DriveNets

Application Security Leader

DriveNets  •  Hybrid  •  2 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Title: Application Security Leader

Location: Ra'anana

#LI-Hybrid 4 days a week in office

About The Company

DriveNets is a leader in large-scale networking solutions for AI infrastructure and service providers. The company’s disaggregated networking architecture transforms the economics of large-scale infrastructures while maximizing performance, utilization, and operational efficiency. Its high-performance AI fabric maximizes GPU utilization and accelerates deployments by optimizing the AI stack end-to-end, resulting in higher tokens-per-second and lower cost-per-token. DriveNets’ solutions power production networks for global tier-1 operators like AT&T and Comcast, and scale multi-vendor AI infrastructures at foundation model labs, NeoClouds, and enterprises.

About the Role

We are looking for a talented Application Security Manager to join our CISO team and lead the application security practice at DriveNets. You will be the primary owner of AppSec across our product portfolio, working closely with Product, R&D, and DevOps teams to embed security into the software development lifecycle and collaboratively build a strong, scalable security posture.

This is a foundational role. DriveNets delivers ISP-grade networking software to some of the world’s largest telecommunications providers. The security of our products is directly tied to the trust our customers place in us and to our ability to meet contractual, compliance, and audit obligations including ISO 27001 and SOC 2, DRA.

What You’ll Do

Product & R&D Collaboration

  • Work closely with Product, R&D, and DevOps teams to define high-level and detailed security requirements for various features and product releases.
  • Partner with R&D teams to review code for security vulnerabilities, both manually and through automated and AI tooling at machine speed.
  • Guide R&D teams on secure coding best practices and how to remediate findings effectively.
  • Drive and track the progress of security bug resolution with R&D and DevOps teams, ensuring issues are prioritized and closed on time.
  • Security Champions. Establish, guide, and lead a Security Champions program across all Business Units embedding security ownership into R&D, Product, and DevOps teams to continuously elevate the organization's overall security posture.
  • Metrics, Define and provide product security metrics that deliver clear visibility to all BUs and leadership, enabling the right business decisions while effectively managing product security risks at the executive level.

Application Security Operations

  • Build, maintain, and continuously improve AppSec processes and tools across the SSDLC.
  • Lead as SME representing the CISO as focal point on the AI factory program and forum.
  • Perform periodic application-level penetration tests on major features and product versions.
  • Evaluate the security posture of third-party tools, libraries, and vendors from an application security perspective.
  • Integrate and operate SAST, DAST, and SCA tooling into CI/CD pipelines; manage findings triage and remediation workflows.
  • Assess container and Kubernetes security posture; enforce hardening standards across the deployment stack.

Leadership & Team Development

  • Lead the AppSec function, building and expanding the team over time to match the company’s growth.
  • Mentor engineers and security team members on application security concepts and practices.
  • Act as the AppSec subject matter expert across the organization, including for external-facing engagements.

Compliance & Audit

  • Work on RFP and audit responses as needed, representing the AppSec program to customers and auditors.
  • Maintain evidence and documentation for ISO 27001, SOC 2 & DRA controls related to secure development and vulnerability management.
  • Support supply chain security reviews for ISP customers (e.g., AT&T) with application security artifacts.

Requirements

What We’re Looking For

Must Have

  • 10+ years of hands-on experience in the application security field, including deep familiarity with the SSDLC process including hands on with several security tools.
  • 2+ years of leadership experience managing people, driving programs, or leading cross-functional security initiatives.
  • Deep knowledge of common application-level vulnerabilities and mitigation strategies:
  • OWASP Top 10, SANS CWE Top 25, OWASP GenAI Security Project
  • Injection, authentication, authorization, cryptographic, and supply chain vulnerabilities
  • Strong manual code review skills across one or more of: Java, C/C++, Python, Node.js.
  • Hands-on experience with SCA, SAST, DAST, CI/CD tools and the ability to integrate them into development workflows.
  • Familiarity with container security, Docker, and Kubernetes environments.
  • Cloud security knowledge (AWS, Azure, or GCP) and ability to assess cloud-native application risks.
  • Excellent communication skills able to interface effectively with DevOps, R&D, and business stakeholders.
  • Ability to work well under pressure and independently, while also collaborating across teams.
  • Projectable thinking: ability to plan ahead, anticipate security gaps, and build toward a target posture.

Added Value

  • Background in a well-known, globally recognized security or technology organization.
  • Penetration testing (PT) experience at the application layer.
  • Experience with PI (Product Increment) planning and Agile security integration.
  • Hands-on experience with Applicative HO (Hardening & Operations) in production environments.
  • Familiarity with threat modelling methodologies (STRIDE, PASTA, or equivalent).
  • Experience responding to ISP or enterprise customer security questionnaires and audits.
  • ISO 27001, SOC2, DRA compliance exposure.

What You’ll Get

  • A foundational role: you will shape the AppSec practice, not inherit it.
  • Direct access and partnership with the CISO and cross company.
  • Backing from executive leadership this hire is prioritized and approved at CEO level.
  • Work in an AI-first company building infrastructure that powers global ISP networks.
  • The opportunity to build and expand a team as the program matures.
  • Competitive senior-level in a winning AI first company.About the Role
  • We are looking for a talented Application Security Manager to join our CISO team and lead the application security practice at DriveNets. You will be the primary owner of AppSec across our product portfolio, working closely with Product, R&D, and DevOps teams to embed security into the software development lifecycle and collaboratively build a strong, scalable security posture.
  • This is a foundational role. DriveNets delivers ISP-grade networking software to some of the world’s largest telecommunications providers. The security of our products is directly tied to the trust our customers place in us and to our ability to meet contractual, compliance, and audit obligations including ISO 27001 and SOC 2, DRA.
  • OWASP Top 10, SANS CWE Top 25, OWASP GenAI Security Project
  • Injection, authentication, authorization, cryptographic, and supply chain vulnerabilities
  • Strong manual code review skills across one or more of: Java, C/C++, Python, Node.js.
  • Hands-on experience with SCA, SAST, DAST, CI/CD tools and the ability to integrate them into development workflows.
  • Familiarity with container security, Docker, and Kubernetes environments.
  • Cloud security knowledge (AWS, Azure, or GCP) and ability to assess cloud-native application risks.
  • Excellent communication skills able to interface effectively with DevOps, R&D, and business stakeholders.
  • Ability to work well under pressure and independently, while also collaborating across teams.
  • Projectable thinking: ability to plan ahead, anticipate security gaps, and build toward a target posture.

More About DriveNets 

Based in Israel with extended teams located in the US, Japan, and Romania, DriveNets operations cover more than twelve countries globally. Powering production networks for global tier-1 operators, DriveNets is a leader in large-scale networking solutions for AI infrastructure and service providers. Visit our website to learn more:

https://drivenets.com/company/ 

If your experience is close but doesn’t fulfill all requirements, please apply. DriveNets is on a mission to build a special company comprised of individuals with different backgrounds, perspectives, and experiences.

DriveNets is an equal opportunity employer. We do not discriminate based on upon race, religion, national origin, sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with disability, or other applicable legally protected characteristics.

DriveNets

About DriveNets

DriveNets is a rapidly growing software company that has created a radical new way for service providers and hyperscalers to build their networking infrastructure. DriveNets Network Cloud and DriveNets Network Cloud-AI are new innovative networking solutions that apply the cloud architectural approach to high-scale networking. They bring together the scalability of standard Ethernet Clos architecture with the high performance and reliability of service provider networking, delivering optimal networking performance, scale and cost structure for service providers and hyperscalers.

Founded by Ido Susan and Hillel Kobrinsky, two successful telco entrepreneurs, DriveNets Network Cloud is the leading open disaggregated networking solution based on cloud-native software running over standard white boxes.

Over three funding rounds, DriveNets raised $587 million. Its solutions are used by tens of service providers globally and are in proof-of-concept and lab trials at dozens of operators and hyperscalers, consistently ranking #1 in trials for breadth of capabilities and solution quality. AT&T, the largest backbone in the US, deployed DriveNets Network Cloud across its core network, and DriveNets is currently transporting more than 52% of AT&T’s core network traffic. DriveNets is engaged with over 100 Tier-1 operators and cloud-providers on large projects in North America, Asia and Europe.

Industry
IT & Software
Company Size
201-500 employees
Headquarters
Raanana, IL
Year Founded
2015
Social Media