Senior Application Security Engineer

Who is Forcepoint?

Forcepoint simplifies security for global businesses and governments. Forcepoint’s all-in-one, truly cloud-native platform makes it easy to adopt Zero Trust and prevent the theft or loss of sensitive data and intellectual property no matter where people are working. 20+ years in business. 2.7k employees. 150 countries. 11k+ customers. 300+ patents. If our mission excites you, you’re in the right place; we want you to bring your own energy to help us create a safer world. All we’re missing is you!

A Senior AppSec Engineer partners closely with engineering and product teams to embed security into the software development lifecycle (SDLC), proactively identify risks, and ensure secure design, development, and deployment of products.

This role is based in the Forcepoint Israel office in Tel Aviv and follows a hybrid work model, with a minimum of two days per week working from the office.

Key Responsibilities

1. Secure SDLC & Design (Shift-left)

Lead threat modeling and secure design (SxD) activities

Define and enforce secure coding standards (e.g., OWASP Top 10)

Partner with engineering during architecture and design phases

2. Security Testing & Validation

Perform:

Code reviews (manual and tool-assisted)

Static analysis (SAST)

Dynamic testing (DAST)

Penetration testing

Identify, triage, and validate vulnerabilities

Support remediation and verify fixes

3. DevSecOps, Automation & AI Enablement

Integrate security tools into CI/CD pipelines

Automate scanning, reporting, and ticketing workflows

Build tooling to scale AppSec across products

Leverage AI/ML capabilities to enhance vulnerability detection, prioritization, and remediation workflows

4. Risk Assessment & Vulnerability Management

Assess risk, exploitability, and impact

Prioritize vulnerabilities and track remediation

Maintain security posture visibility across products

5. Engineering Partnership, Mentorship & Enablement

Work closely with developers to:

Explain security findings to both technical and non-technical audience

Recommend practical and effective fixes

Provide security guidance balancing usability and security, without impacting delivery

Deliver training and security awareness

Provide technical mentorship to engineers and junior AppSec team members

6. Security Advocacy & Communication

Act as a security champion across R&D

Communicate risk clearly to:

Engineers

Product managers

Leadership

Qualifications & Skills

Core Requirements

Bachelor’s degree in Computer Science, Security, or equivalent experience

5+ years in:

Application security

Software engineering with a security focus

Technical Skills

Strong knowledge of:

Web/application vulnerabilities (OWASP Top 10)

Secure coding practices

APIs, microservices, and cloud-native architectures

Hands-on experience in threat modeling and architecture reviews

Prior software development experience

Strong coding skills, preferably, C++ and Java, ability to read, write, and review code effectively

Hands-on experience with:

ASPM, SAST, DAST, and SCA tools

CI/CD and DevSecOps pipelines

Communication & Collaboration

Strong ability to:

Explain security issues in developer-friendly terms

Influence engineering decisions

Collaborate cross-functionally across R&D and product teams

Nice-to-have

Security certifications (e.g., CISSP, CSSLP, OSCP)

Experience with cloud-native stack and Windows internal

Experience applying AI/automation in security workflows

Familiarity with regulatory and compliance frameworks (e.g., SOC2, ISO27001)

Don’t meet every single qualification? Studies show people are hesitant to apply if they don’t meet all requirements listed in a job posting. Forcepoint is focused on building an inclusive and diverse workplace – so if there is something slightly different about your previous experience, but it otherwise aligns and you’re excited about this role, we encourage you to apply. You could be a great candidate for this or other roles on our team.

The policy of Forcepoint is to provide equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, ancestry, disability, veteran status, or any other legally protected status and to affirmatively seek to advance the principles of equal employment opportunity.

Forcepoint is committed to being an Equal Opportunity Employer and offers opportunities to all job seekers, including job seekers with disabilities. If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Company’s career webpage as a result of your disability. You may request reasonable accommodations by sending an email to [email protected].

Applicants must have the right to work in the location to which you have applied.