AppSec Team Leader

Description

Location: Ra'anana

#LI-Hybrid

About Us:

DRIVENETS is driving and leading the next generation networks with our solution. Founded to solve the “data explosion challenge,” our cutting-edge technology and solution have created a paradigm shift in the economy of networks. Through smart and high-performance bit processing on merchant silicon and commodity hardware, we enable new revenue opportunities and sustainable growth for our customers, even as Internet usage explodes. Our system is a cornerstone of this mission, and we are looking for a talented developer to take it to the next level.

About the Role

We are looking for a hands-on and experienced Application Security Team Leader to drive our product and infrastructure security strategy and execution.

You will lead a team responsible for integrating security into our development workflows, managing vulnerabilities, and securing our use of open source and third-party components. This role requires both strong technical skills and the ability to lead and collaborate across multiple engineering functions.

Key Responsibilities

• Team Leadership & Strategy

 – Build and lead the Application Security team, setting goals and ensuring successful delivery of security initiatives.

 – Define and drive the application security roadmap in collaboration with R&D, DevOps, and Product.

• CI/CD Security Tool Integration

 – Oversee integration and maintenance of SAST, SCA, and DAST tools in CI/CD pipelines.

 – Ensure security checks are automated and embedded early in the development lifecycle.

• Open Source & Package Mapping

 – Guide the team in mapping and maintaining an inventory of open source and third-party components across the product.

 – Identify critical dependencies and oversee continuous monitoring and hardening efforts.

• Vulnerability Detection, Tracking & Reporting

 – Lead monitoring for CVEs affecting the OS, kernel, standard packages, and containers.

 – Ensure vulnerabilities are documented, tracked, and addressed through coordinated patching and remediation.

 – Communicate risks and progress to stakeholders via clear, actionable reports.

• Risk Mitigation & Component Hygiene

 – Oversee efforts to identify and replace outdated or redundant software components.

 – Ensure timely updates of third-party packages to mitigate known vulnerabilities.

 – Promote secure software component usage and lifecycle management across teams.

Requirements

• 5+ years of experience in Application Security, DevSecOps, or related fields, with at least 1–2 years in a leadership role.

• Proven experience integrating security tools (e.g., Coverity, JFrog, SonarQube, DAST tools) into CI/CD pipelines.

• Strong understanding of software supply chain risks, CVE tracking, and open source security.

• Familiarity with modern CI tools such as Jenkins and GitHub.

• Scripting experience in Python and Bash.

• Deep understanding of common vulnerability types (e.g., CVEs, OWASP Top 10) and how to mitigate them.

• Strong communication and reporting skills with the ability to translate security risks to stakeholders and developers.

Nice to Have

• Coding experience in C/C++.

• Experience with SBOM standards and tools.

• Exposure to container security (e.g., Docker, Kubernetes).

• Background in networking or infrastructure-heavy environments.