Stay in Touch









Herzliya, IL


At Gong , we’re building new-generation (machine learning based) software that automates big parts of customer-facing roles by “understanding” their conversations and related work. 

Gong is a well-funded high-growth start-up, which proudly serves hundreds of customers, including Facebook, Salesforce, LinkedIn, ADP, Intercom, Drift, HubSpot and more. 

Our solution guides people: coaches them how to become better, performs tasks for them, and directs them as to best actions.

As a DevSecOps, you’ll play a key role in securing, defining, and optimizing our rapidly expanding cloud infrastructure.
You will be part of our DevOps team, which  pairs CI/CD cloud infrastructure expertise with a special focus on security-related fields, and your role will include: 
· Securing our growing fleet of cloud services 
· Providing guidance for security and architecture of new services 
· Supporting our monitoring and alerting systems 
· Developing threat-detection strategies to identify potential attacks 
· Automating all aspects of the deployment of security controls 
· Leading and serving as a focal point for security and compliance-related queries and strategies


  • 3+ years of experience in equivalent information security. 
  • Ability to identify common security risks in the cloud and formulate and execute security strategies. 
  • Experience configuring and securing web applications, cryptography, including WAF and DDoS mitigation strategies. 
  • Scripting skills, preferably in Python.  
  • Extensive knowledge of Internet protocols, architectures, and security design principles. 
  • Experience with AWS security and encryption components, such as IAM Policy, Cloud HSM, KMS, Guardduty, Cloudtrail, SSO, etc. (or equivalent) 
  • Hands-on experience with third-party security solutions. 
  • Previous experience on a security operations team, with experience coordinating responses to security incidents and understanding of security best practices relating to cloud environments. 
  • Good understanding of security projects to address risks, including patching, secure build, vulnerability scanning and remediation, logging and monitoring, threat management and user awareness. 
  • Ability to gather and maintain evidence for security and compliance. 
  • Self-drive to keep moving things forward.


  • One or more security-related certifications, such as CISSP, CEH, CISA, CISM, SECURITY+ or similar. 
  • Experience triaging security alerts and executing incident response. 
  • Experience with Git and CI/CD processes and tools, such as Jenkins, Teamcity, TravisCI, and CircleCI. 
  • Strong sense of ownership, urgency, and drive. 
  • Experience in compliance requirements (e.g., SOC2, ISO27001, HIPPA, PCI, etc.).

Apply for the job

Subscribe to our blog.


Blog & Newsletter Signup