Description

• Conduct on-going Penetration testing activities across all Varonis platforms and services
• Identify and facilitate remediation of application and cloud security exposures and vulnerabilities
• Work to obtain the right mandate to ensure no new Varonis products or services are launched without the appropriate security controls
• Take a part in development lifecycle and integration of security features into all phases of software design and development
• Manage, aggregate, triage and track Vulnerabilities identified by external Assessors.
• Assist in implementing Security Testing tools (Dynamic, Static and Runtime) in the Varonis Testing pipeline
• Assist in defining testing scenarios for the Continuous Integration tests to cover identified vulnerabilities
• Work closely with R&D to enhance application security on all layers

• 3+ years of hands-on experience in Penetration Testing for application and cloud environments.
• Thorough understanding of cyber security frameworks, such as NIST CSF, CIS CSC
• Understanding of Cloud)AWS & Azure) technologies and SaaS environments
• Experience with web & application security, familiar with OWASP frameworks, solutions, and initiatives
• Experience with security solutions such Vulnerability scanners, and DAST solutions and more
• Experience with Container and K8s
• Experience conducting application penetration testing.
• Technical experience in network security technologies or security operations with a proven ability to engage and drive product and engineering priorities
• Work with the business to identify, capture, escalate, and close security vulnerabilities found in Varonis products.
• Leverage tools to deliver vulnerability information back to the development organization for remediation.
• Coordinate security risk assessments for new products & solutions through the risk assessment team.
• Maintain a risk register and risk visual with clearly defined owners for each risk.
• Contribute to product/solution security frameworks and standards to reduce development cycle of new products and services and to ensure consistency across the different products and platforms.
• Develop, institute, and maintain cloud security architecture standards

• Partner with key product & solutions development leaders to ensure security is incorporated in all customer-facing product offerings.
• Build solid working relationships with business stakeholders to maintain and improve product and application security processes.
• Partner with architecture and development leaders to develop shared software frameworks to enable consistent application of secure coding best practices across the enterprise.
• Research latest security best practices when it comes to device/instrument/IoT, staying current on new vulnerabilities and threats, and ensure these are addressed in Varonis’ products and services.