eToro is the world’s leading social trading and investing network, providing millions of users from around the world a one-stop-shop solution. Since 2007, eToro has positioned itself as a Fintech leader, pioneering revolutionary practices such as social trading and machine-learning-powered investment products while promoting culture and core values of Openness, Quality, Enjoyable, Inventive, Simplicity.
We are working with the most cutting-edge technologies, building new and exciting microservices-based distributed cloud systems.
We value independent, curious, and sharp people with knowledge in cloud security, software engineering, secure architecture - and most of all - we are looking for awesome people to work with.
What you’ll be doing
- Responsible for planning and design of security solutions and capabilities that enable the organization to identify and protect against cyber risks.
- Perform security threat modeling and risk assessments, and derive practical security requirements for our business initiatives
- Develop and maintain an applications development security strategic plan, roadmap and architecture process in alignment with enterprise policies and standards.
- Develop and implement security solutions and capabilities for applications teams that are clearly aligned with business, technology and threat drivers.
- Accompany R&D groups during the development life cycle, define requirements and audit the implementation.
- Provide input to strategic decisions that affect the functional area of responsibility.
- Be a part of an innovative security team in the heart of the business with challenging demands.
- Advocate and enforce cybersecurity best practices and share insights throughout the organization.
- Collaborate with business stakeholders to translate business requirements to secured implementations.
- Research and integrate new technologies
Requirements:
- At least 6 years of experience in a application cybersecurity discipline at a senior level.
- Verifiable experience reviewing application code for security vulnerabilities and implementing secure coding practices.
- Expert understanding of containers, virtualization strategies, serverless architecture, public cloud services and identity access management technologies.
- Experience in designing and deploying applications in cloud environments (experience with Azure or AWS is a must)
- Experience in depth with following concepts: SSDLC methodology, Cryptography, Secure Architecture.
- Penetration Testing Methodology & capabilities: both infrastructure and application is a significant advantage.
- Deep understanding of application security topics (e.g. OWASP Top 10)
- Have excellent problem solving and troubleshooting skills
- Strong analytical and communication skills.
- Proactive approach.
Advantages:
- SC-100, AZ500 or CEH certifications is an advantage.
- Understanding of blockchain technologies.
- Familiarity with DeFi systems (e.g. Compound, staking)
- Experience with forensic analysis is an advantage.
- Be passionate and motivated about your job
Sub Department:
IT- Production
