Payoneer Application Security Architect 

Israel, Center District, Petah Tikva 

261107548

What’s the job?

• Review and approve secure architecture designs for all developments for Payoneer customers, partners, integrators or in-house solutions, considering best practices, regulatory requirements and business objectives.
• Assist in creating or researching for security solutions – solving security challenges, both on-prem and in the cloud.
• Collaborate with cross-functional teams (mainly R&D and DevOps/DevSecOps) to define security requirements and design robust security controls for systems, both on-prem and in the cloud.
• Provide technical guidance and expertise to internal teams in selecting and integrating in-house solutions or third-party vendors.
• Design and implement cloud security solutions, such as network security, identity and access management, data protection and encryption.
• Stay up-to-date with the latest security technologies, threats, and trends, and provide recommendations for continuous improvement.
• Serve as a subject matter expert on application security, providing guidance and mentorship to other teams in the company.

Have you done this kind of stuff?

• 3+ years’ experience working as an Application Security Expert/Engineer/Architect or in a similar role.
• Experience and in-depth understanding of CI/CD workflows and methodology (Azure DevOps is an advantage)
• Strong knowledge of cloud computing platforms such as AWS, Azure, or Google Cloud, and their associated security services and features and deep understanding of cloud security principles and industry best practices.
• Multi-task skills: ability to work on multiple projects in parallel, providing application security support for different teams and initiatives in the company.
• Excellent communication and collaboration skills, with the ability to effectively convey complex security concepts to technical and non-technical stakeholders.

Advantages:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Hands-on experience with cloud security products such as Wiz, Aqua, etc.
• Hands-on skills with Microsoft enterprise ecosystem, including Active Directory/Azure Entra ID, Office 365 APIs, Azure Cloud services.
• Hands-on skills with AWS, Azure and GCP including work with API/SDK and CLI.
• Strong knowledge and experience with Kubernetes platform and services.
• Experience in evaluating and selecting cloud security solutions from both in-house solutions and third-party vendors.
• Relevant certifications (e.g., CCSP, AWS Certified Solutions Architect - Professional, Azure Solutions Architect Expert) are highly desirable.
• Experience/familiarity (hands-on) with security tools integrated into our CI/CD and production environments such as SonarQube, Snyk, Aqua, etc.
• Code review skills, mainly DotNet & Python
• Additional skills related to Secure Software Development Lifecycle (SSDLC) and Application Security (AppSec) further enhance the candidate's value. These skills may include risk assessments, threat modeling, vulnerability assessments or penetration testing and secure SDLC methodologies (such as Agile or DevSecOps)
• Experience in fintech or financial services industry
• Familiarity with regulatory requirements and compliance standards in the financial industry, such as PCI DSS, PSD2 and GDPR

What will your day-to-day job look like?

In your work, you will work closely with the different R&D groups and teams, providing application security guidance, discussing security challenges, reviewing new or changes in existing business flows and features, approve/decline, and/or provide guidelines and requirements to secure them. You will assist in researching for security solutions when needed and in overall security strategy and vision. You will explore existing vulnerabilities and risks to estimate the likelihood and impact, and strive to resolve them or reduce the risk by R&D, the DevOps team, or within the Cyber team. You will own some of the security tools (like Wiz, Snyk, Aqua) and will work to improve their coverage and configuration, and to route the security violations to the right owner for mitigation.

You will not act as an architect of a specific product and will not design security solutions from scratch. You may help to design secure frameworks like migrating data from on-prem to the cloud, or creating a secure environment for new technologies. You will provide requirements and guidelines, review findings from security tools, but will not do the actual implementation of fixes or the deployment of security tools and solutions.