monday.com is looking for a DevSecOps Lead who will join our Infrastructure Group and lead the efforts to strengthen and improve our cloud infrastructure security. The DevSecOps Lead will provide oversight and expertise to the Infrastructure teams, build and define cross-R&D policies and processes, lead security-centric projects and continuously advance the security posture in our AWS cloud and third-party SaaS vendors.

Your role:

• Build a team of DevSecOps engineers 
  Define monday.com cloud security standards, KPI and SLAs for cloud security weaknesses
  Partner with the team for prioritization, planning, tracking, and progress reporting
  Monitoring AWS security issues (environmental and runtime)
  Support and mentor the Infrastructure teams with security-related issues
  Identify, evaluate, and implement the best solutions for security findings in a production environment
  Assess monday.com environments for security risks and mitigations
  Provide oversight and promote improvements for our cloud-based infrastructure including network, system, data, IAM, and security-oriented cloud services
  Implement proactive security tooling for anomaly detection and prevention
  Design, implement and manage our defense infrastructure which handles DDoS mitigation, WAF, and global rate limiting
  Running network Penetration Tests and other best practices on a recurring basis
  Perform threat simulations to identify and detect possible risks
  Provide security recommendations on service design and policy
  Lead and build our Incident Response Team and help perform root cause analysis and implement the needed mitigation steps in real-time

Requirements:

• 3+ years of experience leading DevSecOps team
  Extensive experience defining, developing, deploying, monitoring, and improving security products in the cloud
  Experience in designing a secure large-scale cloud service architecture
  Experience with defining, creating, implementing, and improving cloud solutions
  Understanding of microservice security and CI/CD processes
  Preferred experience with SQL, Machine Learning, analytics, automation, and cloud applications
  Ability to see the big picture, focus on risk assessment, and act according to the monday.com risk appetite
  Excellent communication skills, and ability to work with different stakeholders
  Scripting skills with Powershell, Python, Perl, or similar- advantage
  Knowledge of Docker, Kubernetes, and other container technology -advantage
  Certifications in security – CISSP, OSCP -an advantage

Offer:

• We offer a very attractive base salary up to 40k PLN (UoP)
• Amazing shares package options
• yearly bonus