Product Security Architect
EOS (esh Group)
Job Overview
Who's the hiring manager?
Sign up to PitchMeAI to discover the hiring manager's details for this job. We will also write them an intro email for you.
Job Description
About eOS (esh Group)
Esh is an innovative banking technology group dedicated to modernizing finance by offering an efficient, automated, cloud-based banking platform. Our solution significantly reduces costs and time, fostering an improved financial experience between banks and their customers.
In an era of automated economic transactions and rapidly evolving machine learning, our novel banking platform presents a compelling alternative to outdated core systems. For the first time, we offer a complete end-to-end solution within a unified modular system. We are driving a technological revolution and reshaping the future of banking. Providing a Cloud base system, Deployed in AWS (multi-region, multi-AZ), our infrastructure must meet the highest standards of availability, security, compliance, and recoverability.
Join our groundbreaking technology company and be part of transforming the banking system.
The Role: Product Security Architect
We are looking for a Product Security Architect to join our Cyber Security team and make a significant impact on our groundbreaking platform. In this role, you will partner cross-functionally with engineering and product teams to embed security into the DNA of our software. Beyond just identifying vulnerabilities, you will architect secure solutions, automate security testing within the SDLC, and champion a security-first culture. You will provide expert technical guidance from the initial design phase through to deployment, ensuring our products remain robust, reliable, and secure.
Responsibilities
- Partner cross-functionally with engineering and product teams to integrate security milestones throughout the entire software development lifecycle.
- Champion security education by leading workshops on secure coding and threat modeling, empowering developers to build secure software.
- Participate in vulnerability management, including reproduction and triage, ensuring all security findings are resolved and verified.
- Lead critical security initiatives, including code reviews, architectural threat modeling, and rigorous product assessments.
- Engineer and deploy automated tooling and scalable processes to minimize risk and reduce manual security overhead.
- Build and embed automated security testing into development workflows to continuously validate code integrity.
Requirements
- 5+ years of experience in Application or Product Security, with a deep understanding of the Software Development Life Cycle (SDLC) and secure design principles.
- Proven track record in execution of threat modeling, architectural design reviews, and security code reviews to identify and mitigate risks early.
- Proficiency in reading and writing code in Python, Java, JavaScript, Swift, or similar languages (essential for code review and automation tasks).
- Hands-on expertise with security tooling (SAST, SCA, DAST) and penetration testing, including experience integrating these tools into CI/CD pipelines.
- Strong communication & collaboration skills: Fluent in English and Hebrew (written and spoken), with the ability to partner effectively with engineering teams and drive security culture.
Skills & Knowledge
- AppSec Tooling & Automation: Deep expertise in SAST, SCA, DAST, and interactive testing tools, with specific experience integrating them into CI/CD pipelines.
- Core Security Mechanisms: Solid understanding of encryption, authentication protocols, and authorization standards.
- Vulnerability Management: Comprehensive knowledge of common attack vectors (OWASP Top 10, CWE) and practical remediation strategies for web and mobile.
- Risk & Strategy: Proficiency in Threat Modeling frameworks and risk assessment methodologies to drive secure architectural design.
Advantage
- Educational Background: B.Sc./M.Sc. in Computer Science, Software Engineering, or a related technical field.
- Certifications: Advanced industry credentials such as OSWE, OSCP, CISSP, CISM, or equivalent.
- Advanced Automation: Experience building custom security tools or orchestrating complex CI/CD security integrations (e.g., GitHub Actions, Jenkins, GitLab CI).
- Mobile Expertise: Specialized background in mobile application development (iOS/Android) or mobile penetration testing.
- Community Engagement: Active contributions to open source projects, tool development, or public vulnerability research.
If you are up to the challenge of disrupting the banking industry - we are looking for you!
esh is proud to be an equal-opportunity workplace. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital state, disability, or gender identity.
Key skills/competency
- Application Security
- Product Security
- SDLC
- Threat Modeling
- Security Architecture
- SAST
- SCA
- DAST
- CI/CD Integration
- Vulnerability Management
How to Get Hired at EOS (esh Group)
- Research eOS's culture: Study their mission, values, recent news, and employee testimonials on LinkedIn and Glassdoor.
- Tailor your resume for Product Security: Highlight experience in secure design, threat modeling, and SDLC integration relevant to eOS.
- Showcase technical security expertise: Prepare to discuss SAST, DAST, SCA, CI/CD security, and coding proficiency in Python/Java.
- Emphasize collaboration and communication: Be ready to demonstrate your ability to partner cross-functionally and drive security education.
- Prepare for banking tech challenges: Understand the unique security demands of a cloud-native financial platform.
Frequently Asked Questions
Find answers to common questions about this job opportunity
Explore similar opportunities that match your background