Information security analyst jobs in South San Francisco, CA - 544 jobs

Heartflow is a medical technology company advancing the diagnosis and management of coronary artery disease, the #1 cause of death worldwide, using cutting‑edge technology. The flagship product-an AI‑driven, non‑invasive cardiac test supported by the ACC/AHA Chest Pain Guidelines called the Heartflow FFRCTAnalysis-provides a color‑coded, 3D model of a patient's coronary arteries indicating the impact blockages have on blood flow to the heart. Heartflow is the first AI‑driven non‑invasive integrated heart care solution across the CCTA pathway that helps clinicians identify stenoses in the coronary arteries (RoadMap™Analysis), assess coronary blood flow (FFRCTAnalysis), and characterise and quantify coronary atherosclerosis (Plaque Analysis). Our pipeline of products is growing and so is our team; join us in helping to revolutionise precision heart‑care. Heartflow is a publicly traded company (HTFL) that has received international recognition for exceptional strides in healthcare innovation, is supported by medical societies around the world, cleared for use in the US, UK, Europe, Japan and Canada, and has been used for more than 500,000 patients worldwide. Overview The Heartflow Information Security team is responsible for security across our corporate and product environments, protecting our patient data and medical device ecosystem. We are looking for an investigator that loves the challenge of analysing complex security telemetry to uncover hidden threats and ensure a resilient defence for our corporate and product environments. The initial focus will be on triaging advanced security events and participating in our security incident response process. Analytical work will span our corporate, clinical and cloud infrastructure and will include threat hunting and the refinement of high‑fidelity detection logic. What You'll Do Perform in‑depth analysis of security events, logs, and network traffic using SIEM, EDR, and other security tools to rapidly identify, contain, and remediate complex threats. Collaborate in developing and implementing custom correlation rules, dashboards, and alerts to enhance detection capabilities. Drive threat hunts to find “quiet” persistent threats within our clinical and corporate environments. Participate in continuous refinement of incident response playbooks, operational procedures, and security standards. Perform security reviews of third‑party vendors to identify risks and ensure they meet company standards. What You Bring Education - BS in Computer Science or a related technical degree. No degree? No problem-if you have the equivalent experience and certifications, we want to hear from you. Experience - At least 2 years in the trenches of a SOC or Incident Response team. However, if you haven't held a formal “Security” title but have at least 2 years on an IT Operations team, we value deep technical expertise in operating systems and networking if you can show us your passion for security. You're comfortable navigating security platforms like SIEMs, EDR tools (CrowdStrike or similar), and Email Security platforms. Strong problem‑solving skills with the ability to troubleshoot security issues across networks, operating systems, and applications. Possess a solid understanding of log correlation and how to write logic for security alerts. Deep understanding of at least one of the operating system internals (Windows, Linux, or mac OS). Ability to analyse process trees. Able to analyse network flows and packet data to find hidden threats. You know your way around network tools and can spot anomalies across different types of environments. What Helps You Stand Out Certifications: SANS GIAC (GCIH, GCIA), CompTIA (Security+, CySA+), EC‑Council (C|SA) or equivalent. Proven ability to take initiative- track record of identifying problems and developing solutions independently. Excellent written and verbal communication skills, with the ability to clearly articulate complex technical issues and remediation plans to both technical and non‑technical audiences. You are a continuous learner who stays curious about the latest attack trends and loves figuring out how to stop them. A reasonable estimate of the base salary compensation range is $75,000 to $100,000 per year, and bonus. #LI-IB1 Heartflow is an Equal Opportunity Employer. We are committed to a work environment that supports, inspires, and respects all individuals and do not discriminate against any employee or applicant because of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law. This policy applies to every aspect of employment at Heartflow, including recruitment, hiring, training, relocation, promotion, and termination. Positions posted for Heartflow are not intended for or open to third‑party recruiters / agencies. Submission of any unsolicited resumes for these positions will be considered to be free referrals. Heartflow has become aware of a fraud where unknown entities are posing as Heartflow recruiters in an attempt to obtain personal information from individuals as part of our application or job offer process. Before providing any personal information to outside parties, please verify the following: A) All legitimate Heartflow recruiter email addresses end with “@heartflow.com” and B) The position described is found on our careers site at ********************************* #J-18808-Ljbffr

At Pave, we're building the industry's leading compensation platform, combining the world's largest real-time compensation dataset with deep expertise in AI and machine learning. Our platform is perfecting the art and science of pay to give 8,500+ companies unparalleled confidence in every compensation decision. Top tier companies like OpenAI, McDonald's, Instacart, Atlassian, Synopsys, Stripe, Databricks, and Waymo use Pave, transforming every pay decision into a competitive advantage. $190+ billion in total compensation spend is managed in our workflows, and 58% of Forbes AI 50 use Pave to benchmark compensation. The future of pay is real-time & predictive, and we're making it happen right now. We've raised $160M in funding from leading investors like Andreessen Horowitz, Index Ventures, Y Combinator, Bessemer Venture Partners, and Craft Ventures. Research & Design Org Pave's R&D pillar includes our data science, engineering, information technology, product design, product management, and security teams. This organization builds, maintains, and secures a platform used by more than 8,500+ client organizations. Our engineering team moves between ideation, scoping, and execution in a matter of days while closely iterating with cross-functional partners on requirements. At Pave, we use TypeScript, Node.js, and React, hosted on GCP. Compensation strategy is broken down into 3 pillars - compensation bands, planning workflows, and total rewards communication. We build products that make these processes seamless for customers. Over the next year, our roadmap is focused on enhancing the entire compensation lifecycle: from philosophy definition to market trend analysis, band adjustments, merit cycles, and employee communication. We're seeking passionate engineers who are excited about building robust, data-rich systems that simplify complex compensation processes at scale. Security Team @ Pave Security is part of everything we do at Pave. With amazing growth comes amazing engineering and security challenges. This is an opportunity to have a huge impact and run programs at a company that doesn't need to be convinced why security is important. Our customers count on us to secure some of their most sensitive data, and that trust is central to Pave. It's the only way we can unlock a labor market built on trust, and change the world of compensation. What You'll Bring 5+ years of application security experience as part of a blue team Expert knowledge of OWASP Top 10 and application security Security design review experience Experience in running bug bounty programs and pentesting Outstanding communication and partnership skills with software engineers Ideally, experience in Google Cloud Security best practices Compensation Salary is just one component of Pave's total compensation package for employees. Your total rewards package at Pave will include equity, top-notch medical, dental, and vision coverage, an unlimited PTO policy, and many other region-specific benefits. Your level is based on our assessment of your interview performance and experience, which you can always ask the hiring manager about to understand in more detail. The targeted cash compensation for this position is (level depends on experience and performance in the interview process): $205,700 - $278,300 Life @ Pave Since being founded in 2019, Pave has established a robust global footprint. Headquartered in San Francisco's Financial District, we operate strategic regional hubs across New York City's Flatiron District, Salt Lake City, and the United Kingdom. We cultivate a vibrant, collaborative workplace culture through our hybrid model, bringing teams together in-person on Mondays, Tuesdays, Thursdays, and Fridays to foster innovation and strengthen professional relationships. Benefits @ Pave At Pave, career advancement drives everything-roles expand, responsibilities deepen, and compensation rises alongside your professional growth. What we provide Complete Health Coverage: Comprehensive Medical, Dental and Vision coverage for you and your family, with plenty of options to suit your needs Time off & Flexibility: Flexible PTO and the ability to work from anywhere in the world for a month Meals & Snacks: Lunch & dinner stipends as well as fully stocked kitchens to fuel you Professional Development: Quarterly education stipend to continuously grow Family Support: Robust parental leave to bond with your new family Commuter Assistance: A commuter stipend to help you collaborate in person Vision Our vision is to unlock a labor market built on trust Mission Our team's mission is to build confidence in every compensation decision Are you ready to help our customers make smarter, more effective compensation decisions? Pave is an Equal Opportunity Employer. We value diversity and are committed to creating an inclusive environment for all employees. Contact If you're interested in future opportunities at Pave, you can inquire about roles or create a Job Alert through our channels. #J-18808-Ljbffr

Swiftly is on a mission to help cities move more efficiently. We are the leading transit data platform for agencies to share real‑time passenger information, manage day‑to‑day operations, and improve service performance. Today, over 180 transit agencies in 12 countries - including LA Metro, MARTA, SEPTA, and MBTA - rely on Swiftly to improve on‑time performance by up to 40% and increase passenger information accuracy by up to 50%. The result is better service reliability, increased ridership, and more efficient transit operations. Even though Swiftly's HQ office is located in San Francisco, CA, we are open to candidates in most locations across the U.S. as well as Ontario and British Columbia, Canada. At this time we are unable to provide Visa sponsorship. Engineering at Swiftly Engineering at Swiftly is not only about writing code - we believe in creating empowered product teams that work together to conceptualize new features and bring them to life. Each team aims to strike a balance between delivering incremental improvements, creating prototypes to test new ideas and mitigate risks, and building scalable software using industry best practices. We're guided by a mission to positively impact transit riders, and we embrace humility and intentionality in how we make technical decisions so that we best meet our customers' needs. About the Role We're looking for a Lead Security Engineer to join our Platform team and mature Swiftly's security posture. We believe excellent security isn't just about tools and controls; it's about empowering product, infrastructure, and corporate IT teams across our organization to make secure decisions every day. In this role, you'll partner closely with engineering, product, and go‑to‑market teams to design secure solutions, build DevSecOps tooling, and drive our compliance roadmap. You'll balance strategic initiatives with hands‑on work in our cloud‑native environment. We're looking for someone equally comfortable working on codebases and leading cross‑functional initiatives, a force multiplier who can train teams, represent security to customers and executives, and make security a natural part of how Swiftly ships products. We use AI tools for scheduling and summarization in our hiring process. We do not use AI tools to make decisions about who moves forward or to assess the strength of candidates. Every application is reviewed and all hiring decisions are made by Swiftly team members. This is an active, open role that we are currently hiring for at Swiftly. What You'll Do Make Swiftly Secure Own Swiftly's security risk register and threat models; identify, prioritize, and drive remediation of risks across application and infrastructure. Design secure architectures for our SaaS platform, mobile applications, and IOT/Hardware Integration, focusing on authentication, authorization, data protection, and network boundaries. Recommend, implement, and manage security tools end‑to‑end. Build DevSecOps guardrails into CI/CD so vulnerabilities, misconfigurations, and license issues surface early. Conduct internal security assessments and coordinate engagements with external penetration testers. Own security policies and standards; ensure they're practical, adopted, and measurable. Define standards for secure adoption of AI coding assistants, building reusable patterns, custom configurations, and guardrails that help developers move fast safely. Compliance & Customer Trust Lead renewals and continuous readiness for existing certifications like SOC 2. Proactively identify security frameworks required for international expansion; scope cost, level of effort, and timelines to inform market entry decisions; and lead execution of new certifications. Respond to customer security and compliance inquiries and support product marketing with security content. Incident Response & Detection Design and maintain security incident response plans, playbooks, and escalation paths. Serve as an escalation point for security incidents; lead triage, root cause analysis, and remediation. Security Leadership Define and maintain security KPIs and dashboards for executive and board reporting. Give teams visibility into their security posture and coach them to improve. Influence roadmap prioritization to ensure security and compliance are first‑class concerns. Mentor engineers in secure design and help grow a security‑aware culture across Swiftly by delivering security training and office hours for developers and other stakeholders. Drive corporate IT security strategy, including endpoint hardening, email security, IAM standards, and periodic access reviews. What will set you up for success 5+ years of experience in security engineering with both strategic and hands‑on work. Strong experience securing cloud‑native environments (AWS preferred), including IAM, networking, logging/monitoring, and secrets management. Hands‑on experience with infrastructure‑as‑code (Terraform) and policy‑as‑code frameworks (OPA, Sentinel, or similar). Background building security into CI/CD pipelines and development workflows. Familiarity with container and orchestration security. Excellent threat modeling and risk assessment skills; able to translate complex risks into clear options and tradeoffs. Experience with compliance frameworks (SOC 2 preferred) and audit processes. Strong communication skills; comfortable working across technical and non‑technical teams. Self‑directed and comfortable operating with autonomy. Nice to Haves Relevant certifications (CISSP, cloud security certifications). Experience advising on security for AI/ML or LLM‑powered features. Mobile application security experience (Android preferred). Experience with GRC and compliance platforms. Background in application security or penetration testing. Experience with international compliance frameworks. Familiarity with regulated industries or public sector requirements. Experience with physical device security (IoT, embedded systems, or field‑deployed hardware). Experience with Mobile Device Management (MDM) solutions for enterprise or fleet deployments. Pay Range In accordance with pay transparency laws, please see the approximate salary ranges below. These ranges represents the anticipated low and high end of the salary for this position. Actual salaries will vary and are based on a multitude of non‑discriminatory factors including final role leveling decisions, a candidate's relevant work experiences/skills, and geographic location. Salary is one component of Swiftly's total compensation package, which also includes stock options, competitive benefits, 401(k)/RRSP matching, a fantastic team and culture, opportunity to have a huge impact, emphasis on professional growth and holistic wellness, and other perks. US Salary Range: $140,000 - 200,000 Canadian Salary Range: $165,000 - 200,000 Beyond the Skills We are looking for candidates who are passionate about mobility, sustainability, or mission‑oriented projects that have a significant real‑world impact. Ideal candidates encompass the core values of our company: Team. Together, we are more effective and better supported. Impact. Drive impact for our customers, our company, and all of our teams. Diversity. See differing perspectives as ways to address our weaknesses and find new strengths. Communication. Assume others internally and externally have good intentions. Feedback. We share feedback because we want each other to grow professionally and personally. Growth. Foster personal, professional, and company growth. Benefits Competitive salary Equity compensation (company ownership) for every employee Medical, Dental and Vision Retirement with Employer Match Flexible Spending Account (FSA) Home office setup reimbursement Monthly cell/internet reimbursement Monthly "Be Well" stipend Flexible PTO with a recommended minimum Flexible work environment 16 paid holidays - including months without U.S. national holidays 8 fully paid weeks of leave for childbirth/adoption Travel note Swiftly employees can generally expect to travel 1-2 times a year for in‑person company or team offsites. As a fully distributed company, we consider these offsites important for cultivating strong relationships across our teams! Attending these in‑person is expected and encouraged, although we understand everyone has different personal circumstances and we will consider requests for exceptions. Customer‑facing team members and other specific roles may be expected to travel more frequently. Equal Opportunity Statement We are an equal opportunity employer - we are committed to a workplace that is as dynamic, diverse, and passionate as the communities we serve. #J-18808-Ljbffr

A leading data protection firm is seeking a Machine Learning Engineer to develop GenAI architectures and secure AI workflows. Ideal candidates should hold a PhD or MS in Computer Science and possess 2+ years of relevant experience. Key responsibilities include developing and testing machine learning models, conducting experiments, and collaborating within a team. The role offers competitive compensation along with benefits including health, PTO, and 401K options. #J-18808-Ljbffr

Loft Orbital is revolutionizing access to space by building reliable, shareable satellites that drastically reduce the time and complexity traditionally required to get to orbit. We operate satellites, fly customer payloads, and handle entire missions from end‑to‑end. Our team of space enthusiasts, software experts, and cutting‑edge technologists work together to make space simple for our customers. As a Senior Security Engineer on our Security and Compliance Team, you will ensure that our highly automated, containerized, and globally distributed infrastructure remains secure throughout its lifecycle, from architecture to incident response. You will be at the heart of our DevSecOps efforts, collaborating directly with infrastructure, software, product, and solution teams to scale Loft's security maturity while embracing our startup agility and culture. This hands‑on, deeply collaborative role offers broad scope, rapid growth opportunities, and a chance to contribute to space missions. About the Role Champion DevSecOps best practices by designing and implementing security controls directly into CI/CD pipelines (e.g., GitLab CI). Lead and automate application and infrastructure security assessments, including threat modeling and code review. Partner with developers and SREs to identify, remediate, and prevent vulnerabilities through secure design and practical guidance. Design, build, and maintain secure architecture patterns for containerized, cloud‑native, and distributed workloads. Develop and maintain automated security tooling, such as container image scanning, IaC validation, and policy‑as‑code. Collaborate on automated security tooling for container image scanning, IaC validation, and RBAC compliance. Support incident response workflows, including detection, forensics, root cause analysis, and post‑mortems. Provide technical mentorship and real‑time enablement to help teams adopt a "secure‑by‑default" mindset. Contribute to internal security tools and automation using Python, Go, or other modern languages. Continuously improve how we measure and scale security across our SRE and infrastructure platforms. Must Have Deep experience with cloud security in AWS, Azure, or GCP environments. Strong knowledge of container and Kubernetes security in production environments. Proficiency in at least one modern programming language (e.g., Python, Go, C++). Hands‑on experience with zero‑trust architecture, service mesh, and software‑defined networking. Solid understanding of DevSecOps pipelines, IaC tools, and secure build processes. Hands‑on experience with vulnerability scanning, SAST/DAST tools, and automated security testing. Proven success in fast‑paced, highly collaborative environments, ideally at a startup or scale‑up. Comfortable working closely with developers and SREs in an enablement‑first security culture. Clear, concise communication and documentation skills. Ability to thrive in a multicultural, globally distributed engineering team. Master's degree in Computer Science or a similar field. Nice to Have Practical experience with policy‑as‑code (OPA, Sentinel, etc.). Understanding of software‑defined networking and security policy enforcement in mesh environments. Familiarity with modern SRE practices, observability, and resilience engineering. Contributions to open‑source security tools or frameworks. Interest or experience in space operations or aerospace systems. Benefits 100% company‑paid medical, dental, and vision insurance for employees and dependents. Flexible Spending (FSA) and Health Savings (HSA) accounts with an employer contribution to the HSA. 100% employer paid Life, AD&D, Short‑Term, and Long‑Term Disability insurance. Flexible time‑off policy for vacation and sick leave, and 12 paid holidays. 401(k) plan and equity options. Daily catered lunches and office snacks. International exposure to our team in France. Fully paid parental leave; 14 weeks for birthing parent and 10 weeks for non‑birthing parent. Carrot Fertility provides comprehensive, inclusive fertility healthcare and family‑forming benefits with financial support. Off‑sites and many social events and celebrations. Relocation assistance when applicable. Compensation Salary range: $140,250 - $190,000 per year. The range is intentional and reflects differences in experience, knowledge, skills, and abilities. EEO Statement Research shows that while men apply to jobs where they meet an average of 60% of the criteria, women and other underrepresented people tend to only apply when they meet 100% of the qualifications. At Loft, we value respectful debate and people who aren't afraid to challenge assumptions. We strongly encourage you to apply, even if you don't check all the boxes. Who We Are Loft: Space Made Simple. Founded in 2017, Loft provides governments, companies, and research institutions with a quick, reliable, and flexible way to launch missions in orbit. We integrate, launch, and operate spacecraft, offering end‑to‑end missions as a service across Earth observation, IoT connectivity, in‑orbit demonstrations, national security missions, and more. With more than 25 missions flown, Loft's proven technology enables customers to focus on their mission objectives. With four satellites on‑orbit and a wave of exciting missions launching soon, we are scaling up across San Francisco, CO and Toulouse, France. The team is international, so strong English skills are required for collaboration. Please mention the word UNREAL in your application to show that you have read the job post completely. #J-18808-Ljbffr

Qualified is the Agentic Marketing Platform for B2B companies. With Piper the AI SDR Agent, Qualified offers a whole new way to grow inbound pipeline. Piper operates across both the website and email, working to engage website visitors, capture leads, and convert buyers into pipeline around the clock. Hundreds of the world's leading brands-including Crunchbase, Asana, Box, and Grubhub-choose Qualified to increase lead conversions, generate more meetings, and improve efficiency within their inbound pipeline motion. Overview We're looking for a deeply experienced Senior Security Engineer to establish and lead our security engineering function as our first dedicated security engineer hire. You'll serve as the security champion for our 50+ person engineering organization, partnering closely with our platform, infrastructure, and engineering leadership teams to mature and enhance our existing security posture. This is a foundational role where you'll have the opportunity to evolve our security strategy, strengthen existing security controls, and establish advanced security practices across our entire technology stack. You'll drive initiatives that protect our AI-powered platform, customer data, and business operations while enabling safe, high-velocity development. If you're passionate about building robust security programs, love solving complex security challenges, and enjoy elevating security awareness across engineering teams, this role is for you. What You'll Do Evolve and Mature Security Practices: Build upon our existing security foundation by designing and implementing advanced security controls, policies, and practices that scale with our growth and align with industry best practices. Drive Proactive Security Assessments: Systematically identify security vulnerabilities and weak points across our systems through threat modeling, security reviews, and risk assessments. Develop and execute comprehensive remediation roadmaps. Partner with Corporate Security: Collaborate closely with our corporate security team to align technical security initiatives with broader organizational security policies, compliance requirements, and risk management objectives. Secure the Platform & Infrastructure: Work hand-in-hand with our platform and infrastructure teams to harden cloud environments, implement security automation, and build security into our CI/CD pipelines and deployment workflows. Implement Security Tooling & Monitoring: Deploy and manage security tools including SAST/DAST scanners, vulnerability management systems, security monitoring, and incident response capabilities. Incident Response & Forensics: Lead security incident response efforts, conduct post-incident analysis, and continuously improve our security incident handling capabilities. What We're Looking For 6+ years of software engineering experience with 3+ years in security engineering, application security, or infrastructure security roles, with proven experience building security programs at high-growth technology companies. Deep cloud security expertise with AWS, Kubernetes, and cloud-native security tools. Experience securing containerized environments. Strong application security background including secure code review, vulnerability assessment, penetration testing, and familiarity with OWASP Top 10 and common attack vectors. Infrastructure security experience with network security, identity and access management (IAM), secrets management, and security automation using infrastructure-as-code. Strong communication and collaboration skills; able to translate complex security risks into business impact and work effectively with engineering teams to drive security improvements. Regulatory and compliance knowledge with frameworks like SOC 2, ISO 27001, GDPR, and experience implementing technical controls to meet compliance requirements. Why Join Qualified Foundational Impact: As our first security hire, you'll mature our security program and directly shape how we approach advanced security practices across all aspects of our business. High-Growth Environment: Join us at a pivotal stage where you can establish security best practices that will scale with our rapid growth and expansion. Cutting-Edge AI Security: Work on unique security challenges related to AI driven products and help define security standards for B2B AI applications. Close Leadership Collaboration: Partner with leadership to ensure security is integrated into our strategic decision-making. Career Growth: Lead and grow the security function as we scale, with opportunities to build and manage a security team as the company expands. If you're ready to take on a high-impact role where you'll establish the security foundation for a fast-growing AI company and drive critical security initiatives from day one, we'd love to hear from you. About Qualified Qualified is the Agentic Marketing platform for B2B companies around the world. Headquartered in San Francisco, Qualified delivers pipeline generation at scale with Piper the AI SDR for thousands of customers like Crunchbase, Demandbase, Greenhouse, Plaid, and Suse. Led by former Salesforce CMO Kraig Swensrud and former Salesforce Product SVP Sean Whiteley, Qualified boasts 1100+ 5-star reviews on G2 and is ranked #1 on the Salesforce AppExchange. Qualified is funded by Sapphire, Tiger Global, Norwest Venture Partners, Redpoint Ventures, and Salesforce Ventures. Visit qualified.com to learn more. One Team We're all in this together with a shared goal: grow the business and each other. Work as a team, win as a team. Collaborate and strategize across departments to deliver A+ work. We are bold thought leaders that value creating a sense of belonging for all and celebrating our wins, big or small. Customer Obsessed Prioritize the customer above everything else. Build a product that our customers love. Establish ourselves as their trusted advisor and do “Whatever it takes” to make them successful. Prove the ROI. Only when our customers win do we win. Think Big & Move Fast We're defining a new category and we have fierce competition. Fast-paced innovation is the name of the game. We look forward. We reimagine. We throw out new ideas. We test things. We move quickly. We challenge the norm. We don't settle for status quo. On the heels of their Series C financing, Qualified is looking to grow the team so that they can do even more, even faster; they're focused on delivering our customers more innovation, additional services, an expanded product portfolio, and even deeper ties into the Salesforce CRM platform. Qualified is looking for folks that are fired up about joining a fast‑paced, fast‑growing company that is doing big things. Diversity & Inclusion Qualified is committed to bringing together individuals from different backgrounds and perspectives. We strive to create an inclusive environment where everyone can thrive, feel a sense of belonging, and do great work together. We are proud to be an equal opportunity employer open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, Veteran status, or any other legally protected status. #J-18808-Ljbffr

Loft Orbital is revolutionizing access to space by building reliable, shareable satellites that drastically reduce the time and complexity traditionally required to get to orbit. We operate satellites, fly customer payloads, and handle entire missions from end‑to‑end. We're a close‑knitted team of space enthusiasts, software experts, and cutting‑edge technologists, all working together to make space simple for our customers. As a Senior Security Engineer on our Security and Compliance Team, your mission will be to ensure that our highly automated, containerized, and globally distributed infrastructure remains secure throughout its lifecycle, from architecture to incident response. You'll be at the heart of our DevSecOps efforts, collaborating directly with infrastructure, software, product, and solution teams to scale Loft's security maturity while embracing our startup agility and culture. This is a hands‑on, deeply collaborative role, offering broad scope, rapid growth opportunities, and yes, a chance to contribute to space missions. About the Role: Champion DevSecOps best practices by designing and implementing security controls directly into our CI/CD pipelines (e.g., GitLab CI). Lead and automate application and infrastructure security assessments, including threat modeling and code review. Partner with developers and SREs to identify, remediate, and prevent vulnerabilities through secure design and practical guidance. Design, build, and maintain secure architecture patterns for containerized, cloud‑native, and distributed workloads. Develop and maintain automated security tooling, such as container image scanning, IaC validation, and policy‑as‑code. Collaborate on automated security tooling for container image scanning, IaC validation, and RBAC compliance. Support incident response workflows, including detection, forensics, root cause analysis, and post‑mortems. Provide technical mentorship and real‑time enablement to help teams adopt a “secure‑by‑default” mindset. Contribute to internal security tools and automation using Python, Go, or other modern languages. Continuously improve how we measure and scale security across our SRE and infrastructure platforms. Must Haves: Deep experience with cloud security in AWS, Azure, or GCP environments. Strong knowledge of container and Kubernetes security in production environments. Proficiency in at least one modern programming language (e.g., Python, Go, C++). Hands‑on experience with zero‑trust architecture, service mesh, and software‑defined networking. Solid understanding of DevSecOps pipelines, IaC tools, and secure build processes. Hands‑on experience with vulnerability scanning, SAST/DAST tools, and automated security testing. Proven success in fast‑paced, highly collaborative environments, ideally at a startup or scale‑up. Comfortable working closely with developers and SREs in an enablement‑first security culture. Clear, concise communication and documentation skills. Ability to thrive in a multicultural, globally distributed engineering team. Nice to Haves: Practical experience with policy‑as‑code (OPA, Sentinel, etc.). Understanding of software‑defined networking and security policy enforcement in mesh environments. Familiarity with modern SRE practices, observability, and resilience engineering. Contributions to open‑source security tools or frameworks. Interest or experience in space operations or aerospace systems. Some of Our Awesome Benefits: 100% company‑paid medical, dental, and vision insurance option for employees and dependents Flexible Spending (FSA) and Health Savings (HSA) Accounts offered with an employer contribution to the HSA 100% employer paid Life, AD&D, Short‑Term, and Long‑Term Disability insurance Flexible Time Off policy for vacation and sick leave, and 12 paid holidays 401(k) plan and equity options Daily catered lunches and snacks in office International exposure to our team in France Fully paid parental leave; 14 weeks for birthing parent and 10 weeks for non‑birthing parent Carrot Fertility provides comprehensive, inclusive fertility healthcare and family‑forming benefits with financial support Off‑sites and many social events and celebrations Relocation assistance when applicable $140,250 - $190,000 a year State law requires us to tell you the base compensation range for this role, which is $140,250- $190,000 per year. This is determined by your education, experience, knowledge, skills, and abilities. The salary range for this role is intentionally wide as we evaluate individuals based on their unique experience and abilities to fit our needs. Most importantly, we are excited to meet you, and see if you are a great fit for our team. What we can't quantify for you are the exciting challenges, supportive team, and amazing culture we enjoy. * Research shows that while men apply to jobs where they meet an average of 60% of the criteria, women and other underrepresented people tend to only apply when they meet 100% of the qualifications. At Loft, we value respectful debate and people who aren't afraid to challenge assumptions. We strongly encourage you to apply, even if you don't check all the boxes. Who We Are Loft: Space Made Simple. Founded in 2017, Loft provides governments, companies, and research institutions with a fast, reliable, and flexible way to deploy missions in orbit. We integrate, launch, and operate spacecraft, offering end‑to‑end missions as a service across Earth observation, IoT connectivity, in‑orbit demonstrations, national security missions, and more. Leveraging our existing space infrastructure and an extensive inventory of satellite buses, Loft is reducing years‑long integration and launch timelines to months. With more than 25 missions flown, Loft's flight heritage and proven technologies enable customers to focus on their mission objectives. At Loft, you'll be given the autonomy and ownership to solve significant challenges, but with a close‑knot and supportive team at your back. We believe that diversity and community are the foundation of an open culture. We are committed to hiring the best people regardless of background and make their time at Loft the most fulfilling period of their career. We value kind, supportive and team‑oriented collaborators. It is also crucial for us that you are a problem solver and a great communicator. As our team is international, you will need strong English skills to better collaborate, easily communicate complex ideas and convey important messages. With 4 satellites on‑orbit and a wave of exciting missions launching soon, we are scaling up quickly across our offices in San Francisco, CA | Golden, CO | and Toulouse, France. As an international company your resume will be reviewed by people across our offices so please attach a copy in English. #J-18808-Ljbffr

A leading technology firm in Palo Alto is seeking a knowledgeable security expert to oversee day-to-day threat management and improve incident responses. The ideal candidate has 2+ years of experience in information security and strong Python scripting skills. You will work on enhancing security monitoring and collaborate with various teams to handle security incidents effectively. This role comes with a competitive salary range and comprehensive benefits including equity, medical coverage, and a 401(k) plan. #J-18808-Ljbffr

EchoTwin AI is pioneering AI-driven infrastructure intelligence, redefining how cities are managed. Powered by a proprietary visual intelligence engine with full spatial reasoning, EchoTwin transforms municipal fleets into mobile urban sensors-creating living digital twins that provide real-time insights into infrastructure, compliance, and safety. By enabling municipalities to proactively monitor, predict, and resolve issues, EchoTwin helps build resilient, self-healing, and sustainable urban ecosystems. More than “smart cities,” EchoTwin is advancing the era of cognizant cities-urban environments with the awareness to see, think, and act on challenges in real time. What The Job Involves Our Engineering teams work at the cutting edge of technology, leveraging AWS and GCP cloud services and developing our own Linux-based edge devices. As a dynamic startup, we understand the critical importance of cybersecurity in protecting our innovative solutions and ensuring the safety of our digital environment and customer data. We're seeking a passionate Security Engineer to lead our cybersecurity initiatives and safeguard our code and infrastructure against ever-evolving threats. You will manage security for our production and corporate systems, handle security alerts, implement policies, and collaborate with external customers on security needs. Responsibilities Develop and implement comprehensive security strategies for our cloud environments (AWS and GCP) and Linux-based systems. Design and implement public/private key management and PKI (Private Key Infrastructure) for our edge devices. Perform regular security audits, risk assessments, and penetration testing to identify vulnerabilities in our code and infrastructure. This includes conducting thorough code audits from a security perspective to ensure our applications are developed with the highest security standards. Design and manage security protocols for our edge devices, ensuring robust protection against external threats. Stay abreast of the latest cybersecurity trends and threats, applying this knowledge to fortify our defenses. This includes proactive monitoring and implementing fixes for zero-day vulnerabilities to prevent exploitation. Develop and enforce security policies and procedures, conducting security awareness training across the company to cultivate a security-first culture. Collaborate with development teams to integrate security measures into the software development lifecycle (SDLC), promoting security best practices for application development to mitigate risks from the outset. Respond swiftly to security incidents, leading the investigation and remediation efforts to minimize impact. This includes resolving security breaches and ensuring that similar vulnerabilities are addressed across all projects. We work with our partners and clients to have deep technical discussions about security posture, review and discuss the security requirements, and formulate the necessary changes for the engineering team. Manage and maintain CIS-compliant OS images for our Cloud infrastructure and field devices. Must possess demonstrable knowledge of application security, security testing methodologies, and application security testing automation. Qualifications Degree in Computer Science, Engineering, or related field. 6+ years of software engineering or equivalent experience. Experience with one of the core (Golang, Python) programming languages, scripting, and automation. Strong knowledge of encryption protocols, public/private key management, and PKI (Private Key Infrastructure). Strong understanding of network security, encryption practices, and secure coding principles. Proven experience in cloud security management (AWS, Azure, GCP). Familiarity with security policies and controls for internal corporate applications (Google Workspace, GitHub, Jira). Familiarity with security compliance standards relevant to our industry. Strong skills in managing security tools and vendor relationships. Excellent ability to develop and implement security policies and guidelines. Understanding of blockchain principles is a plus. Relevant certifications in security and cloud platforms are highly desirable. Benefits and Perks There are endless learning and development opportunities from a highly diverse and talented peer group, including experts in various fields, including Computer Vision, GenAI, Digital Twin, Government Contracting, Systems and Device Engineering, Operations, Communications, and more! Options for medical, dental, and vision coverage for employees and dependents (for US employees) Flexible Spending Account (FSA) and Dependent Care Flexible Spending Account (DCFSA) 401(k) with 3% company matching Unlimited PTO Profit sharing #J-18808-Ljbffr

Loft Orbital is revolutionizing access to space by building reliable, shareable satellites that drastically reduce the time and complexity traditionally required to get to orbit. We operate satellites, fly customer payloads, and handle entire missions from end-to-end. We're a close-knit team of space enthusiasts, software experts, and cutting‑edge technologists, all working together to make space simple for our customers. As a Senior Security Engineer on our Security and Compliance Team, your mission will be to ensure that our highly automated, containerized, and globally distributed infrastructure remains secure throughout its lifecycle, from architecture to incident response. You'll be at the heart of our DevSecOps efforts, collaborating directly with infrastructure, software, product, and solution teams to scale Loft's security maturity while embracing our startup agility and culture. This is a hands‑on, deeply collaborative role, offering broad scope, rapid growth opportunities, and yes, a chance to contribute to space missions About the Role Champion DevSecOps best practices by designing and implementing security controls directly into our CI/CD pipelines (e.g., GitLab CI). Lead and automate application and infrastructure security assessments, including threat modeling and code review. Partner with developers and SREs to identify, remediate, and prevent vulnerabilities through secure design and practical guidance. Design, build, and maintain secure architecture patterns for containerized, cloud‑native, and distributed workloads. Develop and maintain automated security tooling, such as container image scanning, IaC validation, and policy‑as‑code. Collaborate on automated security tooling for container image scanning, IaC validation, and RBAC compliance. Support incident response workflows, including detection, forensics, root cause analysis, and post‑mortems. Provide technical mentorship and real‑time enablement to help teams adopt a “secure‑by‑default” mindset. Contribute to internal security tools and automation using Python, Go, or other modern languages. Continuously improve how we measure and scale security across our SRE and infrastructure platforms. Must Haves Deep experience with cloud security in AWS, Azure, or GCP environments. Strong knowledge of container and Kubernetes security in production environments. Proficiency in at least one modern programming language (e.g., Python, Go, C++). Hands‑on experience with zero‑trust architecture, service mesh, and software‑defined networking. Solid understanding of DevSecOps pipelines, IaC tools, and secure build processes. Hands‑on experience with vulnerability scanning, SAST/DAST tools, and automated security testing. Proven success in fast‑paced, highly collaborative environments, ideally at a startup or scale‑up. Comfortable working closely with developers and SREs in an enablement‑first security culture. Clear, concise communication and documentation skills. Ability to thrive in a multicultural, globally distributed engineering team. Master's degree in Computer Science or a similar field Nice to Haves Practical experience with policy‑as‑code (OPA, Sentinel, etc.). Understanding of software‑defined networking and security policy enforcement in mesh environments. Familiarity with modern SRE practices, observability, and resilience engineering. Contributions to open‑source security tools or frameworks. Interest or experience in space operations or aerospace systems. Some of Our Awesome Benefits 100% company‑paid medical, dental, and vision insurance option for employees and dependents Flexible Spending (FSA) and Health Savings (HSA) Accounts offered with an employer contribution to the HSA 100% employer paid Life, AD&D, Short‑Term, and Long‑Term Disability insurance Flexible Time Off policy for vacation and sick leave, and 12 paid holidays 401(k) plan and equity options Daily catered lunches and snacks in office International exposure to our team in France Fully paid parental leave; 14 weeks for birthing parent and 10 weeks for non‑birthing parent Carrot Fertility provides comprehensive, inclusive fertility healthcare and family‑forming benefits with financial support Off‑sites and many social events and celebrations Relocation assistance when applicable $140,250 - $190,000 a year State law requires us to tell you the base compensation range for this role, which is $140,250- $190,000 per year. This is determined by your education, experience, knowledge, skills, and abilities. The salary range for this role is intentionally wide as we evaluate individuals based on their unique experience and abilities to fit our needs. Most importantly, we are excited to meet you, and see if you are a great fit for our team. What we can't quantify for you are the exciting challenges, supportive team, and amazing culture we enjoy. * Research shows that while men apply to jobs where they meet an average of 60% of the criteria, women and other underrepresented people tend to only apply when they meet 100% of the qualifications. At Loft, we value respectful debate and people who aren't afraid to challenge assumptions. We strongly encourage you to apply, even if you don't check all the boxes. Who We Are Loft: Space Made Simple. Founded in 2017, Loft provides governments, companies, and research institutions with a fast, reliable, and flexible way to deploy missions in orbit. We integrate, launch, and operate spacecraft, offering end‑to‑end missions as a service across Earth observation, IoT connectivity, in‑orbit demonstrations, national security missions, and more. Leveraging our existing space infrastructure and an extensive inventory of satellite buses, Loft is reducing years‑long integration and launch timelines to months. With more than 25 missions flown, Loft's flight heritage and proven technologies enable customers to focus on their mission objectives. At Loft, you'll be given the autonomy and ownership to solve significant challenges, but with a close‑knit and supportive team at your back. We believe that diversity and community are the foundation of an open culture. We are committed to hiring the best people regardless of background and make their time at Loft the most fulfilling period of their career. We value kind, supportive and team‑oriented collaborators. It is also crucial for us that you are a problem solver and a great communicator. As our team is international, you will need strong English skills to better collaborate, easily communicate complex ideas and convey important messages. With 4 satellites on‑orbit and a wave of exciting missions launching soon, we are scaling up quickly across our offices in San Francisco, CA | Golden, CO | and Toulouse, France. As an international company your resume will be reviewed by people across our offices so please attach a copy in English. #J-18808-Ljbffr

A leading technology company is seeking a Corporate Security Engineer to safeguard data and infrastructure. The role involves managing security solutions and optimizing corporate security posture with a focus on endpoint security, IAM, and incident response. Ideal candidates should have 3-5 years of experience in security roles and a strong understanding of modern security principles. The position offers competitive compensation and benefits within a sustainable AI-first company culture. #J-18808-Ljbffr

A leading AI-driven infrastructure firm in San Francisco is seeking an experienced Security Engineer to lead cybersecurity initiatives and manage security for their cloud environments. The role involves developing security strategies, conducting audits, and collaborating with development teams to ensure robust security practices. A degree in Computer Science and experience in cloud security are required. Competitive benefits and a dynamic work environment are offered. #J-18808-Ljbffr

The Role: As the Security Engineering Lead at Airbyte, you will be the single-threaded owner of security, compliance, and privacy for the company, working in close partnership with engineering, product, legal, and leadership. This is a senior, hands-on role for someone excited to shape how security is built, embedded, and scaled in a growing company. You will have the autonomy to set direction and make risk-based decisions, along with strong cross-functional support to execute effectively. Your work will sit at the intersection of product, infrastructure, compliance, and go-to-market, with direct impact on customer trust, enterprise adoption, and Airbyte's ability to scale securely. What You'll Do: Own Airbyte's security end-to-end, spanning cloud, application, endpoint, and identity security Set security priorities and roadmaps in alignment with business goals and engineering strategy Serve as the primary security decision-maker, bringing sound judgment, context, and partnership to risk decisions and escalations Lead incident detection, investigation, and response, building clear, reliable, and repeatable processes Own and evolve Airbyte's SOC 2 Type II and ISO 27001 programs, ensuring ongoing audit readiness and operational maturity Partner with engineers to embed security into system design, architecture, and major platform initiatives Enable enterprise growth by leading customer-facing security engagements, including questionnaires, ad-hoc inquiries, and security-related contractual discussions Define and operate identity and access management, including SSO, SCIM, RBAC, and access reviews Maintain and improve Airbyte's privacy program, collaborating with Legal on privacy policies, DPAs, TIAs, and regulatory obligations Drive vulnerability management across the stack, including AWS, GCP, Kubernetes, applications, and container images Influence security culture and standards across the company as Airbyte continues to grow What You'll Need Send 3+ years of security leadership experience 5-8+ years of experience in security engineering, cybersecurity, or related roles Experience making practical, risk-based security decisions in collaboration with engineering and business partners Working knowledge of SOC 2 Type II, ISO 27001, and security governance concepts Hands-on familiarity with cloud security, Kubernetes, and modern CI/CD environments Strong communication skills, with the ability to explain security concepts to both technical and non-technical audiences Comfort balancing security, compliance, and delivery velocity in a fast-moving environment. Familiarity with privacy programs and regulations such as GDPR and CCPA Experience evaluating or applying AI-powered tools to security use cases such as detection, triage, policy analysis, or vulnerability management A mindset of curiosity, continuous learning, and shared ownership Location: Onsite 5 days/week in San Francisco, CA If you find this role exciting, we encourage you to apply even if you think you don't meet all of the requirements! Airbyte is an equal opportunity employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, national origin, dicetancy, age, physical or mental disability, pregnancy, genetic information, sex, sexual orientation, gender identity or expression, marital status, familialvendicity, domestic violence victim status, veteran or military status, or any other legally recognized protected basis under federal, state or local laws. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Airbyte is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. Please let us know if you need assistance or accommodation due to a disability. #J-18808-Ljbffr

An innovative tech company in San Francisco is seeking a Lead Security Engineer to architect, harden, and defend its infrastructure. In this role, you'll lead security initiatives and embed security practices into the product lifecycle. Ideal candidates have over 8 years of experience in security engineering and incident response, along with a strategic mindset to manage risks effectively. This is a unique opportunity to join a fast-paced environment that values resilience and flexibility while providing a hybrid work culture. #J-18808-Ljbffr

A leading identity platform in San Francisco seeks a Security Engineer to enhance product security while supporting the fast-paced delivery processes of engineering teams. The candidate will collaborate cross-functionally to manage risks, build security automation tools, and participate in on-call rotations. Required skills include communication, collaboration, and a passion for security, with 2+ years in software engineering and product security at a tech company. This full-time role offers competitive benefits and emphasizes a culture of proactive problem-solving. #J-18808-Ljbffr

Security is at the foundation of OpenAI's mission to ensure that artificial general intelligence benefits all of humanity. The Security team protects OpenAI's technology, people, and products. We are technical in what we build but are operational in how we do our work, and are committed to supporting all products and research at OpenAI. Our Security team tenets include: prioritizing for impact, enabling researchers, preparing for future transformative technologies, and engaging a robust security culture. About the Role We're seeking an exceptional Principal-level Offensive Security Engineer to challenge and strengthen OpenAI's security posture. This role isn't your typical red team job - it's an opportunity to engage broadly and deeply, craft innovative attack simulations, collaborate closely with defensive teams, and influence strategic security improvements across the organization. You have the chance to not only find vulnerabilities but actively drive their resolution, automate offensive techniques with cutting-edge technologies, and use your unique attacker perspective to shape our security strategy. This role will be primarily focused on continuously testing our hardware products and related services. In this role you will: Collaborate proactively with engineering teams to enhance security and mitigate risks in hardware, firmware, and software. Perform comprehensive penetration testing on our diverse suite of products. Leverage advanced automation and OpenAI technologies to optimize your offensive security work. Present insightful, actionable findings clearly and compellingly to inspire impactful change. Influence security strategy by providing attacker-driven insights into risk and threat modeling. You might thrive in this role if you have: 7+ years of hands‑on experience or exceptional accomplishments demonstrating equivalent expertise. Exceptional skill in code review, identifying novel and subtle vulnerabilities. Demonstrated mastery assessing complex technology stacks, including: Proven ability to reverse engineer bootrom images, firmware, or silicon‑level components. Deep familiarity with low‑level kernel operations, secure boot processes, and hardware‑software interactions. Hands‑on experience building and validating secure boot chains and threat models. Proficiency with hardware debugging tools (UART, JTAG, SWD, oscilloscopes, logic analyzers). Solid programming skills in C/C++, Python, or assembly for embedded systems. Industry experience securing consumer hardware (e.g., mobile devices, IoT, chipsets). Excellent written and verbal communication skills for technical and non‑technical audiences. Strong intuitive understanding of trust boundaries and risk assessment in dynamic contexts. Excellent coding skills, capable of writing robust tools and automation for offensive operations. Ability to communicate complex technical concepts effectively through compelling storytelling. Proven track record of not just finding vulnerabilities but actively contributing to solutions in complex codebases. Prior experience working in tech startups or fast‑paced technology environments. Experience in related disciplines such as Software Engineering (SWE), Detection Engineering, Site Reliability Engineering (SRE), Security Engineering, or IT Infrastructure. About OpenAI OpenAI is an AI research and deployment company dedicated to ensuring that general‑purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity. We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic. Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable law, including the San Francisco Fair Chance Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act. For unincorporated Los Angeles County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: protect computer hardware entrusted to you from theft, loss or damage; return all computer hardware in your possession (including the data contained therein) upon termination of employment or end of assignment; and maintain the confidentiality of proprietary, confidential, and non‑public information. In addition, job duties require access to secure and protected information technology systems and related data security obligations. To notify OpenAI that you believe this job posting is non‑compliant, please submit a report through this form . No response will be provided to inquiries unrelated to job posting compliance. We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made via this link. At OpenAI, we believe artificial intelligence has the potential to help people solve immense global challenges, and we want the upside of AI to be widely shared. Join us in shaping the future of technology. #J-18808-Ljbffr

CodeRabbit is an innovative research and development company focused on building extraordinarily productive human-machine collaboration systems. Our primary goal is to create the next generation of Gen AI-driven code reviewers: a symbiotic partnership between humans and advanced algorithms that significantly outperforms individual engineers. We combine language models with human ingenuity to push the boundaries of software development efficiency and quality. Role Overview: CodeRabbit is on a mission to empower developers with lean, high-performance tools-they move fast, and so do the threats. That's why we're looking for a battle-tested Lead Security Engineer who's been in the trenches and can architect, harden, and defend our infrastructure, tooling, and ecosystem. As our Lead Security Engineer, you'll lead security engineering at CodeRabbit, infusing security into every layer of our product and infrastructure. You become the steward of resilience, incident response, and proactive defense at scale. Responsibilities: Own the security roadmap - craft and execute a strategic security engineering plan that aligns with CodeRabbit's fast-paced engineering cadence. Boost resilience - champion defense-in-depth tactics: threat modeling, secure design reviews, hardening, CI/CD integration. Be Incident Commander - spearhead security incident response and recovery: triage, resolve, root cause, and turn those learnings into stronger systems. Tools & automation - build or integrate security tooling (SAST, DAST, SIEM, EDR, monitoring) into the developer workflow without slowing delivery. Embed security fluently - partner with engineering and product teams to bring secure practices early into planning and daily workflows. Talent & culture - help to hire, coach, and mentor a scrappy, resilient security engineering team; elevate security awareness across the company. Compliance & policy - establish security standards, frameworks, or processes that evolve as we scale-but remain lean and developer-friendly. Qualifications: Battle-tested experience: 8+ years in security engineering, incident response, or correlated fields-bonus if you've led through a major production breach or targeted attack. Technical depth: Extensive experience with security across software and infrastructure-threat modeling, pen testing, secure CI/CD pipelines, cloud security, incident response. Strategic mindset: Ability to translate risk into actionables, communicate trade‑offs with engineering/product leadership. Praxis over theory: You've taken production systems down (intentionally or unintentionally) and built them back stronger. Security in chaos: Experience in pressure situations-with clarity, direction, and calm. Developer‑centric approach: You can speak fluent dev-tools, empathize with fast-moving teams, and secure them without slowing them down. Bonus Points: You've implemented DevSecOps tooling and orchestrated shift‑left security in developer pipelines. You've recovered from (or prevented) a critical security event, and turned that into an engineering culture improvement. Experience in a dev‑tools, SDK, or platform-heavy company. Hacker mindset + operational discipline - pentests, disaster recovery, threat hunting, tooling, cloud environments. Certifications like CISSP, CISM, CEH, or relevant cloud security certs. Why Join Us? Defend a Developer-First Future: At CodeRabbit, you're not just protecting infrastructure-you're securing the next evolution of developer tools. Help fortify a product that's reshaping how code gets reviewed. Real Authority & Ownership: You won't be on the sidelines. As Lead Security Engineer, you'll define the security roadmap, lead critical incident responses, and gain full ownership of outcomes-from threat modeling to hardened deployment. Impact at Velocity: Join an agile, cross-functional squad of engineers, designers, and researchers. You'll move fast but not recklessly - embedding security in every release without slowing delivery. Build, Break, Rebuild Stronger: Ideal for someone battle-tested; someone who's faced breaches, recovered systems, and evolved engineering culture through adversity. Grow and Lead: We're investing in you. This role offers ongoing leadership development, mentorship opportunities, and real ownership as you eventually scale your team and operations. Compensation That Reflects Responsibility: We deliver a competitive package-salary, equity, and benefits-to match the importance and intensity of this role. Hybrid Culture That Adapts to You: We collaborate in person in the Bay Area every week, but leave room for remote heads-down focus. It's security, not surveillance. Our Values 🤝 Collaborative Humans: Prioritizing collective intelligence 🚀 Fearless Innovators: Turning obstacles into growth opportunities 💪 Persistent, Passionate Developers: Thriving on complex, long-term challenges 🎯 Impact-Driven Creators: Crafting intuitive tools for developers 🧠 Rapid Learners and Un-learners: Adapting quickly in our fast-paced technological world Apply Now - If you're excited to build tools that blend intelligent systems with world‑class software engineering, we'd love to meet you. #J-18808-Ljbffr

Crusoe is building the World's Favorite AI-first Cloud infrastructure company. We're pioneering vertically integrated, purpose-built AI infrastructure solutions trusted by Fortune 500 companies to power their most advanced AI applications. Crusoe is redefining AI cloud infrastructure, with a mission to align the future of computing with the future of the climate. Our AI platform is recognized as the "gold standard" for reliability and performance. Our data centers are optimized for AI workloads and are powered by clean, renewable energy. Be part of the AI revolution with sustainable technology at Crusoe. Here, you\'ll drive meaningful innovation, make a tangible impact, and join a team that's setting the pace for responsible, transformative cloud infrastructure. About This Role: At Crusoe, the Corporate Security Engineer is essential for safeguarding our employees, data, and infrastructure. You will be responsible for designing, implementing, managing, and optimizing security solutions across our corporate landscape. By leveraging modern security principles like "secure by design" and Zero Trust, you will help build and maintain a robust corporate security posture, with a key focus on endpoint security, identity and access management (IAM), SaaS application security, data loss prevention (DLP), and incident response. What You'll Be Working On MDM Administration & Endpoint Security: Implementing, administering, and optimizing Mobile Device Management (MDM) solutions and enforcing security policies across diverse endpoints (laptops, mobile devices). Hardware & Software Security Standards: Establishing and maintaining hardware/software security standards and ensuring the strong security posture of corporate devices. Identity & Access Management (IAM): Designing, implementing, and managing core IAM technologies, including SSO, MFA, PAM, and identity lifecycle solutions, contributing to our Zero Trust architecture. Data Protection & Email Security: Implementing, configuring, and tuning DLP, SSPM, and email security solutions to protect against various threats. Secure Architecture & Technology Evaluation: Designing secure corporate environments using secure by design principles and evaluating the security posture of new technologies, vendors, and applications. Security Operations & Incident Response: Actively participating in corporate security operations, including monitoring security alerts, detecting, triaging, investigating, and responding effectively to security incidents. Security Consulting & Best Practices: Consulting with and advising IT, Engineering, and other teams on secure architecture, IAM best practices, and secure configurations. What You'll Bring to the Team 3-5+ years of hands-on experience in a Corporate Security, Enterprise Security, or similar role. Proven experience designing, implementing, and managing security technologies at scale, including: MDM solutions (e.g., Intune, Kandji, Jamf, etc.) IAM solutions (e.g., Okta, Azure AD, IGA applications, etc. including SSO, MFA, PAM concepts) Endpoint security tools (EDR/XDR) Email threat protection solutions DLP and/or SSPM solutions. Strong understanding of modern security principles, including Zero Trust architecture, "secure by design," and defense-in-depth. Experience with securing SaaS applications and enforcing security policies. Demonstrated experience in security incident response, including triage, investigation, and remediation. Familiarity with scripting languages (e.g., Python, PowerShell) for automation and integration. Excellent problem-solving, analytical, and critical-thinking skills. Strong communication and collaboration skills, with the ability to work effectively across different teams. Embody the Company values. Benefits Industry competitive pay Restricted Stock Units in a fast growing, well-funded technology company Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents Employer contributions to HSA accounts Paid Parental Leave Paid life insurance, short-term and long-term disability Teladoc 401(k) with a 100% match up to 4% of salary Generous paid time off and holiday schedule Cell phone reimbursement Tuition reimbursement Subscription to the Calm app MetLife Legal Company paid commuter benefit; $200 per pay period Compensation Compensation will be paid in the range of $130,000 - $170,000. Restricted Stock Units are included in all offers. Compensation to be determined by the applicant's education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data. Crusoe is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation. #J-18808-Ljbffr

A leading AI research company in San Francisco is hiring a Principal Offensive Security Engineer. In this role, you will craft attack simulations and collaborate with teams to strengthen security posture across products. The ideal candidate has over 7 years of experience, exceptional programming skills, and a strong background in identifying vulnerabilities. This position offers an opportunity to influence security strategy and contribute to innovative projects in a dynamic environment. #J-18808-Ljbffr