SeniorApplicationSecurityEngineer

**Who is Forcepoint?** Forcepoint simplifies security for global businesses and governments. Forcepoint’s all-in-one, truly cloud-native platform makes it easy to adopt Zero Trust and prevent the theft or loss of sensitive data and intellectual property no matter where people are working. 20+ years in business. 2.7k employees. 150 countries. 11k+ customers. 300+ patents. If our mission excites you, you’re in the right place; we want you to bring your own energy to help us create a safer world. All we’re missing is you! A Senior AppSec Engineer partners closely with engineering and product teams to embed security into the software development lifecycle (SDLC), proactively identify risks, and ensure secure design, development, and deployment of products. This role is based in the Forcepoint Israel office in Tel Aviv and follows a hybrid work model, with a minimum of two days per week working from the office. Key Responsibilities 1\. Secure SDLC & Design (Shift-left) * Lead threat modeling and secure design (SxD) activities * Define and enforce secure coding standards (e.g., OWASP Top 10) * Partner with engineering during architecture and design phases 2\. Security Testing & Validation * Perform: * Code reviews (manual and tool-assisted) * Static analysis (SAST) * Dynamic testing (DAST) * Penetration testing * Identify, triage, and validate vulnerabilities * Support remediation and verify fixes 3\. DevSecOps, Automation & AI Enablement * Integrate security tools into CI/CD pipelines * Automate scanning, reporting, and ticketing workflows * Build tooling to scale AppSec across products * Leverage AI/ML capabilities to enhance vulnerability detection, prioritization, and remediation workflows 4\. Risk Assessment & Vulnerability Management * Assess risk, exploitability, and impact * Prioritize vulnerabilities and track remediation * Maintain security posture visibility across products 5\. Engineering Partnership, Mentorship & Enablement * Work closely with developers to: