<p>We are looking for</p> <p>An Application Security Engineer to join the AppSec team at our Rehovot/Haifa sites, within the Headquarters & GO division. If you are passionate about application security, DevSecOps, and finding real vulnerabilities in complex environments - this is your opportunity to work hands-on with advanced technologies and make a real impact in a leading defense organization.</p> <p>In this role you will</p> <p>Implement and operate application security controls within CI/CD pipelines (SAST, SCA, DAST, secrets scanning)</p> <p>Perform application security assessments, including code reviews and vulnerability analysis</p> <p>Support and enforce secure SDLC (SSDLC) practices across development teams</p> <p>Analyze and validate vulnerabilities, reducing false positives and prioritizing real risks</p> <p>Work closely with developers to drive remediation and improve secure coding practices</p> <p>Assist in software supply chain security, including SBOM analysis and open-source risk management</p> <p>Integrate security findings into SIEM (Sentinel) and support detection use cases</p> <p>Collaborate with DevOps and R&D teams to ensure security-by-design implementation</p> <p>Requirements</p> <p>Bachelor's degree in Computer Science, Information Security, or a related field</p> <p>3-5 years of experience in Application Security, Cybersecurity, or DevSecOps</p> <p>Strong understanding of OWASP Top 10, secure coding principles, CI/CD pipelines, and modern application architectures</p> <p>Hands-on experience with SAST, DAST, or SCA tools and web application testing tools (e.g. Burp Suite)</p> <p>Basic scripting skills (Python / Bash)</p> <p>Good communication skills in English</p> <p>Experience with JFrog Xray, Black Duck, SIEM systems (Microsoft Sentinel), API security testing, or cloud environments (AWS / Azure) - Advantage</p> <p>Background in penetration testing or bug bounty - Advantage</p> <ul> <li>Only relevant applications will be answered </li></ul> <p>#Haifa</p>