Application Security Engineer

Rishon Lezion
Post Sale & Security – Security /
Full - time /
Hybrid
Apply for this job
ControlUp creates an autonomous workplace where the day runs itself.
We’re a leader in DEX, unifying digital employee experience and IT operations into one powerful platform built for modern workplace management. By combining real-time monitoring, automation, and proactive remediation, ControlUp enables IT teams to prevent issues before they impact employees, reduce operational complexity, and streamline IT environments, without the clutter of multiple tools. With ControlUp, IT works smarter, employees stay productive, and the workday runs itself. One platform. One powerful shift in how work flows.
No tool sprawl. No wasted time. No interruptions. Just technology that runs smoothly, so people can get on with work that matters.

The Role
We are seeking an Application Security Engineer with a strong technical background in identifying and mitigating security vulnerabilities in web applications. This role goes beyond traditional security assessments - you will play a key part in strengthening our security posture by performing vulnerability research, developing automation tools, collaborating closely with development teams, and fostering a security-first mindset across the organization.

How You’ll Spend Your Day

    • Continuously assess and challenge Controlup’s overall security posture to ensure it's free from vulnerabilities
    • Participate in design reviews and threat modeling sessions
    • Work closely with development, devops and product teams to ensure vulnerabilities are avoided at an early stage
    • Review and prioritize findings of code scanning tools (SAST, SCA)
    • Build automations to assist with detecting vulnerabilities
    • Educate Developers and Devops engineer
    • Answer on technical questions raised by customers

Your Experience and Qualifications

    • 3+ years of experience in web application security/penetration testing
    • A Deep understanding of web and cloud security threats, exploits, prevention
    • Ability and willingness to write scripts/tools to automate security tasks
    • Ability to communicate complex security concepts to both technical and non-technical audiences clearly and effectively
    • A proactive and creative mindset
    • Previous experience in an Application Security role within a SaaS company - an advantage
    • Application security certificates such as OSWE, eWPTX, GWEB, GWAPT - an advantage
    • Previous experience with security pitfalls of Hybrid SAAS products (on-premise agents talking with cloud services) - an advantage
Apply for this job

ControlUp Home Page

Jobs powered by Lever logo