Security Specialist

Description:

About Port

At Port.io, we are building an open and flexible Agentic Engineering Platform for modern engineering organizations. Following our recent $100M Series C funding round, we are in a phase of rapid hypergrowth with strong enterprise momentum.

We act as the central nervous system for engineering, enabling platform teams to unify their stack and expose it as a governed layer through golden paths for developers and AI agents. By combining rich engineering context, workflows, and actions, we help organizations transition from manual processes to autonomous, AI-assisted engineering workflows while maintaining control and accountability. 

As a product-led company, we believe in building world-class platforms that fundamentally shape how modern engineering organizations operate.

About Your Day-to-Day

As a Security Specialist, you will play a meaningful role in shaping how Port operates and scales its security posture. You will be the hands-on backbone of our security team, you will keep our systems running, respond to alerts, and ensure our SDLC is secure from commit to production.

You will work closely with R&D, DevOps, and the IT team, take ownership over daily security operations and automations, and help transform complex security threats into clear, structured outcomes.

Responsibilities

• Own and execute daily security operations with independence and accountability, including monitoring, triaging, and responding to alerts across all platforms.
• Collaborate with R&D and DevOps to align security priorities within the CI/CD pipeline and embed secure coding practices into the development lifecycle.
• Turn ambiguity into structured processes by building SOAR playbooks to automate repetitive tasks and creating detection rules tuned to Port’s environment.
• Drive high-quality execution in vulnerability management, coordinating remediation with engineering teams according to strict SLA timelines.
• Communicate clearly by documenting incident root causes, maintaining security dashboards (MTTD/MTTR), and reporting on security metrics.
• Continuously improve workflows by tuning security tools (EDR, CNAPP, IAM), suppressing false positives, and automating evidence collection for compliance.

What Success Will Look Like

Success in this role means becoming a trusted, reliable contributor who brings clarity and stability to Port’s security environment.

Within the first months, you are expected to:

• Take full ownership over the security alert workflow and operate independently in incident investigation.
• Deliver consistent, high-quality outcomes in managing our security tooling stack (EDR, IAM, and secrets management).
• Proactively identify gaps in the SDLC security gates or inefficiencies in manual triage and address them through automation.
• Build strong working relationships with the Engineering and IT teams based on trust and accountability.
• Contribute to a calmer, more predictable, and better-organized security environment by reducing noise and automating toil.

• 3+ years of experience in security operations, SecOps, or security engineering roles.
• Hands-on experience operating EDR/XDR platforms and cloud security services (IAM, CSPM, SIEM).
• Deep understanding of the SDLC and experience embedding security tools (SAST, SCA) into CI/CD pipelines.
• Experience building automations and playbooks using SOAR platforms or scripting (Python, Bash).
• Strong incident response skills, including triaging alerts and conducting root cause analysis.
• Hybrid position based in our Tel Aviv office.
• Excellent written and verbal English skills

Personal Attributes & Mindset

• High ownership mentality: You take responsibility for the security stack and follow through on every alert.
• Strong sense of structure: You can manage vulnerability SLAs and maintain precise security policies.
• Comfortable with ambiguity: You can take a vague threat and turn it into a clear detection rule or automated playbook.
• Collaborative by nature: You enjoy working as a partner to R&D to solve security challenges without slowing down development.
• Curious and self-driven: You are motivated to stay ahead of emerging threats and continuously improve Port's defenses.

Nice to Have

• Relevant certifications: CompTIA Security+, GSEC, CySA+, or AWS Security Specialty.
• Experience with CNAPP/CSPM or code security platforms.
• Familiarity with compliance frameworks (SOC 2, ISO 27001) from an operational perspective.