As part of the Cyber-Defense Team at Mobileye, you will be responsible for defining and validating security aspects of the corporate, development and production environments.
The role entails conducting risk assessments, introducing and promoting use of code/pipeline security tools, and implementation of security controls and validation through security testing.
You will stay abreast of cyber related threat-intelligence, emerging attacks and regulatory requirements.
You will govern and define security requirements in the software development lifecycle (SDLC)
You will conduct Threat Modeling and Risk assessments, reviews of control and configurations, and conduct security checks (static and dynamic code analysis, vulnerability analysis and penetration tests) to validate effectiveness of implemented processes and controls.
You will review and guide implementation of security in cloud-based deployments running latest technologies.
You will take part in ongoing security maintenance efforts of vulnerability and incident management.
All you need is:
At least 5 years' experience in relevant Cybersecurity realms. Proven experience and considerable background in IT Security, Cloud Security, and Application Security.
Experience and understanding of CI/CD processes: inc. Gitlab, Jenkins, Ansible, Artifactory etc.
Ability to understand high-level code and scripting languages for the purpose of identifying viability of potential security issues.
Knowledge of Container Orchestration and Management Technologies (Containers: Dockers, Kubernetes, EKS, etc)
Should have knowledge of AWS architectural best practices security-requirements for designing and deploying scalable, highly available, and fault-tolerant systems, and sufficient knowledge to be able to select appropriate AWS services based on requirements.
Hands-On experience with auditing security controls in diverse technological environments.
Fluent English. Excellent verbal and written communication skills and the ability to interact professionally with a diverse group of developers, product owners, subject matter experts, as well as customers and vendors.
An academic degree (B.A/M.A/M.Sc.) in a relevant field.
Information security certificate from an industry-leading organization (e.g., CISSP, CEH, Offensive-Security, AWS Security).