We are Via – Ride with us!
Via is developing the operating system that manages and controls shared mobility at scale.
Our platform provides many millions of rides to consumers in NYC, Chicago, Washington DC, London, Berlin, Amsterdam and many more locations.
We are helping cities transition their mobility systems from rigid lines and fixed schedules to on-demand networks of dynamic shuttles.
Our Tel-Aviv office is full of passionate and innovative professionals who love working together to make something great. If you are up for a challenge and have a true desire to make an impact - Come ride with us!
We are looking for an application security expert to join our R&D center in TLV.
The position is to be part of Via’s security team, which is responsible for the security and privacy of our riders, drivers and partners. This role is an opportunity to work across a variety of areas of the business and have real impact on the company.
- Provide engineering and product teams with the security expertise necessary to develop our products
- Integrate security tools, standards, and processes into the software life cycle (SDLC)
- Analyze, assess, and respond to security incidents
- Develop a strong security culture and capability and evolve the security champions program
- Perform security design reviews, threat modeling and vulnerability testing, while acting as a security mentor for developers
- Enable automated security testing at scale to measure vulnerability, and report on risk across all web and mobile platforms
- Build the security development training program to train developers on secure coding practices
- Strong background in secure application architecture design and threat modeling
- In-depth knowledge of web and mobile application vulnerabilities (OWASP)
- Significant experience in implementing security in the software development lifecycle and as part of the CI/CD
- Ability to articulate issues, risks, and propose solutions for various application security problems to developers
- +3 years of experience in application security
- Advantage: experience in pen-testing of web and mobile applications
- Advantage: experience working in DevSecOps environment