Application Security Expert
monday.com is looking for an application security expert to provide application security services including secure coding techniques and reviews, education & awareness, processes and tools, security testing support and guidance for internal software development projects. You’ll join our Security Team based in our headquarters, Tel Aviv, Israel.
About The Role
monday.com is looking for an application security expert to provide application security services including secure coding techniques and reviews, education & awareness, processes and tools, security testing support and guidance for internal software development projects. You’ll join our Security Team based in our headquarters, Tel Aviv, Israel.
- Provide guidance on security best practice and compliance, and undertake security testing.
- Identify Application security risks and requirements for new projects and system developments.
- Sign-off on application security prior to live implementation
- Collaborate with the architecture and development teams to review code for security vulnerabilities and embed/improve security threat modelling and secure coding in the development lifecycle
- Provide technical specialist advice to ensure that security standards are understood and can be complied with.
- Collaborate with 3rd party suppliers to promote secure design and security testing.
- Develop security testing plans and integrate into the software development lifecycle.
- Perform and oversee security testing and manage remediation of identified vulnerabilities.
- Monitor and proactively report on current threats and vulnerabilities to application security.
- Prepare and monitor application security metrics and KPIs.
Your Experience & Skills
- 4+ years experience in software development.
- In-depth knowledge of application security vulnerabilities, testing techniques, and the OWASP framework.
- In depth understanding of secure web application development.
- Experience of web application and Agile development methodologies.
- Comprehensive knowledge of IT and information security subject matter.
- Exposure to methods of promoting security awareness.
- Strong communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships up to senior levels of management.
- Anticipates problems and identifies long-term implications of decisions and actions.
- Ability to work alone and build relationships across the organisation.
- Able to prioritise workload and drive work to set deadlines.
- Security certifications – CISSP, CISA, CISM (Not a Must).
- Technical certifications, e.g. GIAC ethical hacker, GIAC Certified Web Application Defender, GIAC Web Application Penetration Tester (Not a Must).
- Experience with cloud applications (Not a Must).
Meet the R&D team
The R&D Team is passionate about building innovative and lovable products, while tackling complex engineering problems at a great scale. We’re accountable for bringing the company’s vision to life by navigating our progress into flawless execution and encouraging full ownership and independence in all projects. The Security team is a small team made up of brilliant, hard-working team members that manage and lead the company’s security aspects across all areas. It is our responsibility to ensure that the company’s core assets and our users’ security and privacy are protected under the highest standards and at all costs.
Founders, employees and members of the startup ecosystem share knowledge, experience and actionable insights
Founders and members of the startup ecosystem share experience, advice, and tips
You can still apply. We’re always looking for amazing people! submit your resume and we’ll get in touch if anything comes up.