CrawlJobs Logo
Citi Logo Citi · IT - Software Development

Cloud Application Security Lead

Israel, Tel Aviv Employment contract · Job Posted August 06, 2025
Apply Position
Job Link Share

Job Description

Cloud Application security lead is a Senior VP engineer with hands-on experience in building application security cloud solutions at the K8s level. Driving delivery of platform capabilities within the cyber domain supporting application needs for on-prem and cloud environments.

Job Responsibility

  • Technical engineering leadership and hands on development working with key stakeholders of cloud engineering and application security experts
  • Explore and resolve key application security gaps and drive their resolutions
  • Develop modules that resolve identified gaps in a centralized optimized manner such as: credential mgmt, authentication, authorization, end to end scanning tools
  • Act as an advisor and expert lead to various development teams across the company, to help them improve their expertise within cloud engineering and application security

Requirements

  • Expertise of cloud engineering and application security, demonstrated by previous roles in the domain and industry certification
  • Good understanding of security capabilities supporting application development such as authentication, authorization, credential management, certificate management, encryption for on-prem and cloud
  • Understanding of container orchestration technologies
  • Hands-on experience developing high-performance solutions following Agile methodologies ideally backend Java experience
  • Containers K8s hands on experience understanding the lifecycle of a containers and integration with security boundaries-advantage
  • Experience in building end to end solutions for the cloud domain in a secure manner
  • Familiarity with Java required, advantage - GoLang, Node.js, authentication

Nice to have

  • GoLang
  • Node.js
  • authentication

What we offer

  • Generous holiday allowance starting at 22 days
  • Private medical insurance packages
  • Employee Assistance Program
Citi - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Cloud Application Security Lead

8 matching positions

Security Lead – Cloud & IT Security

HPE Operations is our innovative IT services organization. It provides the exper...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Information Security, or related field
  • Minimum 10 years in IT security
  • At least 5 years in a leadership role
  • Proven track record in deploying and managing enterprise firewalls (e.g., Palo Alto, Fortinet, Check Point)
  • Strong knowledge of cloud security for AWS, Azure, and/or Google Cloud
  • Experience with DDoS mitigation solutions (e.g., Cloudflare, Akamai, AWS Shield)
  • Experience with Burpsuite
  • Hands-on knowledge of SIEM, SOAR, EDR, and vulnerability management tools
  • Strong analytical thinking
  • Problem-solving ability
Job Responsibility
Job Responsibility
  • Develop and maintain the organization's IT security roadmap aligned with cloud and enterprise infrastructure
  • Lead security design reviews for new systems, services, and cloud deployments
  • Deploy, configure, and manage network security appliances including next-generation firewalls, IDS/IPS, and web application firewalls
  • Implement and maintain cybersecurity protocols, including endpoint protection, identity management, and access control policies
  • Design and operate DDoS protection mechanisms to ensure availability of critical systems
  • Implement and enforce security measures in public, private, and sovereign cloud environments
  • Monitor and audit cloud configurations to ensure compliance with industry standards (ISO 27001, NIST, CIS, etc.)
  • Lead threat modeling, risk assessment, and vulnerability management initiatives
  • Oversee incident detection, response, and recovery processes to minimize business impact
  • Ensure adherence to regulatory and compliance requirements such as GDPR, HIPAA, PCI-DSS
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right
New

Lead Application Security Architect

The Application Security Architect is a senior, influential role responsible for...
Location
Location
United Kingdom; Sweden; Poland , London; Stockholm; Łódź
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in technology, with at least 7 years in a dedicated application security or product security role
  • Demonstrated experience designing and implementing a Secure SDLC in a cloud-native environment (GCP, AWS)
  • Hands-on experience with the architecture and strategy of AppSec tools (e.g., Snyk, Checkmarx, Veracode,)
  • Experience with securing microservices architectures, APIs, and modern web/mobile applications
  • Experience with securing AI/ML systems
  • A Bachelor’s degree in a relevant field or equivalent professional experience
Job Responsibility
Job Responsibility
  • Champion and orchestrate the definition of Arrive’s global Secure Software Development Lifecycle (SSDLC), from threat modeling to secure release, in close partnership with key stakeholders across Engineering and IT
  • Develop and maintain a comprehensive set of global security standards, baselines, and guidelines for secure coding, vulnerability management, and secure architecture
  • Create and champion the strategy for our application security tooling, including SAST, DAST, IAST, and Software Composition Analysis (SCA)
  • Define and manage the application security standards for Mergers & Acquisitions, establishing clear requirements and guiding the architectural integration of acquired technologies
  • Act as a lead security consultant and strategic partner for product and engineering teams, providing expert guidance on secure design patterns and vulnerability remediation
  • Forge a dynamic partnership with the Platform Security team: co-design the security tooling roadmap, consume their platforms where they meet global standards, and introduce new architectural patterns where needed
  • Lead security architecture reviews and threat modeling sessions for new applications and high-risk features
  • Act as a senior mentor and advocate for security engineers and champions across the organization, helping to grow our security talent
  • Stay at the forefront of emerging application security threats, with a particular focus on the risks associated with AI/ML systems
  • Collaborate with Data & AI teams to develop security principles and architectural patterns for securely integrating AI into our products
  • Fulltime
Read More
Arrow Right

Cloud / Application Security Architect

The Application Security Assurance Specialist - Principal is a pivotal role focu...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ Years experience in providing technical expertise in managing security frameworks and tools (SAST, DAST, SCA, container security, etc.)
  • Advanced knowledge of application lifecycle management methodologies (Waterfall, Agile, DevSecOps, CI/CD)
  • Strong understanding of compliance with standards such as OWASP Top 10, NIST CSF, and CIS Controls
  • Demonstrated ability to lead security assurance initiatives across complex development environments
  • Proficiency in designing and executing technical assessments and risk evaluations
Job Responsibility
Job Responsibility
  • Define and enforce embedded security practices across SDLC and CI/CD pipelines, ensuring compliance with organisational security policies and standards
  • Oversee the integration of advanced security tools (e.g., SAST, DAST, SCA, automated secret scanning) with development environments
  • Provide technical guidance on security configuration management, deployment hardening, and secure integration of tooling across all phases of software delivery
  • Conduct in-depth security risk assessments for high- and low-level technical designs, evaluating compliance against OWASP, CIS Benchmarks, and secure coding standards
  • Perform comprehensive security testing across application environments, including API security, container scanning, and dynamic runtime assessments, while evaluating residual risk post-assessment
  • Collaborate with stakeholders to assess the security maturity of existing practices and recommend improvements
  • Provide expert-level recommendations on the refinement of automation processes, risk mitigation strategies, and the deployment of compensating controls
  • Evaluate emerging technologies and leverage AI-driven application security tools to optimise assurance activities
  • Partner with development and DevSecOps teams to embed robust security measures within workflows
  • Actively engage in the training of development teams, fostering a culture of security awareness
What we offer
What we offer
  • Tailored benefits that support your physical, emotional, and financial wellbeing
  • Continuous growth and development opportunities
  • Flexible work options
Read More
Arrow Right

Application Security Lead

We are seeking an Application Security Lead to take our existing Secure-SDLC to ...
Location
Location
Salary
Salary:
Not provided
SQR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven senior Application Security experience (minimum 5 years), supporting engineering teams in a hands-on capacity
  • Strong experience conducting threat modelling and driving mitigations through to implementation
  • Demonstrable experience supporting and operating within a Secure SDLC
  • Mandatory practical, industry experience using OWASP ASVS to define secure development requirements and verify implementations
  • Expert knowledge of common application security risks and mitigations
  • Ability to translate security requirements into pragmatic engineering guidance and communicate effectively with engineers
  • Experience with cloud security (AWS/Azure/GCP), Kubernetes/container security, and IAM patterns
Job Responsibility
Job Responsibility
  • Embed security controls into the SDLC from design through to deployment (requirements, architecture, implementation, verification, and release)
  • Partner with engineering teams to implement practical secure design patterns
  • Define and maintain security requirements and acceptance criteria within the development process, including a security focused “Definition of Done”
  • Support release processes including risk-based sign-off, exception handling, and remediation planning
  • Facilitate threat modelling workshops and produce clear, actionable outputs, including data flow diagrams, trust boundaries, misuse cases, risk ratings, and agreed mitigations
  • Provide hands-on architecture review and guidance for product new services, features, and integrations
  • Apply OWASP ASVS as the primary application security requirements baseline, mapping ASVS controls into engineering deliverables and test evidence
  • Define verification approaches using a blend of manual review, automated testing, and security tooling
  • Drive secure coding practices and provide actionable feedback through design reviews, and targeted engineer coaching
Read More
Arrow Right

Application Security Engineer, Lead

Crafting the right network, with the right equipment and software, requires a co...
Location
Location
United States , Fort Meade
Salary
Salary:
77600.00 - 176000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience implementing application security services such as macro-segmentation, micro-segmentation, application-aware firewalls, and Web Application Firewalls (WAF)
  • 5+ years of experience with next-generation firewalls, such as Palo Alto, or Cisco, or Fortninet, or Juniper, or Illumio
  • 5+ years of experience with application delivery products, such as F5, Nginx, A10, or NetScaler
  • Experience leading cross-functional teams across various technologies and environments
  • Experience with DoD enterprise networks, such as defense infrastructure, including DMZ and application security
  • Secret clearance
  • HS diploma or GED
Job Responsibility
Job Responsibility
  • Develop enterprise-wide infrastructure
  • Troubleshoot and resolve complex network issues
  • Analyze working infrastructures
  • Increase security, reliability, and availability for mission-critical network systems
  • Optimize client operations and modernization
What we offer
What we offer
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
Read More
Arrow Right

Application Security Engineering Lead

Join us at Barclays as an Application Security Engineering Lead, where you'll de...
Location
Location
United Kingdom , Glasgow; Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with the software security landscape: CVEs, CWEs, common software vulnerability types
  • Experience with SAST, SCA, and DAST, including the strengths and weaknesses of each
  • At least one programming language (e.g. Java, Go)
  • At least one major cloud provider (e.g. AWS, GCP, Azure)
  • Experience with REST API design
  • Experience with HTTP Authentication
  • Experience with Linux at the terminal, including scripting and automation (e.g. shell, Python)
Job Responsibility
Job Responsibility
  • Provision of subject matter expertise on security systems and engineering patterns
  • Development and implementation of protocols, algorithms, and software applications to protect sensitive data and systems
  • Management and protection of secrets, ensuring that they are securely generated, stored, and used
  • Execution of audits to monitor, identify and assess vulnerabilities in the banks infrastructure/software and support the response to potential security breaches
  • Identification of advancements in to support the innovation and adoption of new cryptographic technologies and techniques
  • Collaboration across the bank, including developers and security teams, to ensure that cryptographic solutions align with business objectives, security policies and regulatory requirements
  • Development/ Implementation and maintenance of Identity and Access Management solutions and systems
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Senior Security Engineer - Application Security

This is an opportunity to join K's critical InfoSec team as a Senior Security En...
Location
Location
United States , New York
Salary
Salary:
150000.00 - 185000.00 USD / Year
khealth.com Logo
K Health
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Information Security, Cloud Security, IT Security, and/or Application Security
  • Strong expertise in cloud technology (AWS, GCP, or Azure), modern programming languages, utilization of generative coding utilities, and the security implications of utilizing AI code development utilities
  • Demonstrated experience researching, establishing, and successfully rolling out enterprise-wide security policies and guidelines
  • Proven experience establishing a cutting-edge security posture, particularly within the regulated healthcare technology field
  • Excellent communication skills, capable of translating complex security risks into clear, actionable advice for technical and non-technical stakeholders
  • Expertise in compliance, security, and regulatory areas such as
  • HIPAA, PHI, AKS, SOC 2, ISO, GDPR, etc.
  • Flexibility in covering a rotation for critical on-call support responsibilities
Job Responsibility
Job Responsibility
  • Lead the development and implementation of robust application security protocols throughout the entire Software Development Lifecycle (SDLC)
  • Design, deploy, and continuously monitor cloud security architecture across our cloud environments, ensuring performance and resilience
  • Manage the security posture of K’s core IT infrastructure, internal networks, and perimeter defenses, mitigating threats before they impact operations
  • Ensure adherence to relevant healthcare regulatory and compliance requirements (e.g., HIPAA, GDPR, etc.) across all product lines and systems
  • Conduct proactive vulnerability assessments, penetration tests, and security reviews to identify and remediate potential weaknesses in our platforms
  • Collaborate with engineering teams to integrate security tools and practices into continuous integration/continuous deployment (CI/CD) pipelines
What we offer
What we offer
  • Hybrid work schedule with weekly lunches and stocked fridges
  • Monthly social committees for company events
  • 18 vacation days, 9 company holidays, 5 sick days, and 2 personal days
  • Stock options for every full-time employee
  • Paid parental leave
  • 401k benefit
  • Commuter Benefits
  • Competitive health, dental, and vision insurance options
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, Application & Platform Security

The security team is responsible for and committed to securing all things Sentry...
Location
Location
Canada , Toronto
Salary
Salary:
200000.00 - 295000.00 CAD / Year
sentry.io Logo
Sentry
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of industry experience designing, building, and supporting large-scale distributed systems in production
  • Strong fundamentals in computer science skills
  • Experience in securing container based environments in cloud platforms (e.g., AWS, Azure, GCP) and their SDKs/APIs
  • Degree in Computer Science or related field
  • Experienced and comfortable programming in at least one language, with a strong preference for Python, Go, or Rust
  • Applied knowledge of cryptography, PKI, TLS, and practical implementations
  • An up to date understanding of the threat landscape as it pertains to SaaS companies
  • Strong communication skills
Job Responsibility
Job Responsibility
  • Lead highly impactful initiatives to solve critical security challenges, from idea formulation to design and implementation
  • Work on cross company objectives to influence and achieve security objectives
  • Research and evaluate new technologies to enhance the company's security posture with an eye towards scalability
  • Identify potential threats and vulnerabilities in our systems and data, as well as help develop and implement solutions to safeguard them
  • Enable cross-functional teams to implement security solutions aligned with Secure-by-Design concepts and standards
What we offer
What we offer
  • incentive compensation
  • equity grants
  • paid time off
  • group health insurance coverage
  • Fulltime
Read More
Arrow Right