CrawlJobs Logo

Cloud Application Security Lead

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Israel , Tel Aviv

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Cloud Application security lead is a Senior VP engineer with hands-on experience in building application security cloud solutions at the K8s level. Driving delivery of platform capabilities within the cyber domain supporting application needs for on-prem and cloud environments.

Job Responsibility:

  • Technical engineering leadership and hands on development working with key stakeholders of cloud engineering and application security experts
  • Explore and resolve key application security gaps and drive their resolutions
  • Develop modules that resolve identified gaps in a centralized optimized manner such as: credential mgmt, authentication, authorization, end to end scanning tools
  • Act as an advisor and expert lead to various development teams across the company, to help them improve their expertise within cloud engineering and application security

Requirements:

  • Expertise of cloud engineering and application security, demonstrated by previous roles in the domain and industry certification
  • Good understanding of security capabilities supporting application development such as authentication, authorization, credential management, certificate management, encryption for on-prem and cloud
  • Understanding of container orchestration technologies
  • Hands-on experience developing high-performance solutions following Agile methodologies ideally backend Java experience
  • Containers K8s hands on experience understanding the lifecycle of a containers and integration with security boundaries-advantage
  • Experience in building end to end solutions for the cloud domain in a secure manner
  • Familiarity with Java required, advantage - GoLang, Node.js, authentication

Nice to have:

  • GoLang
  • Node.js
  • authentication
What we offer:
  • Generous holiday allowance starting at 22 days
  • Private medical insurance packages
  • Employee Assistance Program

Additional Information:

Job Posted:
August 06, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cloud Application Security Lead

Application Security Engineering Lead

Join us at Barclays as an Application Security Engineering Lead, where you'll de...
Location
Location
United Kingdom , Glasgow; Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with the software security landscape: CVEs, CWEs, common software vulnerability types
  • Experience with SAST, SCA, and DAST, including the strengths and weaknesses of each
  • At least one programming language (e.g. Java, Go)
  • At least one major cloud provider (e.g. AWS, GCP, Azure)
  • Experience with REST API design
  • Experience with HTTP Authentication
  • Experience with Linux at the terminal, including scripting and automation (e.g. shell, Python)
Job Responsibility
Job Responsibility
  • Provision of subject matter expertise on security systems and engineering patterns
  • Development and implementation of protocols, algorithms, and software applications to protect sensitive data and systems
  • Management and protection of secrets, ensuring that they are securely generated, stored, and used
  • Execution of audits to monitor, identify and assess vulnerabilities in the banks infrastructure/software and support the response to potential security breaches
  • Identification of advancements in to support the innovation and adoption of new cryptographic technologies and techniques
  • Collaboration across the bank, including developers and security teams, to ensure that cryptographic solutions align with business objectives, security policies and regulatory requirements
  • Development/ Implementation and maintenance of Identity and Access Management solutions and systems
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Application Security Lead

Under minimal supervision, the Senior Application Security Engineer plays a crit...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
discounttire.com Logo
Discount Tire
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years’ experience in Information Security with a focus on Application Security or DevSecOps
  • Hands-on experience administering and integrating security tools such as Fortify, Trivy, and Wiz
  • Strong understanding of application security principles, common vulnerabilities (OWASP Top 10, SANS CWE), and secure configuration practices
  • Experience automating security scans and controls within CI/CD pipelines (e.g., Bitbucket Pipelines, GitHub Actions, Jenkins, GitLab CI)
  • Working knowledge of cloud platforms (AWS, Azure) and containerized environments (Docker, Kubernetes)
  • Experience with vulnerability management, prioritization, and risk-based remediation workflows
  • Excellent communication and collaboration skills with the ability to influence technical and non-technical stakeholders
  • Demonstrated ability to operate independently in a greenfield or rapidly maturing environment
  • Strong analytical and problem-solving skills, with a focus on measurable risk reduction and program maturity
  • Bachelor's degree in Computer Science, Information Security, or a related field or equivalent experience is required
Job Responsibility
Job Responsibility
  • Lead the establishment, implementation, and continuous improvement of the enterprise Application Security program
  • Manage and administer application security platforms including Fortify, Trivy, and Wiz
  • Develop and maintain processes for application vulnerability scanning, triage, and remediation tracking
  • Partner with DevOps and Engineering teams to integrate application security controls and tooling into CI/CD pipelines
  • Define standards and best practices for secure development, container hardening, and software composition analysis (SCA)
  • Collaborate with Cloud Security and Infrastructure teams to ensure consistent coverage across workloads and environments
  • Prioritize and manage application vulnerability findings, working with product owners and development teams to validate and resolve issues
  • Build and maintain key performance indicators (KPIs) and metrics to measure program effectiveness and risk reduction
  • Coordinate and participate in security incident investigations involving application vulnerabilities or exploits
  • Serve as a subject matter expert and advocate for secure development practices across the enterprise
  • Fulltime
Read More
Arrow Right

Security Lead – Cloud & IT Security

HPE Operations is our innovative IT services organization. It provides the exper...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Information Security, or related field
  • Minimum 10 years in IT security
  • At least 5 years in a leadership role
  • Proven track record in deploying and managing enterprise firewalls (e.g., Palo Alto, Fortinet, Check Point)
  • Strong knowledge of cloud security for AWS, Azure, and/or Google Cloud
  • Experience with DDoS mitigation solutions (e.g., Cloudflare, Akamai, AWS Shield)
  • Experience with Burpsuite
  • Hands-on knowledge of SIEM, SOAR, EDR, and vulnerability management tools
  • Strong analytical thinking
  • Problem-solving ability
Job Responsibility
Job Responsibility
  • Develop and maintain the organization's IT security roadmap aligned with cloud and enterprise infrastructure
  • Lead security design reviews for new systems, services, and cloud deployments
  • Deploy, configure, and manage network security appliances including next-generation firewalls, IDS/IPS, and web application firewalls
  • Implement and maintain cybersecurity protocols, including endpoint protection, identity management, and access control policies
  • Design and operate DDoS protection mechanisms to ensure availability of critical systems
  • Implement and enforce security measures in public, private, and sovereign cloud environments
  • Monitor and audit cloud configurations to ensure compliance with industry standards (ISO 27001, NIST, CIS, etc.)
  • Lead threat modeling, risk assessment, and vulnerability management initiatives
  • Oversee incident detection, response, and recovery processes to minimize business impact
  • Ensure adherence to regulatory and compliance requirements such as GDPR, HIPAA, PCI-DSS
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Application Security Tech Lead

The position is a cross-functional role that will be responsible for various App...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree with 4 - 6 years' experience in web application development or application code review
  • Experience as a technical lead or manager
  • Knowledge of cloud computing concepts and DevOps tools (OpenShift, Kubernetes, Docker, Chef, etc)
  • Experience using or testing cloud platforms (AWS, Google, Azure, etc) and security in/of the cloud
  • Understanding of security, web-based and infrastructure vulnerabilities
  • Experience in source code management, build and deployment technologies such as RLM, Ueploy, Jenkins, Artifactory, Maven, GitHub, etc
  • Experience conducting vulnerability assessments and articulating security issues to technical and non-technical audience
  • Understanding of Snyk, Checkmarx, CDXGen, Dependency Track, Fortify, GitHub Advance Security, Sonatype or Black Duck platform is a plus
  • Knowledge of tools and processes used to expose common vulnerabilities and implement countermeasures
  • Excellent communication skills (written and verbal)
Job Responsibility
Job Responsibility
  • Establish/manage multiple security programs that support the security testing requirements at the bank
  • Forge and maintain strong working relationships with development functions/teams, product delivery teams, project management, third party management, enterprise architecture, audit teams, etc.
  • Participate in security and technology strategic planning to ensure identified risk governance is incorporated into the CISO enterprise strategy
  • In partnership with business sectors, run delegate action groups to provide recommendations to strengthen development processes and security testing
  • Appropriately assess risk and provide software security advice when business decisions are made
  • Interface with Application Security Program Team to oversee Program Projects and Initiatives and make strategic recommendations to senior manager on standards and policy changes
  • Fulltime
Read More
Arrow Right

Google Cloud Platform Cloud Security Architect

Location
Location
United States , Roswell
Salary
Salary:
Not provided
synkriom.com Logo
Synkriom
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of prior experience in IT in network security, information security and infrastructure in a high-tech environment
  • 5+ years architecting and implementing security and DevSecOps on public cloud solutions (AWS or Google Cloud Platform)
  • Work experience as a Cloud Security Architect or similar role in a cloud native environment
  • Deep hands-on experience leading the design and deployment of technology infrastructure and associated security controls
  • Experience in solutions for data security, data masking, data classification, data anonymization
Job Responsibility
Job Responsibility
  • Provide domain expertise around public cloud and enterprise technology
  • Configure, implement, monitor, and support network security software/systems that will help ensure compliance with CSA Cloud Controls Matrix in cloud environments (AWS/AzureP)
  • Update security tools for logging/monitoring and growing coverage of existing tools
  • Make recommendations to management on enhancements to existing and new security software or related tools
  • Assist in evaluating, planning and implementation of new/existing security applications/tools that integrate with current tool sets
  • Help implement and maintain next-generation enterprise protection tools and malware detection technologies
  • Ensure security standard methodologies are identified and integrated into all facets of projects including network, system designs/configuration and implementations
  • Make recommendation on secure integration strategies, global enterprise architectures and application infrastructure based on best practices
  • Develop security architecture strategies that align to enterprise architecture strategy and that of the business strategy for cloud
  • Develop in depth security architecture standards, frameworks and design patters spanning all layers of security in the cloud from host, server and network to application and data security
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

As an Application Security - Senior Product Security Engineer, you will play a c...
Location
Location
United States
Salary
Salary:
157000.00 - 216000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Application or Product Security, preferably in a SaaS or cloud-native environment
  • Strong understanding of web app and API security, microservices, and containerized architectures
  • Experience integrating security tooling into modern CI/CD workflows
  • Proficiency with SAST, DAST, IaC scanning, and container security platforms
  • Skilled in secure coding and code review for at least one major language (Python, Java, Go, JavaScript)
  • Familiarity with AWS security, Kubernetes security, and DevSecOps best practices
Job Responsibility
Job Responsibility
  • Lead application security initiatives across all SaaS products and microservices
  • Conduct threat modeling, architecture reviews, and secure code assessments for both backend and frontend systems
  • Implement and manage security automation in CI/CD, integrating SAST, DAST, SCA, and container image scanning tools
  • Collaborate with engineering teams to triage, prioritize, and remediate vulnerabilities across applications and containerized workloads
  • Drive AppSec awareness and training, developing secure coding practices and guidelines
  • Evaluate and deploy container security controls, ensuring images and orchestrators (Kubernetes, ECS, etc.) follow best practices
  • Support bug bounty and vulnerability disclosure programs and coordinate penetration testing
  • Stay ahead of emerging application and container threats, and recommend preventive controls aligned with OWASP and CIS benchmarks
What we offer
What we offer
  • Competitive compensation, benefits, and career growth opportunities
  • Opportunity to shape and drive product security strategy
  • Collaborative and security-minded engineering culture
  • Work on cutting-edge security challenges in a fast-growing company
  • Performance-based bonus
  • Equity
  • Generous benefits program
  • Fulltime
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Melbourne; Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Poland Jobs Ireland Jobs Germany Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy