Back to All Positions
Israel

Product Security Specialist

Israel Full-time Intermediate

About The Position

SysAid, a pioneering SaaS firm in Enterprise Service Management, is celebrated for innovation and industry leadership. Featured in Gartner’s ITSM Magic Quadrant and honored with AWS’s Rising ISV Star Award, we serve 4,000+ clients spanning 140 countries, impacting over 9 million daily users.

Our commitment? Revolutionizing Enterprise Service Management with Generative AI.

We seek a Product Security Specialist for our growing security team. In this role, you’ll collaborate with our software development and DevOps teams to secure SysAid products, CI/CD infrastructure, and production infrastructure. 

Key Responsibilities:

  • Review and be able to reproduce reported vulnerabilities whether they were reported by customers or by penetration test results. 
  • Assist developers in finding remediation for security bugs and vulnerabilities. 
  • Plan detection use cases and deliver detection capabilities to identify attack tactics, techniques, and procedures.
  • Play a key role in the security incident response process.
  • Plan and manage penetration tests and vulnerability assessments with our Security contractors. 
  • Develop, promote, and monitor the adoption of sound cloud security practices.
  • Take ownership of vulnerability management and patching policies.
  • Identify and help mitigate security issues, misconfigurations, and vulnerabilities related to the SysAid infrastructure.
  • Collaborate with engineering, DevOps, and IT teams to ensure security is at the heart of what we do.
  • Lead threat modeling exercises around cloud-native, SaaS, and cloud-first technologies.
  • Mentor and provide technical leadership to other members of the Security team.
  • Manage vulnerability disclosure processes.

Requirements

  • Strong understanding of web application security principles, vulnerabilities, and attack vectors (e.g., OWASP Top 10, CWE/SANS Top 25).
  • Experience in reviewing and reproducing reported vulnerabilities, whether from customers or penetration test results, using manual testing techniques and tools.
  • Proficiency in using Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) platforms to identify security issues in code and running.
  • Experience in planning and implementing detection use cases to identify attack tactics, techniques, and procedures (TTPs) used by adversaries.
  • Capability to deliver detection capabilities using Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and endpoint detection and response (EDR) solutions.
  • expertise in using a wide range of penetration testing tools such as Metasploit, Burp Suite, Nmap, Nessus, Wireshark, SQLmap, John the Ripper, etc.
  • Ability to effectively utilize these tools for vulnerability scanning, network reconnaissance, exploitation, privilege escalation, password cracking, and data exfiltration.
  • Proficiency in using web application testing tools such as OWASP ZAP, Acunetix, AppSpider, and Netsparker for identifying security flaws and vulnerabilities in web applications (e.g., SQL injection, XSS, CSRF).
  • Security experience in AWS, GCP, or Azure; ideally including working with container and Kubernetes-based infrastructure
  • Leading security operations functions – including vulnerability management, detection, and incident response – in CI/CD and cloud-native production environments.
Back to all positions

Apply for this position

Not Finding Your Fit?

You’ve got a unique set of skills that no job post can capture – no problem. Show us what you got and we’ll see if anything fits. Send your CV to jobs@sysaid.com

We respect your privacy. By continuing to use our site, you agree to our privacy policy.

SysAid Reviews
SysAid Reviews