DevSecOps engineer
Chorus.ai
ZoomInfo is where careers accelerate. We move fast, think boldly, and empower you to do the best work of your life. You’ll be surrounded by teammates who care deeply, challenge each other, and celebrate wins. With tools that amplify your impact and a culture that backs your ambition, you won’t just contribute. You’ll make things happen–fast.
General Function/Role Purpose:
The security analyst is responsible for identifying, assessing, and helping to remediate security findings and threats while driving automation across the multiple vulnerabilities scanners. Including secure development lifecycle, CSPM, DSPM and pentests results. This role blends hands-on application security expertise with a strong focus on security tooling, integration into CI/CD pipelines, and developer enablement to ensure scalable and continuous security practices across multiple environments and products.
Primary Duties:
- Operate and optimize automated scanning tools (e.g., SAST, DAST, SCA, IaC, ASPM, etc.) to continuously identify security flaws in applications and infrastructure across multiple product environments
- Develop and maintain workflows and playbooks for triage, validation, prioritization, and remediation of vulnerabilities
- Develop automation flows using dedicated automation tool to support security activities
- Strong background in security analysis and familiarity with coding. The ideal candidate should be able to conduct code reviews, identify vulnerabilities, and provide actionable feedback to development teams to enhance security.
- Collaborate closely with engineering, DevOps, and product teams to track and drive timely remediation of vulnerabilities across our infrastructures, products environments and our code
- Drive adoption of secure coding practices through training, tooling, and documentation.
- Automate vulnerability tracking and reporting using ticketing systems (e.g. Jira) and dashboards to improve visibility and accountability.
- Maintain and enforce vulnerability SLAs and remediation timelines in alignment with internal policies and industry standards
- Continuously evaluate and improve the efficiency, accuracy, and developer-friendliness of the vulnerability management process
- Own and maintain our internal security posture and risk security score
Knowledge, Skills, and Abilities Required
- Bachelor’s degree in Computer Science or related field - preferred
- Relevant certifications in the cybersecurity field highly desirable
- 3+ years of experience in security related roles: such as application security engineer, Pentester, etc.
- Experience in information security risk analysis, application security and vulnerability management.
- Good written communication and presentation skills with the ability to present security issues to a variety of audiences both in Hebrew and English
- Must be self-directed, able to manage individual projects or act as part of a larger team
Working Conditions
Hybrid, Normal office environment.
About us:
ZoomInfo (NASDAQ: GTM) is the Go-To-Market Intelligence Platform that empowers businesses to grow faster with AI-ready insights, trusted data, and advanced automation. Its solutions provide more than 35,000 companies worldwide with a complete view of their customers, making every seller their best seller.
ZoomInfo may use a software-based assessment as part of the recruitment process. More information about this tool, including the results of the most recent bias audit, is available here.
ZoomInfo is proud to be an equal opportunity employer, hiring based on qualifications, merit, and business needs, and does not discriminate based on protected status. We welcome all applicants and are committed to providing equal employment opportunities regardless of sex, race, age, color, national origin, sexual orientation, gender identity, marital status, disability status, religion, protected military or veteran status, medical condition, or any other characteristic protected by applicable law. We also consider qualified candidates with criminal histories in accordance with legal requirements.
For Massachusetts Applicants: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. ZoomInfo does not administer lie detector tests to applicants in any location.