Information security analyst jobs in San Mateo, CA - 1,147 jobs

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU. If you'd like to build the world's best AI cloud, join us. Note: This position requires presence in our San Francisco or San Jose office location 4 days per week; Lambda's designated work from home day is currently Tuesday. What You'll Do Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives Manage IT Risk Register including risk identification, tracking, and prioritization. Assist with and drive remediation of control deficiencies and gaps Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.) Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires Assist control owners with root cause analysis and track risk management action plan progress. Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings Assist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements You Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements Have experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks Have experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations Possess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives Nice to Have Experience in the machine learning or computer hardware industry Experience with Security by Design and/or Privacy by Design principles Experience with standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework (CSF), NIST 800.53, NIST 800.171, CMMC, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks. Broad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks, databases, and ERP systems Familiarity with using third‑party tools such as Audit Board, Whistic, RSA Archer, ServiceNow for third‑party risk management Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Experience in the AI infrastructure, machine learning and/or computer hardware industry Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description. About Lambda Founded in 2012, with 500+ employees, and growing fast Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In‑Q‑Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG Our values are publicly available: ************************* We offer generous cash & equity compensation Health, dental, and vision coverage for you and your dependents Wellness and commuter stipends for select roles 401k Plan with 2% company match (USA employees) Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law. #J-18808-Ljbffr

At Fluidstack, we're building the infrastructure for abundant intelligence. We partner with top AI labs, governments, and enterprises - including Mistral, Poolside, Black Forest Labs, Meta, and more - to unlock compute at the speed of light. We're working with urgency to make AGI a reality. As such, our team is highly motivated and committed to delivering world‑class infrastructure. We treat our customers' outcomes as our own, taking pride in the systems we build and the trust we earn. If you're motivated by purpose, obsessed with excellence, and ready to work very hard to accelerate the future of intelligence, join us in building what's next. About the Role The Information Security Engineer, Bare Metal will be a critical part of the infrastructure team, responsible for designing, implementing, and maintaining the security of Fluidstack's bare metal fleet. This role is highly technical and requires deep expertise in hardware, operating systems, and network security in a high-scale, high-performance environment. Key Responsibilities: Bare Metal Lifecycle Security: Own the security throughout the entire lifecycle of the bare metal fleet, from provisioning and hardening to decommission. Image Security and Hardening: Design and implement secure, hardened base operating system images (Linux) for all production and development environments, including automated vulnerability scanning and patch management. Baseboard Management Controller (BMC) Security: Define and enforce security best practices for BMCs, including access controls, credential management, logging, and firmware integrity/patching. Network Security: Collaborate with network engineering to design and implement secure network architectures, including micro‑segmentation, intrusion detection/prevention systems (IDS/IPS), and firewall policies for the bare metal environment. Storage and Data Protection: Implement strong security controls for storage systems, focusing on data‑at‑rest encryption, key management, and secure access protocols for both local and networked storage. Automation: Develop security automation and tooling (e.g., configuration management scripts) to ensure security is enforced consistently and at scale across the fleet. Security Monitoring and Incident Response: Configure and manage security monitoring for bare metal infrastructure and participate in the incident response process for critical security events. Security Review: Conduct regular security audits and threat modeling exercises for new hardware and infrastructure designs. Focus Securing and hardening base images (Linux/OS). Baseboard Management Controller (BMC) access control and firmware security. Infrastructure network segmentation and policy enforcement. Storage encryption, data integrity, and key management. About You 7+ years of experience in an Information Security or Infrastructure Engineering role, with a strong focus on bare metal, IaaS, or high‑scale cloud infrastructure. Deep practical experience with Linux operating system hardening (e.g., SELinux, AppArmor, kernel‑level security). Expert‑level knowledge of network security principles, including TCP/IP, VPNs, firewall rulesets, and zero‑trust concepts. Proven ability to implement and manage encryption technologies, including disk‑level encryption (e.g., LUKS) and hardware‑level encryption. Strong scripting and automation skills in languages such as Python, Go, or Rust, and experience with configuration management tools (e.g., Ansible, Puppet, Chef). Understanding of hardware security modules (HSMs) and trusted computing concepts (e.g., TPM/TXT). Excellent problem‑solving and communication skills, with the ability to work collaboratively across engineering teams. Nice to Haves Experience with specific BMC platforms (e.g., OpenBMC, Dell iDRAC, HPE iLO). Familiarity with compliance standards relevant to bare metal environments (e.g., SOC 2, ISO 27001, FedRAMP). Experience with hardware‑level root of trust and secure boot implementations. Relevant security certifications (e.g., CISSP, OSCP, CEH). Salary & Benefits Competitive total compensation package (salary + equity). Retirement or pension plan, in line with local norms. Health, dental, and vision insurance. Generous PTO policy, in line with local norms. The base salary range for this position is $150,000 - $250,000 per year, depending on experience, skills, qualifications, and location. This range represents our good faith estimate of the compensation for this role at the time of posting. Total compensation may also include equity in the form of stock options. We are committed to pay equity and transparency. Fluidstack is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Fluidstack will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. . #J-18808-Ljbffr

About the job Company Credit Genie is a mobile‑first financial wellness platform designed to help individuals take control of their financial future. We leverage artificial intelligence to provide personalized insights and are building a financial ecosystem by offering tools and services that provide instant access to cash and building credit. Our goal is to empower every customer to achieve long‑term financial stability. Founded in 2019 by Ed Harycki, former Swift Capital Founder (acquired by PayPal in 2017). Backed by Khosla Ventures and led by industry pioneers from companies such as PayPal, Square, and Cash App, we are well positioned to build the future of inclusive finance through cutting‑edge technology and customer‑centric solutions. Overview As Chief Information Security Officer (CISO), you will be the primary leader responsible for developing and implementing our information security strategy. You'll protect our systems, data, and customer trust by overseeing cybersecurity operations, ensuring compliance with regulatory standards, and mitigating risks in a dynamic fintech environment. This role demands a visionary leader with deep expertise in cybersecurity, preferably in fintech, and a passion for securing innovative financial products. What You'll Do Develop and execute a comprehensive cybersecurity strategy to protect our platform, customer data, and intellectual property. Ensure compliance with fintech and data privacy regulations, including GDPR, CCPA, PCI‑DSS, and other relevant standards. Oversee the design, implementation, and monitoring of security controls for payment processing, lending platforms, and other financial products. Lead incident response, including managing and mitigating cybersecurity breaches, vulnerabilities, and regulatory inquiries. Collaborate with product, engineering, and compliance teams to embed security‑by‑design principles into new features and services. Build and maintain a robust security framework for credit and lending operations, ensuring protection against fraud and data breaches. Conduct risk assessments and implement mitigation strategies for emerging threats in the fintech landscape. Manage relationships with external security vendors, auditors, and regulatory bodies. Develop and lead a high‑performing security team, fostering a culture of proactive risk management. Support international expansion by aligning security practices with global data protection and financial regulations. Stay ahead of cybersecurity trends, advising the executive team on evolving threats and technologies. Qualifications Who You Are Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or a related field. 10+ years of progressive experience in cybersecurity, with at least 5 years in a senior leadership role at a fintech or high‑growth tech company. Deep expertise in securing credit and lending platforms, preferably in the fintech industry, with knowledge of fraud prevention, secure payment processing, and regulatory compliance (e.g., Truth in Lending Act, Fair Credit Reporting Act). Proven track record in designing and implementing security architectures for cloud‑based systems, APIs, and financial applications. Strong understanding of data privacy, encryption, and consumer protection laws in a fintech context. Experience leading incident response, penetration testing, and vulnerability management programs. Exceptional communication skills, with the ability to explain complex security concepts to non‑technical stakeholders, from engineers to board members. Strategic mindset with the ability to balance security rigor with business innovation in a fast‑paced startup environment. Nice to have Experience at a fintech company with exposure to payment processing, lending, or brokerage platforms. Familiarity with SOC 2, ISO 27001, or other cybersecurity certifications and frameworks. Knowledge of international cybersecurity regulations to support global operations. Experience building and scaling security teams in high‑growth environments. Compensation Benefits And Perks 100% company‑paid medical, dental, and vision coverage for you and your dependents on your first day of employment. Monthly fitness reimbursement up to $100 or a full membership to LifeTime Fitness. 401(k) with a 2.5% match and immediate vesting. Meal program for breakfast, lunch, and dinner. Life and accidental insurance. Flexible PTO. We know how to fine‑tune corporate security because we've led effective and efficient Fortune 500‑level security programs. The SEC helps businesses find the best balance of risk mitigation, cost and innovation. #J-18808-Ljbffr

A technology company in San Francisco is seeking a candidate to integrate critical controls in their application. This role requires strong technical architecture skills, the ability to work cross-functionally, and a privacy-minded approach. Ideal candidates will have experience in security, fraud, or mobile development. Competitive salary and benefits are offered, ranging from $276,500 to $310,000. #J-18808-Ljbffr

is a technology company. We believe the camera presents the greatest opportunity to improve the way people live and communicate. Snap contributes to human progress by empowering people to express themselves, live in the moment, learn about the world, and have fun together. The Company's three core products are , a visual messaging app that enhances your relationships with friends, family, and the world; , an augmented reality platform that powers AR across Snapchat and other services; and its AR glasses, .teams build fun and technically sophisticated products that reach hundreds of millions of Snapchatters around the world, every day. We're deeply committed to the well-being of everyone in our global community, which is why are at the root of everything we do. We move fast, with precision, and always execute with privacy at the forefront.Snap Inc. is seeking a Security Engineer to join our Spam & Abuse team!What you'll do:* Architect and lead the development of scalable, innovative solutions to detect and mitigate spam & abuse threats, leveraging state-of-the-art technologies and methodologies.* Drive cross-functional initiatives by collaborating with engineering, product management, and operations teams to create robust, proactive defenses against spam, abuse, and account takeover.* Take ownership of high-impact, complex projects, from inception to deployment, ensuring alignment with Snap's technical and business objectives.* Lead incident response efforts for spam and abuse-related security events, establishing processes for continuous improvement.* Mentor and provide technical leadership to engineers across teams, fostering a culture of learning and growth.* Define and drive the technical strategy and roadmap for spam and abuse detection and prevention systems.Knowledge, Skills & Abilities:* Demonstrated leadership and impact in combating spam, abuse, or related security domains.* Expertise in software engineering, with proficiency in programming languages such as Golang and Python.* Strong background in big data technologies, such as BigQuery.* Proven ability to lead and execute large-scale technical initiatives across multiple teams.* Excellent cross-team collaboration, communication, and stakeholder management skills.* Deep understanding of user privacy, security, and ethical considerations in the context of abuse prevention.Minimum Qualifications:* Bachelor's degree in Computer Science, Engineering, Information Systems, or equivalent experience.* 6+ years of post-Bachelor's software development experience; or Master's degree in a technical field + 5+ year of post-grad software development experience; or PhD in a relevant technical field +2+ years of post-grad software development experience* Extensive experience designing and deploying production-quality software solutions at scale.* Proven track record in leading the development of systems to detect and mitigate spam, abuse, or other forms of malicious behavior.Preferred Qualifications:* Proven leadership in designing and deploying scalable systems for security operations, with measurable impact on organizational security goals.* Experience driving organizational change by developing and evangelizing new frameworks or processes for combating emerging threats.* Strong strategic thinking, with a demonstrated ability to define technical roadmaps and lead multi-team initiatives.* Experience collaborating with executive leadership to align technical solutions with business priorities and risk management strategies.* A track record of mentoring senior engineers, fostering a culture of technical excellence and innovation.If you have a disability or special need that requires accommodation, please don't be shy and provide us some ."Default Together" Policy at Snap: At Snap Inc. we believe that being together in person helps us build our culture faster, reinforce our values, and serve our community, customers and partners better through dynamic collaboration. To reflect this, we practice a “default together” approach and expect our team members to work in an office 4+ days per week. At Snap, we believe that having a team of diverse backgrounds and voices working together will enable us to create innovative products that improve the way people live and communicate. Snap is proud to be an equal opportunity employer, and committed to providing employment opportunities regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, pregnancy, childbirth and breastfeeding, age, sexual orientation, military or veteran status, or any other protected classification, in accordance with applicable federal, state, and local laws. EOE, including disability/vets.We are an Equal Opportunity Employer and will consider qualified applicants with criminal histories in a manner consistent with applicable law (by example, the requirements of the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, where applicable).: Snap Inc. is its own community, so we've got your back! We do our best to make sure you and your loved ones have everything you need to be happy and healthy, on your own terms. Our benefits are built around your needs and include paid parental leave, comprehensive medical coverage, emotional and mental health support programs, and compensation packages that let you share in Snap's long-term success!CompensationIn the United States, work locations are assigned a pay zone which determines the salary range for the position. The successful candidate's starting pay will be determined based on job-related skills, experience, qualifications, work location, and market conditions. The starting pay may be negotiable within the salary range for the position.These pay zones may be modified in the future.:The base salary range for this position is $209,000-$313,000 annually.:The base salary range for this position is $199,000-$297,000 annually.:The base salary range for this position is $178,000-$266,000 annually.This position is eligible for equity in the form of RSUs. #J-18808-Ljbffr

Meta's Product Security team is responsible for finding, mitigating, and preventing security flaws across Meta's family of products, including Facebook, Messenger, Instagram, and WhatsApp. We are looking for a Security Engineer to join GenAI Product Security team to secure Meta AI products and product integrations. Work directly with Meta Superintelligence Labs and other product groups to set secure design standards and build technology to scale and implement protections for novel and evolving agentic security risks. Security Engineer, GenAI Responsibilities Influence and align the organization's vision and strategy, while engaging our teams to develop and deliver specific, multi-year roadmaps, programs, and projects. Ensure prioritization, resourcing, and timely delivery of this work within a changing business environment Design and implement novel security solutions to protect against AI risks such as prompt injections where no industry standard exists Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities Bug Bounty: help provide technical guidance to our world class bug bounty program and independent security researchers Industry Impact: push the industry forward through conference talks and open source projects to contribute broadly to security for the world Minimum Qualifications B.S. or M.S. Computer Science, Engineering, or related technical discipline, or equivalent experience 10+ years experience dealing with security issues web programming languages, development practices, and common bug patterns Experience developing and delivering information on program status for senior leadership Experience leading and managing complex cross‑functional programs Experience with exploiting common security vulnerabilities Preferred Qualifications Experience contributing to the security community (public research, blogging, presentations, etc.) Experience writing software that enables security processes For those who live in or expect to work from California if hired for this position, please clickherefor additional information. About Meta Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today-beyond the constraints of screens, the limits of distance, and even the rules of physics. $213,000/year to $293,000/year + bonus + equity + benefits Individual compensation is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base hourly rate, monthly rate, or annual salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base compensation, Meta offers benefits. Learn more about benefits at Meta. Equal Employment Opportunity Meta is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity noticehere. Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, fill out the Accommodations request form. #J-18808-Ljbffr

At Skild AI, we are building the world's first general purpose robotic intelligence that is robust and adapts to unseen scenarios without failing. We believe massive scale through data-driven machine learning is the key to unlocking these capabilities for the widespread deployment of robots within society. Our team consists of individuals with varying levels of experience and backgrounds, from new graduates to domain experts. Relevant industry experience is important, but ultimately less so than your demonstrated abilities and attitude. We are looking for passionate individuals who are eager to explore uncharted waters and contribute to our innovative projects. Position Overview We are seeking a proficient Embedded Security Engineer to join our team and contribute to the protection of our models deployed on robotic hardware. You will be responsible for conducting comprehensive threat modeling and security assessments, as well as supporting our engineering teams in adhering to established security standards and requirements. This role involves both software engineering techniques and deep learning methods to encode/encrypt trained models. A blend of technical acumen and collaborative skills is essential, as you will develop solutions to identified risks, write test cases for security controls, and actively participate in offensive security assessments. Responsibilities Conduct detailed threat modeling and security assessments of critical assets. Regularly update threat models to reflect evolving threats and changes in the business environment. Identify and explore vulnerabilities in critical software components used across our environment. Create and implement technical solutions to mitigate identified risks, and maintain test cases to ensure the effectiveness and resilience of the solutions. Collaborate with engineering teams to ensure compliance with defined security standards and requirements. Provide support in the implementation of security measures. Lead penetration tests and red team exercises. Preferred Qualifications BS, MS or higher degree in Computer Science, Robotics, Engineering or a related field, or equivalent practical experience. Proficiency developing higher-level languages (e.g., PHP, Python, C++, or Java). Experience with deep learning software, frameworks, and APIs (e.g., PyTorch, etc.). Experience with enterprise security. Proven experience in threat modeling, security assessments, and penetration testing. Strong understanding of cybersecurity principles, frameworks, and standards. Understanding and experience with securing transfer and storage of deep neural network models. Base Salary Range$100,000-$300,000 USD #J-18808-Ljbffr

Perplexity is seeking a highly experienced and hands-on Cloud Security Engineer to join our dynamic security team, revolutionizing the way people search and interact with the internet. In this role, you'll lead efforts to build and maintain secure, scalable infrastructure that empowers engineers to innovate quickly and safely. Responsibilities Partner with infrastructure and engineering teams to embed security into development workflows and promote secure-by-default patterns Build Terraform modules with built-in security guardrails, such as logging, encryption, and automated threat detection enablement Deploy cloud-native detection capabilities using AWS GuardDuty, Security Hub, and custom detection rules to identify credential compromise, crypto-mining, and lateral movement Maintain SOC 2 Type II and ISO 27001 compliance through automated collection of cloud control evidence Conduct security audits of cloud resource configurations using tools like AWS Config and Open Policy Agent, and remediate deviations from CIS Benchmarks and our internal security policies Secure CI/CD and supply chain pipelines by implementing controls such as artifact signing, secret scanning, and dependency monitoring Apply zero trust principles through strict network segmentation, authentication, and authorization across our cloud environments Participate in the security on-call rotation and respond to security alerts and incidents to ensure rapid mitigation and root cause analysis Qualifications 4+ years of experience in Cloud Infrastructure, Platform Engineering, or similar roles Proven track record of building and scaling infrastructure at high-growth technology companies Deep understanding of cloud-native architectures, microservices, and distributed systems Experience securing CI/CD pipelines, deployment automation, and internal tooling Strong programming skills in Python, Go, or similar languages Bonus: Experience with AI/ML infrastructure and multi-cloud environments The cash compensation range for this role is $200,000 - $280,000. At Perplexity, we've experienced tremendous growth and adoption since publicly launching the world's first fully functional conversational answer engine in 2022. We've grown from answering 2.5 million questions per day at the start of 2024 to around 20 million daily queries in December 2024. We also offer Perplexity Enterprise Pro, which counts leading companies like Nvidia, the Cleveland Cavaliers, Bridgewater, and Zoom as customers. To support our rapid expansion, we've raised significant funding from some of the most respected technology investors. Our investor base includes IVP, NEA, Jeff Bezos, NVIDIA, Databricks, Bessemer Venture Partners, Elad Gil, Nat Friedman, Daniel Gross, Naval Ravikant, Tobi Lutke, and many other visionary individuals. In 2024, our employee base grew nearly 300%, and we're just getting started. Final offer amounts are determined by multiple factors, including, experience and expertise, and may vary from the amounts listed above. Equity: In addition to the base salary, equity may be part of the total compensation package. Benefits: Comprehensive health, dental, and vision insurance for you and your dependents. Includes a 401(k) pla #J-18808-Ljbffr

A blockchain technology company is seeking a Software Engineer in San Francisco to design and build core infrastructure. Responsibilities include developing secure distributed systems and collaborating with teams to enhance blockchain accessibility. The role offers competitive compensation, autonomy in work, and opportunities for international candidates with visa sponsorship. A minimum salary range of $150,000 - $190,000 is provided. #J-18808-Ljbffr

A tech company in San Francisco is seeking a Lead Security Engineer to enhance its security posture across various environments. The ideal candidate will have over 5 years of experience in security roles and expertise in cloud security, IAM, and secure systems design. Responsibilities include implementing scalable security controls and collaborating with cross-functional teams. The base pay range for this position is $220,000 - $330,000 USD. #J-18808-Ljbffr

Our mission is to modernize the payments infrastructure for trucking and logistics. We're building Stripe for Transportation, centering our customers in every way and offering them world-class customer experience. We have a strong founding team with backgrounds in payments, autonomous vehicles, and leading technology companies. We've raised $125 million+ from investors and have been named to Forbes' annual Next Billion-Dollar Startup List. Job Description AtoB is looking to hire a dedicated Application Security Engineer to join our small security team. You'll work cross-functionally with backend, frontend, DevOps, product, and compliance teams to push security forward in every part of our stack. Responsibilities Design and implement security tooling, automation, and processes to support secure development, deployment, and operations Perform threat modeling, design reviews, and security assessments (API, web, mobile, microservices) Conduct secure code reviews, dynamic and static application security testing, and penetration testing Work closely with engineering teams to remediate identified security issues and embed secure practices in SDLC Investigate and respond to application-level security incidents or suspicious behavior Help define and enforce security standards, policies, and best practices across the engineering organization Maintain and improve application security infrastructure Stay abreast of new threats, vulnerabilities, and relevant industry practices and share knowledge Requirements 4+ years of experience securing web and/or API-based applications in a production setting Hands-on experience with static analysis (SAST), dynamic analysis (DAST), interactive application security testing (IAST) or similar tools Experience performing manual code reviews in languages like Java, Python, Go, JavaScript/TypeScript Understanding of common web / API vulnerabilities (OWASP Top 10, API abuses, SSRF, injection, XSS, deserialization, etc.) Familiarity with authentication & authorization mechanisms (OAuth2/OIDC, JWT, session management, RBAC, etc.) Experience integrating security into a CI/CD pipeline (GitHub Actions, GitLab CI, Jenkins, CircleCI, etc.) Working knowledge of cloud platforms (AWS, GCP, Azure) and container/orchestration (Docker, Kubernetes) Strong problem-solving skills, ability to operate in ambiguity and drive security outcomes in fast-moving teams Excellent communication skills Compensation Range: $180K - $200K We are an equal opportunities employer and welcome applications from all qualified candidates. #J-18808-Ljbffr

A leading data protection firm is seeking a Machine Learning Engineer to develop GenAI architectures and secure AI workflows. Ideal candidates should hold a PhD or MS in Computer Science and possess 2+ years of relevant experience. Key responsibilities include developing and testing machine learning models, conducting experiments, and collaborating within a team. The role offers competitive compensation along with benefits including health, PTO, and 401K options. #J-18808-Ljbffr

Why Harvey At Harvey, we're transforming how legal and professional services operate - not incrementally, but end-to-end. By combining frontier agentic AI, an enterprise-grade platform, and deep domain expertise, we're reshaping how critical knowledge work gets done for decades to come. This is a rare chance to help build a generational company at a true inflection point. With 700+ customers in 58+ countries, strong product-market fit, and world-class investor support, we're scaling fast and defining a new category in real time. The work is ambitious, the bar is high, and the opportunity for growth - personal, professional, and financial - is unmatched. Our team is sharp, motivated, and deeply committed to the mission. We move fast, operate with intensity, and take real ownership of the problems we tackle - from early thinking to long-term outcomes. We stay close to our customers - from leadership to engineers - and work together to solve real problems with urgency and care. If you thrive in ambiguity, push for excellence, and want to help shape the future of work alongside others who raise the bar, we invite you to build with us. At Harvey, the future of professional services is being written today - and we're just getting started. Role Overview Some of the world's largest companies and their law firms use Harvey's AI capabilities to deliver world-class client services at unprecedented scale and efficiency. Harvey allows high-performing professionals to gain deep domain knowledge faster, understand the big picture, and tackle more complex challenges in less time. Security is at the heart of what we do. Our customers trust us with their most sensitive data, and we take that responsibility seriously. As part of our team, you'll help us maintain a secure, trustworthy, and compliant platform-an essential foundation for everything we build. As an Infrastructure Security Engineer, you'll design and build secure‑by‑default infrastructure that product teams can rely on. This includes designing and implementing processes and technologies for least privilege, isolating different components, managing attack surface, and implementing layers of tenant isolation on our multi‑tenant SaaS offering. You'll also create frameworks and repeatable patterns that enable our research and engineering teams to move quickly and independently-without sacrificing security. Our security program at Harvey is driven by our collective offensive security experience: breaking into systems at other companies (in white‑hat capacities), responding to real security incidents, and learning from other companies' data breaches. We regularly conduct penetration tests and red team exercises. At the same time, we are all software engineers-contributing code daily and approaching security with an engineering‑first mindset. What You'll Do Incorporate secure design principles into our cloud architecture. Develop isolation mechanisms (e.g. sandboxing) in collaboration with our product engineering team Review security‑critical configuration changes and act as Codeowner for security‑critical parts of our cloud configurations (everything is IaC) Audit our existing cloud environment for vulnerabilities Develop policies and procedures for the secure creation and operation of our cloud environments What You Have 5+ years experience in Security Engineering, Software Engineering, or Site Reliability Engineering roles Demonstrated experience writing high‑quality software and building production‑grade infrastructure and raising the quality bar of engineering teams Strong fundamentals in networking, operating systems, and cryptographic protocols In‑depth knowledge of Kubernetes, common misconfigurations, and privilege escalation vectors Demonstrated ability to find weaknesses (e.g. privilege escalation) in real‑world cloud environments Experience applying security best practices in cloud environments (AWS, Azure, or Google Cloud) (No experience with generative AI or legal required) Bonus Familiarity with large‑scale Infrastructure as Code (IaC) deployments Familiarity with Kubernetes Admission Controllers and policy enforcement Exposure to multi‑cloud environments Compensation Range $201,000 - $260,000 USD Please find our CA applicant privacy notice here. #LI-KV1 Harvey is an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law. We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made by emailing accommodations@harvey.ai #J-18808-Ljbffr

About Radiant Security We're a SF Bay Area Cyber AI startup. Our vision is simple: enable all security teams to perform security operations with the efficiency and effectiveness needed to prevent breaches . We're a small team of researchers and engineers with a deep focus in cyber and AI. Our product automates the triage for any security alert leveraging deep research, big data and dozens of AI Agents. Join us and boost your career with hands‑on AI experience. The Role As an AI Security Context Engineer, you'll sit at the intersection of cybersecurity expertise and applied AI. Your mission is to translate deep security understanding into actionable context that teaches Radiant's AI agents how to think, reason, and triage real‑world security investigations. You'll partner closely with our AI research, engineering, and product teams to define how modern attacks should be interpreted, how alerts should be enriched, and how investigations should unfold across dozens of agentic steps. The work you do directly shapes the quality and accuracy of Radiant's autonomous investigations - this is one of the most critical roles in the company and central to our core value proposition. This is a rare opportunity to bring your SOC and detection experience into an AI‑forward environment, contribute to the next evolution of security automation, and build systems used by teams around the world. What problems will you be working on? Turning complex security signals (SIEM, EDR, IPS, cloud security logs, etc.) into high‑quality AI reasoning that powers fully automated investigations Translating attacker behaviors and TTPs into teachable patterns for AI agents to detect, correlate, and triage threats Defining the logic behind multi‑step agentic investigation workflows - which signals the AI should examine/compare, why, and how it should decide next steps Closing context gaps that break investigations, improving outcomes by shaping the “security intuition” of the model Stress‑testing AI reasoning end‑to‑end to ensure it mirrors how top SOC analysts think when handling real incidents What you'll do Shape how Radiant's AI agents think: translating real SOC workflows, attacker behaviors, and detection patterns into the reasoning that drives automated investigations Design and refine multi‑step investigation logic, curating which signals matter, how alerts should be enriched, and how AI agents decide next steps Evaluate and improve AI decision‑making and stress‑testing agentic workflows to ensure they replicate how top analysts actually investigate potential incidents Work with a modern, cloud‑native AI stack and have direct impact on one of the most critical components of Radiant's platform Develop a stronger understanding of agentic AI and how it is leveraged for detection and analysis Things we're looking for An undergraduate degree in computer science Experience as a security analyst in an operational capacity Having previously worked for security product companies (startups are a plus) A working knowledge of adversarial TTPs, malware infrastructure, and the malware economy Have previously worked hands‑on with a variety of security detection technologies that are part of a robust security program (SEIM, IPS, WAF, EDR) Past, relevant experience with cloud security technologies A track record of providing security subject matter expertise and guidance to people who are not security experts Benefits Generous equity package Unlimited PTO (take time when you need it) Top‑of‑market salary Great healthcare The process We're a startup and we're making decision quickly. Our process is designed to give you the best glimpse of our team and allow us to evaluate your technical and culture fit. Step 1: Executive interview + Technical interview Step 2: Virtual On Site: Technical and Leadership interviews #J-18808-Ljbffr

A cloud infrastructure company is seeking a Senior Cloud Security Engineer to enhance security measures while enabling secure growth. Your role includes designing scalable security controls and integrating security best practices in various workflows. The ideal candidate has over 8 years of experience, a strong background in AWS/GCP, and skills in Terraform and Kubernetes. This position offers competitive compensation and flexible time off. #J-18808-Ljbffr

A leading IT solutions provider in California is seeking a Cybersecurity Engineer to safeguard enterprise IT infrastructure, applications, and data. This role demands experience in cybersecurity operations and requires expertise in network and endpoint security, firewalls, and incident response. Candidates should be eager to learn and adapt in the fast-evolving cybersecurity landscape, with opportunities for mentorship and professional growth. #J-18808-Ljbffr

A leading firm in interior design and construction is seeking an experienced Information Security Engineer to enhance cybersecurity operations and support incident management. The ideal candidate has over 5 years in cybersecurity with expertise in network and endpoint security, complemented by strong analytical skills. This role offers a competitive salary, flexible work environment, and career development opportunities. #J-18808-Ljbffr

A leading data intelligence platform located in San Francisco is seeking a Senior Security Engineer to lead security initiatives and projects within the company. The ideal candidate should have over 6 years of experience in security engineering with a strong work ethic and ability to build scalable systems. You'll evangelize security practices, oversee full-stack security projects, and ensure compliance with industry standards. Competitive equity and comprehensive benefits will be offered, including health insurance and unlimited PTO. #J-18808-Ljbffr

Title of Role: Security Engineer Company Stage of Funding: Hyper-Growth, Highly Profitable Private Company Office Type: On-site, Full-Time Salary: Competitive (based on experience) + Equity Company Description We're representing one of the fastest-growing companies in the world, scaling from $1M to $500M in revenue run rate in just 17 months - with accelerating growth rates month over month. The company develops AI-powered systems trusted by the top 5 global AI labs, enabling faster and more accurate performance prediction in hiring and evaluation. With a lean and profitable team, they're scaling rapidly and looking for engineers eager to take ownership of security in a high-impact environment. Responsibilities Design and implement security controls across infrastructure, applications, and networks. Monitor for vulnerabilities, threats, and suspicious activity. Conduct penetration tests, vulnerability assessments, and incident response. Embed security practices into CI/CD pipelines and developer workflows. Ensure compliance with frameworks (SOC 2, ISO 27001, GDPR). Partner with engineers to make security a first-class part of system design. Research and respond proactively to emerging threats. Ideal Background Strong knowledge of security principles, tools, and best practices. Experience with SIEMs, IDS/IPS, firewalls, and vulnerability scanning. Familiarity with cloud security (AWS, GCP, or Azure). Solid understanding of encryption, authentication, and authorization systems. Track record of securing distributed, high-scale environments. Excellent collaboration and communication skills. Ability to balance security rigor with speed in a hyper-growth environment. Why Join Impact: Own the security function that powers critical infrastructure for the world's leading AI labs. Learning: Gain early exposure to frontier AI systems and emerging risks. Growth: Take on both infrastructure and research-adjacent projects with fast paths to ownership. Compensation and Benefits Salary: Highly competitive (commensurate with experience) Equity: Generous early-stage equity package Work Setup: On-site in San Francisco Other Benefits: Direct ownership of security architecture and practices Chance to shape security culture in a hyper-growth engineering environment Work alongside senior engineers at the intersection of AI and infrastructure This role is perfect for security engineers who want to build practical, scalable defenses in high-growth environments - balancing rigor with speed while safeguarding mission-critical AI infrastructure. Salary Range: $130,000-$500,000 base. https://www.recruitingfromscratch.com/ #J-18808-Ljbffr