Application Security Instructor and Auditor

Application Security Instructor and Auditor

Location: Petach Tikva (Work in Client's site. Hybrid, one day work from home)

About us:

Sapiens is a global leader in the insurance industry, delivering its award-winning, cloud-based SaaS insurance platform to over 600 customers in more than 30 countries. Sapiens’ platform offers pre-integrated, low-code capabilities to accelerate customers’ digital transformation. With more than 40 years of industry expertise, Sapiens has a highly professional team of over 5,000 employees globally.

Job Description:

• Provide end-to-end guidance for technology projects on application security aspects, from initiation to production, while defining security policies.
• Draft security guidelines for development teams to ensure secure coding practices, address vulnerabilities and security gaps in development and production environments and implement technological security solutions in application domains.
• Collaborate in designing secure architectures aligned with company policies.
• Identify application-level security gaps and define required controls.
• Monitor and ensure compliance with cybersecurity risk management directives issued by the regulatory authority, organizational procedures, and security guidelines for various business and technology units.
• Support application security assessments, including scope definition, validation of findings, and oversight of remediation efforts to close exposures.
• Draft requirement documents for security products and innovative technologies.

Requirements:

• Proven experience in managing information security projects.
• Employment history in large organizations.
• Experience in risk management and security controls.
• Solid understanding of information systems and security standards, regulations, and procedures.
• Full proficiency in Application Security domains and secure development methodologies.
• Experience working with development and infrastructure teams.
• Hands-on experience in API Management and API Security (e.g., APIGEE, DataPower, etc.).
• In-depth knowledge of cloud technologies and cloud-native applications, with emphasis on Containers, Kubernetes (K8s), Serverless, etc.
• Practical experience with CI/CD systems, GIT tools, code and version management repositories, and Infrastructure as Code (IaC) implementation.
• Hands-on experience implementing security tools such as CWPP, SAST, DAST, OSS, etc.
• Strong familiarity with OWASP Top 10.
• Proven knowledge in Mobile Security.
• Experience with Threat Modeling.

Advantages:

• Security-related courses and certifications such as CISSP, CISM, CISA.
• Practical background in software development and coding.
• Experience working in institutional organizations.
• Strong familiarity with technological regulations for institutional entities.

Sapiens is an E-Verified & Equal Opportunity/Affirmative Action Employer, M/F/D/V.