Head of Application Security
Check Point Software Technologies · Tel Aviv, Tel Aviv, Israel
Computer and Network Security · 5,001-10,000 employees
About the role
Lead the application security team to develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework. Oversee security integration across the development lifecycle, including risk assessments, threat modeling, and incident response.
What they look for
Requirements
Requires a Bachelor's degree in Computer Science or a related field with at least 7 years of application security experience, including 3 years in leadership. Must be proficient in secure coding practices, security automation tools (SAST/DAST), and programming languages like Java or Python.
Full description
Company Description
We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools. This position reports directly to an R&D VP.
Job Description
- Lead the application security team, providing strategic direction and mentorship.
- Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
- Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
- Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
- Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
- Implement and manage security automation tools and processes to enhance the efficiency of security operations.
- Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
- Provide expert guidance on security architecture and design for new and existing applications.
- Lead incident response efforts related to application security breaches and vulnerabilities.
- Foster a culture of security awareness and continuous improvement within the organization.
Qualifications
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Minimum of 7 years of experience in application security, with at least 3 years in a leadership role.
- Proven experience in implementing and managing SSDLC frameworks.
- In-depth knowledge of security frameworks and methodologies.
- Strong understanding of threat modeling methodologies, secure coding practices and common vulnerabilities (e.g., OWASP Top Ten).
- Proficiency in programming languages such as Java, Python, C#, or similar.
- Experience in implementing security tools and technologies such as ASPM, SAST, DAST  in complex and high-scale environment.
- Excellent communication and leadership skills, with the ability and passion to drive change across the organization.
- Relevant certifications such as CISSP, CISM, or CSSLP are desirable.
- Proven experience in a similar role at another leading software development company.
- CP Department: Products - R&D
- Office Location: Tel-Aviv
- Career site Category: R&D