Aqua Security is a global leader in cloud-native security, protecting the world’s most advanced applications across containers, Kubernetes, serverless, and SaaS platforms.

We are looking for a Product Security Lead to take full ownership of security across our product - both SaaS and On-Prem environments.

This is a high-impact, high-visibility role at the intersection of Application Security, Cloud Security, and Architecture. You will combine hands-on technical work with strategic influence, shaping how security is embedded across our platform - from design to deployment.

If you’re passionate about building secure systems at scale, influencing architecture, and driving a security-first mindset, this is your opportunity to lead.

What You Will Own

• Define and drive end-to-end Product Security strategy across Aqua’s platform
• Lead threat modeling, secure design reviews, and architecture assessments
• Identify and remediate application-level vulnerabilities across services and APIs
• Embed security into CI/CD pipelines and development workflows (DevSecOps)
• Secure cloud-native environments (Kubernetes, containers, microservices
• Influence architecture and engineering decisions at scale
• Partner closely with R&D, DevOps, and Product teams to drive secure development
• Promote and scale a security-first culture across the organization
• Balance security, performance, and developer experience in production systems

• 6+ years of experience in Application Security / Product Security / Cloud Security (must)
• Strong hands-on experience combined with architectural thinking
• Deep understanding of modern architectures: microservices, APIs, SaaS platforms
• Proven experience securing Kubernetes, containers, and cloud-native environments
• Hands-on experience integrating security into CI/CD pipelines (DevSecOps)
• Strong knowledge of OWASP Top 10, common vulnerabilities, and secure coding practices
• Ability to work closely with engineering teams, including code reviews and design discussions
• Excellent communication skills and ability to influence cross-functional stakeholders

Nice to have:

• Experience working in a security product company
• Background in DevSecOps environments
• Familiarity with CVEs, vulnerability management, and disclosure processes