DevSecOps Engineer

Gong is one of Israel's most valued private software companies. Our solution uses machine learning and AI to automate big parts of customer-facing roles. Over 3000 innovative companies like Google, Amazon, AT&T, Linkedin, Novartis, Appsflyer, Monday, Walkme, Taboola, trust Gong to power their customer reality.

At Gong, we're building new-generation, machine-learning based software that automates big parts of customer-facing roles by "understanding" their conversations and related work.

• Our solution guides sales professionals, coaches them on how to become better, performs tasks for them, and directs them to the best actions.

As a DevSecOps engineer, you'll play a key role in securing, defining, optimizing, and building our rapidly expanding cloud, infrastructure, and internal tools, with a deep focus on security tools, methodologies, and best practices.

You will be a part of our DevOps team, adding to our cloud infrastructure expertise with special focus on security related fields, such as:

• Helping to secureour growing fleet of cloud services.
• Guiding the security and architecture of new services.
• Supporting our monitoring and alerting systems.
• Developing threat detection strategies to identify potential risks.
• Automating all aspects of security control deployment.
• Acting as focal point for security and compliance-related queries and strategies.

Basic Qualifications:

• 3+ years of DevOps, with a deep understanding of cloud security and best practices.
• Ability to identify common security risks, and to formulate and execute security strategies.
• Experience with market-leading security tools and providers Scripting & development skills, preferably in Python.
• Extensive knowledge of Internet protocols, architectures, and security design principles.
• Experience with AWS security & encryption components such as IAM Policy, KMS, GuardDuty, Cloudtrail, SSO, etc. (or equivalent).
• Hands on experience with 3rd party security solutions, such as Snyk / Wiz / Orca / AquaGood understanding of security projects that address risks, including patching, secure build, vulnerability scanning and remediation, logging and monitoring, threat management, and user awareness.
• Proven ability of gathering and maintaining evidence for security and compliance.
• Self-motivated with the drive to keep moving things forward

Preferred Qualifications:

• One or more security-related certifications, such as CISSP, CEH, CISA, CISM, SECURITY+ or similar.
• Experience in triaging security alerts and executing incident response.
• Experience with virtualization technologies, especially with AWS services .
• Strong sense of ownership, urgency, and drive
• Experience in Compliance Requirements (e.g. SOC2, ISO27001, HIPAA, PCI, etc.)
• Here at Gong, we like to encourage our employees to express their personality and identity (whether gender, ethnic, religious, or sexual), and we ensure fairness and equal opportunities.
• If this consideration is important to you when choosing a work place, we'd love to see you with us.