Information Security Engineer jobs at Experfy

About Us Temporal is an open source programming model that can simplify code, make applications more reliable, and help developers focus on the important things like delivering features faster. We are on a mission to be the reliable foundation of every developer's toolbox, and are building the team that will make that happen. Our values guide us -they are present in how we show up, make decisions, and work together to make an impact. We're curious, driven, collaborative, genuine and humble. Temporal is growing and we are looking for those who share our values, challenge 'standard' thinking, and want to influence our future. If you have a passion for improving the developer experience, building world-class open-source software and communities, and want to be a part of our amazing team, we'd love to hear from you! Summary We are seeking a Staff Cloud Security Engineer to join our Security team, where you'll play a pivotal role in securing the Temporal infrastructure and product. In this position, you'll work closely with our platform, infrastructure and software engineering teams to ensure that our infrastructure and services are resilient, secure, and scalable. You'll contribute directly to protecting both our internal systems and our customers, while helping shape the security foundation of one of the most innovative developer platforms in the industry. We're looking for individuals who are passionate about building secure infrastructure, scaling modern cloud-native systems, and fostering a strong security culture across engineering. What You'll Do Partner with platform and engineering teams to integrate security into the design, deployment, and operation of infrastructure and cloud services. Conduct threat modeling and risk assessments of infrastructure components (Kubernetes, Terraform, networking, IAM). Drive improvements in infrastructure-as-code security, including Terraform, Kubernetes manifests, and CI/CD pipelines. Contribute to system architecture and execution with a focus on unblocking security needs in distributed systems and related development pipelines. Implement and manage container and Kubernetes security controls, auditing, and runtime protection. Act as a security advocate, helping build a culture of secure design and operation across the company. Deeply understand how to leverage Temporal's platform to power infrastructure at scale. Participate in the on-call rotation. What You'll Bring Bachelor's degree in Computer Science, Cybersecurity, or a related field (or equivalent experience). 8+ years in cloud infrastructure and security experience. Coding experience in languages such as Go, Java, or similar. Hands-on experience with one or more cloud providers (e.g., AWS, GCP, Azure), with an understanding of how to optimize for security, cost, performance, and reliability. Deep familiarity with Kubernetes and container security best practices. Experience securing infrastructure-as-code (Terraform, Helm, Kubernetes YAML) and CI/CD pipelines. Knowledge of encryption, authentication, and secure communication protocols. Familiarity with tools for infrastructure/cloud security (CSPM, SAST/DAST/SCA, container scanners, IaC linters). Ability to clearly explain complex security concepts to technical and non-technical stakeholders. Proficiency in at least one modern language (Python or Go preferred). Comfortable working in a fast-paced, self-directed environment. Nice to Have Distributed computing and related vulnerability experience Writing concurrent code Open Source automation or automation projects Azure Cloud Experience AI security knowledge Compensation The estimated pay range for this role is $190,000 - $250,000, depending on qualifications and location. This role is eligible to participate in Temporal's equity plan. Compensation ranges reflect salary and commission compensation (when applicable) across several geographic markets. Employment offers carefully consider multiple factors, including prior experience, knowledge, expertise, skillset, market location, and job level assessed during the interview process. Employee benefits and perks below are for full-time employees, part-time or temporary positions are excluded. U.S. Benefits Unlimited PTO, 12 Holidays + 2 Floating Holidays 100% Premiums Coverage for Medical, Dental, and Vision AD&D, LT & ST Disability, and Life Insurance (Standard & Supplemental Available) Empower 401K Plan Additional Perks for Learning & Development, Lifestyle Spending, In-Home Office Setup, Professional Memberships, WFH Meals, Internet Stipend and more! International Benefits Paid Time Off (PTO) and Benefits outside the United States vary by country, and are issued in partnership with Remote.com. Additionally, Temporal offers perks to all international employees for learning & career development, a lifestyle spending account, in-home office setup (in addition to company-issued hardware), professional memberships, work-from-home meals, and access to the Calm app for mental wellness. Travel Temporal is a globally distributed, collaborative team that values opportunities for in-person connection. Occasional travel may be required for company events, team offsites, and other meaningful moments that bring us together. Additional Perks $3,600 / Year Work from Home Meals $1,500 / Year Career Development & Learning $1,200 / Year Lifestyle Spending Account $1,000 / Year In-Home Office Setup (In addition to Temporal issued equipment - laptop, monitor, keyboard, mouse, trackpad, and extension power cable at no cost to you) $500 / Year Professional Memberships $74 / Month Reimbursement for Internet Calm App Subscription for Mental Health & Wellness Temporal Technologies is an Equal Opportunity Employer. Temporal Technologies does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status, or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need. We embrace and celebrate differences and diversity. Temporal is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. If you need to request a reasonable accommodation, please let your Recruiter know so we can assist. We are not working with external recruitment agencies, thanks.

Vercel gives developers the tools and cloud infrastructure to build, scale, and secure a faster, more personalized web. As the team behind v0, Next.js, and AI SDK, Vercel helps customers like Ramp, Supreme, PayPal, and Under Armour build for the AI-native web. Our mission is to enable the world to ship the best products. That starts with creating a place where everyone can do their best work. Whether you're building on our platform, supporting our customers, or shaping our story: You can just ship things. About the role: We are looking for a Senior Cloud Security Engineer to join our Security Engineering team. You'll lead hands on efforts to harden our platform and ensure that infrastructure security is foundational to how we build and scale. Your work will strengthen the security posture of our core systems while enabling fast, secure growth across the company. You will report to the Security Operations Manager and can be located remotely. What you will do: Design and implement scalable security controls across our cloud-native platform. Harden infrastructure components using infrastructure-as-code, policy enforcement, and service isolation. Build secure by default infrastructure and code CI/CD pipelines. Collaborate with platform and infrastructure teams to integrate security best practices into architecture and workflows. Stay ahead of cloud security trends and adopt cutting-edge technologies to enhance platform resilience. Conduct threat modeling, risk analysis, and mitigation planning for critical systems. Drive improvements in monitoring, detection, and incident response at the platform level. Build, deploy and maintain relevant tooling. About you: 8+ years of experience in infrastructure or platform security roles. Deep understanding of secure cloud infrastructure (AWS/GCP), identity and access management, and system hardening. Proficient with tools like Terraform, CDK, Kubernetes, and CI/CD security. Skilled at balancing engineering realities with principled security practices. Proven track record of shipping secure, resilient systems at scale. Bonus if you: Have built or scaled security automation pipelines. Contributed to open-source security projects or tools. Hold certifications such as GCP Security Engineer, AWS certifications, CISSP, or OSCP. Hold a bachelors or masters degree in Cybersecurity or similar disciplines. Benefits: Competitive compensation package, including equity. Inclusive Healthcare Package. Learn and Grow - we provide mentorship and send you to events that help you build your network and skills. Flexible Time Off. We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed. The San Francisco, CA base pay range for this role is [$196,000.00 - $294,000.00]. This salary range is an estimate. Actual salary will be based on job related skills, experience and location. Pay ranges outside San Francisco may be adjusted based on employee location. The total compensation package also includes benefits and equity-based compensation. Your recruiter can share more about the specific pay range for your location during the hiring process.

Cresta is on a mission to turn every customer conversation into a competitive advantage by unlocking the true potential of the contact center. Our platform combines the best of AI and human intelligence to help contact centers discover customer insights and behavioral best practices, automate conversations and inefficient processes, and empower every team member to work smarter and faster. Born from the prestigious Stanford AI lab, Cresta's co-founder and chairman is Sebastian Thrun, the genius behind Google X, Waymo, Udacity, and more. Our leadership also includes CEO, Ping Wu, the co-founder of Google Contact Center AI and Vertex AI platform, and co-founder, Tim Shi, an early member of Open AI. We've assembled a world-class team of AI and ML experts, go-to-market leaders, and top-tier investors including Andreessen Horowitz, Greylock Partners, Sequoia, and former AT&T CEO John Donovan. Our valued customers include brands like Intuit, Cox Communications, Hilton, and Carmax and we've been recognized by Forbes and Bain Consulting as one of the top private AI companies in the world. Join us on this thrilling journey to revolutionize the workforce with AI. The future of work is here, and it's at Cresta. About the role: Interested in defining how AI shapes the future of work? Cresta is on a mission to make every knowledge worker 100x as effective, 10x faster and 10x better. Cresta is focused on using AI to help the workforce, not replace them. Cresta uses our patented Expertise AI to uncover expert insights from every conversation and put those insights into action with real-time coaching during customer conversations. We're growing fast! Spun out of the Stanford AI lab and chaired by Google-X founder Sebastian Thrun, Cresta launched in 2020. Since then, we've grown revenue and our team by 300%! We've assembled a world-class team of AI and ML experts, go-to-market leaders, and top-tier investors and advisors including Andreessen Horowitz, Greylock Partners, Sequoia, and former AT&T CEO John Donovan. Our valued customers include brands like Intuit, Porsche, Adobe, and Dropbox and we have been recognized as a startup to watch by Business Insider, Forbes, and Gartner to name a few. We have huge ambitions and are looking for stellar candidates who have an entrepreneurial mindset and are excited to use cutting-edge AI to solve real-world business problems. Cresta is seeking a passionate individual with solid security engineering experience to support the security & compliance team and enable growing global data protection and cybersecurity efforts. Responsibilities: Detect, defend, and respond to threats to Cresta and its customers Support SOC2 Type II, ISO 27001/27701/42001, PCI-DSS, TISAX, and HIPAA audit processes with technical controls and evidence Perform security audits of Cresta's products and cloud infrastructure and drive remediation of security risks. Improve and monitor Cresta's vulnerability management program to ensure we're monitoring and mitigating known vulnerabilities. Develop internal tooling and automation. Qualifications We Value: Ambitious, passionate and results-oriented, with excellent interpersonal and communication skills 4+ years of experience in application security engineering and cloud security (AWS/GCP) Security domain knowledge across many cyber security disciplines Experience in static code analysis and remediation Experience in security operations (SOC) and incident response Experience in AI security and hardening ML infrastructure Working knowledge of Python and Go to develop and collaborate with engineering on product security features Experience managing competing efforts and requirements Experience with fast growing SaaS startups Perks & Benefits: We offer a comprehensive and people-first benefits package to support you at work and in life: Comprehensive medical, dental, and vision coverage with plans to fit you and your family Flexible PTO to take the time you need, when you need it Paid parental leave for all new parents welcoming a new child Retirement savings plan to help you plan for the future Remote work setup budget to help you create a productive home office Monthly wellness and communication stipend to keep you connected and balanced In-office meal program and commuter benefits provided for onsite employees Compensation at Cresta Cresta's approach to compensation is simple: recognize impact, reward excellence, and invest in our people. We offer competitive, location-based pay that reflects the market and what each individual brings to the table. The posted base salary range represents what we expect to pay for this role in a given location. Final offers are shaped by factors like experience, skills, education, and geography. In addition to base pay, total compensation includes equity and a comprehensive benefits package for you and your family. Salary Range: $120,000 - $160,000 + Offers Equity We have noticed a rise in recruiting impersonations across the industry, where scammers attempt to access candidates' personal and financial information through fake interviews and offers. All Cresta recruiting email communications will always come from ************** domain. Any outreach claiming to be from Cresta via other sources should be ignored. If you are uncertain whether you have been contacted by an official Cresta employee, reach out to ********************

Why join us Brex is the AI-powered spend platform. We help companies spend with confidence with integrated corporate cards, banking, and global payments, plus intuitive software for travel and expenses. Tens of thousands of companies from startups to enterprises - including DoorDash, Flexport, and Compass - use Brex to proactively control spend, reduce costs, and increase efficiency on a global scale. Working at Brex allows you to push your limits, challenge the status quo, and collaborate with some of the brightest minds in the industry. We're committed to building a diverse team and inclusive culture and believe your potential should only be limited by how big you can dream. We make this a reality by empowering you with the tools, resources, and support you need to grow your career. Engineering at Brex Engineering at Brex is about building systems that scale with speed and intention. Our teams span Software, Data, Security, and IT, and operate with high autonomy and deep collaboration. We tackle hard technical problems, own our outcomes, and push for excellence at every level - from architecture to deployment. It's an environment where engineering is a craft, and builders become leaders. What you'll do As a Security Operations Engineer at Brex, you will focus on preventing, detecting and responding to security threats across Brex's corporate and cloud environments. You will use existing systems and develop tools to improve our security capabilities. Our team is responsible for functions across corporate security, detection & response and infrastructure security domains; and we perform systems engineering and automation to support those functions. Security Operations is part of our wider Trust & IT organization which means you will have the opportunity to work closely with Application Security, Corporate Engineering, GRC and IT and to improve security configurations, drive positive employee behaviors and generally work to prevent events from becoming incidents. You will also help build and maintain our team's open source project Substation and have the opportunity to contribute to the Brex Tech Blog. You'll be part of a team that actively contributes to the wider security community and has a commitment to mentorship and engineering excellence. We're looking for individuals with a strong background and interest in detecting, responding to, and resolving security incidents and security challenges. You should be comfortable dealing with lots of moving pieces, changing priorities, and new technologies, while having a keen eye for detail. Most importantly, you should be enthusiastic about working with a variety of backgrounds, roles, and people across Brex. Building a world-class financial service requires world-class security. Where you'll work This role will be based in our New York office. We are a hybrid environment that combines the energy and connections of being in the office with the benefits and flexibility of working from home. We currently require a minimum of three coordinated days in the office per week, Monday, Wednesday and Thursday. As a perk, we also have up to four weeks per year of fully remote work! Responsibilities Work on a highly cross-functional team to prevent, detect and respond to security threats across Brex's corporate and cloud environments Perform security incident response, investigation, remediation, and documentation, participate in periodic threat hunting and security exercises Leading, scoping and building features, participate in designing, and maintaining tools and systems which support the team's domains - corporate security, detection & response and infrastructure security Collaborating and partnering with engineering and operations teams to drive remediation of security issues, while balancing prioritization of those security issues within SLA and teams' respective backlogs Caring about secure system design, valuing building things correctly, an understanding of a MVP approach and an empathetic mindset when working with others Requirements Bachelor's degree in Computer Science, Engineering or related field OR equivalent training / fellowship OR 5+ years work experience Experience working in a corporate security, detection & response or infrastructure security role with responsibilities for security alert triage and security incident response Familiarity with CI/CD systems and DevOps workflows (e.g. Buildkite, Flux, Git, Terraform) in cloud environments (e.g. AWS, Azure, GCP) Experience with deploying and maintaining some of the security services and tools owned by the team (e.g. - SIEM, data pipelines, SOAR, domain monitoring, endpoint tooling, email protection tooling, cloud security tools) While not primarily a development role, the team develops and maintains tools written in Go and Python, so experience with coding is required You thrive in a collaborative environment filled with a diverse group of people with different expertise and backgrounds. We currently have around 30 nationalities represented with more than ½ the company working in a country different from the one they grew up in. Bonus points Proficiency with Go and other programming languages Experience with securing distributed systems in AWS, cloud and Kubernetes environments Contributions to the wider technical community (open source, public research, mentorship, community organizing, blogging, presentations, etc) Compensation The expected salary range for this role is $192,000 - $240,000. However, the starting base pay will depend on a number of factors including the candidate's location, skills, experience, market demands, and internal pay parity. Depending on the position offered, equity and other forms of compensation may be provided as part of a total compensation package. Please be aware, job-seekers may be at risk of targeting by malicious actors looking for personal data. Brex recruiters will only reach out via LinkedIn or email with a brex.com domain. Any outreach claiming to be from Brex via other sources should be ignored.

Our Mission We're building infrastructure for modern healthcare delivery Traditional healthcare is plagued with outdated, monolithic EHRs designed to maximize billing outcomes. Patient outcomes and provider experiences have been afterthoughts, as these systems have bolted on non-API-first solutions. None of this is built for how clinically excellent healthcare is actually delivered-longitudinally and collaboratively, with the patient at the center. Healthie is the world's leading API-first, ONC-Certified EHR for healthcare delivery outside of the hospital. We provide the powerful infrastructure every scaling organization needs-EHR, scheduling, patient engagement, billing, and more-all accessible via modern APIs and a white-labeled UI. Our platform makes it simple for organizations of any size to launch, customize, and scale their care delivery models without reinventing the wheel. Today, over 1 billion API calls are made to Healthie every month, as thousands of organizations-working with more than 13 million patients in total-rely on Healthie to deliver care across a spectrum of specialties, from preventative health and wellness to complex chronic care management. We believe in the power of technology to improve access to healthcare-and we're building the rails that make this a reality. We work fast and with quality because we provide business-critical, healthcare-critical software that clinicians and patients need for a better healthcare system. We're customer-obsessed, operate with lightning-fast processes and responses, make our product roadmap public so customers can see what we're building, and remain relentlessly focused on how care gets delivered. Healthie is backed by leading investors, and while we've $42M raised to date, more importantly, we operate with fiscal responsibility and have been profitable for more than half of our time as a company. Learn more at **************************** About the role We are hiring a Senior Application Security Engineer to join our Platform Engineering team at Healthie! In this role, you will serve as a security and technical contributor, responsible for safeguarding our application layer and driving security best practices across the engineering organization. You'll partner closely with platform, infrastructure and core engineering teams to design secure-by-default systems, embed security into our SDLC, and proactively identify and remediate vulnerabilities in our code and cloud infrastructure. This is a hands-on role, ideal for someone who is excited to contribute to security programs in a fast-moving startup environment and help shape the future of security at Healthie. As our first dedicated AppSec hire, you'll have the opportunity to continue to refine our secure development lifecycle, influence architectural decisions, and champion a culture of security awareness across the company. If you're passionate about building impactful systems, driving innovation, and making a difference in healthcare - we'd love to hear from you. Details, details This is a full-time, remote position located in the United States The base salary for this role is $180,000 - $200,000 per year plus equity & company bonus, benefits U.S. work authorization is required and Healthie does not provide sponsorship. What You'll Do Design and implement secure coding standards and tooling for application-layer security Conduct threat modeling and secure design reviews; manage ethical hacker program and third-party vulnerability reports Lead regular code reviews, internal audits, and dynamic/static analysis efforts Proficient at performing internal pentests Contribute to the definition and design of Healthie's secure development lifecycle (S-SDLC), including integration of security into CI/CD workflows Administer, configure, and maintain Semgrep and other static and dynamic application security testing (SAST/DAST) tools to ensure continuous and effective code security Partner with Engineering and Product teams to triage and remediate vulnerabilities quickly and safely Build incident response playbooks for application-layer threats and support security investigations Help build and promote a security champions program Help ensure Healthie remains compliant with relevant standards (e.g., HIPAA, SOC 2, GDPR) from a software security perspective About You 5+ years of experience in application or product security roles, preferably in high-growth, cloud-native environments Deep understanding of web application security, secure architecture patterns, and common vulnerabilities (e.g., OWASP Top 10, CIS controls, SANS Secure Coding Practices, etc.) Strong background in secure software development practices, particularly in GraphQL, Ruby on Rails, React, or similar web frameworks Experience with DevSecOps practices and security tooling Experience building or maturing application-layer security programs, policies, or guidelines Comfortable working across cross-functional teams and influencing security decisions without formal authority You are mission-driven, passionate about healthcare, and motivated to build systems that improve patient safety and data integrity Bonus: Experience with healthcare-specific security practices and compliance audits (e.g., SOC 2, HIPAA) Interview Process Quick chat with Katie, Director of Talent or Aaron, Senior Technical Recruiter (20 minutes) Interview with Cavan, CTO + cofounder (20 minutes) Take Home Assessment - completed asynchronously Technical Interview with Chris and Andrew, Engineers for Platform (1 hour) Leadership Interviews: Interview with John N, VP Security & Compliance (30 minutes) Interview with John B, Distinguished Engineer (30 minutes) Reference checks To learn more about Working at Healthie & our benefits, click here . Healthie participates in e-verify Healthie is committed to equal employment opportunity. All qualified applicants will receive consideration for employment without regard to and will not be discriminated against based on age, race, gender, color, religion, national origin, sexual orientation, gender identity, veteran status, disability or any other protected category. We're proud to be building a diverse and inclusive environment that encourages collaboration, creativity, and growth. Whatever your background, please apply if this is a role that would make you excited to come into work every day.

Why join us Brex is the AI-powered spend platform. We help companies spend with confidence with integrated corporate cards, banking, and global payments, plus intuitive software for travel and expenses. Tens of thousands of companies from startups to enterprises - including DoorDash, Flexport, and Compass - use Brex to proactively control spend, reduce costs, and increase efficiency on a global scale. Working at Brex allows you to push your limits, challenge the status quo, and collaborate with some of the brightest minds in the industry. We're committed to building a diverse team and inclusive culture and believe your potential should only be limited by how big you can dream. We make this a reality by empowering you with the tools, resources, and support you need to grow your career. Engineering at Brex Engineering at Brex is about building systems that scale with speed and intention. Our teams span Software, Data, Security, and IT, and operate with high autonomy and deep collaboration. We tackle hard technical problems, own our outcomes, and push for excellence at every level - from architecture to deployment. It's an environment where engineering is a craft, and builders become leaders. What you'll do As a Security Operations Engineer at Brex, you will focus on preventing, detecting and responding to security threats across Brex's corporate and cloud environments. You will use existing systems and develop tools to improve our security capabilities. Our team is responsible for functions across corporate security, detection & response and infrastructure security domains; and we perform systems engineering and automation to support those functions. Security Operations is part of our wider Trust & IT organization which means you will have the opportunity to work closely with Application Security, Corporate Engineering, GRC and IT and to improve security configurations, drive positive employee behaviors and generally work to prevent events from becoming incidents. You will also help build and maintain our team's open source project Substation and have the opportunity to contribute to the Brex Tech Blog. You'll be part of a team that actively contributes to the wider security community and has a commitment to mentorship and engineering excellence. We're looking for individuals with a strong background and interest in detecting, responding to, and resolving security incidents and security challenges. You should be comfortable dealing with lots of moving pieces, changing priorities, and new technologies, while having a keen eye for detail. Most importantly, you should be enthusiastic about working with a variety of backgrounds, roles, and people across Brex. Building a world-class financial service requires world-class security. Where you'll work This role will be based in our San Francisco office. We are a hybrid environment that combines the energy and connections of being in the office with the benefits and flexibility of working from home. We currently require a minimum of three coordinated days in the office per week, Monday, Wednesday and Thursday. As a perk, we also have up to four weeks per year of fully remote work! Responsibilities Work on a highly cross-functional team to prevent, detect and respond to security threats across Brex's corporate and cloud environments Perform security incident response, investigation, remediation, and documentation, participate in periodic threat hunting and security exercises Leading, scoping and building features, participate in designing, and maintaining tools and systems which support the team's domains - corporate security, detection & response and infrastructure security Collaborating and partnering with engineering and operations teams to drive remediation of security issues, while balancing prioritization of those security issues within SLA and teams' respective backlogs Caring about secure system design, valuing building things correctly, an understanding of a MVP approach and an empathetic mindset when working with others Requirements Bachelor's degree in Computer Science, Engineering or related field OR equivalent training / fellowship OR 5+ years work experience Experience working in a corporate security, detection & response or infrastructure security role with responsibilities for security alert triage and security incident response Familiarity with CI/CD systems and DevOps workflows (e.g. Buildkite, Flux, Git, Terraform) in cloud environments (e.g. AWS, Azure, GCP) Experience with deploying and maintaining some of the security services and tools owned by the team (e.g. - SIEM, data pipelines, SOAR, domain monitoring, endpoint tooling, email protection tooling, cloud security tools) While not primarily a development role, the team develops and maintains tools written in Go and Python, so experience with coding is required You thrive in a collaborative environment filled with a diverse group of people with different expertise and backgrounds. We currently have around 30 nationalities represented with more than ½ the company working in a country different from the one they grew up in. Bonus points Proficiency with Go and other programming languages Experience with securing distributed systems in AWS, cloud and Kubernetes environments Contributions to the wider technical community (open source, public research, mentorship, community organizing, blogging, presentations, etc) Compensation The expected salary range for this role is $192,000 - $240,000. However, the starting base pay will depend on a number of factors including the candidate's location, skills, experience, market demands, and internal pay parity. Depending on the position offered, equity and other forms of compensation may be provided as part of a total compensation package. Please be aware, job-seekers may be at risk of targeting by malicious actors looking for personal data. Brex recruiters will only reach out via LinkedIn or email with a brex.com domain. Any outreach claiming to be from Brex via other sources should be ignored.

Why join us Brex is the AI-powered spend platform. We help companies spend with confidence with integrated corporate cards, banking, and global payments, plus intuitive software for travel and expenses. Tens of thousands of companies from startups to enterprises - including DoorDash, Flexport, and Compass - use Brex to proactively control spend, reduce costs, and increase efficiency on a global scale. Working at Brex allows you to push your limits, challenge the status quo, and collaborate with some of the brightest minds in the industry. We're committed to building a diverse team and inclusive culture and believe your potential should only be limited by how big you can dream. We make this a reality by empowering you with the tools, resources, and support you need to grow your career. Engineering at Brex Engineering at Brex is about building systems that scale with speed and intention. Our teams span Software, Data, Security, and IT, and operate with high autonomy and deep collaboration. We tackle hard technical problems, own our outcomes, and push for excellence at every level - from architecture to deployment. It's an environment where engineering is a craft, and builders become leaders. What you'll do As a Security Operations Engineer at Brex, you will focus on preventing, detecting and responding to security threats across Brex's corporate and cloud environments. You will use existing systems and develop tools to improve our security capabilities. Our team is responsible for functions across corporate security, detection & response and infrastructure security domains; and we perform systems engineering and automation to support those functions. Security Operations is part of our wider Trust & IT organization which means you will have the opportunity to work closely with Application Security, Corporate Engineering, GRC and IT and to improve security configurations, drive positive employee behaviors and generally work to prevent events from becoming incidents. You will also help build and maintain our team's open source project Substation and have the opportunity to contribute to the Brex Tech Blog. You'll be part of a team that actively contributes to the wider security community and has a commitment to mentorship and engineering excellence. We're looking for individuals with a strong background and interest in detecting, responding to, and resolving security incidents and security challenges. You should be comfortable dealing with lots of moving pieces, changing priorities, and new technologies, while having a keen eye for detail. Most importantly, you should be enthusiastic about working with a variety of backgrounds, roles, and people across Brex. Building a world-class financial service requires world-class security. Where you'll work This role will be based in our Seattle office. We are a hybrid environment that combines the energy and connections of being in the office with the benefits and flexibility of working from home. We currently require a minimum of three coordinated days in the office per week, Monday, Wednesday and Thursday. As a perk, we also have up to four weeks per year of fully remote work! Responsibilities Work on a highly cross-functional team to prevent, detect and respond to security threats across Brex's corporate and cloud environments Perform security incident response, investigation, remediation, and documentation, participate in periodic threat hunting and security exercises Leading, scoping and building features, participate in designing, and maintaining tools and systems which support the team's domains - corporate security, detection & response and infrastructure security Collaborating and partnering with engineering and operations teams to drive remediation of security issues, while balancing prioritization of those security issues within SLA and teams' respective backlogs Caring about secure system design, valuing building things correctly, an understanding of a MVP approach and an empathetic mindset when working with others Requirements Bachelor's degree in Computer Science, Engineering or related field OR equivalent training / fellowship OR 5+ years work experience Experience working in a corporate security, detection & response or infrastructure security role with responsibilities for security alert triage and security incident response Familiarity with CI/CD systems and DevOps workflows (e.g. Buildkite, Flux, Git, Terraform) in cloud environments (e.g. AWS, Azure, GCP) Experience with deploying and maintaining some of the security services and tools owned by the team (e.g. - SIEM, data pipelines, SOAR, domain monitoring, endpoint tooling, email protection tooling, cloud security tools) While not primarily a development role, the team develops and maintains tools written in Go and Python, so experience with coding is required You thrive in a collaborative environment filled with a diverse group of people with different expertise and backgrounds. We currently have around 30 nationalities represented with more than ½ the company working in a country different from the one they grew up in. Bonus points Proficiency with Go and other programming languages Experience with securing distributed systems in AWS, cloud and Kubernetes environments Contributions to the wider technical community (open source, public research, mentorship, community organizing, blogging, presentations, etc) Compensation The expected salary range for this role is $192,000 - $240,000. However, the starting base pay will depend on a number of factors including the candidate's location, skills, experience, market demands, and internal pay parity. Depending on the position offered, equity and other forms of compensation may be provided as part of a total compensation package. Please be aware, job-seekers may be at risk of targeting by malicious actors looking for personal data. Brex recruiters will only reach out via LinkedIn or email with a brex.com domain. Any outreach claiming to be from Brex via other sources should be ignored.

Airtable is the no-code app platform that empowers people closest to the work to accelerate their most critical business processes. More than 500,000 organizations, including 80% of the Fortune 100, rely on Airtable to transform how work gets done. Join Airtable as a Product Security Engineer and play a pivotal role in shaping the security of our rapidly evolving platform. You will partner closely with product teams to ensure our products are secure by design, drive impactful security programs, and build production-ready code that safeguards our users. This is a unique opportunity to influence application security at scale as we expand our AI and LLM-powered offerings. What you'll do Partner with product teams to review product plans, designs, and code for security considerations Lead and implement programs that raise the bar for application and product security across the organization Build and ship frameworks that make it easy for product engineers to ship secure code Triage and drive remediation for findings from external penetration testers Research emerging threats and evolving best practices, especially in AI and LLM safety, and educate the rest of Engineering about your findings. Work with our advisors and third party vendors on penetration tests, security reports and compliance projects. Contribute to roadmaps, metrics and and strategic planning for the product security team Who you are 2+ years experience in product security and application security, with some experience shipping production code Skilled at conducting in-depth security reviews and collaborating with engineering teams Proficient in writing clean, maintainable code Hands-on experience with AI product security for LLM-powered products Strong communicator and collaborator, able to drive security initiatives and foster trust with partner teams You excel at communicating analyses of technical issues and recommendations for addressing them. Comfortable making systems as well as breaking them; you enjoy both building controls and finding gaps Familiar with JavaScript or TypeScript, Node, Linux, and AWS or comparable technologies, and can reason about the security implications of systems built on them Comfortable working in a fast-paced environment and contributing to long-term security strategy Airtable is an equal opportunity employer. We embrace diversity and strive to create a workplace where everyone has an equal opportunity to thrive. We welcome people of different backgrounds, experiences, abilities, and perspectives. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or any characteristic protected by applicable federal and state laws, regulations and ordinances. Learn more about your EEO rights as an applicant. VEVRAA-Federal Contractor If you have a medical condition, disability, or religious belief/practice which inhibits your ability to participate in any part of the application or interview process, please complete our Accommodations Request Form and let us know how we may assist you. Airtable is committed to participating in the interactive process and providing reasonable accommodations to qualified applicants. Compensation awarded to successful candidates will vary based on their work location, relevant skills, and experience. Our total compensation package also includes the opportunity to receive benefits, restricted stock units, and may include incentive compensation. To learn more about our comprehensive benefit offerings, please check out Life at Airtable. For work locations in the San Francisco Bay Area, Seattle, New York City, and Los Angeles, the base salary range for this role is:$170,000-$277,000 USD Please see our Privacy Notice for details regarding Airtable's collection and use of personal information relating to the application and recruitment process by clicking here. 🔒 Stay Safe from Job Scams All official Airtable communication will come from an @airtable.com email address. We will never ask you to share sensitive information or purchase equipment during the hiring process. If in doubt, contact us at ***************. Learn more about avoiding job scams here.

About the Role iCapital is looking to hire a Vice President Information Security Governance Specialist. This individual will be a key person in iCapital's second line of defense team. The ideal candidate will support the organization's security governance program by ensuring compliance with regulatory requirements, security frameworks, and contractual obligations. This role involves reviewing the information security program against industry standards, assessing security clauses in client and vendor contracts, designing and maintaining security controls, and responding to regulatory audits. Responsibilities Assist in authoring, maintaining, and updating security governance policies and standards to align with industry frameworks and management direction. Evaluate the organization's information security program against common frameworks (e.g., ISO 27001, CIS, NIST 800-53, SOC 2) and applicable regulations (e.g., NYDFS, DORA, FFIEC, GDPR). Identify gaps and recommend control enhancements to align with compliance requirements. Review and negotiate information security sections of client and vendor contracts in partnership with the Legal team. Ensure contractual obligations meet internal security standards, regulatory expectations, and reasonability. Collaborate with Technology, Information Security, and Risk teams to design, document, and enhance security controls for infrastructure, applications, and data. Coordinate responses for internal and regulatory audits for information security team. Qualifications 7-10 years of experience in information security governance, compliance, or risk management in a financial service, fintech, or technology-driven environment Bachelor's degree in information security, risk management, or a related field Strong written and verbal communication skills Excellent analytical and problem-solving skills Able to manage multiple priorities and deadlines in a fast-paced environment Comfortable engaging with senior leaders Knowledge of cybersecurity frameworks (ISO, CIS, NIST, SOC 2) and audit processes CISM, CRISC, or CISSP certifications are preferred Benefits The base salary range for this role is $150,000 to $180,000. iCapital offers a compensation package which includes salary, equity for all full-time employees, and an annual performance bonus. Employees also receive a comprehensive benefits package that includes an employer matched retirement plan, generously subsidized healthcare with 100% employer paid dental, vision, telemedicine, and virtual mental health counseling, parental leave, and unlimited paid time off (PTO). We believe the best ideas and innovation happen when we are together. Employees in this role will work in the office Monday-Thursday, with the flexibility to work remotely on Friday. For additional information on iCapital, please visit **************************************** Twitter: @icapitalnetwork | LinkedIn: ***************************************************** | Awards Disclaimer: ****************************************/recognition/ iCapital is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, gender identity, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

About the Senior Security Engineer at Headspace: At Headspace, we're pushing boundaries with cutting-edge innovations and a relentless focus on security posture and purpose-driven impact. As a Senior Security Engineer, you will be at the forefront of automating response playbooks, seamlessly integrating our security tooling, and crafting innovative detection strategies. Join us in transforming the way we approach cloud solutions while advancing your career in a dynamic and meaningful environment where your expertise truly makes a difference. You will support our efforts to bring innovative features to life, leverage cutting-edge technologies, and ensure our platform's security for over 65 million users. A big goal needs talented leadership, so come join us and give your career a sense of purpose! Location: We are currently hiring this role in San Francisco (hybrid), Los Angeles (remote), New York City (remote) and Seattle (remote). Candidates must permanently reside in the US full-time and be based in these cities. For candidates with a primary residence in the greater SF and LA areas, this role will follow our hybrid model. You'll work 3 days per week from our office, allowing for impactful in-office collaboration and connection, while enjoying the flexibility of remote work for the rest of the week. Your recruiter will share more details about our hybrid model. What you will do: Implement, manage, and maintain critical security tools and infrastructure. Lead and respond to security incidents. Design and implement automated security investigation, response, and operational workflows. Integrate diverse security platforms such as SIEM, SOAR, EDR for a unified defense. Conduct proactive threat modeling to identify risks in systems and processes. Develop and maintain advanced threat detection rules and analytics. Collaborate with partner teams to embed security best practices. Research emerging cybersecurity threats, vulnerabilities, and innovative defense strategies. Analyze security data to identify trends, measure control effectiveness, and provide reports. Participate in security incident response and post-incident reviews Contribute to the development of detection strategies and automation playbooks What you will bring: 5+ years of relevant work experience. Bachelor's Degree in Computer Science or Engineering or equivalent. Experience in developing and tuning threat detection rules and signatures. Understanding of incident response procedures and forensic techniques. Proficiency in a scripting language for automation. Strong understanding of threat modeling. Knowledge of networking, operating systems internals, and cloud (AWS, Azure, GCP) security. Excellent analytical, problem-solving, and verbal and written communication skills. Experience maintaining procedure documentation for internal and external stakeholders. Preferred Skills: Experience in healthcare Pay & Benefits: The anticipated new hire base salary range for this full-time position is $122,400-$195,500 + equity + benefits. Our salary ranges are based on the job, level, and location, and reflect the lowest to highest geographic markets where we are hiring for this role within the United States. Within this range, individual compensation is determined by a candidate's location as well as a range of factors including but not limited to: unique relevant experience, job-related skills, and education or training. Your recruiter will provide more details on the specific salary range for your location during the hiring process. At Headspace, base salary is but one component of our Total Rewards package. We're proud of our robust package inclusive of: base salary, stock awards, comprehensive healthcare coverage, monthly wellness stipend, retirement savings match, lifetime Headspace membership, generous parental leave, and more. Additional details about our Total Rewards package will be provided during the recruitment process. About Headspace Headspace exists to provide every person access to lifelong mental health support. We combine evidence-based content, clinical care, and innovative technology to help millions of members around the world get support that's effective, personalized, and truly accessible whenever and wherever they need it. At Headspace, our values aren't just what we believe, they're how we work, grow, and make an impact together. We live them daily: Make the Mission Matter, Iterate to Great, Own the Outcome, and Connect with Courage. These values shape our decisions, guide our collaborations, and define our culture. They're our shared commitment to building a more connected, human-centered team-one that's redefining how mental health care supports people today and for generations to come. Why You'll Love Working Here: A mission that matters-with impact you can see and feel A culture that's collaborative, inclusive, and grounded in our values The chance to shape what mental health care looks like next Competitive pay and benefits that support your whole self How we feel about Diversity, Equity, Inclusion and Belonging: Headspace is committed to bringing together humans from different backgrounds and perspectives, providing employees with a safe and welcoming work environment free of discrimination and harassment. We strive to create a diverse & inclusive environment where everyone can thrive, feel a sense of belonging, and do impactful work together. As an equal opportunity employer, we prohibit any unlawful discrimination against a job applicant on the basis of their race, color, religion, gender, gender identity, gender expression, sexual orientation, national origin, family or parental status, disability*, age, veteran status, or any other status protected by the laws or regulations in the locations where we operate. We respect the laws enforced by the EEOC and are dedicated to going above and beyond in fostering diversity across our workplace. *Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Headspace. Please inform our Talent team by filling out this form if you need any assistance completing any forms or to otherwise participate in the application or interview process. Headspace participates in the E-Verify Program . Privacy Statement All member records are protected according to our . Further, while employees of Headspace (formerly Ginger) cannot access Headspace products/services, they will be offered benefits according to the company's benefit plan. To ensure we are adhering to best practice and ethical guidelines in the field of mental health, we take care to avoid dual relationships. A dual relationship occurs when a mental health care provider has a second, significantly different relationship with their client in addition to the traditional client-therapist relationship-including, for example, a managerial relationship. As such, Headspace requests that individuals who have received coaching or clinical services at Headspace wait until their care with Headspace is complete before applying for a position. If someone with a Headspace account is hired for a position, please note their account will be deactivated and they will not be able to use Headspace services for the duration of their employment. Further, if Headspace cannot find a role that fails to resolve an ethical issue associated with a dual relationship, Headspace may need to take steps to ensure ethical obligations are being adhered to, including a delayed start date or a potential leave of absence. Such steps would be taken to protect both the former member, as well as any relevant individuals from their care team, from impairment, risk of exploitation, or harm. For how how we will use the personal information you provide as part of the application process, please see: ******************************************

At Offchain Labs, we aren't just building products: we're leading a movement. As pioneers in blockchain scalability and security, we're at the forefront of transforming how the world interacts with decentralized applications. We're laying the foundation that will define the next generation of digital commerce, governance, and human interaction. This involves tackling real-world challenges that come with scaling blockchain technology, without compromising on its core principles: decentralization, security and transparency. At the center of this vision is our people. Our team is made up of thinkers and doers that embrace new challenges and seek solutions that push existing boundaries. If you're energized by solving unprecedented problems, and believe in the role that decentralized systems will play in creating a more equitable digital future, then we want to hear from you. Why Offchain Labs? Offchain Labs is setting the pace for the entire Ethereum ecosystem. We built the Arbitrum stack that powers Arbitrum One, the most widely adopted Ethereum scaling solution that exists today. Arbitrum's ecosystem is undergoing tremendous growth with hundreds of projects and dApps on Arbitrum One today. Over 100 different teams have used Offchain Labs technology to build their own Arbitrum chains. Major players in the space, Robinhood, BlackRock, Ethena Labs, Securitize, Aave, and Apechain are all using the Arbitrum stack. Arbitrum's thriving ecosystem wouldn't exist without our advanced technology stack. Arbitrum, Prysm, ZeroDev. These aren't just product names. These are tools that are actively reshaping what's possible on Ethereum and advancing its core infrastructure. To top it all off? We're backed by $124 million in funding. We've demonstrated consistent execution with billions in secured value, thousands of supported projects, and infrastructure processing millions of transactions seamlessly.Who you are Eager to Grow: Whether you're new to blockchain or a seasoned expert, you're enthusiastic about diving into the technology. Ownership Mentality: You take pride in your work and are driven to improve processes for speed and efficiency. Tech-Savvy: You keep abreast of the latest in security research and technology. Innovative Problem Solver: You are unafraid of tackling complex issues through rigorous experimentation. What you've done Extensive experience in Cloud Security or DevOps roles. Prior experience focusing on infrastructure security. Mastery of cloud infrastructure, particularly AWS. Experience with Kubernetes, AWS, or GCP. Implemented VPNs and managed multi-region access. Familiarity with secret management tools like Vault or KMS. Conducted security design reviews, penetration testing, threat modeling, and security testing. Demonstrated capability to automate security controls and educate developers for future-proofing against vulnerabilities. Perks: Remote-first global workforce + NY office Annual company offsite + team onsites Professional reimbursement program (facilitates industry conference attendance, certifications, and more) Medical, dental & vision coverage (US + some other countries) 401k retirement plan + company match (US only) Wellness stipend Home office set up / ergonomic equipment program Attention Offchain Labs Job Seekers: This role cannot be performed in California, or Colorado. Please be advised that there has been a rise in fraudulent recruiter activities, particularly within the Web3 space. If you would like to confirm whether someone is an OCL employee or the legitimacy of an offer you received, please email ********************* At Offchain Labs, we are committed to building a welcoming and supportive workplace for all employees, regardless of their background or identity. We strive to create an environment where everyone feels valued and has an equal opportunity to succeed and thrive. We encourage candidates from all walks of life to apply and join our team.

Physna is changing the way software interacts with the physical world. Our industry-leading geometric deep learning technology bridges the gap between physical objects and digital code. Physna partners with large manufacturers and the Department of Defense to reduce risk in supply chain, manage obsolescence, reverse engineering, and identify alternative, more effective sources of supply. Thangs.com is a consumer SaaS product of Physna and the world's first geometric search engine, 3D-native revision control tool, and 3D social platform. Thangs gives creators access to powerful search, collaboration and AI-powered predictive tools that have never been available before in the world of 3D data. Physna is a Series B startup backed by Sequoia Capital, Tiger Global, Google Ventures, and Drive Capital. We are working on novel problems in a world experiencing rapid 3D adoption. What You'll Do This is an exciting time to join Physna and make a personal difference in a rapidly growing space as a Security Engineer on a lean team. Physna and Thangs are highly visible products that we must protect against damage to our internal information and our reputation. Your main priority at all times will be to help safeguard Physna's technology systems. This role plays a critical function to ensure we are continuously improving the security of our products and services. What We'll Expect from You Bachelor's degree in CE, CSE, or Math/Statistics 3+ years of application security engineering experience 5+ total years of experience in any of the following: threat modeling experience, application security risk assessment, secure coding, exploitation paths, secure identity management and authentication, and software development Thorough understanding of Google Cloud architecture, React, and Node.JS Experienced in security testing tools and techniques, such as vulnerability management and static and dynamic code analysis Knowledge of identifying key risk indicators is important Strong analytical skills with the ability to identify and mitigate security risks Experience securing CI/CD pipelines enabling strong security controls Demonstrated ability to operate autonomously in a dynamic and evolving startup Nice to Have Experience building and implementing authentication layers Experience building automation between tools and systems Experience performing analytics against aggregated log data Familiarity with enterprise security controls and security best practices Familiarity with cloud security services, concepts, and best practices Strong familiarity with software development lifecycle (SDLC) processes and source control technologies, Track record of getting things done quickly and with quality Why You'll Like Working for Us We care about your physical, financial and mental well-being. We cover health, dental and vision insurance premiums at 100% for the family. We also make a meaningful contribution into employees' Health Savings Account (HSA). We believe in competitive and fair compensation, offer a 401k, provide a generous holiday and PTO schedule, monthly WFH stipend, monthly well-being budget, unlimited virtual Mental Health therapy, as well as financial assistance for Alternative Medicine, Financial Wellness, Legal Services, Tax Support, and Caregiver Support. We care about our culture. We believe in diversity, equity, inclusion & belonging. We believe in treating each other with kindness and respect. We are a culture of innovation, transparency, accountability, failing fast and learning quickly.

About the Role iCapital is looking to hire a Vice President Information Security Governance Specialist. This individual will be a key person in iCapital's second line of defense team. The ideal candidate will support the organization's security governance program by ensuring compliance with regulatory requirements, security frameworks, and contractual obligations. This role involves reviewing the information security program against industry standards, assessing security clauses in client and vendor contracts, designing and maintaining security controls, and responding to regulatory audits. Responsibilities Assist in authoring, maintaining, and updating security governance policies and standards to align with industry frameworks and management direction. Evaluate the organization's information security program against common frameworks (e.g., ISO 27001, CIS, NIST 800-53, SOC 2) and applicable regulations (e.g., NYDFS, DORA, FFIEC, GDPR). Identify gaps and recommend control enhancements to align with compliance requirements. Review and negotiate information security sections of client and vendor contracts in partnership with the Legal team. Ensure contractual obligations meet internal security standards, regulatory expectations, and reasonability. Collaborate with Technology, Information Security, and Risk teams to design, document, and enhance security controls for infrastructure, applications, and data. Coordinate responses for internal and regulatory audits for information security team. Qualifications 7-10 years of experience in information security governance, compliance, or risk management in a financial service, fintech, or technology-driven environment Bachelor's degree in information security, risk management, or a related field Strong written and verbal communication skills Excellent analytical and problem-solving skills Able to manage multiple priorities and deadlines in a fast-paced environment Comfortable engaging with senior leaders Knowledge of cybersecurity frameworks (ISO, CIS, NIST, SOC 2) and audit processes CISM, CRISC, or CISSP certifications are preferred Benefits The base salary range for this role is $150,000 to $180,000. iCapital offers a compensation package which includes salary, equity for all full-time employees, and an annual performance bonus. Employees also receive a comprehensive benefits package that includes an employer matched retirement plan, generously subsidized healthcare with 100% employer paid dental, vision, telemedicine, and virtual mental health counseling, parental leave, and unlimited paid time off (PTO). We believe the best ideas and innovation happen when we are together. Employees in this role will work in the office Monday-Thursday, with the flexibility to work remotely on Friday. For additional information on iCapital, please visit **************************************** Twitter: @icapitalnetwork | LinkedIn: ***************************************************** | Awards Disclaimer: ****************************************/recognition/ iCapital is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, gender identity, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Lightning Labs is seeking to hire a Security Engineer for the ongoing scaling of our growing engineering organization. This is a hands-on role that consists of devising and implementing policies and procedures around best practices in systems security. The ideal candidate has experience in securing web, Bitcoin, and other public-facing network services, penetration testing, and both automated and manual source code security reviews. Due to the domain in which we work, experience with Bitcoin and the Lightning Network is extremely desirable as is knowledge of the cryptographic aspects involved in this area. As we are an international organization, experience and comfort working with highly distributed teams is a must. In addition, the ideal candidate should have a passion for our mission of bringing financial freedom to the world, as well as for Bitcoin as a whole. Although a part of the engineering organization, candidates in this position will work across functional team boundaries to ensure all aspects of the business are appropriately considered and covered by security best practices. Responsibilities may include but are not limited to: Designing and deploying active fuzzing, black+white box testing and penetration testing infrastructure for open source and production systems Performing security audits and review of both internal production systems as well as open source software which interacts with Bitcoin+Lightning in a security critical manner Provide mentorship and guidance to level up your teammates Creating global security policy, standards, guidelines, and procedures to ensure ongoing maintenance of security Overseeing security aspects of software release processes and infrastructure Determining security team requirements for future growth Developing and ensuring responsiveness of security incident management processes Performing risk management assessments Preferred experience: At least 5 years prior experience in in systems security An ability to work with a high impact, fast-moving startup team Extensive knowledge of operating system and computer architecture internals Strong understanding of cryptography, protocol design and adversarial analysis Experience in reverse engineering and exploiting of cryptographic protocol (cryptocurrencies like Bitcoin) systems Extensive expertise with professional software development experience in Go, Rust, C/C++, and/or Java Experience in security incident response Experience in security code review and vulnerability triaging Prior experience running an open source facing bug bounty program 2+ years management experience or experience as a senior decision maker Experience working with remote teams Experience working with Kubernetes and AWS infrastructure Working knowledge of fundamental Bitcoin and Lightning design principles Candidates with additional experience are welcome to apply as we are open to adjusting the role accordingly

Physna is changing the way software interacts with the physical world. Our industry-leading geometric deep learning technology bridges the gap between physical objects and digital code. Physna partners with large manufacturers and the Department of Defense to reduce risk in supply chain, manage obsolescence, reverse engineering, and identify alternative, more effective sources of supply. Thangs.com is a consumer SaaS product of Physna and the world's first geometric search engine, 3D-native revision control tool, and 3D social platform. Thangs gives creators access to powerful search, collaboration and AI-powered predictive tools that have never been available before in the world of 3D data. Physna is a Series B startup backed by Sequoia Capital, Tiger Global, Google Ventures, and Drive Capital. We are working on novel problems in a world experiencing rapid 3D adoption. What You'll Do This is an exciting time to join Physna and make a personal difference in a rapidly growing space as a Security Engineer on a lean team. Physna and Thangs are highly visible products that we must protect against damage to our internal information and our reputation. Your main priority at all times will be to help safeguard Physna's technology systems. This role plays a critical function to ensure we are continuously improving the security of our products and services. What We'll Expect from You Bachelor's degree in CE, CSE, or Math/Statistics 3+ years of application security engineering experience 5+ total years of experience in any of the following: threat modeling experience, application security risk assessment, secure coding, exploitation paths, secure identity management and authentication, and software development Thorough understanding of Google Cloud architecture, React, and Node.JS Experienced in security testing tools and techniques, such as vulnerability management and static and dynamic code analysis Knowledge of identifying key risk indicators is important Strong analytical skills with the ability to identify and mitigate security risks Experience securing CI/CD pipelines enabling strong security controls Demonstrated ability to operate autonomously in a dynamic and evolving startup Nice to Have Experience building and implementing authentication layers Experience building automation between tools and systems Experience performing analytics against aggregated log data Familiarity with enterprise security controls and security best practices Familiarity with cloud security services, concepts, and best practices Strong familiarity with software development lifecycle (SDLC) processes and source control technologies, Track record of getting things done quickly and with quality Why You'll Like Working for Us We care about your physical, financial and mental well-being. We cover health, dental and vision insurance premiums at 100% for the family. We also make a meaningful contribution into employees' Health Savings Account (HSA). We believe in competitive and fair compensation, offer a 401k, provide a generous holiday and PTO schedule, monthly WFH stipend, monthly well-being budget, unlimited virtual Mental Health therapy, as well as financial assistance for Alternative Medicine, Financial Wellness, Legal Services, Tax Support, and Caregiver Support. We care about our culture. We believe in diversity, equity, inclusion & belonging. We believe in treating each other with kindness and respect. We are a culture of innovation, transparency, accountability, failing fast and learning quickly.

The world's most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on proven AI, AlphaSense delivers insights that matter from content you can trust. Our universe of public and private content includes equity research, company filings, event transcripts, expert calls, news, trade journals, and clients' own research content. The acquisition of Tegus by AlphaSense in 2024 advances our shared mission to empower professionals to make smarter decisions through AI-driven market intelligence. Together, AlphaSense and Tegus will accelerate growth, innovation, and content expansion, with complementary product and content capabilities that enable users to unearth even more comprehensive insights from thousands of content sets. Our platform is trusted by over 6,000 enterprise customers, including a majority of the S&P 500. Founded in 2011, AlphaSense is headquartered in New York City with more than 2,000 employees across the globe and offices in the U.S., U.K., Finland, India, Singapore, Canada, and Ireland. Come join us! Location: Hybrid, from New York or Chicago About the Role The Staff Physical Security Analyst will protect AlphaSense's people, facilities, and sensitive assets through a modern, data-driven approach to physical security. You'll own the full lifecycle of physical security operations-access control, video surveillance, risk assessments, and vendor management-while partnering with the Insider Protection team to ensure physical security data informs broader risk detection efforts. This role requires someone who can run a tight physical security program and collaborate effectively on converged security matters when they arise. You'll work cross-functionally to maintain a safe, resilient workplace across all global locations. About the Team This role sits within the Insider Protection team but serves as AlphaSense's physical security subject matter expert. You'll own physical security operations globally while collaborating with insider threat analysts on matters where physical and logical access intersect. Day-to-day, you'll partner with IT, Facilities, HR, Legal, and regional operations to deliver a mature, well-run physical security program. What You'll Do Oversee physical security systems, including access control, video surveillance, and alarm monitoring - ensuring reliability, data integrity, and appropriate coverage across all locations. Conduct site security risk assessments and recommend mitigation measures, including for sensitive spaces such as data centers, executive offices, and research areas. Manage and optimize global access provisioning processes in coordination with IT and Facilities, ensuring alignment with logical access governance (joiners/movers/leavers, role-based access, high-risk terminations). Lead physical security investigations-including badge anomalies, tailgating, unauthorized access, and workplace concerns-escalating to or partnering with the Insider Threat team when appropriate. Collaborate with building management, HR, Legal, IT and regional operations to ensure consistent security standards. Lead executive and personnel protection efforts, including travel security assessments, threat monitoring, and event security for high-profile gatherings. Own vendor and integrator relationships for physical security services and technologies-managing contracts, SLAs, and technical performance. Develop and maintain physical security policies, procedures, and incident reporting frameworks. Support workplace violence prevention programs, including threat assessment processes and coordination with HR on sensitive personnel matters. Provide physical security data and investigative support (video retrieval, badge history, visitor logs) to insider threat investigations as needed. Build reporting and dashboards on physical security metrics (access exceptions, incident trends, badge utilization) to inform risk decisions and executive reporting. Coordinate with Security Engineering and IT to ensure physical security systems integrate with identity management and enterprise tooling. What We Are Looking For: 5+ years of experience in physical security, corporate security, or related fields, in a technology, financial services, or similarly fast-paced environment. Strong expertise in security technologies (e.g., Lenel, Genetec, Verkada, or similar access control and VMS platforms)-you can administer, troubleshoot, and optimize these systems, not just oversee them. Experience with emergency response planning, crisis management, and security incident response. Strong analytical, investigative, and documentation skills. Ability to manage multiple global sites and remote collaboration effectively. Experience with executive protection, travel security, or personnel security programs. Understanding of how physical access intersects with logical/IT access governance; experience supporting access reviews or JML processes. Comfortable with technology: you can navigate integrations, reporting tools, and dashboards-not just vendor GUIs. Ability to partner effectively with investigative or insider threat teams on converged security matters. Strong interpersonal skills and sound judgment for handling sensitive personnel matters (workplace violence, threat assessment, executive concerns). Experience managing vendor relationships, contracts, and integrator performance. Nice to Have: Certifications such as PSP, CPP, or equivalent. Experience with hybrid workplace and corporate risk management programs. Experience with workplace violence threat assessment (WAVR-21, ATAP membership, or similar frameworks). Background in GSOC operations or third-party guard force management. Familiarity with insider threat concepts and how physical security data supports detection and investigations. Experience at a high-growth technology company or in an environment with sensitive research, data centers, or executive visibility. Why Join Us? Own and build a global physical security program at a company where protecting cutting-edge AI and market intelligence actually matters. Work within a modern security organization that values convergence between physical and cyber/insider threat functions-your work will inform broader risk decisions. High autonomy and ownership: you'll run physical security, not just support it. Competitive compensation, benefits, and the opportunity to shape security at a high-growth company. For base compensation, we set standard ranges for all roles based on function and level benchmarked against similar stage growth companies and internal comparables. In order to be compliant with local legislation, as well as to provide greater transparency to candidates, we share salary ranges on all job postings regardless of desired hiring location. Final offer amounts are determined by multiple factors including candidate experience/expertise and may vary from the amounts listed below. You may also be offered a performance-based bonus, equity, and a generous benefits program. Base Compensation Range$113,000-$156,000 USD AlphaSense is an equal-opportunity employer. We are committed to a work environment that supports, inspires, and respects all individuals. All employees share in the responsibility for fulfilling AlphaSense's commitment to equal employment opportunity. AlphaSense does not discriminate against any employee or applicant on the basis of race, color, sex (including pregnancy), national origin, age, religion, marital status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any other non-merit factor. This policy applies to every aspect of employment at AlphaSense, including recruitment, hiring, training, advancement, and termination. In addition, it is the policy of AlphaSense to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations, and ordinances where a particular employee works. Recruiting Scams and Fraud We at AlphaSense have been made aware of fraudulent job postings and individuals impersonating AlphaSense recruiters. These scams may involve fake job offers, requests for sensitive personal information, or demands for payment. Please note: AlphaSense never asks candidates to pay for job applications, equipment, or training. All official communications will come from ******************* email address. If you're unsure about a job posting or recruiter, verify it on our Careers page. If you believe you've been targeted by a scam or have any doubts regarding the authenticity of any job listing purportedly from or on behalf of AlphaSense please contact us. Your security and trust matter to us.

At DraftKings, AI is becoming an integral part of both our present and future, powering how work gets done today, guiding smarter decisions, and sparking bold ideas. It's transforming how we enhance customer experiences, streamline operations, and unlock new possibilities. Our teams are energized by innovation and readily embrace emerging technology. We're not waiting for the future to arrive. We're shaping it, one bold step at a time. To those who see AI as a driver of progress, come build the future together. The Crown Is Yours As a Principal Security Engineer, you'll shape how DraftKings uses emerging technology securely and responsibly. You'll work at the highest strategic level, partnering with engineering, product, and research teams to build secure, scalable systems that power our platforms. You'll apply deep technical expertise to evaluate and influence the security of new tools, workflows, and architectures. With a cross-disciplinary team at your side, you'll lead by example designing smarter automation, scaling secure infrastructure, and mentoring peers through complex challenges. What you'll do as a Principal Security Engineer Lead large-scale security reviews of new capabilities at DraftKings with your deep experience building and deploying code and systems leading the way Design, build and implement tools to support the safe use of new technology, such as proxies that help implement security functionality or modify existing systems to make them safer. Spearhead the automation of security processes, reducing the time to deploy across the entire engineering organization. Drive remediation efforts of complex, cross-functional security issues. Apply subject matter expertise to identify potential security issues, tools, mitigations and processes, staying current with the evolving security landscape and sharing expertise with others through coaching. Collaborate across a range of technical and non-technical contributors, providing insights on security designs that balance usability and safety. Share knowledge and provide guidance to team members, fostering a culture of continuous learning and collaboration. What you'll bring 8+ years experience in engineering, building and operating systems in production. 5+ years experience contributing and advising on security design. Experience writing high quality code in a typed and untyped programming language. A constructive attitude to help others raise the bar. Varied knowledge across system fundamentals, how multiple operating systems and file systems work, networking and common protocols, public cloud security, and automation. An understanding of how organizations use AI foundation models and how to reason about safely using AI in business contexts. Empathy, strong communication skills and a deep respect for the power of collaboration. Ability to manage competing priorities and thrive in a fast-paced, dynamic environment. Join Our Team We're a publicly traded (NASDAQ: DKNG) technology company headquartered in Boston. As a regulated gaming company, you may be required to obtain a gaming license issued by the appropriate state agency as a condition of employment. Don't worry, we'll guide you through the process if this is relevant to your role. The US base salary range for this full-time position is 183,200.00 USD - 229,000.00 USD, plus bonus, equity, and benefits as applicable. Our ranges are determined by role, level, and location. The compensation information displayed on each job posting reflects the range for new hire pay rates for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific pay range and how that was determined during the hiring process. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Who we are: At SpotHero, we work as a team to empower people to get everywhere, easier! We're rapidly growing with the mission of bringing the parking industry into the future through technology. Drivers across the nation use the SpotHero mobile app and website to reserve convenient, affordable parking in advance, on-the-go or through their connected cars, and parking companies rely on us to help them reach new customers while optimizing their business. We connect the dots with cutting-edge technology, delivering value to both sides of this exciting, evolving marketplace. We've been quite busy, take a peek at some of our recent announcements. Senior Security Engineer I/II at SpotHero: SpotHero is looking for a Senior Security Engineer I to build and lead our Application Security Program. This role involves close collaboration with engineering teams and product managers to integrate security throughout the entire product development lifecycle. What you'll do Conduct security-focused architecture, design, and code reviews. Direct threat modeling and penetration testing exercises. Lead the Security Champions program, empowering developers across teams to act as security advocates and fostering a culture of security awareness and best practices within the organization. Document security guidance and secure coding best practices and provide training to the engineering organization. Collaborate with customers, external security researchers, and developers to understand, document and assist in remediating reported vulnerabilities. Contribute to the Vulnerability Management Program through the deployment and operationalization of security analysis tools. Assist in responding to security incidents. What we're looking for 5+ years of experience as a security engineer, demonstrating in-depth knowledge of application security principles, secure coding practices, and vulnerability management. Proven ability to manage and prioritize security projects effectively. Proficiency in developing and debugging in at least one programming language. Experience conducting or participating in threat modeling and web/mobile application penetration testing. Excellent communication skills, with the ability to effectively communicate complex security concepts to technical and non-technical audiences and collaborate with cross-functional teams. Familiarity with cloud security controls and best practices. Experience with Amazon Web Services (AWS) is preferred but not required. Nice to have Security certifications such as Offensive Security Certified Professional (OSCP), Certified Secure Software Lifecycle Professional (CSSLP), or similar. Tech you'll work with Security analysis tools such as Semgrep or Docker Scout Languages: Python/Django, Go, Kotlin, Java, React/Redux Infrastructure: AWS, Kubernetes, Terraform Why SpotHero? We're a marketplace making parking easier for drivers and more efficient for garage operators. You'll join a team that values curiosity, ownership, and continuous learning and a culture that emphasizes impact, relationships, and adaptability. Seeking Candidates in: Illinois | Colorado | Washington D.C. | Florida | Indiana | Maryland | Michigan | New York | Pennsylvania | Texas | Washington | Wisconsin 100% remote What we are offering: Career game changer - A truly unique experience to work for a fast-growing startup in a role with unlimited growth potential. Excellent benefits We cover a generous portion of Medical Premiums, 50% of Dental and Vision Premiums, company-sponsored Life Insurance, a 401(k) with match and immediate vesting, and comprehensive leave policies to meet your needs in creating space for life" Canada: We offer Medical (prescription drug and paramedical coverage), Dental, Vision, Life Insurance, STD and LTD. Flexible PTO policy and outstanding work/life balance - We value and support each individual team member. Grubhub weekly lunch stipend for in office days (SkipTheDishes for Canada) Udemy and Personal Learning Budget - We support the professional and personal growth of our people by providing everyone with learning resources and development opportunities. Annual parking stipend - Duh. We help people park! The opportunity to collaborate with fun, innovative, and passionate people in a casual yet highly productive atmosphere. Our commitment to allyship has been a central driver of how we Respect Fellow Drivers. You'll have the opportunity to be part of Employee Resource Groups, access allyship learning resources, and actively contribute to our ongoing effort of making SpotHero inclusive for all. Employee programs to grow and support our people such as Discovery Days for Product and Engineering, Gearing up for Aspiring Leaders, and Mentorship Program. A workplace recognized as CityLights award winner by 1871, 2025 Best Places To Work by BuiltIn, Most Loved Workplace Certified by the Best Practice Institute, and recipient of multiple Comparably awards, including Best Company Culture, Best Company for Women, and Best Company for Diversity. Compensation: Depending on your skillset and experience, you can expect your base salary to be between $104,000 - $150,000 as well as a discretionary bonus and leading total rewards package including stock options. At SpotHero, we Respect Fellow Drivers by providing an inclusive interview experience for everyone, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process. Please let our team know of your need when you apply or as you begin interviewing with our team. SpotHero is an equal opportunity employer. We know that a diverse workforce is the strongest workforce, and are committed to building and supporting an inclusive environment for all. Additionally, because we want to Remember to Signal, if you choose to provide us personal information in connection with a job application, please review our Applicant Privacy Notice which provides details about what information we collect and process about you in order to consider your candidacy. PLEASE NOTE: This position is ineligible for visa sponsorship. To be considered for this role, you must be legally authorized to work in the US or Canada and not require sponsorship for employment now or in the future.

Wavelo is a SaaS business on a mission to make telecoms a breeze. We provide flexible software that modernizes how communication service providers (CSPs) do business, helping them drive more value, focus on customer experience, and scale their operations faster. As part of Tucows (NASDAQ:TCX, TSX:TC)-one of the world's largest Internet services companies-Wavelo is backed by outstanding resources and talent. We embrace a people-first philosophy that is rooted in respect, trust, and flexibility. We believe that whatever works for our employees is what works best for us. It's also why the majority of our roles are remote-first, meaning you can work from anywhere you can connect to the Internet! The work we do genuinely changes lives. If this sounds exciting, we'd love to hear from you! About the Opportunity As a Threat Detection and Response Analyst, your primary focus will be to proactively identify, investigate, and mitigate advanced threats within Tucows' environment. You will be part of the larger Information Security team, playing a key role in detecting and responding to sophisticated adversaries that evade traditional security controls across our complex environments. You will collaborate with cross-functional teams to strengthen our defenses, enhance detection capabilities, and ensure compliance with established security frameworks and policies. This role requires participation in our 24/7 on-call rotation for incident response. You'll thrive in this role if you enjoy deep technical investigation, pattern recognition, and staying ahead of evolving cyber threats. This is a remote position for applicants based in Canada or USA. Job Duties * Perform cybersecurity threat detection, analysis, and mitigation as part of a global, around-the-clock security team. * Perform proactive threat hunting across Tucows' systems, networks, and cloud environments to detect hidden or emerging adversarial activity. * Investigate potential security incidents using a wide range of tools, logs, and techniques across cloud and on-premise environments. * Collaborate with other Security Analysts and Security Engineering personnel to triage, contain, and remediate identified threats. * Develop and tune custom detection rules, scripts, and playbooks to improve threat visibility and response effectiveness. * Design, build, and maintain scalable detection logic across SIEM and EDR platforms. * Conduct proactive threat hunting to detect potential adversary activity within the environment. * Design, test, and improve security detections, playbooks, and automation workflows to enhance response capabilities and reduce detection gaps. * Review and triage alerts and logs, escalating significant incidents. * Monitor external service providers for suspicious activity or potential security events. * Perform continuous analysis of threat intelligence, tactics, techniques, and procedures (TTPs) to anticipate attacker behavior. * Utilize Cyber Threat Intelligence sources and workflows to augment detection and response. * Document and communicate findings with clear technical and business context, recommending long-term preventive actions. * Contribute to purple team exercises, attack simulations, and post-incident reviews to enhance defense-in-depth capabilities. * Mentor junior analysts and foster a culture of curiosity, learning, and shared security ownership. Knowledge, Skills, and Abilities * Deep understanding of adversary tradecraft, the MITRE ATT&CK framework, and modern threat landscapes. * Experience with SIEM, EDR, and cloud-native detection tools (e.g., CrowdStrike, Alienvault, AWS GuardDuty, Azure Defender, Elastic, etc.). * Strong analytical and investigative mindset with the ability to connect technical indicators to strategic insights. * Familiarity with scripting languages (Python, PowerShell, etc.) for automating hunts and data analysis. * Knowledge of network protocols, operating system internals, and log analysis. * Excellent written and verbal communication skills with the ability to translate complex findings into clear risk narratives. * Demonstrated ability to work both independently and collaboratively in a fast-moving environment. Qualifications Required * Bachelor's degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). * 5-8 years of experience in cybersecurity, including 3+ years focused on threat hunting, detection engineering, or incident response. * Relevant certifications are a plus (e.g., GCFA, GCTI, GNFA, OSCP, or equivalent). The base salary range for this position is $114,300 - $127,000 USD for US residents OR $118,260 - $131,2400 CAD for Canadian residents. Other countries will differ. Range may vary on a number of factors including, but not limited to: location, experience and qualifications. Tucows believes in a total rewards offering that includes fair compensation and generous benefits. Learn more about Tucows Benefits. Want to know more about what we stand for? At Wavelo and Tucows we care about protecting the open Internet, narrowing the digital divide, and supporting fairness and equality. We also know that diversity drives innovation. We are committed to inclusion across race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status or disability status. We celebrate multiple approaches and diverse points of view. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation. Tucows and its subsidiaries participate in the E-verify program for all US employees. Learn more about Tucows, our businesses, culture and employee benefits on our site here.