DevSecOps Engineer at Cyolo

Ramat Gan, Tel-Aviv District, Israel -

Full Time

Start Date

Immediate

Expiry Date

18 Jul, 26

Salary

0.0

Posted On

19 Apr, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

DevSecOps, Cloud Security, CI/CD, Infrastructure as Code, AWS, GCP, Azure, Terraform, CloudFormation, IAM, Threat Modeling, Vulnerability Management, SOC 2, SAST, SCA, CSPM

Industry

Computer and Network Security

Description

At Cyolo, security is part of the product. We are looking for a motivated and results-driven DevSecOps Engineer to take ownership of securing our platform, drive improvements across our CI/CD pipelines and cloud infrastructure, and strengthen Cyolo’s security posture while enabling fast, safe delivery for our customers. You will work closely with R&D teams, embedding security into code, pipelines, and infrastructure while keeping engineering velocity high. You will take on high-scale security challenges, implement automations and improvements in our security tooling, and drive solutions that keep our platform safe and reliable. As the DevSecOps Engineer, you will: Be hands-on, end-to-end, securing Cyolo’s applications and cloud infrastructure Implement and operate application security controls across the SDLC Build, integrate, and maintain security automation inside CI/CD pipelines Actively review code, IaC, and architecture from a security perspective Perform threat modeling and guide engineers toward secure design decisions Identify, triage, and remediate application and infrastructure vulnerabilities Own IAM architecture, permissions, access policies, and secrets management Execute and manage penetration testing, vulnerability scans, and bug bounty findings Be hands-on in implementing SOC controls and evidence collection Support internal and external audits with strong technical ownership Improve security monitoring, alerting, and incident response capabilities As the DevSecOps Engineer, you should have: 5+ years of hands-on experience in DevOps, Application Security, and Infrastructure Security Proven experience working on production SaaS systems Strong software engineering skills with solid application security expertise Strong hands-on experience securing cloud environments (AWS / GCP / Azure) Practical experience with CI/CD, IaC, and DevOps tooling (GitHub Actions, Terraform, CloudFormation, etc.) Hands-on experience with security tools such as CSPM, SAST, SCA, and secret scanning (Orca, Veracode, or similar) Experience building automations and integrations around security tooling Familiarity with security frameworks such as SOC 2 Requirements null

Responsibilities

The DevSecOps Engineer will secure the company's applications and cloud infrastructure by embedding security controls into CI/CD pipelines and the SDLC. They will also perform threat modeling, manage IAM architecture, and oversee vulnerability remediation and security audits.