Application Security Engineer
Cross River
AWSAzureCloudGoJavaJavaScriptJenkinsPythonSDLCTypeScript
Application Security Engineer
Cross River
full-time
Posted on:
Location Type: Hybrid
Location: Jerusalem • 🇮🇱 Israel
Visit company websiteJob Level
SeniorLead
Tech Stack
AWSAzureCloudGoJavaJavaScriptJenkinsPythonTypeScript
About the role
- Integrate security tools (SAST, DAST, SCA, secret scanning) into CI/CD pipelines using GitHub Actions, Jenkins, and related DevOps tooling
- Lead threat modeling and secure architecture reviews for new features, APIs, and blockchain systems
- Conduct smart contract security reviews and advise on cryptographic and wallet security patterns
- Coordinate penetration tests, manage bug bounty reports, and track remediation through development teams
- Build reusable security components, libraries, and developer-friendly guardrails
- Deliver internal training, build a security champion network, and drive adoption of AppSec best practices
- Produce security metrics, documentation, and audit evidence to support FFIEC, PCI DSS, SOC 2 compliance
- Stay current on evolving threats in blockchain, DeFi, GenAI, and supply-chain ecosystems
Requirements
- Native-level fluency in both English and Hebrew (written and verbal) - Must
- 7+ years in software or security engineering, including 5+ in application security roles
- Strong coding skills in a modern language (e.g., JavaScript/TypeScript, Python, Go, Java, C#)
- Deep experience securing cloud-native applications and APIs in AWS, Azure, or similar environments
- Hands-on experience with blockchain platforms - smart contract audits, key management, or custody
- Familiarity with modern DevSecOps pipelines and AppSec tooling (SAST, SCA, IaC scanners)
- Working knowledge of PCI DSS, NIST, OWASP ASVS, and other security frameworks
- Excellent problem-solving and communication skills, with the ability to influence engineers and leadership
Benefits
- Flexible hybrid model: 3 days a week in the office – A must
- ₪1,000 net monthly wellness benefit – from therapy to Pilates to your kid’s art class
- Full Keren Hishtalmut
- Private health & dental insurance
- Donation matching
- Volunteering days
- Team outings
- Mentorship programs
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
JavaScriptTypeScriptPythonGoJavaC#SASTDASTSCAcloud-native security
Soft skills
problem-solvingcommunicationinfluence
Certifications
FFIEC compliancePCI DSS complianceSOC 2 compliance