Overview

We are monday.com, a global software company transforming how businesses run. Our product suite can adapt to the needs of diverse industries and use cases within one powerful platform, empowering ~245,000 customers worldwide to reimagine how work gets done, drive greater efficiency, and scale like never before.

With over 2,500 employees across the globe, we grow by prioritizing transparency and knowledge sharing. We care about the impact you make, not the hours you clock, so we encourage initiative, ownership, and fresh thinking. We back our people with flexible work, wellness and mental health support, and a work environment built on collaboration.

monday.com is looking for an application security engineer to provide application security services including secure coding techniques and reviews, education & awareness, processes and tools, security testing support and guidance for internal software development projects. The Application Security Team is based in our headquarters, Tel Aviv, Israel - you’ll be joining another team member in London. monday.com works hybrid with 3 days in the London office.

About The Role

monday.com is looking for an application security engineer to provide application security services including secure coding techniques and reviews, education & awareness, processes and tools, security testing support and guidance for internal software development projects. The Application Security Team is based in our headquarters, Tel Aviv, Israel - you’ll be joining another team member in London. monday.com works hybrid with 3 days in the London office.

Responsibilities

• Provide guidance on security best practices and compliance, and undertake security testing.
• Develop security testing plans and integrate them into the software development lifecycle.
• Perform and oversee security testing and manage remediation of identified vulnerabilities.
• End-to-end work on reported vulnerabilities as part of the bug bounty program.
• Identify application security risks and requirements for new projects and system developments.
• Sign-off on application security prior to live implementation.
• Collaborate with the architecture and development teams to review the design and code for security vulnerabilities.
• Embed/improve security threat modeling and secure coding in the development lifecycle.
• Provide technical specialist advice to ensure that security standards are understood and can be complied with.
• Monitor and proactively report on current threats and vulnerabilities to application security.
• Prepare and monitor application security metrics and KPIs.
• Initiate and automate processes for detecting and monitoring the platform security and integrate security tools into the S-SDLC.
• Work with the local DevSecOps team to improve our S-SDLC and take part in our security incident response team.

Your Experience & Skills

• At least 3 years of experience in software engineering.
• At least 2 years of experience in application security.
• In-depth knowledge of application security vulnerabilities, testing techniques, and the OWASP framework.
• Team player able to build relationships across the organization, also remotely.
• In-depth understanding of secure web application development.
• Experience in web application and Agile development methodologies.
• Exposure to methods of promoting security awareness.
• Strong communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships up to senior levels of management.
• Anticipates problems and identifies long-term implications of decisions and actions.
• Ability to work and learn independently.
• Able to prioritize workload and drive work to set deadlines.
• Experience working with the hacker/pen-testing community.

Meet the security team

Meet the security team — read our blog post.

Equal opportunity

We believe in equal opportunity. monday.com is an equal opportunity employer and bans discrimination and harassment of any kind. monday.com is committed to the standard of equal employment opportunity for all employees and to creating and maintaining a workplace free of discrimination and harassment.

All qualified applicants will be considered for employment regardless of any personal characteristic. We encourage candidates from all backgrounds to apply, regardless of their race, religion, national origin, ethnicity, sexual orientation, gender identity, age, marital status, family or parental status, physical or mental disability or any other status protected by the laws or regulations in the locations where monday.com operates.

monday.com is committed to working with and providing access and reasonable accommodation to applicants with any disabilities. If you think you may require accommodation for any part of the recruitment process, please send a request to accommodations@monday.com.

All requests for accommodation are treated confidentially, as practical and permitted by law.