Description

This is us

Kaltura’s (NYSE:KLTR) mission is to power any video experience for any organization – live, on-demand, or real-time. We not only want to make using video simpler, but we also want to better people’s lives through video. Founded in 2006, Kaltura is now a global leader in the video market with millions of people using our products daily to teach, learn, watch, connect, and collaborate. Among our customers, you’ll find more than 1000 global, well-known organizations.

15+ years since starting the company, we continue to foster a diverse and collaborative work environment where everyone gets a say. Our team is currently 700+ people, and we’re still growing. We have offices in New York, London, Singapore, and Tel Aviv, but our technology is all in the cloud.

Kaltura has a fast-paced environment where initiative is always encouraged. Together with our hybrid work model and flexible state of mind, you get the right conditions for creative juices to flow freely. Thanks to our long line of products, cultivation of rich collaborative culture and care for each Kalturian, you’ll never run out of room to grow and evolve.

If you don't meet 100% of the requirements below - that's okay, nobody's perfect! We believe in hiring people, not just a list of skills. We encourage you to apply if you think this is a role that would make you excited about coming to work every day.

Requirements

The role:

We are looking for a Senior Application Security Engineer to join Kaltura Cyber Security and take the lead in securing the company’s products and AI products.

The role will focus on driving SSDLC practices across all divisions while partnering with engineering and product teams to ensure security is embedded into every stage of development.

The day-to-day:

Partner with product and engineering teams to embed a security-first mindset across the SDLC
Perform design reviews, threat modeling, code reviews, and drive remediation of vulnerabilities
Manage and optimize application security tools (SAST, SCA,IaC,…), including rule fine-tuning and developer support
Lead and support penetration tests, security assessments, and hands-on testing of applications and services
Mentor developers to raise security awareness and drive adoption of best practices
Implement security automation frameworks and support development of product security features (authentication, cryptography, etc.)
Respond to RFPs and customer questionnaires regarding application security

Ideally, we’re looking for:

3+ years of experience as an Application Security Engineer in cloud (preferably AWS) and SaaS environments
Strong knowledge of attack vectors, vulnerabilities, and mitigations (OWASP, SANS)
Experience integrating security into containerized development, CI/CD, and IaC (Terraform)
Hands-on experience with application security testing tools and code reviews
Programming background with one or more languages (Java, C#, .NET, PHP, Python, etc.)
knowledge in AI models and AI security.

These would also be nice:

Bachelor’s degree in Computer Science, Engineering, or related field
Security certifications (GCIH, GWEB, CEH, OSCP, CISSP)
Experience with cryptography, Docker/Kubernetes, and AWS security best practices

The perks:

Hybrid, flexible work environment
Extended private health (including mental) insurance
Personal and professional development programs
Occasional Cross company long weekends