Cloud Security

הרצליה
משרה קבועה
משרה מלאה

לפני 28 ימים

AppsFlyer's Security team is looking for a hands-on Cloud Security Specialist with a strong focus on Identity & Access Management (IAM) to help drive our security posture across cloud environments. In this role, you'll be the go-to expert for IAM governance and cloud identity controls across AWS and GCP- enabling secure access at scale, while working closely with security, DevOps, and engineering teams to solve complex security problems.The ideal candidate is highly motivated, demonstrates a 'can do' attitude and needs to have a combination of technical and communication skills, as well as the ability to handle a mix of multiple tasks including projects and technical work.What you'll do:

Lead the design and enforcement of IAM controls across AWS and GCP.
Build and maintain secure role, permissions, and account structures aligned with least privilege and zero trust principles.
Manage and govern human and non-human (machine) access to sensitive SaaS applications (e.g., Okta, Git, etc.).
Monitor and improve cloud identity hygiene: users, roles, service accounts, federated access, and third-party integrations.
Automate detection and remediation of IAM misconfigurations and over-privileged identities.
Collaborate with DevOps and engineering to embed IAM best practices into infrastructure pipelines and app deployments.
Support incident response and investigations related to IAM abuse, access misuse, or privilege escalations.
Contribute to detection rules, playbooks, and cloud-specific DFIR processes.
Provide guidance during access reviews, role audits, and trust relationship validation..

What you have:

4+ years of experience in security, with at least 2-3 years focused on cloud IAM, especially in AWS (IAM roles, policies, STS, Organizations, Identity Center, SCPs).
Experience managing IAM in GCP (service accounts, workload identity federation, custom roles).
Solid knowledge of IAM principles: least privilege, zero trust, RBAC/ABAC, identity lifecycle, and access governance.
Familiarity with DFIR in cloud environments: log analysis, alert triage, evidence collection, and investigations.
Hands-on experience with infrastructure-as-code (e.g., Terraform, CloudFormation).
Proficient in scripting (e.g., Python, Bash) for automation and IAM enforcement.
Proven experience collaborating with engineers, SREs, and IT to solve complex identity and access issues.
Excellent English communication skills - verbal and written.
Self-starter with strong problem-solving skills and attention to detail.

Bonus Points:

Familiarity with Wiz or similar CSPM/CIEM platforms.
Certified AWS Security Specialty.
Experience in handling or supporting IAM-related incidents (escalations, investigations, remediation).
Experience with cloud-native detection tools (AWS GuardDuty, CloudTrail, GCP SCC, etc.)

As a global company operating from 25 offices across 19 countries, we reflect the human mosaic of the diverse and multicultural world in which we live. We ensure equal opportunities for all of our employees and promote the recruitment of diverse talents to our global teams without consideration of race, gender, culture, or sexual orientation. We value and encourage curiosity, diversity, and innovation from all our employees, customers, and partners.Oren Kaniel, CEO

AppsFlyer

הגש מועמדות