Information Security Specialist responsible for protecting systems and data at Ituran. Collaborating with teams and ensuring compliance with security measures and regulations.
About the role
- Security Engineer working with engineering teams to build secure products at Aircall. Focused on risk identification and management throughout the software development lifecycle.
Responsibilities
- Partner with engineering teams to review designs and implementation plans, identifying security risks early and recommending mitigations.
- Perform threat modeling for new features and major changes, helping teams document risks, assumptions, and security controls.
- Identify and help remediate common vulnerability classes across services and APIs (e.g., auth/authz, injection, data exposure, logic flaws).
- Triage and support remediation of vulnerabilities identified through SAST/DAST tools, internal testing, or third-party findings.
- Conduct security testing and validation, including targeted manual testing for high-risk areas.
- Help improve secure development practices by creating reusable guidance, checklists, and secure patterns for engineering teams.
- Contribute to security tooling and automation that improves coverage, reduces false positives, and streamlines security reviews.
- Assist with product security incidents by supporting investigation, impact analysis, and follow-up remediation.
- Communicate security risks clearly and pragmatically, helping teams prioritize effectively and ship safely.
- Document learnings and contribute to evolving product security processes and standards.
Requirements
- 2–5 years of experience in Product Security, Application Security, or software engineering with a strong security focus.
- Strong understanding of web application and API security fundamentals and common vulnerability classes (OWASP Top 10).
- Experience performing security reviews, threat modeling, or secure architecture assessments for software systems.
- Familiarity with security testing tools and practices (SAST/DAST, dependency scanning, fuzzing, manual testing).
- Comfort reading and reviewing production code in at least one language (e.g., Python, Go, Java, JavaScript/TypeScript).
- Exposure to automated or AI-assisted security tools or workflows, and interest in applying them to improve developer experience and security outcomes.
- Ability to work cross-functionally with engineering teams and communicate findings in a constructive, actionable way.
- Proven ability to drive remediation efforts and follow through on risk reduction outcomes.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Senior Cloud & Information Security Engineer responsible for EC Markets' technical security posture. Designing and operating secure systems while ensuring regulatory compliance and cloud infrastructure security.
Product Security Engineer focusing on ensuring software resilience against attacks during development phases. Collaborating with DevOps and Engineering teams to enhance security protocols.
IT audit specialist responsible for executing technology and cybersecurity audits at an international bank in Zurich. Collaborating with top management to enhance internal controls and efficiencies.
IT Systemadministrator focusing on Sophos Security at bauXpert GmbH. Responsible for IT infrastructure management and support tasks in a hybrid environment.
Cyber Security Specialist designing and implementing security controls for Squarcle clients. Supporting compliance with regulations and best practices in a digital environment.
Head of Security at Street Group managing organizational security and working with IT and Engineering teams. Leading security posture and compliance while mitigating emerging threat vectors.
Cybersecurity Data Analyst Internship at Schneider Electric. Contributing to real - world projects in a dynamic team environment.
Security Consultant providing technical leadership in electronic security systems engineering for complex built environments. Leading projects through all lifecycle stages while engaging with clients and contractors.
Senior Application Security Engineer at Enova Consulting in Genève, specializing in web application security and WAF solutions for critical projects.