DevSecOps and Cloud Security Engineer

Jerusalem, Israel
IT & Information Security – Information Security /
Full time /
Hybrid
Mobileye is looking for a highly motivated and experienced individual for the Cyber Defense group at our Jerusalem campus; with the ability to engage with Mobileye's leading projects and technologies, extensive Cloud infrastructure and services and diverse development pipelines.
You will be working on protecting Mobileye's Corporate environments, Products, and Services against current cyber security threats. Specifically, you will be charged with assurance of cyber security controls within Mobileye's development environments, in the software development lifecycle (SDLC); and Cloud-based deployments.

As part of the Cyber-Defense Team at Mobileye, you will be responsible for defining and validating security aspects of the corporate, development and production environments.
The role entails conducting risk assessments, introducing, and promoting use of code/pipeline security tools, and implementation of security controls and validation through security testing.

What will your job look like:

    • You will stay abreast of cyber related threat-intelligence, emerging attacks and regulatory requirements.
    • You will govern and define security requirements in the software development lifecycle (SDLC)
    • You will conduct Threat Modeling and Risk assessments, reviews of control and configurations, and conduct security checks (static and dynamic code analysis, vulnerability analysis and penetration tests) to validate effectiveness of implemented processes and controls.
    • You will review and guide implementation of security in cloud-based deployments running latest technologies.
    • You will take part in ongoing security maintenance efforts of vulnerability and incident management.

All you need is:

    • At least 2-3 years' proven experience in Cloud Security and DevSecOps.
    • Experience and understanding of CI/CD processes: inc. Gitlab, Jenkins, Ansible, Artifactory etc.
    • Ability to understand high-level code and scripting languages to identify viability of potential security issues.
    • Knowledge of Container Orchestration and Management Technologies (Containers: Dockers, Kubernetes, EKS, etc).
    • Should have knowledge of AWS security best practices.
    • Hands-On experience with auditing security controls in diverse technological environments.
    • Fluent English. Excellent verbal and written communication skills and the ability to interact professionally with a diverse group of developers, product owners, subject matter experts, as well as customers and vendors.

Advantages:

    • · An academic degree (B.A/M.A/M.Sc.) in a relevant field.
    • · Information security certificate from an industry-leading organization (e.g., CISSP, CEH, Offensive-Security, AWS Security).
    • · Project management experience.


Mobileye changes the way we drive, from preventing accidents to semi and fully autonomous vehicles. If you are an excellent, bright, hands-on person with a passion to make a difference come to lead the revolution!