opportunity to have a real impact in a high-growth global category leader
  • 40% discount on all Fever events and experiences
  • Position based in Madrid, home office friendly
  • Relocation package for international candidates
  • Responsibility from day one and professional and personal growth
  • Great work environment with a young, international team of talented people to work with
  • Health insurance and other benefits such as Flexible remuneration with a 100% tax exemption through Cobee
  • English Lessons
  • Gympass Membership
  • Possibility to receive in advance part of your salary by Payflow
  • Fulltime
Read More
Arrow Right

Security Engineer, AppSec and Cloud

The Security Engineer, AppSec and Cloud will be responsible for securing applica...
Location
Location
Salary
Salary:
Not provided
aciinfotech.com Logo
ACI Infotech
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in application or cloud security roles
  • Expertise in SSO, RBAC, and secrets management
  • Strong knowledge of cloud security controls (IAM, KMS, VPC, WAF)
  • Hands-on experience with threat modeling and vulnerability scanning
  • Experience partnering with engineers to implement secure defaults
  • Ability to translate risk into actionable remediations
  • Strong skills in documentation and incident response
Job Responsibility
Job Responsibility
  • Perform security reviews across code, infrastructure, and deployments
  • Implement SAST, DAST, and dependency scanning at scale
  • Harden identity, network, data, and secrets management
  • Define and enforce zero-trust security patterns
  • Conduct threat modeling workshops for critical flows
  • Drive secure SDLC adoption with automated checks
  • Partner with engineering to ensure secure-by-default practices
  • Fulltime
Read More
Arrow Right

Senior Engineer, Security

As a Senior Security Engineer you will be a subject matter expert responsible fo...
Location
Location
United States , Boston, MA
Salary
Salary:
Not provided
atscale.com Logo
AtScale
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years Security Engineering / AppSec experience in high-scale distributed systems
  • Experience securing both cloud and on-prem enterprise software deployments
  • Strong hands-on technical background: code, runtime debugging, containers, K8s, CI/CD
  • Expert level understanding in CVEs, vulnerability management, dependency management, SBOM
  • Experience building/operationalizing threat detection, telemetry, and security logging pipelines
  • Strong SOC 2 execution experience (control implementation + evidence + testable automation)
  • Able to work cross-functionally and influence
Job Responsibility
Job Responsibility
  • Hands-on development and tooling to secure code, containers, runtime, and deployment pipelines
  • Lead CVE remediation efforts and build sustainable CVE automation and gating
  • Implement security telemetry, malware detection, anomaly detection, and secure phone-home supportability for on-prem customers
  • Drive secure coding practices, static/dynamic analysis, threat modeling, and secure SDLC enablement
  • Collaborate with Platform, SRE, DevOps, and QA to harden infra, IAM, and default configurations
  • Participate deeply in code reviews, architecture reviews, and design reviews
  • Lead CrowdStrike SIEM integration efforts, including building custom connectors and data pipelines to enhance visibility, detection coverage, and security monitoring capabilities.
  • Work directly with Sales, Sales Engineering, and customers on security posture, audits, POCs, compliance reviews, and enterprise buyer security questions
  • Own security observability and monitoring, defining logs, metrics, alerts, and dashboards to ensure real-time visibility and rapid threat detection.
  • Manage and coordinate 3rd-party penetration testing engagements, scope definition, evidence delivery, and remediation plans
What we offer
What we offer
  • Competitive compensation, including equity.
  • Flexible, remote-friendly work environment with a strong culture of ownership and trust.
  • Unlimited PTO and competitive benefits.
  • The opportunity to directly shape AtScale’s growth by building the team that powers our next phase.
  • Fulltime
Read More
Arrow Right

Senior Security Program Manager

We’re hiring a senior Sr Security Program Manager to contribute to and mature an...
Location
Location
United States , Buffalo
Salary
Salary:
155000.00 - 195000.00 USD / Year
acvauctions.com Logo
ACV Auctions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years experience building and operating security programs in SaaS / marketplace / fintech / large data platforms
  • Demonstrable ownership across AppSec, SecOps, and Corporate Security domains
  • Experience optimizing and helping vulnerability management and incident response programs mature with measurable SLAs (MTTR, remediation windows)
  • Track record of influencing engineering/product leadership and delivering security as a business enabler (not a blocker)
  • Strong program management skills: roadmap creation, cross-functional timelines, budget stewardship, vendor selection and contract negotiation
  • Excellent written + verbal communication
  • experience preparing executive risk briefings and board-level security summaries
  • Bachelor’s degree in CS, Engineering, Information Security, or commensurate experience (5+ years) working in a similar role
Job Responsibility
Job Responsibility
  • Work with stakeholders to create a unified security program roadmap covering Product Security, SecOps, and Enterprise Security
  • Translate risk appetite into prioritized initiatives, funding opportunities, and measurable outcomes
  • Define and publish security KPIs/OKRs as dashboards to various internal audiences
  • Use data to support visibility and continuous improvement
  • Work with security teammates to collectively drive programs partnering with Product, Engineering, and DevOps to embed AppSec into the SSDLC
  • Partner with Operational leads to drive maturity through the creation of requirement frameworks including documented procedures, incident response playbooks, and runbooks
  • Collaborate with Legal, Privacy, and GRC teams to ensure enterprise controls align with SOC 2 and other industry standard framework requirements
  • Partner directly with the CISO to ensure top initiatives are well-planned, resourced, and delivered
  • Identify gaps, improve processes, and support the development of scalable frameworks
  • Drive cybersecurity initiatives from planning through delivery
What we offer
What we offer
  • Multiple medical plans including a high deductible, low cost health plan
  • Company-sponsored (paid) Short-Term Disability, Long-Term Disability, and Life Insurance
  • Comprehensive optional benefits such as Dental, Vision, Supplemental Life/AD&D, Legal/ID Protection, and Accident and Critical Illness Insurance
  • Generous paid time off options, including uncapped vacation days, the greater of 3 paid sick days or in accordance with the applicable state or local paid sick leave law, 6 paid company holidays, 2 floating holidays, parental leave, bereavement leave, jury duty leave, voting leave, and other forms of paid leave as required by applicable law or regulation
  • Employee Stock Purchase Program with additional opportunities to earn stock in the Company
  • Retirement planning through the Company’s 401(k)
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

As an Application Security - Senior Product Security Engineer, you will play a c...
Location
Location
United States
Salary
Salary:
157000.00 - 216000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Application or Product Security, preferably in a SaaS or cloud-native environment
  • Strong understanding of web app and API security, microservices, and containerized architectures
  • Experience integrating security tooling into modern CI/CD workflows
  • Proficiency with SAST, DAST, IaC scanning, and container security platforms
  • Skilled in secure coding and code review for at least one major language (Python, Java, Go, JavaScript)
  • Familiarity with AWS security, Kubernetes security, and DevSecOps best practices
Job Responsibility
Job Responsibility
  • Lead application security initiatives across all SaaS products and microservices
  • Conduct threat modeling, architecture reviews, and secure code assessments for both backend and frontend systems
  • Implement and manage security automation in CI/CD, integrating SAST, DAST, SCA, and container image scanning tools
  • Collaborate with engineering teams to triage, prioritize, and remediate vulnerabilities across applications and containerized workloads
  • Drive AppSec awareness and training, developing secure coding practices and guidelines
  • Evaluate and deploy container security controls, ensuring images and orchestrators (Kubernetes, ECS, etc.) follow best practices
  • Support bug bounty and vulnerability disclosure programs and coordinate penetration testing
  • Stay ahead of emerging application and container threats, and recommend preventive controls aligned with OWASP and CIS benchmarks
What we offer
What we offer
  • Competitive compensation, benefits, and career growth opportunities
  • Opportunity to shape and drive product security strategy
  • Collaborative and security-minded engineering culture
  • Work on cutting-edge security challenges in a fast-growing company
  • Performance-based bonus
  • Equity
  • Generous benefits program
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Engineer

As a Senior Cybersecurity Engineer, you will be at the forefront of driving secu...
Location
Location
United States , Bellevue; Overland Park; Frisco; Herndon
Salary
Salary:
103400.00 - 186400.00 USD / Year
https://www.t-mobile.com Logo
T-Mobile
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree Computer Science or Information Technology or equivalent work experience
  • 4-7 years Experience in info security technology or related field
  • Experience with incident handling for Security breaches
  • Expert in security subject areas
  • 2-4 years Technical Project Management
  • Experience with high level design architecture, security technologies, Networking, web services and SOA
  • Understanding of encryption, obfuscation, tokenization technologies
  • Medium to advance knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP)
  • Knowledge of federal & compliance regulations e.g. SOX, PCI & CPNI
  • Familiarity with load balancers (ex – A10, F5), firewalls (ex – CheckPoint), Venafi, MDM (ex - Mobile Iron), Cloud (ex - AWS, Azure), Malware Protection (ex -FireEye), Advanced Persistent Threats (ex - Damballa), Privileged Accounts (ex – CyberArk), SIEM (ex – ArcSight), Log & Event (ex – Splunk), Intrusion IDS/IPS (ex – Symantec) , Cloud Platform (ex – PCF, Docker), Scanning (ex – Qualys), AppSec (ex - Veracode)
Job Responsibility
Job Responsibility
  • Leads security, compliance, and risk assessments on projects throughout project lifecycle
  • Improves process efficiency by creating and implementing creative and sustainable changes to existing deployment methodologies
  • Leads the identification of security needs & recommends plans/resolutions
  • Implements, tests & monitors info security improvements
  • Maintains transparency inside & outside of information security at the People management level
  • Communicate with groups such as application support, engineering ops, finance, privacy, risk management, etc
  • Leads information security policy lifecycle throughout, including intake, creation, review, approval, implementation, publishing, communication & maintenance
  • Implements security projects driven by groups both internal and external to info security
  • Mentors peers and junior team members in security technologies, enterprise solution design and facilitation and effective customer interaction
  • Experience with implementation of various threat modeling approaches pertaining to one or more of the following STRIDE, PASTA, TRIKE, ATTACK TREE, DREAD, KILL CHAIN, CAPEC, Mobile Application threat model, Cyber Threat Tree, and data flow diagram
What we offer
What we offer
  • Competitive base salary and compensation package
  • Annual stock grant
  • Employee stock purchase plan
  • 401(k)
  • Access to free, year-round money coaches
  • Medical, dental and vision insurance
  • Flexible spending account
  • Paid time off
  • Up to 12 paid holidays
  • Paid parental and family leave
  • Fulltime
Read More
Arrow Right

Cyber Security Defense Head of Department

The Cyber Security Defense Head of Department (HOD) will lead and mature our org...
Location
Location
United States , Irvine
Salary
Salary:
181240.00 - 259160.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15–20 years of progressive experience across the various cyber defense disciplines (SOC, Incident Response, Red/Blue teams, or similar defensive/offensive functions)
  • Proven experience leading cyber defense teams
  • Demonstrated ability to hire, mentor, and lead high-performing technical teams
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or a related discipline
  • Strong knowledge of threat detection, incident response, adversary tactics (MITRE ATT&CK), vulnerability management, and secure software development
  • Excellent incident management, communication, and executive reporting skills
  • Proficient in English for effective communication and coordination
  • In the absence of IR team members, utilize a flexible work schedule to facilitate the security incident response process for high/critical incidents
Job Responsibility
Job Responsibility
  • Develop and execute the Cyber Defense strategy aligned with organizational goals, customer requirements and the evolving threat landscapes
  • Establish frameworks, processes, and KPIs for SOC, Incident Response, TVM, AppSec, Red/Blue Teaming, and Adversary Simulation
  • Serve as a senior advisor to the CISO and executive leadership on cyber risks, readiness, and emerging threats
  • Oversee 24x7 SOC operations, ensuring effective monitoring, detection, and response to security events, across levels 1-3
  • Drive continuous enhancement of detection engineering, threat hunting, and security analytics
  • Implement best-in-class security tooling, automation, and operational processes
  • Lead internal Red Team and offensive security capabilities, including penetration testing
  • Define testing methodologies, operational rules of engagement, and reporting standards
  • Translate offensive findings into actionable improvements for defensive teams and architecture
  • Oversee the Incident Response program, ensuring rapid and effective handling of security incidents
  • Fulltime
Read More
Arrow Right

Cyber Defense Head of Department

The Cyber Security Defense Head of Department (HOD) will lead and mature our org...
Location
Location
United States , Irvine
Salary
Salary:
181240.00 - 259160.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15–20 years of progressive experience across the various cyber defense disciplines (SOC, Incident Response, Red/Blue teams, or similar defensive/offensive functions)
  • Proven experience leading cyber defense teams
  • Demonstrated ability to hire, mentor, and lead high-performing technical teams
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or a related discipline
  • Strong knowledge of threat detection, incident response, adversary tactics (MITRE ATT&CK), vulnerability management, and secure software development
  • Excellent incident management, communication, and executive reporting skills
  • Proficient in English for effective communication and coordination
  • In the absence of IR team members, utilize a flexible work schedule to facilitate the security incident response process for high/critical incidents
Job Responsibility
Job Responsibility
  • Develop and execute the Cyber Defense strategy aligned with organizational goals, customer requirements and the evolving threat landscapes
  • Establish frameworks, processes, and KPIs for SOC, Incident Response, TVM, AppSec, Red/Blue Teaming, and Adversary Simulation
  • Serve as a senior advisor to the CISO and executive leadership on cyber risks, readiness, and emerging threats
  • Oversee 24x7 SOC operations, ensuring effective monitoring, detection, and response to security events, across levels 1-3
  • Drive continuous enhancement of detection engineering, threat hunting, and security analytics
  • Implement best-in-class security tooling, automation, and operational processes
  • Lead internal Red Team and offensive security capabilities, including penetration testing
  • Define testing methodologies, operational rules of engagement, and reporting standards
  • Translate offensive findings into actionable improvements for defensive teams and architecture
  • Oversee the Incident Response program, ensuring rapid and effective handling of security incidents
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy