We are building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely. With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem - we’re reshaping how financial technology is developed and delivered.
The Role
We’re seeking a Senior Application Security Engineer to be the go-to security expert for our software and blockchain engineering teams. In this high-impact role, you’ll embed security across the entire SDLC—from CI/CD pipelines to smart contracts—helping us build secure-by-design systems that power the future of fintech and digital assets.’
You’ll lead threat modeling, drive secure development practices, and automate guardrails that make security effortless for developers. As part of a collaborative security team, you’ll influence architecture, compliance, and innovation while protecting millions of users and billions in assets.
Responsibilities
- Integrate security tools (SAST, DAST, SCA, secret scanning) into CI/CD pipelines using GitHub Actions, Jenkins, and related DevOps tooling
- Lead threat modeling and secure architecture reviews for new features, APIs, and blockchain systems
- Conduct smart contract security reviews and advise on cryptographic and wallet security patterns
- Coordinate penetration tests, manage bug bounty reports, and track remediation through development teams
- Build reusable security components, libraries, and developer-friendly guardrails
- Deliver internal training, build a security champion network, and drive adoption of AppSec best practices
- Produce security metrics, documentation, and audit evidence to support FFIEC, PCI DSS, SOC 2 compliance
- Stay current on evolving threats in blockchain, DeFi, GenAI, and supply-chain ecosystems
:
Requirements
- Native-level fluency in both English and Hebrew (written and verbal)—Must
- 7+ years in software or security engineering, including 5+ in application security roles
- Strong coding skills in a modern language (e.g., JavaScript/TypeScript, Python, Go, Java, C#)
- Deep experience securing cloud-native applications and APIs in AWS, Azure, or similar environments
- Hands-on experience with blockchain platforms—smart contract audits, key management, or custody
- Familiarity with modern DevSecOps pipelines and AppSec tooling (SAST, SCA, IaC scanners)
- Working knowledge of PCI DSS, NIST, OWASP ASVS, and other security frameworks
- Excellent problem-solving and communication skills, with the ability to influence engineers and leadership
Please send CV to [email protected]
