Information security analyst jobs in Cupertino, CA - 566 jobs

At Pave, we're building the industry's leading compensation platform, combining the world's largest real-time compensation dataset with deep expertise in AI and machine learning. Our platform is perfecting the art and science of pay to give 8,500+ companies unparalleled confidence in every compensation decision. Top tier companies like OpenAI, McDonald's, Instacart, Atlassian, Synopsys, Stripe, Databricks, and Waymo use Pave, transforming every pay decision into a competitive advantage. $190+ billion in total compensation spend is managed in our workflows, and 58% of Forbes AI 50 use Pave to benchmark compensation. The future of pay is real-time & predictive, and we're making it happen right now. We've raised $160M in funding from leading investors like Andreessen Horowitz, Index Ventures, Y Combinator, Bessemer Venture Partners, and Craft Ventures. Research & Design Org Pave's R&D pillar includes our data science, engineering, information technology, product design, product management, and security teams. This organization builds, maintains, and secures a platform used by more than 8,500+ client organizations. Our engineering team moves between ideation, scoping, and execution in a matter of days while closely iterating with cross-functional partners on requirements. At Pave, we use TypeScript, Node.js, and React, hosted on GCP. Compensation strategy is broken down into 3 pillars - compensation bands, planning workflows, and total rewards communication. We build products that make these processes seamless for customers. Over the next year, our roadmap is focused on enhancing the entire compensation lifecycle: from philosophy definition to market trend analysis, band adjustments, merit cycles, and employee communication. We're seeking passionate engineers who are excited about building robust, data-rich systems that simplify complex compensation processes at scale. Security Team @ Pave Security is part of everything we do at Pave. With amazing growth comes amazing engineering and security challenges. This is an opportunity to have a huge impact and run programs at a company that doesn't need to be convinced why security is important. Our customers count on us to secure some of their most sensitive data, and that trust is central to Pave. It's the only way we can unlock a labor market built on trust, and change the world of compensation. What You'll Bring 5+ years of application security experience as part of a blue team Expert knowledge of OWASP Top 10 and application security Security design review experience Experience in running bug bounty programs and pentesting Outstanding communication and partnership skills with software engineers Ideally, experience in Google Cloud Security best practices Compensation Salary is just one component of Pave's total compensation package for employees. Your total rewards package at Pave will include equity, top-notch medical, dental, and vision coverage, an unlimited PTO policy, and many other region-specific benefits. Your level is based on our assessment of your interview performance and experience, which you can always ask the hiring manager about to understand in more detail. The targeted cash compensation for this position is (level depends on experience and performance in the interview process): $205,700 - $278,300 Life @ Pave Since being founded in 2019, Pave has established a robust global footprint. Headquartered in San Francisco's Financial District, we operate strategic regional hubs across New York City's Flatiron District, Salt Lake City, and the United Kingdom. We cultivate a vibrant, collaborative workplace culture through our hybrid model, bringing teams together in-person on Mondays, Tuesdays, Thursdays, and Fridays to foster innovation and strengthen professional relationships. Benefits @ Pave At Pave, career advancement drives everything-roles expand, responsibilities deepen, and compensation rises alongside your professional growth. What we provide Complete Health Coverage: Comprehensive Medical, Dental and Vision coverage for you and your family, with plenty of options to suit your needs Time off & Flexibility: Flexible PTO and the ability to work from anywhere in the world for a month Meals & Snacks: Lunch & dinner stipends as well as fully stocked kitchens to fuel you Professional Development: Quarterly education stipend to continuously grow Family Support: Robust parental leave to bond with your new family Commuter Assistance: A commuter stipend to help you collaborate in person Vision Our vision is to unlock a labor market built on trust Mission Our team's mission is to build confidence in every compensation decision Are you ready to help our customers make smarter, more effective compensation decisions? Pave is an Equal Opportunity Employer. We value diversity and are committed to creating an inclusive environment for all employees. Contact If you're interested in future opportunities at Pave, you can inquire about roles or create a Job Alert through our channels. #J-18808-Ljbffr

Heartflow is a medical technology company advancing the diagnosis and management of coronary artery disease, the #1 cause of death worldwide, using cutting‑edge technology. The flagship product-an AI‑driven, non‑invasive cardiac test supported by the ACC/AHA Chest Pain Guidelines called the Heartflow FFRCTAnalysis-provides a color‑coded, 3D model of a patient's coronary arteries indicating the impact blockages have on blood flow to the heart. Heartflow is the first AI‑driven non‑invasive integrated heart care solution across the CCTA pathway that helps clinicians identify stenoses in the coronary arteries (RoadMap™Analysis), assess coronary blood flow (FFRCTAnalysis), and characterise and quantify coronary atherosclerosis (Plaque Analysis). Our pipeline of products is growing and so is our team; join us in helping to revolutionise precision heart‑care. Heartflow is a publicly traded company (HTFL) that has received international recognition for exceptional strides in healthcare innovation, is supported by medical societies around the world, cleared for use in the US, UK, Europe, Japan and Canada, and has been used for more than 500,000 patients worldwide. Overview The Heartflow Information Security team is responsible for security across our corporate and product environments, protecting our patient data and medical device ecosystem. We are looking for an investigator that loves the challenge of analysing complex security telemetry to uncover hidden threats and ensure a resilient defence for our corporate and product environments. The initial focus will be on triaging advanced security events and participating in our security incident response process. Analytical work will span our corporate, clinical and cloud infrastructure and will include threat hunting and the refinement of high‑fidelity detection logic. What You'll Do Perform in‑depth analysis of security events, logs, and network traffic using SIEM, EDR, and other security tools to rapidly identify, contain, and remediate complex threats. Collaborate in developing and implementing custom correlation rules, dashboards, and alerts to enhance detection capabilities. Drive threat hunts to find “quiet” persistent threats within our clinical and corporate environments. Participate in continuous refinement of incident response playbooks, operational procedures, and security standards. Perform security reviews of third‑party vendors to identify risks and ensure they meet company standards. What You Bring Education - BS in Computer Science or a related technical degree. No degree? No problem-if you have the equivalent experience and certifications, we want to hear from you. Experience - At least 2 years in the trenches of a SOC or Incident Response team. However, if you haven't held a formal “Security” title but have at least 2 years on an IT Operations team, we value deep technical expertise in operating systems and networking if you can show us your passion for security. You're comfortable navigating security platforms like SIEMs, EDR tools (CrowdStrike or similar), and Email Security platforms. Strong problem‑solving skills with the ability to troubleshoot security issues across networks, operating systems, and applications. Possess a solid understanding of log correlation and how to write logic for security alerts. Deep understanding of at least one of the operating system internals (Windows, Linux, or mac OS). Ability to analyse process trees. Able to analyse network flows and packet data to find hidden threats. You know your way around network tools and can spot anomalies across different types of environments. What Helps You Stand Out Certifications: SANS GIAC (GCIH, GCIA), CompTIA (Security+, CySA+), EC‑Council (C|SA) or equivalent. Proven ability to take initiative- track record of identifying problems and developing solutions independently. Excellent written and verbal communication skills, with the ability to clearly articulate complex technical issues and remediation plans to both technical and non‑technical audiences. You are a continuous learner who stays curious about the latest attack trends and loves figuring out how to stop them. A reasonable estimate of the base salary compensation range is $75,000 to $100,000 per year, and bonus. #LI-IB1 Heartflow is an Equal Opportunity Employer. We are committed to a work environment that supports, inspires, and respects all individuals and do not discriminate against any employee or applicant because of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law. This policy applies to every aspect of employment at Heartflow, including recruitment, hiring, training, relocation, promotion, and termination. Positions posted for Heartflow are not intended for or open to third‑party recruiters / agencies. Submission of any unsolicited resumes for these positions will be considered to be free referrals. Heartflow has become aware of a fraud where unknown entities are posing as Heartflow recruiters in an attempt to obtain personal information from individuals as part of our application or job offer process. Before providing any personal information to outside parties, please verify the following: A) All legitimate Heartflow recruiter email addresses end with “@heartflow.com” and B) The position described is found on our careers site at ********************************* #J-18808-Ljbffr

Swiftly is on a mission to help cities move more efficiently. We are the leading transit data platform for agencies to share real‑time passenger information, manage day‑to‑day operations, and improve service performance. Today, over 180 transit agencies in 12 countries - including LA Metro, MARTA, SEPTA, and MBTA - rely on Swiftly to improve on‑time performance by up to 40% and increase passenger information accuracy by up to 50%. The result is better service reliability, increased ridership, and more efficient transit operations. Even though Swiftly's HQ office is located in San Francisco, CA, we are open to candidates in most locations across the U.S. as well as Ontario and British Columbia, Canada. At this time we are unable to provide Visa sponsorship. Engineering at Swiftly Engineering at Swiftly is not only about writing code - we believe in creating empowered product teams that work together to conceptualize new features and bring them to life. Each team aims to strike a balance between delivering incremental improvements, creating prototypes to test new ideas and mitigate risks, and building scalable software using industry best practices. We're guided by a mission to positively impact transit riders, and we embrace humility and intentionality in how we make technical decisions so that we best meet our customers' needs. About the Role We're looking for a Lead Security Engineer to join our Platform team and mature Swiftly's security posture. We believe excellent security isn't just about tools and controls; it's about empowering product, infrastructure, and corporate IT teams across our organization to make secure decisions every day. In this role, you'll partner closely with engineering, product, and go‑to‑market teams to design secure solutions, build DevSecOps tooling, and drive our compliance roadmap. You'll balance strategic initiatives with hands‑on work in our cloud‑native environment. We're looking for someone equally comfortable working on codebases and leading cross‑functional initiatives, a force multiplier who can train teams, represent security to customers and executives, and make security a natural part of how Swiftly ships products. We use AI tools for scheduling and summarization in our hiring process. We do not use AI tools to make decisions about who moves forward or to assess the strength of candidates. Every application is reviewed and all hiring decisions are made by Swiftly team members. This is an active, open role that we are currently hiring for at Swiftly. What You'll Do Make Swiftly Secure Own Swiftly's security risk register and threat models; identify, prioritize, and drive remediation of risks across application and infrastructure. Design secure architectures for our SaaS platform, mobile applications, and IOT/Hardware Integration, focusing on authentication, authorization, data protection, and network boundaries. Recommend, implement, and manage security tools end‑to‑end. Build DevSecOps guardrails into CI/CD so vulnerabilities, misconfigurations, and license issues surface early. Conduct internal security assessments and coordinate engagements with external penetration testers. Own security policies and standards; ensure they're practical, adopted, and measurable. Define standards for secure adoption of AI coding assistants, building reusable patterns, custom configurations, and guardrails that help developers move fast safely. Compliance & Customer Trust Lead renewals and continuous readiness for existing certifications like SOC 2. Proactively identify security frameworks required for international expansion; scope cost, level of effort, and timelines to inform market entry decisions; and lead execution of new certifications. Respond to customer security and compliance inquiries and support product marketing with security content. Incident Response & Detection Design and maintain security incident response plans, playbooks, and escalation paths. Serve as an escalation point for security incidents; lead triage, root cause analysis, and remediation. Security Leadership Define and maintain security KPIs and dashboards for executive and board reporting. Give teams visibility into their security posture and coach them to improve. Influence roadmap prioritization to ensure security and compliance are first‑class concerns. Mentor engineers in secure design and help grow a security‑aware culture across Swiftly by delivering security training and office hours for developers and other stakeholders. Drive corporate IT security strategy, including endpoint hardening, email security, IAM standards, and periodic access reviews. What will set you up for success 5+ years of experience in security engineering with both strategic and hands‑on work. Strong experience securing cloud‑native environments (AWS preferred), including IAM, networking, logging/monitoring, and secrets management. Hands‑on experience with infrastructure‑as‑code (Terraform) and policy‑as‑code frameworks (OPA, Sentinel, or similar). Background building security into CI/CD pipelines and development workflows. Familiarity with container and orchestration security. Excellent threat modeling and risk assessment skills; able to translate complex risks into clear options and tradeoffs. Experience with compliance frameworks (SOC 2 preferred) and audit processes. Strong communication skills; comfortable working across technical and non‑technical teams. Self‑directed and comfortable operating with autonomy. Nice to Haves Relevant certifications (CISSP, cloud security certifications). Experience advising on security for AI/ML or LLM‑powered features. Mobile application security experience (Android preferred). Experience with GRC and compliance platforms. Background in application security or penetration testing. Experience with international compliance frameworks. Familiarity with regulated industries or public sector requirements. Experience with physical device security (IoT, embedded systems, or field‑deployed hardware). Experience with Mobile Device Management (MDM) solutions for enterprise or fleet deployments. Pay Range In accordance with pay transparency laws, please see the approximate salary ranges below. These ranges represents the anticipated low and high end of the salary for this position. Actual salaries will vary and are based on a multitude of non‑discriminatory factors including final role leveling decisions, a candidate's relevant work experiences/skills, and geographic location. Salary is one component of Swiftly's total compensation package, which also includes stock options, competitive benefits, 401(k)/RRSP matching, a fantastic team and culture, opportunity to have a huge impact, emphasis on professional growth and holistic wellness, and other perks. US Salary Range: $140,000 - 200,000 Canadian Salary Range: $165,000 - 200,000 Beyond the Skills We are looking for candidates who are passionate about mobility, sustainability, or mission‑oriented projects that have a significant real‑world impact. Ideal candidates encompass the core values of our company: Team. Together, we are more effective and better supported. Impact. Drive impact for our customers, our company, and all of our teams. Diversity. See differing perspectives as ways to address our weaknesses and find new strengths. Communication. Assume others internally and externally have good intentions. Feedback. We share feedback because we want each other to grow professionally and personally. Growth. Foster personal, professional, and company growth. Benefits Competitive salary Equity compensation (company ownership) for every employee Medical, Dental and Vision Retirement with Employer Match Flexible Spending Account (FSA) Home office setup reimbursement Monthly cell/internet reimbursement Monthly "Be Well" stipend Flexible PTO with a recommended minimum Flexible work environment 16 paid holidays - including months without U.S. national holidays 8 fully paid weeks of leave for childbirth/adoption Travel note Swiftly employees can generally expect to travel 1-2 times a year for in‑person company or team offsites. As a fully distributed company, we consider these offsites important for cultivating strong relationships across our teams! Attending these in‑person is expected and encouraged, although we understand everyone has different personal circumstances and we will consider requests for exceptions. Customer‑facing team members and other specific roles may be expected to travel more frequently. Equal Opportunity Statement We are an equal opportunity employer - we are committed to a workplace that is as dynamic, diverse, and passionate as the communities we serve. #J-18808-Ljbffr

A leading data protection firm is seeking a Machine Learning Engineer to develop GenAI architectures and secure AI workflows. Ideal candidates should hold a PhD or MS in Computer Science and possess 2+ years of relevant experience. Key responsibilities include developing and testing machine learning models, conducting experiments, and collaborating within a team. The role offers competitive compensation along with benefits including health, PTO, and 401K options. #J-18808-Ljbffr

Loft Orbital is revolutionizing access to space by building reliable, shareable satellites that drastically reduce the time and complexity traditionally required to get to orbit. We operate satellites, fly customer payloads, and handle entire missions from end‑to‑end. We're a close‑knitted team of space enthusiasts, software experts, and cutting‑edge technologists, all working together to make space simple for our customers. As a Senior Security Engineer on our Security and Compliance Team, your mission will be to ensure that our highly automated, containerized, and globally distributed infrastructure remains secure throughout its lifecycle, from architecture to incident response. You'll be at the heart of our DevSecOps efforts, collaborating directly with infrastructure, software, product, and solution teams to scale Loft's security maturity while embracing our startup agility and culture. This is a hands‑on, deeply collaborative role, offering broad scope, rapid growth opportunities, and yes, a chance to contribute to space missions. About the Role: Champion DevSecOps best practices by designing and implementing security controls directly into our CI/CD pipelines (e.g., GitLab CI). Lead and automate application and infrastructure security assessments, including threat modeling and code review. Partner with developers and SREs to identify, remediate, and prevent vulnerabilities through secure design and practical guidance. Design, build, and maintain secure architecture patterns for containerized, cloud‑native, and distributed workloads. Develop and maintain automated security tooling, such as container image scanning, IaC validation, and policy‑as‑code. Collaborate on automated security tooling for container image scanning, IaC validation, and RBAC compliance. Support incident response workflows, including detection, forensics, root cause analysis, and post‑mortems. Provide technical mentorship and real‑time enablement to help teams adopt a “secure‑by‑default” mindset. Contribute to internal security tools and automation using Python, Go, or other modern languages. Continuously improve how we measure and scale security across our SRE and infrastructure platforms. Must Haves: Deep experience with cloud security in AWS, Azure, or GCP environments. Strong knowledge of container and Kubernetes security in production environments. Proficiency in at least one modern programming language (e.g., Python, Go, C++). Hands‑on experience with zero‑trust architecture, service mesh, and software‑defined networking. Solid understanding of DevSecOps pipelines, IaC tools, and secure build processes. Hands‑on experience with vulnerability scanning, SAST/DAST tools, and automated security testing. Proven success in fast‑paced, highly collaborative environments, ideally at a startup or scale‑up. Comfortable working closely with developers and SREs in an enablement‑first security culture. Clear, concise communication and documentation skills. Ability to thrive in a multicultural, globally distributed engineering team. Nice to Haves: Practical experience with policy‑as‑code (OPA, Sentinel, etc.). Understanding of software‑defined networking and security policy enforcement in mesh environments. Familiarity with modern SRE practices, observability, and resilience engineering. Contributions to open‑source security tools or frameworks. Interest or experience in space operations or aerospace systems. Some of Our Awesome Benefits: 100% company‑paid medical, dental, and vision insurance option for employees and dependents Flexible Spending (FSA) and Health Savings (HSA) Accounts offered with an employer contribution to the HSA 100% employer paid Life, AD&D, Short‑Term, and Long‑Term Disability insurance Flexible Time Off policy for vacation and sick leave, and 12 paid holidays 401(k) plan and equity options Daily catered lunches and snacks in office International exposure to our team in France Fully paid parental leave; 14 weeks for birthing parent and 10 weeks for non‑birthing parent Carrot Fertility provides comprehensive, inclusive fertility healthcare and family‑forming benefits with financial support Off‑sites and many social events and celebrations Relocation assistance when applicable $140,250 - $190,000 a year State law requires us to tell you the base compensation range for this role, which is $140,250- $190,000 per year. This is determined by your education, experience, knowledge, skills, and abilities. The salary range for this role is intentionally wide as we evaluate individuals based on their unique experience and abilities to fit our needs. Most importantly, we are excited to meet you, and see if you are a great fit for our team. What we can't quantify for you are the exciting challenges, supportive team, and amazing culture we enjoy. * Research shows that while men apply to jobs where they meet an average of 60% of the criteria, women and other underrepresented people tend to only apply when they meet 100% of the qualifications. At Loft, we value respectful debate and people who aren't afraid to challenge assumptions. We strongly encourage you to apply, even if you don't check all the boxes. Who We Are Loft: Space Made Simple. Founded in 2017, Loft provides governments, companies, and research institutions with a fast, reliable, and flexible way to deploy missions in orbit. We integrate, launch, and operate spacecraft, offering end‑to‑end missions as a service across Earth observation, IoT connectivity, in‑orbit demonstrations, national security missions, and more. Leveraging our existing space infrastructure and an extensive inventory of satellite buses, Loft is reducing years‑long integration and launch timelines to months. With more than 25 missions flown, Loft's flight heritage and proven technologies enable customers to focus on their mission objectives. At Loft, you'll be given the autonomy and ownership to solve significant challenges, but with a close‑knot and supportive team at your back. We believe that diversity and community are the foundation of an open culture. We are committed to hiring the best people regardless of background and make their time at Loft the most fulfilling period of their career. We value kind, supportive and team‑oriented collaborators. It is also crucial for us that you are a problem solver and a great communicator. As our team is international, you will need strong English skills to better collaborate, easily communicate complex ideas and convey important messages. With 4 satellites on‑orbit and a wave of exciting missions launching soon, we are scaling up quickly across our offices in San Francisco, CA | Golden, CO | and Toulouse, France. As an international company your resume will be reviewed by people across our offices so please attach a copy in English. #J-18808-Ljbffr

A leading tech company in Palo Alto is seeking a Security Engineer to ensure security best practices across systems. Responsibilities include designing security testing infrastructure, performing audits, and mentoring team members. Ideal candidates have over 5 years of experience in systems security, strong knowledge of cryptography, and the ability to work with distributed teams. Familiarity with Bitcoin and the Lightning Network is highly desirable. #J-18808-Ljbffr

A leading data intelligence platform located in San Francisco is seeking a Senior Security Engineer to lead security initiatives and projects within the company. The ideal candidate should have over 6 years of experience in security engineering with a strong work ethic and ability to build scalable systems. You'll evangelize security practices, oversee full-stack security projects, and ensure compliance with industry standards. Competitive equity and comprehensive benefits will be offered, including health insurance and unlimited PTO. #J-18808-Ljbffr

A leading aerospace company is seeking a Senior Security Engineer to enhance their security practices. This role involves implementing security controls directly in CI/CD pipelines and requires deep experience in cloud security across AWS, Azure, or GCP. You'll work in a highly collaborative DevSecOps setup, contributing to security maturity while supporting cutting-edge space missions. Ideal candidates should possess a Master's degree in Computer Science and have proficiency in modern programming languages such as Python or Go. #J-18808-Ljbffr

A technology innovator based in San Francisco is looking for a Security Operations Engineer to enhance their cloud-first security posture. Responsibilities include leading incident response, optimizing detection tools, and implementing security best practices. Ideal candidates will have over five years in security operations, a solid understanding of threat workflows, and scripting skills. The role offers competitive salary packages and numerous benefits including health coverage and paid leave. #J-18808-Ljbffr

About Us At Hayden AI, we are on a mission to harness the power of artificial intelligence and machine learning to transform the way governments and businesses address real-world challenges. From optimizing bus lane and bus stop enforcement to pioneering digital twin modeling and beyond, our innovative mobile perception system empowers our clients to accelerate transit, enhance street safety, and drive forward a sustainable future. What the job involves Our Engineering teams work at the cutting edge of technology, leveraging AWS and GCP cloud services and developing our own Linux-based edge devices. As a dynamic startup, we understand the critical importance of cybersecurity in protecting our innovative solutions and ensuring the safety of our digital environment and customer data. We're looking for a passionate Security Engineer to lead our cybersecurity initiatives, safeguarding our code and infrastructure against the ever-evolving threats. You will manage security for our production and corporate systems, handle security alerts, implement policies, and collaborate with external customers on security needs. Responsibilities Develop and implement comprehensive security strategies for our cloud environments (AWS and GCP) and Linux-based systems. Design and implement public/private key management and PKI (Private Key Infrastructure) for our edge devices. Perform regular security audits, risk assessments, and penetration testing to identify vulnerabilities in our code and infrastructure. This includes conducting thorough code audits from a security perspective to ensure our applications are developed with the highest security standards. Design and manage security protocols for our edge devices, ensuring robust protection against external threats. Stay abreast of the latest cybersecurity trends and threats, applying this knowledge to fortify our defenses. This includes proactive monitoring and implementing fixes for zero-day vulnerabilities to prevent exploitation. Develop and enforce security policies and procedures, conducting security awareness training across the company to cultivate a security-first culture. Collaborate with development teams to integrate security measures into the software development lifecycle (SDLC), promoting security best practices for application development to mitigate risks from the outset. Respond swiftly to any security incidents, leading the investigation and remediation efforts to minimize impact. This includes managing the resolution of security breaches and ensuring that similar vulnerabilities are addressed across all projects. Working with our partners and clients to have deep technical discussion about security posture, review and discuss the security requirements and formulate the necessary changes to the engineering team. Manage and maintain CIS compliant OS images for our Cloud infrastructure and field devices. Must possess demonstrable knowledge of application security, security testing methodologies and application security testing automation. Qualifications Degree in Computer Science, Engineering, or related field. 6+ years of software engineering or equivalent experience. Experience with one of the core (Golang, Python) programming languages, scripting and automation. Strong knowledge of encryption protocols, public/private key management and PKI (Private Key Infrastructure). Strong understanding of network security, encryption practices, and secure coding principles. Proven experience in cloud security management (AWS, Azure, GCP). Familiarity with security policies and controls for internal corporate applications (Google Workspace, GitHub, Jira). Familiarity with security compliance standards relevant to our industry. Strong skills in managing security tools and vendor relationships. Excellent ability to develop and implement security policies and guidelines. Understanding of the block chain principles is a plus. Relevant certifications in security and cloud platforms are highly desirable. Benefits and Perks There are endless learning and development opportunities from a highly diverse and talented peer group, including experts in a wide range of fields (AI, Computer Vision, Government Contracting, Systems & Device Engineering, Operations, Communications, and more!) Options for 100% company paid medical, dental, and vision coverage for employees and dependents (for US employees) Flexible Spending Account (FSA) and Dependent Care Flexible Spending Account (DCFSA) Life, AD&D, Short and Long Term Disability Insurance Aflac Critical Illness, Accident Insurance & Hospital Indemnity Insurance MetLife Legal Plan(s) & Pet Insurance Farmers GroupSelect Auto & Home Insurance 401(k) with 3% company matching Professional development reimbursement Unlimited PTO Hybrid work opportunities Daily catered lunches in our San Francisco office Hayden AI is committed to creating a diverse and inclusive environment that fosters learning from each other. We celebrate people of diverse backgrounds, experiences, abilities, and perspectives. We are an equal opportunity employer and are committed to providing a work environment free of harassment and discrimination. Hayden AI is also committed to working with and providing reasonable accommodations to individuals with disabilities. Please let your recruiter know if you need an accommodation at any point during the interview process. To all recruitment agencies: Hayden AI does not accept agency resumes. Please do not forward resumes to our jobs alias, Hayden AI employees or any other company location. Hayden AI is not responsible for any fees related to unsolicited resumes. #J-18808-Ljbffr

Senior Security Engineer, Content Engineering at Practical DevSecOps Job Type: Permanent(Full Time/Full-Time) Function: Application Security Engineer Experience Required: 5-6 years Job: We are looking for a Senior Security Engineer to help us with our content engineering team. We are a remote‑first company, so you'll work with our remote team to create great security content that delights our customers. What is the role of a Senior Security Engineer? The Senior Security Engineer job includes research and development in DevSecOps and Cloud‑Native Technologies. You'll also be helping security professionals from fortune 500, defense, and other IT security organizations with their security upskilling needs by creating advanced and hands‑on security content. For this, you need to have a strong ability to communicate with different stakeholders in the organization. If you can communicate well and work methodically as part of a team, we'd like to meet you. What you will do: Help security professionals and developers in SDLC, especially in requirements analysis, design, implementation, testing, integration, verification, and maintenance of the DevSecOps Environment. Embed security as part of CI/CD and DevOps pipelines. Build new hands‑on lessons and content Help build tools to make it easier and faster to release new content Keep existing courses, lessons, and challenges up to date Proactively look for ways to scale, streamline and improve business processes Ensure final deliverables meet the organization's quality requirements. Help professionals with their questions by being available through support forums. Perform other duties as assigned We are looking for: 5+ years of experience in application security or product security roles. Desire to work in cutting‑edge product security technologies like DevSecOps, Cloud Native Technologies, and Zero Trust networks. Good understanding of application security concepts and tools. Passion for improving the state of the AppSec and DevSecOps in the world. Experience with scripting languages (Bash, Python, Go). Ability to write detailed technical guides and create presentations. Adaptability in a fast‑paced startup environment and interest in taking on additional responsibility. Ability to work independently with minimal supervision in a remote team setup. Excellent oral and written communication skills. If that sounds like you, get in touch! We have an amazing team and working culture, and we offer: Work from home with periodic office work and travel (including our yearly retreats to exotic locations) Apple/Mac Stack (MBP/Keynote) Highly competitive compensation And much more! About Practical DevSecOps Practical DevSecOps (a Hysn Technologies Inc company) offers vendor‑neutral, practical, and hands‑on DevSecOps training and certification programs for IT Professionals. Our online training and certifications are focused on new areas of information security, including DevOps Security, Cloud‑Native Security, Cloud Security & Container security. The certifications are achieved after rigorous tests (12‑24 hour exams) of skill and are considered the most valuable in the information security field. Why Explore a Career at Practical DevSecOps At Hysn Technologies Inc, we are working on creating revolutionary security products and services. With offices located globally (San Francisco, Singapore, and India), we believe in creating simple, usable, and excellent security products that delight our customers. We are remote work‑friendly and provide significant benefits like work from home (5 days a week if you wish), medical, and career growth benefits! We look for people who know how to get stuff done, and who aren't afraid of getting their hands dirty. We want people who are hungry and humble, who take risks and thrive in fast‑paced, fluid environments. We want people who take ownership of their work, don't take themselves too seriously, and treat everyone with respect. We think it takes all kinds, all types, all ethnicities, and all genders, to make a great organization. So if you have a passion for the Information Security industry, you're comfortable working in a startup environment, and you meet the criteria above, we'd love to get to know you! Freelancers and Agencies, please excuse us. #J-18808-Ljbffr

EchoTwin AI is pioneering AI-driven infrastructure intelligence, redefining how cities are managed. Powered by a proprietary visual intelligence engine with full spatial reasoning, EchoTwin transforms municipal fleets into mobile urban sensors-creating living digital twins that provide real-time insights into infrastructure, compliance, and safety. By enabling municipalities to proactively monitor, predict, and resolve issues, EchoTwin helps build resilient, self-healing, and sustainable urban ecosystems. More than “smart cities,” EchoTwin is advancing the era of cognizant cities-urban environments with the awareness to see, think, and act on challenges in real time. What The Job Involves Our Engineering teams work at the cutting edge of technology, leveraging AWS and GCP cloud services and developing our own Linux-based edge devices. As a dynamic startup, we understand the critical importance of cybersecurity in protecting our innovative solutions and ensuring the safety of our digital environment and customer data. We're seeking a passionate Security Engineer to lead our cybersecurity initiatives and safeguard our code and infrastructure against ever-evolving threats. You will manage security for our production and corporate systems, handle security alerts, implement policies, and collaborate with external customers on security needs. Responsibilities Develop and implement comprehensive security strategies for our cloud environments (AWS and GCP) and Linux-based systems. Design and implement public/private key management and PKI (Private Key Infrastructure) for our edge devices. Perform regular security audits, risk assessments, and penetration testing to identify vulnerabilities in our code and infrastructure. This includes conducting thorough code audits from a security perspective to ensure our applications are developed with the highest security standards. Design and manage security protocols for our edge devices, ensuring robust protection against external threats. Stay abreast of the latest cybersecurity trends and threats, applying this knowledge to fortify our defenses. This includes proactive monitoring and implementing fixes for zero-day vulnerabilities to prevent exploitation. Develop and enforce security policies and procedures, conducting security awareness training across the company to cultivate a security-first culture. Collaborate with development teams to integrate security measures into the software development lifecycle (SDLC), promoting security best practices for application development to mitigate risks from the outset. Respond swiftly to security incidents, leading the investigation and remediation efforts to minimize impact. This includes resolving security breaches and ensuring that similar vulnerabilities are addressed across all projects. We work with our partners and clients to have deep technical discussions about security posture, review and discuss the security requirements, and formulate the necessary changes for the engineering team. Manage and maintain CIS-compliant OS images for our Cloud infrastructure and field devices. Must possess demonstrable knowledge of application security, security testing methodologies, and application security testing automation. Qualifications Degree in Computer Science, Engineering, or related field. 6+ years of software engineering or equivalent experience. Experience with one of the core (Golang, Python) programming languages, scripting, and automation. Strong knowledge of encryption protocols, public/private key management, and PKI (Private Key Infrastructure). Strong understanding of network security, encryption practices, and secure coding principles. Proven experience in cloud security management (AWS, Azure, GCP). Familiarity with security policies and controls for internal corporate applications (Google Workspace, GitHub, Jira). Familiarity with security compliance standards relevant to our industry. Strong skills in managing security tools and vendor relationships. Excellent ability to develop and implement security policies and guidelines. Understanding of blockchain principles is a plus. Relevant certifications in security and cloud platforms are highly desirable. Benefits and Perks There are endless learning and development opportunities from a highly diverse and talented peer group, including experts in various fields, including Computer Vision, GenAI, Digital Twin, Government Contracting, Systems and Device Engineering, Operations, Communications, and more! Options for medical, dental, and vision coverage for employees and dependents (for US employees) Flexible Spending Account (FSA) and Dependent Care Flexible Spending Account (DCFSA) 401(k) with 3% company matching Unlimited PTO Profit sharing #J-18808-Ljbffr

EchoTwin AI is pioneering AI-driven infrastructure intelligence, redefining how cities are managed. Powered by a proprietary visual intelligence engine with full spatial reasoning, EchoTwin transforms municipal fleets into mobile urban sensors-creating living digital twins that provide real-time insights into infrastructure, compliance, and safety. By enabling municipalities to proactively monitor, predict, and resolve issues, EchoTwin helps build resilient, self-healing, and sustainable urban ecosystems. More than “smart cities,” EchoTwin is advancing the era of cognizant cities-urban environments with the awareness to see, think, and act on challenges in real time. What The Job Involves Our Engineering teams work at the cutting edge of technology, leveraging AWS and GCP cloud services and developing our own Linux-based edge devices. As a dynamic startup, we understand the critical importance of cybersecurity in protecting our innovative solutions and ensuring the safety of our digital environment and customer data. We're seeking a passionate Security Engineer to lead our cybersecurity initiatives and safeguard our code and infrastructure against ever-evolving threats. You will manage security for our production and corporate systems, handle security alerts, implement policies, and collaborate with external customers on security needs. Responsibilities Develop and implement comprehensive security strategies for our cloud environments (AWS and GCP) and Linux-based systems. Design and implement public/private key management and PKI (Private Key Infrastructure) for our edge devices. Perform regular security audits, risk assessments, and penetration testing to identify vulnerabilities in our code and infrastructure. This includes conducting thorough code audits from a security perspective to ensure our applications are developed with the highest security standards. Design and manage security protocols for our edge devices, ensuring robust protection against external threats. Stay abreast of the latest cybersecurity trends and threats, applying this knowledge to fortify our defenses. This includes proactive monitoring and implementing fixes for zero-day vulnerabilities to prevent exploitation. Develop and enforce security policies and procedures, conducting security awareness training across the company to cultivate a security-first culture. Collaborate with development teams to integrate security measures into the software development lifecycle (SDLC), promoting security best practices for application development to mitigate risks from the outset. Respond swiftly to security incidents, leading the investigation and remediation efforts to minimize impact. This includes resolving security breaches and ensuring that similar vulnerabilities are addressed across all projects. We work with our partners and clients to have deep technical discussions about security posture, review and discuss the security requirements, and formulate the necessary changes for the engineering team. Manage and maintain CIS-compliant OS images for our Cloud infrastructure and field devices. Must possess demonstrable knowledge of application security, security testing methodologies, and application security testing automation. Qualifications Degree in Computer Science, Engineering, or related field. 6+ years of software engineering or equivalent experience. Experience with one of the core (Golang, Python) programming languages, scripting, and automation. Strong knowledge of encryption protocols, public/private key management, and PKI (Private Key Infrastructure). Strong understanding of network security, encryption practices, and secure coding principles. Proven experience in cloud security management (AWS, Azure, GCP). Familiarity with security policies and controls for internal corporate applications (Google Workspace, GitHub, Jira). Familiarity with security compliance standards relevant to our industry. Strong skills in managing security tools and vendor relationships. Excellent ability to develop and implement security policies and guidelines. Understanding of blockchain principles is a plus. Relevant certifications in security and cloud platforms are highly desirable. Benefits and Perks There are endless learning and development opportunities from a highly diverse and talented peer group, including experts in various fields, including Computer Vision, GenAI, Digital Twin, Government Contracting, Systems and Device Engineering, Operations, Communications, and more! Options for medical, dental, and vision coverage for employees and dependents (for US employees) Flexible Spending Account (FSA) and Dependent Care Flexible Spending Account (DCFSA) 401(k) with 3% company matching Unlimited PTO Profit sharing #J-18808-Ljbffr

A forward-thinking technology company in San Francisco seeks a skilled individual to lead their corporate security efforts. In this full-time role, you'll enhance security practices, develop innovative defense strategies, and protect the organization's operations from evolving threats. The ideal candidate has over 3 years of experience in IT security, particularly in endpoint security solutions. The company offers competitive medical, dental, and mental health benefits along with an engaging workplace culture. #J-18808-Ljbffr

An innovative tech company in San Francisco is seeking a Lead Security Engineer to architect, harden, and defend its infrastructure. In this role, you'll lead security initiatives and embed security practices into the product lifecycle. Ideal candidates have over 8 years of experience in security engineering and incident response, along with a strategic mindset to manage risks effectively. This is a unique opportunity to join a fast-paced environment that values resilience and flexibility while providing a hybrid work culture. #J-18808-Ljbffr

The Role: As the Security Engineering Lead at Airbyte, you will be the single-threaded owner of security, compliance, and privacy for the company, working in close partnership with engineering, product, legal, and leadership. This is a senior, hands-on role for someone excited to shape how security is built, embedded, and scaled in a growing company. You will have the autonomy to set direction and make risk-based decisions, along with strong cross-functional support to execute effectively. Your work will sit at the intersection of product, infrastructure, compliance, and go-to-market, with direct impact on customer trust, enterprise adoption, and Airbyte's ability to scale securely. What You'll Do: Own Airbyte's security end-to-end, spanning cloud, application, endpoint, and identity security Set security priorities and roadmaps in alignment with business goals and engineering strategy Serve as the primary security decision-maker, bringing sound judgment, context, and partnership to risk decisions and escalations Lead incident detection, investigation, and response, building clear, reliable, and repeatable processes Own and evolve Airbyte's SOC 2 Type II and ISO 27001 programs, ensuring ongoing audit readiness and operational maturity Partner with engineers to embed security into system design, architecture, and major platform initiatives Enable enterprise growth by leading customer-facing security engagements, including questionnaires, ad-hoc inquiries, and security-related contractual discussions Define and operate identity and access management, including SSO, SCIM, RBAC, and access reviews Maintain and improve Airbyte's privacy program, collaborating with Legal on privacy policies, DPAs, TIAs, and regulatory obligations Drive vulnerability management across the stack, including AWS, GCP, Kubernetes, applications, and container images Influence security culture and standards across the company as Airbyte continues to grow What You'll Need Send 3+ years of security leadership experience 5-8+ years of experience in security engineering, cybersecurity, or related roles Experience making practical, risk-based security decisions in collaboration with engineering and business partners Working knowledge of SOC 2 Type II, ISO 27001, and security governance concepts Hands-on familiarity with cloud security, Kubernetes, and modern CI/CD environments Strong communication skills, with the ability to explain security concepts to both technical and non-technical audiences Comfort balancing security, compliance, and delivery velocity in a fast-moving environment. Familiarity with privacy programs and regulations such as GDPR and CCPA Experience evaluating or applying AI-powered tools to security use cases such as detection, triage, policy analysis, or vulnerability management A mindset of curiosity, continuous learning, and shared ownership Location: Onsite 5 days/week in San Francisco, CA If you find this role exciting, we encourage you to apply even if you think you don't meet all of the requirements! Airbyte is an equal opportunity employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, national origin, dicetancy, age, physical or mental disability, pregnancy, genetic information, sex, sexual orientation, gender identity or expression, marital status, familialvendicity, domestic violence victim status, veteran or military status, or any other legally recognized protected basis under federal, state or local laws. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Airbyte is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. Please let us know if you need assistance or accommodation due to a disability. #J-18808-Ljbffr

Security is at the foundation of OpenAI's mission to ensure that artificial general intelligence benefits all of humanity. The Security team protects OpenAI's technology, people, and products. We are technical in what we build but are operational in how we do our work, and are committed to supporting all products and research at OpenAI. Our Security team tenets include: prioritizing for impact, enabling researchers, preparing for future transformative technologies, and engaging a robust security culture. About the Role We're seeking an exceptional Principal-level Offensive Security Engineer to challenge and strengthen OpenAI's security posture. This role isn't your typical red team job - it's an opportunity to engage broadly and deeply, craft innovative attack simulations, collaborate closely with defensive teams, and influence strategic security improvements across the organization. You have the chance to not only find vulnerabilities but actively drive their resolution, automate offensive techniques with cutting-edge technologies, and use your unique attacker perspective to shape our security strategy. This role will be primarily focused on continuously testing our hardware products and related services. In this role you will: Collaborate proactively with engineering teams to enhance security and mitigate risks in hardware, firmware, and software. Perform comprehensive penetration testing on our diverse suite of products. Leverage advanced automation and OpenAI technologies to optimize your offensive security work. Present insightful, actionable findings clearly and compellingly to inspire impactful change. Influence security strategy by providing attacker-driven insights into risk and threat modeling. You might thrive in this role if you have: 7+ years of hands‑on experience or exceptional accomplishments demonstrating equivalent expertise. Exceptional skill in code review, identifying novel and subtle vulnerabilities. Demonstrated mastery assessing complex technology stacks, including: Proven ability to reverse engineer bootrom images, firmware, or silicon‑level components. Deep familiarity with low‑level kernel operations, secure boot processes, and hardware‑software interactions. Hands‑on experience building and validating secure boot chains and threat models. Proficiency with hardware debugging tools (UART, JTAG, SWD, oscilloscopes, logic analyzers). Solid programming skills in C/C++, Python, or assembly for embedded systems. Industry experience securing consumer hardware (e.g., mobile devices, IoT, chipsets). Excellent written and verbal communication skills for technical and non‑technical audiences. Strong intuitive understanding of trust boundaries and risk assessment in dynamic contexts. Excellent coding skills, capable of writing robust tools and automation for offensive operations. Ability to communicate complex technical concepts effectively through compelling storytelling. Proven track record of not just finding vulnerabilities but actively contributing to solutions in complex codebases. Prior experience working in tech startups or fast‑paced technology environments. Experience in related disciplines such as Software Engineering (SWE), Detection Engineering, Site Reliability Engineering (SRE), Security Engineering, or IT Infrastructure. About OpenAI OpenAI is an AI research and deployment company dedicated to ensuring that general‑purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity. We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic. Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable law, including the San Francisco Fair Chance Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act. For unincorporated Los Angeles County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: protect computer hardware entrusted to you from theft, loss or damage; return all computer hardware in your possession (including the data contained therein) upon termination of employment or end of assignment; and maintain the confidentiality of proprietary, confidential, and non‑public information. In addition, job duties require access to secure and protected information technology systems and related data security obligations. To notify OpenAI that you believe this job posting is non‑compliant, please submit a report through this form . No response will be provided to inquiries unrelated to job posting compliance. We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made via this link. At OpenAI, we believe artificial intelligence has the potential to help people solve immense global challenges, and we want the upside of AI to be widely shared. Join us in shaping the future of technology. #J-18808-Ljbffr

CodeRabbit is an innovative research and development company focused on building extraordinarily productive human-machine collaboration systems. Our primary goal is to create the next generation of Gen AI-driven code reviewers: a symbiotic partnership between humans and advanced algorithms that significantly outperforms individual engineers. We combine language models with human ingenuity to push the boundaries of software development efficiency and quality. Role Overview: CodeRabbit is on a mission to empower developers with lean, high-performance tools-they move fast, and so do the threats. That's why we're looking for a battle-tested Lead Security Engineer who's been in the trenches and can architect, harden, and defend our infrastructure, tooling, and ecosystem. As our Lead Security Engineer, you'll lead security engineering at CodeRabbit, infusing security into every layer of our product and infrastructure. You become the steward of resilience, incident response, and proactive defense at scale. Responsibilities: Own the security roadmap - craft and execute a strategic security engineering plan that aligns with CodeRabbit's fast-paced engineering cadence. Boost resilience - champion defense-in-depth tactics: threat modeling, secure design reviews, hardening, CI/CD integration. Be Incident Commander - spearhead security incident response and recovery: triage, resolve, root cause, and turn those learnings into stronger systems. Tools & automation - build or integrate security tooling (SAST, DAST, SIEM, EDR, monitoring) into the developer workflow without slowing delivery. Embed security fluently - partner with engineering and product teams to bring secure practices early into planning and daily workflows. Talent & culture - help to hire, coach, and mentor a scrappy, resilient security engineering team; elevate security awareness across the company. Compliance & policy - establish security standards, frameworks, or processes that evolve as we scale-but remain lean and developer-friendly. Qualifications: Battle-tested experience: 8+ years in security engineering, incident response, or correlated fields-bonus if you've led through a major production breach or targeted attack. Technical depth: Extensive experience with security across software and infrastructure-threat modeling, pen testing, secure CI/CD pipelines, cloud security, incident response. Strategic mindset: Ability to translate risk into actionables, communicate trade‑offs with engineering/product leadership. Praxis over theory: You've taken production systems down (intentionally or unintentionally) and built them back stronger. Security in chaos: Experience in pressure situations-with clarity, direction, and calm. Developer‑centric approach: You can speak fluent dev-tools, empathize with fast-moving teams, and secure them without slowing them down. Bonus Points: You've implemented DevSecOps tooling and orchestrated shift‑left security in developer pipelines. You've recovered from (or prevented) a critical security event, and turned that into an engineering culture improvement. Experience in a dev‑tools, SDK, or platform-heavy company. Hacker mindset + operational discipline - pentests, disaster recovery, threat hunting, tooling, cloud environments. Certifications like CISSP, CISM, CEH, or relevant cloud security certs. Why Join Us? Defend a Developer-First Future: At CodeRabbit, you're not just protecting infrastructure-you're securing the next evolution of developer tools. Help fortify a product that's reshaping how code gets reviewed. Real Authority & Ownership: You won't be on the sidelines. As Lead Security Engineer, you'll define the security roadmap, lead critical incident responses, and gain full ownership of outcomes-from threat modeling to hardened deployment. Impact at Velocity: Join an agile, cross-functional squad of engineers, designers, and researchers. You'll move fast but not recklessly - embedding security in every release without slowing delivery. Build, Break, Rebuild Stronger: Ideal for someone battle-tested; someone who's faced breaches, recovered systems, and evolved engineering culture through adversity. Grow and Lead: We're investing in you. This role offers ongoing leadership development, mentorship opportunities, and real ownership as you eventually scale your team and operations. Compensation That Reflects Responsibility: We deliver a competitive package-salary, equity, and benefits-to match the importance and intensity of this role. Hybrid Culture That Adapts to You: We collaborate in person in the Bay Area every week, but leave room for remote heads-down focus. It's security, not surveillance. Our Values 🤝 Collaborative Humans: Prioritizing collective intelligence 🚀 Fearless Innovators: Turning obstacles into growth opportunities 💪 Persistent, Passionate Developers: Thriving on complex, long-term challenges 🎯 Impact-Driven Creators: Crafting intuitive tools for developers 🧠 Rapid Learners and Un-learners: Adapting quickly in our fast-paced technological world Apply Now - If you're excited to build tools that blend intelligent systems with world‑class software engineering, we'd love to meet you. #J-18808-Ljbffr

A leading AI research company in San Francisco is hiring a Principal Offensive Security Engineer. In this role, you will craft attack simulations and collaborate with teams to strengthen security posture across products. The ideal candidate has over 7 years of experience, exceptional programming skills, and a strong background in identifying vulnerabilities. This position offers an opportunity to influence security strategy and contribute to innovative projects in a dynamic environment. #J-18808-Ljbffr