Security Engineer • Senior

Who you are

You have 5+ years of experience in a senior DevSecOps or Application/Product Security role, demonstrating deep expertise in DevSecOps principles and a strong understanding of the modern application threat landscape, including the OWASP Top 10. Your proven ability to 'shift left' security by embedding automated security controls such as SAST, DAST, SCA, and IAST into CI/CD pipelines sets you apart. You possess hands-on experience managing and hardening open-source software dependencies, showcasing your mastery in open source security and supply chain management.

Your expertise in utilizing Software Composition Analysis (SCA) tools like Dependency-Check, Snyk, and Black Duck allows you to maintain an accurate Software Bill of Materials (SBOM) for all products. You are a vulnerability and risk management pro, with a proven ability to establish and own a continuous CVE tracking and remediation process. You excel in risk-rating vulnerabilities based on exploitability and business impact, driving engineering teams to efficiently remediate security risks using automation.

What you'll do

In this role, you will bridge high-level security governance with hands-on, automated security implementation across the Software Development Life Cycle (SDLC). You will empower teams to move swiftly while upholding the required security standards, ensuring that security practices are integrated into the development process. Your contributions will be critical in balancing rapid innovation with robust security practices, enabling the organization to deliver exceptional value to clients.

You will collaborate closely with engineering teams to embed security controls into CI/CD pipelines, ensuring that security is a fundamental aspect of the development process. Your role will involve continuous monitoring and improvement of security practices, as well as educating teams on the importance of security in their workflows. You will also be responsible for maintaining an accurate Software Bill of Materials (SBOM) and managing open-source software dependencies effectively.

What we offer

At Taboola, we offer a dynamic work environment where you can realize your potential and contribute to a leading performance-driven advertising company. We encourage you to apply even if your experience doesn't match every requirement, as we value diverse perspectives and backgrounds. Join us in our mission to empower teams and uphold security standards while driving innovation.