HiBob
Cloud Security Engineer
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About HiBob
HiBob is a modern HR platform, also known as "Bob,"designed to enhance how organizations manage their workforce. Founded by Ronni Zehavi and his co-founders, HiBob focuses on people-centric HR technology, moving away from traditional process-oriented solutions. The company serves over 2,500 multinational companies across various industries and has been recognized in the Forbes Cloud 100 in both 2022 and 2024. The Bob platform is a comprehensive Human Capital Management (HCM) system that supports organizations at all levels, including C-suite executives. Its key features include culture and engagement management, employee growth and wellbeing promotion, and workforce management automation. HiBob continuously innovates by regularly introducing new features and AI options, helping companies enhance productivity and improve employee engagement. Notable clients include Cazoo, Hopin, Monzo, Happy Socks, Fiverr, and VaynerMedia, all of which utilize Bob to improve their employee experience and drive business outcomes.
Security at HiBob
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
“HiBob views security as a foundational element of their product and a critical component of customer trust. - **Mission:** "Security is a trust issue with reputational implications."– HiBob AI Guide. - **Developer Collaboration:** The team emphasizes remediation support over simple gating: "We maintain a dedicated in-house product security team to test and work with engineering teams to remediate any discovered issues."– HiBob Security Page. - **Risk Approach:** Security is integrated into the build process: "we've made security foundational in everything we build." - **AI Philosophy:** Focus on data privacy and governance: "Zero-retention by default"for AI interactions.”
Security Team
- HiBob's security function is centralized under the leadership of the Chief Information Officer (CIO), Chief Information Security Officer (CISO), and Data Protection Officer (DPO).
- The team includes dedicated in-house product security specialists who collaborate directly with engineering. **Key Leaders:** - Michal Lewy Harush, Chief Information Officer: "My key focus will be on data management and security"– HiBob News . - CISO: Role exists but name is not publicly listed on primary security pages. **Team Size & Recruitment:** - Estimated Team Size (as of): Approximately 8+ security-related profiles identified via public professional networks. - Active Postings: Roles include 'Cloud Security Engineer' and 'Application Security Engineer'. - Skill Patterns: Emphasis on CI/CD security, IaC scanning, and experience with AWS/Kubernetes.
Key Initiatives
HiBob maintains several active AppSec programs focused on continuous monitoring and developer education. - **Secure SDLC & Training:** "Annually, engineers participate in secure code training covering OWASP's top 10 security risks."– HiBob Security Page. - **Vulnerability Management:** Uses a multi-layered approach including "continuous vulnerability scanning,""annual penetration testing,"and a bug bounty program "through our partnership with Bugcrowd." - **CI/CD Integration:** A key focus for the team is to "Integrate security into CI/CD pipelines and software delivery processes."– Cloud Security Job Spec. - **Recent Focus:** Strengthening AI governance and data management following the appointment of a new CIO in early 2026.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.