Application Security Engineer

About the Company

Fullpath is an AI-first tech company in the automotive space with hubs across the US and Israel. Our mission is to constantly disrupt the industry by creating new, groundbreaking technologies to help dealers build stronger, more resilient businesses. Our work happens in the fast lane as we work to bring AI and data-driven solutions to a quickly evolving industry. Our team at Fullpath is made up of curious and creative individuals who are always looking to achieve the impossible. We are bold, collaborative, and goal driven, and, at our core, we believe every voice has value and can impact our bottom line.

About the Role

We are looking for an AppSec Engineer to join our team and make a real impact on our Secure Software Development Lifecycle! As an AppSec Engineer your mission will be to be the driving force behind our secure development lifecycle. You won’t just find bugs; you will help build the systems that prevent them. You will have the opportunity to help navigate the "Agentic Era" by building autonomous security guardrails, securing LLM-based workflows, and empowering developers to move fast without breaking security. This is a mid-level role reporting to the AppSec Architect and can be based out of our Tel-Aviv or Jerusalem offices.

Responsibilities

• Build & automate: Develop and maintain internal security tooling, automated workflows, and AI security agents.
• Code integrity: Execute secure code reviews and provide actionable remediation guidance to engineering teams.
• Vulnerability management: Lead the tracking, triaging, and reporting of security flaws across all product lines.
• Best practice advocacy: Drive the adoption of secure coding standards, partnering with R&D and DevOps teams to embed security early and often.
• Extend our D&R capabilities: Build scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents.
• Document: Draft requirement documents for security products and innovative technologies.

Qualifications

• 2-4 years experience as an Application Security Engineer or similar role from a Software Development Company
• In-depth knowledge in threat modeling, risk management, and security controls.
• Experience with AI Security and Security AI.
• Proficiency with OWASP Top 10: API, LLM, and Agentic applications.
• Hands-on competency integrating security tools such as SAST, DAST, SCA, and API security testing.
• Familiarity with CI/CD pipelines and Infrastructure as Code implementation.
• Practical background in software development and coding.
• Extensive knowledge of cloud technologies and cloud-native applications, AWS and GCP.
• Cybersecurity certifications such as OSCP, GPEN, CSSLP - big advantage!
• Fluent communication in Hebrew and English

Required Skills

• Endless curiosity and passion for emerging technology
• Ability to handle prioritize and execute multiple tasks simultaneously.
• Ability to work collaboratively across multiple departments.
• Fluent in Hebrew & English - ability to lead meetings and present.
• Strong communication and collaboration skills.

Pay range and compensation package

None specified.

Equal Opportunity Statement

We are committed to setting each other up for success. As a member of our team, you will work within an environment that encourages growth, initiative taking and continuous mutual feedback in order to reach your full potential.