Application Security Expert

monday.com is looking for an experienced Application Security Expert to provide application security services including secure coding techniques and reviews, education & awareness, processes and tools, security testing support and guidance for internal software development projects. You'll join our Application Security Team based in our headquarters, Tel Aviv, Israel.

About The Role

monday.com is looking for an experienced Application Security Expert to provide application security services including secure coding techniques and reviews, education & awareness, processes and tools, security testing support and guidance for internal software development projects. You'll join our Application Security Team based in our headquarters, Tel Aviv, Israel.

• Provide guidance on security best practice and compliance, and undertake security testing.
• Identify Application security risks and requirements for new projects and system developments.
• Review application security prior to live implementation.
• Collaborate with the development teams to review the design and code for security vulnerabilities.
• Embed/improve security threat modeling and secure coding in the development lifecycle.
• Provide technical specialist advice to ensure that security standards are understood and can be complied with.
• Develop security testing plans and integrate into the software development lifecycle.
• Perform and oversee security testing and manage remediation of identified vulnerabilities.
• End-to-end work on reported vulnerabilities as part of the bug bounty program.
• Take part in the security incident response team.
• Monitor and proactively report on current threats and vulnerabilities to application security.
• Initiate and automate processes for detecting and monitoring the platform security and integrate security tools into the S-SDLC.

• At least 2-4 years of experience in software engineering.
• At least 1-3 years of experience in application security.
• Passion and knowledge of application security vulnerabilities, testing techniques, and the OWASP framework.
• Team player able to build relationships across the organization.
• In depth understanding of secure web application development.
• Experience in web application and Agile development methodologies.
• Knowledge of IT and information security subject matter.
• Exposure to methods of promoting security awareness.
• Strong communication (verbal/written) and influencing skills.
• Anticipates problems and identifies long-term implications of decisions and actions.
• Ability to work and learn alone.
• Able to prioritize workload and drive work to set deadlines.