Cyber Security Architect- Cloud and AppSec

Jerusalem, Israel
Information Security
Full time

The position

Mobileye is looking for a highly motivated and experienced individual for the Cyber Defense group at our Jerusalem campus; with the ability to engage with Mobileye's leading projects and technologies, extensive Cloud infrastructure and services and diverse development pipelines.
You will be working on protecting Mobileye's Corporate environments, Products, and Services against current cyber security threats. Specifically, you will be charged with assurance of cyber security controls within Mobileye's development environments, in the software development lifecycle (SDLC); and Cloud-based deployments.

What will your job look like:

  • As part of the Cyber-Defense Team at Mobileye, you will be responsible for defining and validating security aspects of the corporate, development and production environments.
  • The role entails conducting risk assessments, introducing and promoting use of code/pipeline security tools, and implementation of security controls and validation through security testing.
  • You will stay abreast of cyber related threat-intelligence, emerging attacks and regulatory requirements.
  • You will govern and define security requirements in the software development lifecycle (SDLC)
  • You will conduct Threat Modeling and Risk assessments, reviews of control and configurations, and conduct security checks (static and dynamic code analysis, vulnerability analysis and penetration tests) to validate effectiveness of implemented processes and controls.
  • You will review and guide implementation of security in cloud-based deployments running latest technologies.
  • You will take part in ongoing security maintenance efforts of vulnerability and incident management.

All you need is:

  • At least 5 years' experience in relevant Cybersecurity realms. Proven experience and considerable background in IT Security, Cloud Security, and Application Security.
  • Experience and understanding of CI/CD processes: inc. Gitlab, Jenkins, Ansible, Artifactory etc.
  • Ability to understand high-level code and scripting languages for the purpose of identifying viability of potential security issues.
  • Knowledge of Container Orchestration and Management Technologies (Containers: Dockers, Kubernetes, EKS, etc)
  • Should have knowledge of AWS architectural best practices security-requirements for designing and deploying scalable, highly available, and fault-tolerant systems, and sufficient knowledge to be able to select appropriate AWS services based on requirements.
  • Hands-On experience with auditing security controls in diverse technological environments.
  • Fluent English. Excellent verbal and written communication skills and the ability to interact professionally with a diverse group of developers, product owners, subject matter experts, as well as customers and vendors.

Advantages:

  • An academic degree (B.A/M.A/M.Sc.) in a relevant field.
  • Information security certificate from an industry-leading organization (e.g., CISSP, CEH, Offensive-Security, AWS  Security).


Mobileye changes the way we drive, from preventing accidents to semi and fully autonomous vehicles. If you are an excellent, bright, hands-on person with a passion to make a difference come to lead the revolution!