Product Security Architect

eshOS is seeking a Product Security Architect to join our Cyber Security team and make a significant impact on our groundbreaking platform. In this role, you will partner cross-functionally with engineering and product teams to embed security into the DNA of our software. Beyond just identifying vulnerabilities, you will architect secure solutions, automate security testing within the SDLC, and champion a security-first culture. You will provide expert technical guidance from the initial design phase through to deployment, ensuring our products remain robust, reliable, and secure.

About us

eshOS is rewriting the financial institutions operating playbook. We are building from scratch an end-to-end SaaS platform, providing a full suite of products and services, designed to create an autonomous environment for operating financial institutions. 

Our technology enables agility, consolidates data, and automates operations to a degree previously thought impossible. 

After a successful launch in Israel, we are now expanding to the U.S. with a clear goal of creating a world of fully autonomous financial institutions operations. 

If you are looking to solve complex problems and modernize an entire industry, this is where you belong.

Job Description
null

Responsibilities

• Partner cross-functionally with engineering and product teams to integrate security milestones throughout the entire software development lifecycle.
• Champion security education by leading workshops on secure coding and threat modeling, empowering developers to build secure software.
• Participate in vulnerability management, including reproduction and triage, ensuring all security findings are resolved and verified.
• Lead critical security initiatives, including code reviews, architectural threat modeling, and rigorous product assessments.
• Engineer and deploy automated tooling and scalable processes to minimize risk and reduce manual security overhead.
• Build and embed automated security testing into development workflows to continuously validate code integrity.

Requirements

• 5+ years of experience in Application or Product Security, with a deep understanding of the Software Development Life Cycle (SDLC) and secure design principles.
• Proven track record in execution of threat modeling, architectural design reviews, and security code reviews to identify and mitigate risks early.
• Proficiency in reading and writing code in Python, Java, JavaScript, Swift, or similar languages (essential for code review and automation tasks).
• Hands-on expertise with security tooling (SAST, SCA, DAST) and penetration testing, including experience integrating these tools into CI/CD pipelines.
• Strong communication & collaboration skills: Fluent in English and Hebrew (written and spoken), with the ability to partner effectively with engineering teams and drive security culture.

If you want to help build the OS for autonomous banking - we're looking for you

eshOS is proud to be an equal-opportunity workplace. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital state, disability, or gender identity.

Skills & knowledge

• AppSec Tooling & Automation: Deep expertise in SAST, SCA, DAST, and interactive testing tools, with specific experience integrating them into CI/CD pipelines.
• Core Security Mechanisms: Solid understanding of encryption, authentication protocols, and authorization standards.
• Vulnerability Management: Comprehensive knowledge of common attack vectors (OWASP Top 10, CWE) and practical remediation strategies for web and mobile.
• Risk & Strategy: Proficiency in Threat Modeling frameworks and risk assessment methodologies to drive secure architectural design.

Direct manager
null

Interfaces
null

Challenges
null

Advantage

• Educational Background: B.Sc./M.Sc. in Computer Science, Software Engineering, or a related technical field.
• Certifications: Advanced industry credentials such as OSWE, OSCP, CISSP, CISM, or equivalent.
• Advanced Automation: Experience building custom security tools or orchestrating complex CI/CD security integrations (e.g., GitHub Actions, Jenkins, GitLab CI).
• Mobile Expertise: Specialized background in mobile application development (iOS/Android) or mobile penetration testing.
• Community Engagement: Active contributions to open source projects, tool development, or public vulnerability research.

Think you have the passion and inner fire for it? Bring it on and challenge us

esh is proud to be an equal opportunity workplace. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital state, disability or gender identity.

Why Join Us?
null

---