Product Security Lead

Aqua Security is a global leader in cloud-native security, protecting the world’s most advanced applications across containers, Kubernetes, serverless, and SaaS platforms.

We are looking for a Product Security Lead to take full ownership of security across our product - both SaaS and On-Prem environments.

This is a high-impact, high-visibility role at the intersection of Application Security, Cloud Security, and Architecture. You will combine hands-on technical work with strategic influence, shaping how security is embedded across our platform - from design to deployment.

If you’re passionate about building secure systems at scale, influencing architecture, and driving a security-first mindset, this is your opportunity to lead.

What You Will Own

Define and drive end-to-end Product Security strategy across Aqua’s platform
Lead threat modeling, secure design reviews, and architecture assessments
Identify and remediate application-level vulnerabilities across services and APIs
Embed security into CI/CD pipelines and development workflows (DevSecOps)
Secure cloud-native environments (Kubernetes, containers, microservices
Influence architecture and engineering decisions at scale
Partner closely with R&D, DevOps, and Product teams to drive secure development
Promote and scale a security-first culture across the organization
Balance security, performance, and developer experience in production systems

Requirements:

6+ years of experience in Application Security / Product Security / Cloud Security (must)
Strong hands-on experience combined with architectural thinking
Deep understanding of modern architectures: microservices, APIs, SaaS platforms
Proven experience securing Kubernetes, containers, and cloud-native environments
Hands-on experience integrating security into CI/CD pipelines (DevSecOps)
Strong knowledge of OWASP Top 10, common vulnerabilities, and secure coding practices
Ability to work closely with engineering teams, including code reviews and design discussions
Excellent communication skills and ability to influence cross-functional stakeholders

Nice to have:

Experience working in a security product company
Background in DevSecOps environments
Familiarity with CVEs, vulnerability management, and disclosure processes