DevSecOps Engineer

At Yotpo, we are committed to creating secure, reliable, and innovative solutions for our customers. The Security Team is a core part of every aspect of Yotpo’s business - from customers to backend systems and everything in between. As a Senior Cloud Security Engineer, you will play an integral role in designing, maturing, and automating our cloud security controls. You will also contribute to other security domains and initiatives such as Incident Response, Security Monitoring and Risk Management. You will work in close partnership with our DevOps, R&D and Product teams to help strengthen our security posture and our platform.

Why Join Us:

• Engineers will immerse themselves in a complex, large-scale environment that offers the chance to work with diverse technologies. This unique setting is an exceptional opportunity for growth that not every company can provide.
• Be at the forefront of cybersecurity, tackling complex and emerging challenges.
• Freedom to innovate and implement impactful solutions that directly enhance Yotpo’s overall security posture.
• Engage with a wide range of projects to develop deep knowledge across multiple security domains.

Key Responsibilities:

• Serve as Cloud Security Subject Matter Expert (SME), actively supporting R&D and product teams in developing secure solutions.
• Design secure cloud architectures and implement practical, automated, and scalable controls across services in partnership with DevOps, R&D, and Product teams.
• Continuously assess cloud security posture, identifying gaps and opportunities to reduce risk and adopt best practices.
• Implement, mature, and automate end-to-end cloud security controls across AWS, Kubernetes, CI/CD pipelines, and self-managed systems.
• Lead and improve vulnerability management workflows; communicate vulnerabilities and mitigation strategies to stakeholders, balancing business agility and security.
• Own the full lifecycle of security initiatives from proof of concept (POC) and design to deployment and operation while promoting a security-first mindset.
• Maintain and develop the team knowledge base.
• Stay curious and enjoy working with modern security tools and technologies.

Requirements

• 5+ years of hands-on experience as Cloud Security Engineer, DevSecOps, or similar roles within an AWS environment.
• Expertise in managing cloud security controls (IAM, Security Groups/ACLs, WAF, IDS/IPS, load balancing, proxies, VMs, serverless).
• Experience securing Kubernetes and containerized workloads.
• Proficiency with Python/Bash scripting and automation.
• Experience with Infrastructure-as-Code (IaC), preferably Terraform, and CI/CD tooling (e.g., GitHub Actions).
• Strong communication skills to influence and guide teams as a cloud security SME.
• Excellent problem-solving skills for high-complexity environments.
• Excellent written and verbal English.

Preferred Qualifications (Nice to Have):

• AWS certifications (AWS Certified Solutions Architect, AWS Certified DevOps Engineer, AWS Certified Security - Specialty).
• Experience with CSPM, CNAPP, CWPP, and EDR solutions.
• Familiarity with security standards and frameworks (ISO, TSC, NIST) and their application to cloud environments.

Team Culture:

The Security Team at Yotpo thrives on risk-based thinking, vigilance, proactiveness, collaboration, and continuous learning. Every member plays a critical role in protecting our company and our customers. By fostering an atmosphere of trust and mutual respect, we empower each other to embrace challenges, share expertise, and innovate solutions.

What we offer:

• Track to success – work in a dynamic organization with ambient and laid-back office atmosphere
• Individualized career development, rewards, and recognition.
• Work-life balance – 25 days paid vacation with add-ons for loyalty, regular team buildings and celebrations in and outside the country
• Additional health insurance package
• Internal mobility program and refer-a-friend program
• Managing a fixed monthly budget for social benefits thru Re:Benefit – a flexible online benefits solution
• Food vouchers
• E-learning portals and knowledge sharing sessions.
• Company backed Hackathons, Tech conferences, workshops events, etc
• Stocked kitchen and bar.
• Equity in options.
• Flexible hybrid capacity

If you don’t meet 100% of the qualifications outlined above, that’s okay! We believe in hiring people, not just skills. If you have a passion to learn and are excited about eCommerce and technology, then we want to hear from you.

Help us be the best version of Yotpo by building something great together!