תיאור התפקיד
Application Security Engineer
IT Information Security
At Cross River, we're building the financial infrastructure that powers global innovation. With our cutting-edge suite of embedded payments, cards, and lending solutions, we enable millions of businesses and consumers to transact seamlessly and securely
With 900+ employees worldwide and an R&D center of over 160 employees in Jerusalem – we’re reshaping how
We’re seeking a Senior Application Security Engineer to be the go-to security expert for our software and blockchain engineering teams. In this high-impact role, you’ll embed security across the entire SDLC – from CI/CD pipelines to smart contracts—helping us build secure-by-design systems that power the future of fintech and digital assets
You’ll lead threat modeling, drive secure development practices, and automate guardrails that make security effortless for developers. As part of a collaborative security team, you’ll influence architecture, compliance, and innovation while protecting millions of users and billions in assets
A proactive self-starter with deep expertise in application and cloud security
Passionate about secure development and enabling engineers through thoughtful guardrails
Clear and confident communicator who can influence across technical and non-technical teams
Curious about emerging threats and excited by the challenges of blockchain security
Committed to excellence, with a strong sense of ownership and a drive to build secure systems that scale
What You’ll Actually Be Doing
Integrate security tools (SAST, DAST, SCA, secret scanning) into CI/CD pipelines using GitHub Actions, Jenkins, and related DevOps tooling
Lead threat modeling and secure architecture reviews for new features, APIs, and blockchain systems
Conduct smart contract security reviews and advise on cryptographic and wallet security patterns
Coordinate penetration tests, manage bug bounty reports, and track remediation through development teams
Build reusable security components, libraries, and developer-friendly guardrails
Deliver internal training, build a security champion network, and drive adoption of AppSec best practices
Produce security metrics, documentation, and audit evidence to support FFIEC, PCI DSS, SOC 2 compliance
Stay current on evolving threats in blockchain, DeFi, GenAI, and supply-chain ecosystems
דרישות התפקיד
Native-level fluency in both English and Hebrew (written and verbal) – Must
7+ years in software or security engineering, including 5+ in application security roles
Strong coding skills in a modern language (e.g., JavaScript/TypeScript, Python, Go, Java, C#)
Deep experience securing cloud-native applications and APIs in AWS, Azure, or similar environments
Hands-on experience with blockchain platforms – smart contract audits, key management, or custody
Familiarity with modern DevSecOps pipelines and AppSec tooling (SAST, SCA, IaC scanners)
Working knowledge of PCI DSS, NIST, OWASP ASVS, and other security frameworks
Why You’ll Love Working Here
You’ll help secure some of the most innovative products in fintech and crypto – while collaborating with brilliant, supportive teammates who care deeply about doing things the right way. Our security culture is proactive, collaborative, and continuously improving. You’ll have the autonomy to lead impactful initiatives, influence design from day one, and grow alongside a team that’s invested in modern tooling and professional development
Excellent problem-solving and communication skills, with the ability to influence
Next Step
Hit Apply. Bring your AppSec mastery abilities. We’ll bring the challenge – and the snacks
engineers and leadership
