Careers Careers
All Open Positions

Application Security Lead

Information & Security Tel-Aviv

If you shop online (and who doesn’t these days?), then chances are you’ve already interacted with Yotpo. We’re a leading eCommerce marketing platform, on a mission to help brands of all sizes accelerate their growth through exceptional customer experiences. Loyalty programs, SMS marketing, reviews, and visual user generated content are our bread and butter, but we have more solutions up our sleeve, too.

We have teams across the world, including the US, UK, Israel, Bulgaria and Australia — and we’re still growing. Yotpo secured a $230 million fundraising round in March 2021, our valuation is now $1.4 billion, and our primary goal is to deliver the best technology in the industry. You can hear all about it in our latest brand video

Sound exciting? Then read on, because we’re in pursuit of the best and the brightest minds to help us achieve our vision.

Responsibilities:

  • Lead Yotpo’s application security program
  • Partner with R&D and product leaders to design secure architecture and best practices for Yotpo’s applications
  • Manage the bug bounty program
  • Security assessments and threat modeling
  • Evaluate architecture, design, and code to ensure they are free from potential vulnerabilities and security risks
  • Prioritizing application security efforts
  • Continuously assess and challenge overall security posture to ensure optimal and up-to-date platform security in our products and systems
  • Lead and deliver secure development training, mentor R&D about security frameworks, testing, vulnerabilities, and best practices to ensure code compliance
  • Responsibility for processes, tools, and documentation that will support production security requirements
  • Work with DevOps to define security monitoring, alerting, and reporting to identify actionable security intelligence
  • Coordinate external vulnerability scans and penetration testing, and review vendor quality and effectiveness
  • Support security and compliance evaluations, including client security questionnaires, and document and implement remediation measures
  • Evaluate new technologies and standards in the security domain

 

Desired Skills and Experience:

  • 4+ years of hands-on experience in a security engineering role
  • Solid experience with designing and running secured applications with SSDLC, vulnerability tracking, logical access controls, identity management, data loss prevention, intrusion detection, WAF, API protection, and DDoS prevention technologies
  • Experience with standard web application security tools such as BurpSuite.
  • Strong understanding of common security attacks and their remediation
  • Experience with identifying, tracking, and solving security vulnerabilities in Open Source components used as third-party dependencies
  • Experience with cloud environments (AWS preferred)
  • Knowledge of security incident response practices and a customer-oriented approach
  • Excellent problem-solving skills and the ability to work independently with a strong sense of ownership

 

 

Interested in Yotpo?
Schedule a call with one of our marketing consultants to learn more.
Thank you.
We'll be in touch in no time! In the meantime, take a look at what our customers are saying about Yotpo.
Yotpo customers logosYotpo customers logosYotpo customers logos
Laura Doonin, Commercial Director recommendation on yotpo

“Yotpo is a fundamental part of our recommended tech stack.”

Shopify plus logo Laura Doonin, Commercial Director