Cloud Security Engineer
3 days ago
AppsFlyer's Security team is looking for a hands-on Cloud Security Specialist with a strong focus on Identity & Access Management (IAM) to help drive our security posture across cloud environments. In this role, you'll be the go-to expert for IAM governance and cloud identity controls across AWS and GCP- enabling secure access at scale, while working closely with security, DevOps, and engineering teams to solve complex security problems.
The ideal candidate is highly motivated, demonstrates a 'can do' attitude and needs to have a combination of technical and communication skills, as well as the ability to handle a mix of multiple tasks including projects and technical work.
What You'll Do
- Lead the design and enforcement of IAM controls across AWS and GCP.
- Build and maintain secure role, permissions, and account structures aligned with least privilege and zero trust principles.
- Manage and govern human and non-human (machine) access to sensitive SaaS applications (e.g., Okta, Git, etc.).
- Monitor and improve cloud identity hygiene: users, roles, service accounts, federated access, and third-party integrations.
- Automate detection and remediation of IAM misconfigurations and over-privileged identities.
- Collaborate with DevOps and engineering to embed IAM best practices into infrastructure pipelines and app deployments.
- Support incident response and investigations related to IAM abuse, access misuse, or privilege escalations.
- Contribute to detection rules, playbooks, and cloud-specific DFIR processes.
- Provide guidance during access reviews, role audits, and trust relationship validation.
What You Have
- 4+ years of experience in security, with at least 2–3 years focused on cloud
IAM
, especially in AWS (IAM roles, policies, STS, Organizations, Identity Center, SCPs). - Experience managing
IAM
in GCP (service accounts, workload identity federation, custom roles). - Solid knowledge of IAM principles: least privilege, zero trust, RBAC/ABAC, identity lifecycle, and access governance.
- Familiarity with DFIR in cloud environments: log analysis, alert triage, evidence collection, and investigations.
- Hands-on experience with infrastructure-as-code (e.g., Terraform, CloudFormation).
- Proficient in scripting (e.g., Python, Bash) for automation and IAM enforcement.
- Proven experience collaborating with engineers, SREs, and IT to solve complex identity and access issues.
- Excellent English communication skills – verbal and written.
- Self-starter with strong problem-solving skills and attention to detail.
Bonus Points
- Familiarity with Wiz or similar CSPM/CIEM platforms.
- Certified AWS Security Specialty.
- Experience in handling or supporting IAM-related incidents (escalations, investigations, remediation).
- Experience with cloud-native detection tools (AWS GuardDuty, CloudTrail, GCP SCC, etc.)
As a global company operating from 25 offices across 19 countries, we reflect the human mosaic of the diverse and multicultural world in which we live. We ensure equal opportunities for all of our employees and promote the recruitment of diverse talents to our global teams without consideration of race, gender, culture, or sexual orientation. We value and encourage curiosity, diversity, and innovation from all our employees, customers, and partners.
"As a Customer Obsessed company, we must first be Employee Obsessed. We need to make sure that we provide the team with the tools and resources they need to go All-In." Oren Kaniel, CEO
-
Cloud Security Engineer
5 days ago
Herzliya, Tel Aviv, Israel Penlink Full time ₪120,000 - ₪180,000 per yearAbout Us:Penlink is a global leader in digital intelligence solutions. Our advanced technologies simplify complex data, empowering public safety organizations to make informed decisions quickly and effectively. We believe in the power of data-driven intelligence to accelerate clarity in decision-making for global security, strategic operations, and the most...
-
Senior Cloud Security Engineer-5430
5 days ago
Herzliya, Tel Aviv, Israel entrypoint Full time $90,000 - $120,000 per yearJob Description:We're looking for a Senior Cloud Security Engineer (DevSecOps) to join our engineering group and help lead our cloud protection, detection, and response initiatives. You'll collaborate with R&D, DevOps, and Compliance teams to embed security into the heart of how we build, deploy, and operate.Key Responsibilities:Cloud Security...
-
Cloud Security Researcher
5 days ago
Herzliya, Tel Aviv, Israel Varonis Full time ₪120,000 - ₪180,000 per yearSummary:Data has never been more valuable and vulnerable. As cybercriminals become more sophisticated and regulations become stricter, organizations struggle to answer one key question: "Is my data safe?"At Varonis, we see the world of cybersecurity differently. Instead of chasing threats, we believe that the most practical approach is to protect data from...
-
Cloud Security Researcher
5 days ago
Herzliya, Tel Aviv, Israel Varonis Systems Full time ₪120,000 - ₪360,000 per yearSummaryData has never been more valuable and vulnerable. As cybercriminals become more sophisticated and regulations more strict, organizations struggle to answer one key question: "Is my data safe?"At Varonis, we see the world of cybersecurity differently. Instead of chasing threats, we believe the most practical approach is protecting data from the inside...
-
Cloud Security Research Team Leader
1 week ago
Herzliya, Tel Aviv, Israel Varonis Full time ₪120,000 - ₪240,000 per yearSummaryData has never been more valuable and vulnerable. As cybercriminals become more sophisticated and regulations more strict, organizations struggle to answer one key question: "Is my data safe?"At Varonis, we see the world of cybersecurity differently. Instead of chasing threats, we believe the most practical approach is protecting data from the inside...
-
Security Engineer
3 days ago
Herzliya, Tel Aviv, Israel CodeValue Full time ₪60,000 - ₪120,000 per yearCodeValue is looking for a skilled and experienced Security Architect to join our team and take a leading role in designing, implementing, and governing the security posture of our cloud and enterprise environments. This individual will work closely with cross-functional teams to ensure security is embedded across systems, applications, and workflows,...
-
Herzliya, Tel Aviv, Israel Microsoft Full timeMicrosoft Specialized Cloud organization is responsible for tailoring cloud infrastructure to customer needs, addressing sovereignty, privacy and security requirements, across Azure cloud and Edge solutions. STORM security research group is responsible for making sure these products meet the highest security bar customers expect from us. We...
-
Security Engineer
3 days ago
Herzliya, Tel Aviv, Israel evoke Full timeAre you passionate about securing complex environments and safeguarding digital infrastructure?If yes, this could be the role for youWe are seeking a highly qualified and experiencedSecurity Engineerto join our cybersecurity team and lead the implementation of secure development practices across the entire software development lifecycle (SDLC). This...
-
Head of Security Engineering
2 weeks ago
Herzliya, Tel Aviv, Israel evoke Full time ₪120,000 - ₪180,000 per yearAre you passionate about building and maintaining a robust security infrastructure?Our Security Engineering team is at the forefront of protecting evoke's operations, working closely with cross-functional teams to safeguard our environment across cloud, on-prem, network, endpoints, and applications. As Head of Security Engineering, you'll lead this critical...
-
Specialized Cloud
3 days ago
Herzliya, Tel Aviv, Israel Microsoft Full timeThe Microsoft Specialized Clouds organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry are securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments. We foster a growth mindset and inspire excellence, empowering teams to innovate and bring their best each day. In...
