Security engineer jobs in Rohnert Park, CA - 372 jobs

AI We believe that software is the foundation of modern civilization - yet vulnerabilities threaten its integrity, security, and resilience. We are on a mission to solve security. DepthFirst is building intelligence to detect and remediate critical software vulnerabilities. We are training and scaling security AI agents to discover zero-days vulnerabilities, from large customer codebases to popular open source software. Our founding team includes expertise in security and LLMs (with technical leaders from DeepMind, Databricks, Square, and Faire). We are looking for strong technical people who are interested in working at the intersection of AI, Security and Infrastructure. About this role: We're seeking an experienced Security Researcher to join our effort in building and training AI agents for vulnerability discovery and exploitation. We are building a technology capable of finding the next Log4J at scale, finding and remediating vulnerabilities in customer and open source codebases. We are looking for strong security researchers with strong intuition to identify, analyze, and investigate application vulnerabilities. You'll collaborate with AI researchers and engineers to uncover novel attack vectors and contribute to the development of advanced detection and defense capabilities. Your work will play a crucial role in building a product that aims to redefine how companies do security. You're excited about this role because you will… Build a technology capable of finding novel vulnerabilities at scale both in open source and proprietary codebases Develop techniques to reduce false positives leveraging automated exploitation, proof of concept generation and context inference Work closely with engineers to understand limitations and design new methodologies to improve our system Publish internal technical reports and contribute to security advisories as needed. Work on a Product that Solves a Critical Problem - and we already have a handful of customers who have found it valuable in fixing some eye-opening vulnerabilities within the first few days of using our product. Qualifications 3+ years of full-time experience in security research, offensive security, or related fields. Experience with finding vulnerabilities in source code Experience creating PoC exploits for vulnerabilities Programming experience in Python A bachelor's degree in Computer Science/Software Engineering or equivalent industry experience A love for technology, and an insatiable curiosity for new tools to tackle real problems Capable of solving complex problems with simple solutions. Building reliable and scalable products, making right trade-offs along the way A tendency to leave things in a better way than you found it What We Offer Competitive Salary with generous equity Health and Dental Insurance Office lunch (when working from our San Francisco office)

Job Description At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you're a close but not exact match with the description, we hope you'll still consider applying. Want to learn more about life at Klaviyo? Visit careers.klaviyo.com to see how we empower creators to own their own destiny. As a Lead Security Engineer, you'll be a vital part of the Infrastructure Security Team, focusing on strengthening the security posture across Klaviyo's entire technology environment, developing security architectures and repeatable patterns and mentoring colleagues and junior security engineers. Unlike roles with a narrowly defined specialty, this position offers the opportunity to demonstrate your unique expertise-whether that's in cloud security, identity and access management, data protection, secure systems design, or other security domains. Your work will involve evaluating and hardening our infrastructure, collaborating with cross-functional teams, and leveraging AI to build scalable solutions to address emerging threats. We are looking for someone who is excited to bring their specialized skills to the team, shaping Klaviyo's security practices and helping us continue to raise the bar. How You Will Make a Difference Secure Klaviyo's infrastructure by designing, implementing, and maintaining scalable security controls across cloud, on-prem, and hybrid environments Evaluate and improve security configurations and policies across a range of technologies, using your domain expertise to reduce risk and enable secure-by-default architectures Collaborate with engineering and IT teams to embed security practices and develop repeatable security patterns across the development and deployment lifecycle Lead threat modeling, risk assessments, and architecture reviews in areas aligned with your specialty Develop automated solutions and infrastructure-as-code to drive consistent and reproducible security outcomes Stay ahead of the latest threats and advocate for innovative security solutions aligned with business needs Help define security standards and best practices at Klaviyo, championing their adoption across teams Who You Are Have 5+ years of experience in infrastructure or security engineering roles, with deep knowledge in one or more security focus areas (e.g., cloud security, IAM, endpoint security, data protection, detection engineering, compliance) Comfortable navigating ambiguity and defining priorities in a broad-scoped role Experienced working in modern cloud environments such as AWS, GCP, or Azure Familiar with infrastructure-as-code tools such as Terraform, CloudFormation, or Pulumi Proficient in secure systems design, threat modeling, and vulnerability management AI Agentic development and prompt engineering, MCP (AWS Bedrock, OpenAI, Anthropic) Able to clearly articulate complex security topics to technical and non-technical stakeholders Passionate about security, eager to learn from others and share your expertise Nice to have - certifications (e.g., CISSP, CKS, GCP/AWS Security certs) or equivalent practical experience We use Covey as part of our hiring and / or promotional process. For jobs or candidates in NYC, certain features may qualify it as an AEDT. As part of the evaluation process we provide Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound on April 3, 2025. Please see the independent bias audit report covering our use of Covey here Massachusetts Applicants: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Our salary range reflects the cost of labor across various U.S. geographic markets. The range displayed below reflects the minimum and maximum target salaries for the position across all our US locations. The base salary offered for this position is determined by several factors, including the applicant's job-related skills, relevant experience, education or training, and work location. In addition to base salary, our total compensation package may include participation in the company's annual cash bonus plan, variable compensation (OTE) for sales and customer success roles, equity, sign-on payments, and a comprehensive range of health, welfare, and wellbeing benefits based on eligibility. Your recruiter can provide more details about the specific salary/OTE range for your preferred location during the hiring process. Base Pay Range For US Locations:$188,000-$282,000 USD Get to Know Klaviyo We're Klaviyo (pronounced clay-vee-oh). We empower creators to own their destiny by making first-party data accessible and actionable like never before. We see limitless potential for the technology we're developing to nurture personalized experiences in ecommerce and beyond. To reach our goals, we need our own crew of remarkable creators-ambitious and collaborative teammates who stay focused on our north star: delighting our customers. If you're ready to do the best work of your career, where you'll be welcomed as your whole self from day one and supported with generous benefits, we hope you'll join us. AI fluency at Klaviyo includes responsible use of AI (including privacy, security, bias awareness, and human-in-the-loop). We provide accommodations as needed. By participating in Klaviyo's interview process, you acknowledge that you have read, understood, and will adhere to our Guidelines for using AI in the Klaviyo interview Process. For more information about how we process your personal data, see our Job Applicant Privacy Notice. Klaviyo is committed to a policy of equal opportunity and non-discrimination. We do not discriminate on the basis of race, ethnicity, citizenship, national origin, color, religion or religious creed, age, sex (including pregnancy), gender identity, sexual orientation, physical or mental disability, veteran or active military status, marital status, criminal record, genetics, retaliation, sexual harassment or any other characteristic protected by applicable law. IMPORTANT NOTICE: Our company takes the security and privacy of job applicants very seriously. We will never ask for payment, bank details, or personal financial information as part of the application process. All our legitimate job postings can be found on our official career site. Please be cautious of job offers that come from non-company email addresses (@klaviyo.com), instant messaging platforms, or unsolicited calls. By clicking "Submit Application" you consent to Klaviyo processing your Personal Data in accordance with our Job Applicant Privacy Notice. If you do not wish for Klaviyo to process your Personal Data, please do not submit an application. You can find our Job Applicant Privacy Notice here and here (FR).

Mindlance is a national recruiting company which partners with many of the leading employers across the country. Feel free to check us out at ************************* Hope you are doing fine, Please have a look at the job description and if you are comfortable with the role and responsibilities please revert with your updated resume. Job title:- Threat Intelligence Analyst/Security Analyst Location:- San Francisco CA Duration:- 6- 12 Months Contract Responsibilities: • Differentiate, collect, and evaluate technical and open source data to produce threat intelligence products; • Identify credible, new intelligence and subject matter resources relative to current/emerging threats; • Analyze reports to understand threat campaign techniques and lateral movements and extract indicators of compromise (IOCs). • Manage and maintain threat intelligence platforms and feeds • Conduct research on emerging products, services, protocols, and standards relative to the information security arena Required Qualifications: • 3-5 year's experience performing threat i management operational activities, including threat intelligence gathering and analysis, and threat metrics development and reporting • Experience working with large/multi-national organizations • Demonstrated use of analytic tools and platforms • In-depth knowledge of information security threats Windows and Unix/Linux platforms • The demonstrated ability to work effectively in a collaborative team environment as an individual contributor. • The ability to provide support after normal business hours, as needed. Preferred Qualifications: • Direct experience with Threat intelligence Platform tools • Experience with developing threat intelligence briefings Additional Information Thanks & Regards, Vikrant Thakur ************

Dora Factory is building the next generation of governance infrastructure for decentralized and real-world communities. With advanced cryptographic stacks such as MACI (Minimal Anti-Collusion Infrastructure) and anonymous MACI (aMACI), Dora Factory is a leader in privacy-preserving, tamper-resistant voting technology. By pushing the boundaries of trustless, anonymous, and autonomous governance, we're not only creating infrastructure for communities of the future, but also building new platforms for world consciousness. About the Role We're seeking a Growth Hacking Genius based in the US to drive exponential growth and adoption of Dora Factory's products. You'll experiment relentlessly with data-driven and community-led strategies, building scalable acquisition funnels while amplifying Dora Factory's presence across Web3 and beyond. Key Responsibilities Design and execute creative growth experiments across digital, social and community platforms. Build viral loops, referral systems and incentive structures tailored for Web3 ecosystems and non-Web3 audiences. Optimize marketing funnels to increase user acquisition, activation and retention. Partner with product and BD teams to align growth with integrations and customer success. Track KPIs, analyse campaign data and double down on what works. Represent Dora Factory at events to evangelize our mission. Growth KPI driven. Required Qualifications Know how to get hard things done. Strong analytical skills and experience with A/B testing, attribution and funnel optimization. Creative thinkers are comfortable experimenting with unconventional growth tactics. Strong budget awareness. Familiarity with blockchain communities, decentralized governance, and open-source ecosystems. US-based, with ability to attend events and collaborate with global teams. Preferred Qualifications Understanding the media networks and polling industry is a plus. Experience with tokenomics-based growth, on-chain incentives or referral mechanisms. Strong personal presence in Web3 or non-Web3 communities (e.g., Twitter, Discord, Farcaster). Send an email with three bullet points describing evidence of your exceptional ability to **************************.

You Want: To be part of a small, close-knit team To work for a company that is making the world better and make a lot of money along the way An agile environment (TDD, short release cycles) Mac OS X as your development environment You Have: Worked on at least one high-performance, consumer-facing web site and / or a github account that speaks for itself Skills in all tiers of the web application stack Rewritten code to help yourself sleep better at night You Can: Navigate the command-line in a Linux environment Integrate ruby code with web service APIs Navigate and intimately and completely understand an existing, large code base Skills & Requirements: Write clean and performant code in ruby, Javascript, ERB, and interface with a NoSQL database Contribute to our bottom line through rigorous analytics and A/B testing Aggressively re-factor the codebase to improve its quality About Us: xDev is a network of talented developers and engineers in the bay area. We have a strong focus on web application and mobile development.

About Splash Our mission is to bring the joy of music making to everyone, and we've been pioneering the intersection of artificial intelligence and music since 2017. We've made significant strides in connecting artists and fans, particularly through our engaging experiences on Roblox, which have captivated millions of young users. By leveraging the power of AI, we're reshaping the way people interact with and create music. With the support of renowned investors including Amazon's Alexa Fund and Khosla Ventures, Splash is poised for rapid growth. We're actively expanding our diverse team of talented musicians, engineers, and creatives who share our passion for pushing the boundaries of what's possible in music and AI. The RoleWe're looking for a contractor who lives at the intersection of growth marketing and community obsession. This isn't a “post on IG and vibe” kind of gig. It's a go-where-the-fans-are, experiment fast, and drive real results position. As our Digital Growth & Community Hacker, you'll be responsible for fueling discovery, listens, and engagement with Splash's music and creator experiences. Our community doesn't need to be taught how to be creative-they already are. Your job is to get more people discovering the music, sharing their mixes, and falling in love with the experience. From Reddit to Discord, SoundCloud to TikTok, you'll find the places where music lovers and creators hang-and give them a reason to check us out. You're smart about attention. You know how to earn it, buy it, and build it. One day, you might run a scrappy paid campaign; the next, you're DMing a micro-influencer or launching a meme-worthy remix challenge. You're not just tending to our garden-you're out planting new ones. The goal? Wild growth in play counts, driven by community connection, creativity, and cultural fire. We are open to part time contractors with the potential to consider full time contractors for the role. The initial engagement will be 3 months with the opportunity to extend or grow in our team. We're a remote-first team working across time zones, with many teammates based in Australia-so some overlap with Australian business hours is essential. What You'll Do- Drive discovery and listens for Splash mixes and music experiences across platforms- Execute creative, high-impact digital marketing experiments and campaigns- Find and engage in communities across Reddit, Discord, YouTube, TikTok, and more- Partner with creators, influencers, and tastemakers to amplify our presence- Help run or support paid media efforts (e.g. TikTok, Meta) to boost traction- Craft content and engagement loops that draw users in and keep them hooked- Revitalize existing social media platforms and build out new growth paths- Collaborate cross-functionally to plan and execute strategic growth sprints- Set goals, track performance, and apply learnings in real-time- Play an integral role in shaping our brand presence and cultural visibility About You- Deeply fluent in music culture, internet fandom, and creative communities- Proven experience growing digital communities and audiences-especially Gen Z/Gen Alpha- Creative, scrappy, and experimental-you move fast and think outside the box- Not afraid to talk to strangers on the internet; love being where the buzz is- Strong writing chops and meme fluency-you understand voice, timing, and tone- Adept with platforms like TikTok, Discord, YouTube, Reddit, and Instagram- Able to independently ideate, plan, and execute marketing and engagement initiatives- Curious and data-minded-you seek out insights to improve what you're building- Experience in managing digital campaigns, content calendars, and creator partnerships- High accountability and adaptability; thrives in a remote, fast-moving team Nice to Have- Experience in or passion working with digital experiences- Prior work with direct-to-consumer tech, games, or music products- Familiarity with paid digital marketing (Meta Ads, TikTok Ads, etc.)- Experience building or managing youth-centric gaming or music communities What to Expect- Our team is remote-first; you will be working with colleagues on Australian timezone and some degree of overlap with this team is expected.- Work alongside our senior executives, who bring a wealth of knowledge from previous roles at SoundCloud, Spotify, Twitch, and YouTube.- Work within a small, dynamic team backed by leading investors including Amazon's Alexa Fund, Khosla Ventures, BITKRAFT Ventures, and King River Capital.- Be part of a talented group of creatives, musicians, engineers that value initiative and imagination - we also love music and gaming. Diversity, Equity, and InclusionMusic has the incredible ability to bridge divides and bring people together, regardless of their background or identity. Like the industry we work within, diversity, equity, and inclusion are at the heart of everything we do. We are committed to creating an inclusive environment where everyone feels valued, respected, and empowered. We actively seek out and welcome voices from all backgrounds and believe that diverse perspectives fuel our creativity and drive success. Application ProcessPlease provide your application directly by hitting Apply. We receive large numbers of applications, to stand out please address the selection criteria in the application questions. We are not currently working with recruiters on this role. For more info, visit splashmusic.com.PDF preferred

Seeking a candidate with the ability to demonstrate expertise in both the practical implementation and the administration of noted tools. The basis of the work will be to backfill daily operations management as well as assess the current state implementation for completeness and currency. The candidate will also be responsible for the identification and execution of implementation improvement efforts that will allow for the transition of such tools to a managed service provider including the documentation of run books, incident response and remediation support, and developing continuity plans. Has demonstrated expertise in one or more of the following tools: Qualys Vulnerability Scanner LogRhythm Tripwire Essential Functions: Manage and maintain key Information Security tools to help mature and improve the overall effectiveness of solutions across the organization to safeguard information systems, intellectual property assets and customer data. Design, implement and support integration of information security solutions including security architectures, firewall analysis, and developing and coordinating security implementation plans to improve monitoring and compliance functions and drive automation and efficiencies. Manage remediation of security issues with technology and business teams to ensure remediation is completed timely and effectively. Analyze existing processes to identify improvement opportunities, recommend solutions and lead implementation. Establish and implement a repeatable process for tracking, reporting and driving remediation of security issues. Assist with the PCI DSS security compliance program including scoping, testing, and remediation activities. Help train associates, contractors, alliance or other third parties on information security policies and -procedures. Provide skill-set knowledge transfer that ensures necessary cross-training of other IT Security team members. Monitors compliance with information security policies and procedures and monitors access control systems to assure appropriate access levels are maintained. Develop, support and manage Security metrics & reporting. Develop, maintain and enforce standardized, repeatable administrative and operational policies, processes and procedures. Serves as enterprise information security consultant, conduct information security risk assessments. Lead computer forensic analysis, cyber-crime investigation, incident emergency response and investigations. Perform other responsibilities and duties as assigned. Additional expertise in the following tools is a plus; Imperva DB Monitoring Ingrian HSM LogRhythm McAfee IDS/IPS McAfee Solid Core NETIQ PGP Desktop, WDE, Netshare PGP Universal Server & KMS Qwest Password Manager RedSeal RSA Authentication Manager RSA Envision Symantec DLP Varonis Data Privilege & DWebsense websense

About Charta Health At Charta, we're pioneering a transformative approach to healthcare billing through the power of generative AI. Our mission is to revolutionize this critical yet often cumbersome aspect of healthcare, empowering medical billers and coders with tools that elevate their efficiency by leaps and bounds. Our innovative AI technology enables these professionals to operate at an astounding 10x to 100x more efficiently, while significantly reducing operational costs to just 2% of the standard expense. In an industry where the focus should rightly be on patient care and clinical services, Charta steps in to ensure that healthcare providers are unburdened from the complexities of non-clinical operations. Our cutting-edge solutions are designed to handle the intricacies of the revenue cycle, freeing up healthcare professionals to concentrate on what they do best - caring for patients. Our vision at Charta is to create a seamless, efficient, and cost-effective billing process that is invisible yet indispensable. By entrusting us with the operational challenges, healthcare providers can redirect their resources and attention towards patient-centric services, secure in the knowledge that their billing needs and highly sensitive data are expertly managed and continuously protected through robust security reliability engineering. Join us in our journey to redefine healthcare billing, and be a part of a team that's making a tangible difference in the world of healthcare. About the Opportunity Charta Health is seeking a highly motivated and experienced Founding Security Reliability Engineer to design, implement, and maintain the secure, scalable, and resilient infrastructure that underpins our generative AI healthcare solutions. This pivotal role requires a hands-on engineer who can strategically build out our platform's security architecture by applying SRE principles: ensuring robust security through automation, meticulous monitoring of security events, proactive threat mitigation, and efficient incident response. You'll be crucial in engineering security into every layer from day one within a highly regulated healthcare environment. What You'll Do Engineer Secure & Resilient Infrastructure: Design, develop, and implement highly scalable, resilient, and inherently secure cloud infrastructure and application architectures to support our AI platform and data pipelines, prioritizing security-by-design and resilience against attacks. Security Automation & DevSecOps: Lead efforts to automate security controls, infrastructure provisioning, deployment, and operational tasks using tools like Terraform, Ansible, and CI/CD pipelines. Embed automated security gates (SAST, DAST, IaC scanning, secrets detection) and security best practices into every stage of the software development lifecycle. Cloud Security Engineering: Implement and manage security best practices for our cloud environments (primarily AWS), including network security, identity and access management (IAM), data encryption at rest and in transit, secrets management, and secure configuration baselines. Application Security: Partner with development teams to conduct threat modeling, perform security code reviews, and implement secure coding practices. Integrate application security testing tools into CI/CD pipelines and drive vulnerability remediation. Security Reliability Metrics & Incident Response: Define, implement, and monitor key security-focused metrics (e.g., Mean Time To Detect (MTTD) security incidents, Mean Time To Respond (MTTR) security incidents, vulnerability remediation SLAs). Design and lead robust incident response plans and procedures for security incidents and breaches, ensuring swift and effective containment, eradication, recovery, and thorough post-incident analysis (blameless post-mortems) focused on improving system security and resilience. Security System Engineering & Operations: Oversee the implementation, monitoring, and continuous improvement of critical security systems and technologies, including Security Information and Event Management (SIEM), Cloud Security Posture Management (CSPM), Intrusion Detection/Prevention Systems (IDS/IPS), Web Application Firewalls (WAF), Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), and secrets management solutions. Security Observability & Monitoring: Establish comprehensive monitoring, logging, and alerting systems to provide deep visibility into system health, performance, and critical security events and anomalies. Engineer centralized logging for auditability and forensic capabilities. Vulnerability Management: Establish and manage a comprehensive vulnerability management program, including regular scanning, penetration testing coordination, analysis of findings, and driving timely remediation efforts across infrastructure and applications. Compliance & Regulatory Engineering: Ensure continuous adherence and demonstrable compliance with applicable security laws, regulations, and industry standards relevant to healthcare data and technology (e.g., HIPAA, HITECH, HITRUST, SOC 2, CCPA/CPRA, GDPR) by engineering compliant controls and automated validation. Cross-Functional Security Collaboration: Partner closely with Engineering, Product, and IT teams to embed security requirements as first-class citizens into business processes, new projects, and system development lifecycles. Serve as a subject matter expert on security best practices. Security Culture & Training: Champion a strong security-first culture. Develop and deliver engaging security awareness and secure coding training programs for all employees to promote a security-conscious and proactive mindset. Strategic Security Planning & Threat Intelligence: Strategically plan for future security needs and technological advancements. Continuously research and integrate the latest security technologies, emerging threats, attack vectors, and threat intelligence to enhance Charta's security program and maintain a strong defensive posture. You'd be a great fit if you have: Experience: 4+ years of progressive experience in Security Engineering, Application Security, Cloud Security, or DevSecOps, with a proven track record of applying SRE principles to solve complex security challenges and build resilient systems. At least 2+ years in a lead or foundational capacity. Cloud Security Expertise: Deep expertise in cloud platforms, especially AWS, with a strong focus on secure configuration, network security, IAM, data encryption, and operationalizing security within services like EC2, S3, RDS, Lambda, EKS/ECS, VPC, CloudWatch, GuardDuty, Security Hub, WAF, KMS, Secrets Manager. Application Security Fundamentals: Solid understanding of common web application vulnerabilities, secure coding practices, and experience with application security testing tools. Containerization & Orchestration Security: Solid understanding and practical experience with container technologies and orchestration platforms, including container security best practices and runtime protection. Security Operations & Tooling: Experience setting up and managing robust security monitoring, logging, and alerting solutions (e.g., SIEM, EDR, IDS/IPS). Ability to build custom tools and integrate security services via APIs. Security Principles & Architecture: In-depth knowledge of security principles, secure system design patterns, network security, application security, cloud security, data protection, and cryptography. Healthcare Compliance: Strong understanding of regulatory compliance requirements in the healthcare industry (e.g., HIPAA, HITECH, HITRUST). Security Frameworks: Experience with established security frameworks and standards (e.g., NIST CSF, ISO 27001, SOC 2, CIS Benchmarks, MITRE ATT&CK). Problem-Solving: Excellent problem-solving, debugging, and analytical skills with a focus on security incident root cause analysis and proactive threat mitigation. Communication: Strong communication (written and verbal) and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and articulate security risks and solutions clearly. Education: Bachelor's degree in Computer Science, Engineering, Information Security, or a related field; equivalent practical experience will also be considered. What We Offer Competitive salary and comprehensive benefits package, including health insurance, dental insurance, vision insurance, life insurance, and more Team dinners and snacks in the office to keep you at your best Growth opportunities in a fast-paced, innovative tech startup Ongoing professional development and access to cutting-edge AI and healthcare tools Wellness & learning stipends so you can invest in both your health and personal growth Lively in-person (required 5 days per week) work culture at our headquarters in downtown San Francisco

Hello, Greetings for the day, We have an urgent job opening for a SAP Security Consultant in San Francisco, CA. Please find the complete below and consultant information details below to the job description. Duration: 5Months+ Job Title: SAP Security Duties: Provides the technical guidance in development of security roles and authorizations to SAP projects and production support for R3, BW, EBP, SMP, PI, AII/OER systems Ensures development and maintenance of SAP roles and authorizations are aligned with enterprise security best practices and corporate standards Delivers and manages overall SAP security standards and designs Works closely with SAP functional and technical teams in the identification and resolution of gaps in the security authentication and authorization processes Provides day-to-day support for GRC 5.3 CUP, FireFighter Works closely with security and technical teams in architecting and implementing Identity and Security best practices in SAP environment; Partners with teams in support of internal and external auditing of SAP environment Performs annual SAP licensing for all the systems onsite Skills: Minimum of 5 years of experience implementing and delivering SAP Security Solutions; Must have strong demonstrated knowledge of SAP Security and experience with GRC Analysis and Administration. Experience in implementing/upgrading/managing SAP GRC Access Controls, Access Risk Analysis and Emergency Access Management a plus; Must have excellent troubleshooting and resolution skills; Strong attention to detail. Strong technical knowledge of SAP Security architecture and role based authorization models; Strong analytical, problem solving and conceptual. Strong oral and written communication skills, with an ability to express complex technical concepts; Strong understanding of data privacy concepts. Strong Security and Risk mitigation mindset.Understanding of process re-engineering, segregation of duties, application security implementation, security auditing techniques Keywords: Education: Bachelor's degree in Computer Science or related field, OR equivalent combination of education and/or experience Skills and Experience: Required Skills: AUDITING MITIGATION PROBLEM SOLVING SAP Security GRC Additional Skills: RE-ENGINEERING RISK ANALYSIS ARCHITECTURE SAP SECURITY SECURITY ARCHITECTURE SECURITY IMPLEMENTATION SOLUTIONS AUTHENTICATION EBP MAINTENANCE R3 Thanks & Regards, Srikanth ************ 800 W, Fifth Avenue, Suite 208A Naperville, IL - 60563 "A Certified MBE & Women's Business Enterprise Alliance (WBEA)" Additional Information All your information will be kept confidential according to EEO guidelines.

Crusoe's mission is to accelerate the abundance of energy and intelligence. We're crafting the engine that powers a world where people can create ambitiously with AI - without sacrificing scale, speed, or sustainability. Be a part of the AI revolution with sustainable technology at Crusoe. Here, you'll drive meaningful innovation, make a tangible impact, and join a team that's setting the pace for responsible, transformative cloud infrastructure. We are seeking a highly skilled Staff Infrastructure Security Engineer to architect, deploy, and operationalize the foundational security services that will underpin our shift to a Zero Trust model. In this strategic role, you will define and establish the "roots of trust" for our organization, serving as a technical leader in Secrets Management and Identity architecture. While your immediate focus is to serve as the Subject Matter Expert (SME) driving our enterprise HashiCorp Vault platform from Proof-of-Concept (PoC) to global production readiness, your long-term scope is far broader. You will be responsible for evolving our credentials management strategy, onboarding engineering teams to secure self-service workflows, and designing scalable trust patterns across our hybrid multi-cloud environment. Key Responsibilities 1. Strategic Architecture & Governance Zero Trust Architecture: Architect a highly available, disaster-resilient, and scalable multi-cluster secrets management platform that serves as the foundation for the organization's Zero Trust strategy. Technical Leadership: Drive consensus across Cloud Engineering, DevOps, and SRE teams to define standardized secret management workflows and integrate security patterns into the SDLC. Compliance & Governance: Ensure the platform design meets rigorous internal policies and external compliance frameworks (e.g., SOX, ISO 27001). Policy as Code: Design and implement advanced governance controls, including Sentinel Policy as Code, to automate security guardrails and access decisions. 2. Platform Engineering & Implementation Infrastructure as Code (IaC): Lead the engineering of the Vault infrastructure using Terraform, ensuring all deployments are reproducible, version-controlled, and automated. Identity Integration: Architect the integration between the secrets platform, Identity Providers (Okta), and workload identities (Kubernetes Service Accounts) to establish robust machine-to-machine authentication. Advanced Secrets Capabilities: Configure and tune essential secrets engines (KV, Transit, KMIP) and Enterprise features (Performance Replication, Seal automation) to support diverse engineering use cases. 3. Operational Excellence & Developer Enablement Vault as a Service (VaaS): Operationalize the platform by building self-service mechanisms, distinct "paved road" onboarding procedures, and documentation that allows engineering teams to easily consume security services. Observability: Implement comprehensive monitoring, alerting, and audit logging to ensure platform health, provide visibility into usage patterns, and satisfy audit requirements. Lifecycle Management: Own the full operational lifecycle of the production environment, including patching, version upgrades, backup/restore procedures, and incident response runbooks. Required Qualifications 6+ years (or equivalent) hands-on experience in cloud security, DevOps, or infrastructure engineering. Deep expertise and proven track record deploying and managing HashiCorp Vault in an enterprise environment (experience with the Enterprise edition is highly preferred). Expert-level knowledge of Secrets Management, X.509 PKI (Public Key Infrastructure), Certificate Authority Operations, and Cryptography concepts. Strong experience with Google Cloud Platform (GCP) and cloud native identity and access management (IAM). Proficiency with Infrastructure as Code (IaC) tools, especially Terraform, for automating the deployment and configuration of Vault and its dependent infrastructure. Technical Skills Fluent in at least one programming language (ideally Go or Python). Demonstrable experience with Kubernetes and container security principles, especially integrating secrets into microservices architectures. Strong understanding of network security concepts (IP addressing, IP routing, firewalls, segmentation, Zero Trust). Benefits: Industry competitive pay Restricted Stock Units in a fast growing, well-funded technology company Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents Employer contributions to HSA accounts Paid Parental Leave Paid life insurance, short-term and long-term disability Teladoc 401(k) with a 100% match up to 4% of salary Generous paid time off and holiday schedule Cell phone reimbursement Tuition reimbursement Subscription to the Calm app MetLife Legal Company paid commuter benefit; $300 per month Crusoe is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation.

Our Company Changing the world through digital experiences is what Adobe's all about. We give everyone-from emerging artists to global brands-everything they need to design and deliver exceptional digital experiences! We're passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen. We're on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours! The Opportunity The Adobe Security organization seeks a proactive force multiplier with experience skillfully leading multiple technical programs, running a healthy portfolio, working directly with leadership, and delighting stakeholders. Our ideal candidate has superb communication and relationship-building skills and a solid track record of driving business outcomes through managing large programs. In addition, familiarity with fundamentals in key security operations and related security compliance frameworks could help this candidate have an immediate impact. If you excel at navigating complexity with multiple internal customers, are a master planner who helps teams foresee challenges and risks and guides them through them, and are equipped with a diverse technical program management toolbox, we can't wait for you to join our Security PMO team! What you'll Do * Partner directly with security leadership to build a portfolio of key programs. Lead and monitor the health and execution of several key initiatives with insights into status, risks, dependencies, roadblocks, and budget across the organization's program portfolio. * Ensure a healthy program portfolio in Adobe's Technology GRC (Governance, Risk, and Compliance) organization with a clearly defined roadmap. * Bring together cross-functional teams to deliver business outcomes for high-priority programs through clear planning, execution, partnership, and communication. * Make things easier for all collaborators of your program portfolio by driving simplicity, clarity, and efficiency in all aspects of your work. * Reduce program risk by proactively identifying, communicating, and removing roadblocks. * Build trust through visibility. Provide accurate and timely data-driven status reports for a broad audience and lead executive governance meetings. * Effectively handle program financials, including driving accurate budget forecasts. What you need to succeed * Exceptional communication skills for effective engagement with both engineers and executives in meetings, presentations, and writing. Excel at building strong and trusted partner relationships. * 7+ years as a program manager in the security domain with portfolio-level oversight experience. Demonstrate strong knowledge in the compliance field and have worked closely with the compliance teams on projects. * Experience leading programs involving AI systems and workflows (e.g., MCP servers, RAG capabilities, LLM integrations, or related AI infrastructure). * Established history of effectively managing programs from inception, prioritizing, and strategizing to implementation, reporting, and successful delivery of intricate projects with many significant internal customers. * Demonstrated Agile practice experience in software projects and familiarity with Jira (including query and dashboarding), O365 Suite, MS Teams, SharePoint, MS Project, Excel, and Miro or equivalent experience * Familiarity with compliance frameworks such as ISO 42001, SOC2, HIPAA, PCI DSS, ISO27001, ISO27017/18, ISO22301, and Geo-compliance programs. * Preferred Certifications: CISSP, CISM, PMP, or equivalent credentials demonstrating expertise in cybersecurity and program leadership. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The U.S. pay range for this position is $124,300 -- $234,600 annually. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process. In California, the pay range for this position is $162,000 - $234,600 In New York, the pay range for this position is $162,000 - $234,600 At Adobe, for sales roles starting salaries are expressed as total target compensation (TTC = base + commission), and short-term incentives are in the form of sales commission plans. Non-sales roles starting salaries are expressed as base salary and short-term incentives are in the form of the Annual Incentive Plan (AIP). In addition, certain roles may be eligible for long-term incentives in the form of a new hire equity award. State-Specific Notices: California: Fair Chance Ordinances Adobe will consider qualified applicants with arrest or conviction records for employment in accordance with state and local laws and "fair chance" ordinances. Colorado: Application Window Notice If this role is open to hiring in Colorado (as listed on the job posting), the application window will remain open until at least the date and time stated above in Pacific Time, in compliance with Colorado pay transparency regulations. If this role does not have Colorado listed as a hiring location, no specific application window applies, and the posting may close at any time based on hiring needs. Massachusetts: Massachusetts Legal Notice It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Adobe is proud to be an Equal Employment Opportunity employer. We do not discriminate based on gender, race or color, ethnicity or national origin, age, disability, religion, sexual orientation, gender identity or expression, veteran status, or any other applicable characteristics protected by law. Learn more. Adobe aims to make Adobe.com accessible to any and all users. If you have a disability or special need that requires accommodation to navigate our website or complete the application process, email accommodations@adobe.com or call **************.

Magic's mission is to build safe AGI that accelerates humanity's progress on the world's most important problems. We believe the most promising path to safe AGI lies in automating research and code generation to improve models and solve alignment more reliably than humans can alone. Our approach combines frontier-scale pre-training, domain-specific RL, ultra-long context, and inference-time compute to achieve this goal. About the role As a Software Engineer on the Supercomputing Platforms and Infrastructure team, you will build the next generation systems that power large scale AI research and deployment. You will focus on sandboxed execution environments, distributed systems orchestration, and performance optimized compute workflows. You will work closely with ML and Research teams and infrastructure teams to deliver both high throughput, scale, and strong isolation guarantees in a cluster environment. What you might work on Build highly scalable, highly performant, software that facilitates arbitrary code execution with strong isolation guarantees. Design and build systems that allow our AI models to interface with machines in various modes, interactive terminal, GUI applications, etc. Provision and operate high density compute and storage nodes (NVMe, high IOPS SSDs, high bandwidth networks), and build software that performs efficient load balancing, and resource utilization across them. Instrument and optimize end to end performance including storage IO, network bandwidth, CPU, memory, and endurance constraints. Develop APIs, self service platforms, and automation and tools so researchers and engineers can deploy and monitor workloads at scale. Troubleshoot complex infrastructure issues across OS, drivers, hardware, storage systems (local NVMe, block storage, NFS), networking, namespace isolation, and cloud or hybrid environments. Produce clean, documented code and developer workflows, and collaborate with SRE and security teams to ensure safe, reliable, and self serviceable compute offerings. What we are looking for Strong software engineering background (C, C++, Go, Rust, or similar systems languages). Experience designing or operating sandboxed or isolated execution environments (namespaces, cgroups, container runtime internals), or strong interest in this area. Experience building or operating distributed systems or parallel processing frameworks (scatter aggregate processing, worker pools, multi thread and multi process coordination, shared memory, atomics, merging strategies). Solid understanding of storage and IO subsystems (NVMe, SSD endurance, write amplification), network performance, CPU and memory resource constraints in high performance compute clusters. Comfortable working on low level systems (OS, threading, memory management, synchronization) as well as higher level orchestration or automation. Experience with cloud infrastructure (GCP, AWS, Azure, etc.) including IaC tools such as OpenTofu, Terraform, Pulumi, or CDK is a plus. Intellectual curiosity, strong ownership, and the ability to make tradeoffs in ambiguous environments such as latency versus throughput and isolation versus performance. Nice to haves Prior experience with GPU scheduling, RDMA networking, or bare metal HPC clusters Contributions to open source container runtimes or sandboxing frameworks Experience with kernel internals, device drivers, or SSD and NVMe endurance modeling Familiarity with Rust for systems programming or Go for infrastructure orchestration Why join us You will work at the cutting edge of AI infrastructure including large compute clusters, advanced metrics engines, and next generation sandboxing systems for untrusted workloads. The problems you solve will be foundational, for example how to securely and efficiently run arbitrary research code across thousands of GPUs or high end SSDs. You will join a collaborative and hands-on team where you are building rather than only modeling. Excellent compensation and equity, generous benefits, and high impact. Our culture: Integrity. Words and actions should be aligned Hands-on. At Magic, everyone is building Teamwork. We move as one team, not N individuals Focus. Safely deploy AGI. Everything else is noise Quality. Magic should feel like magic Compensation and benefits (US) Annual salary range: 200,000 USD to 550,000 USD depending on seniority Significant equity component 401(k) with matching, comprehensive health, dental, and vision insurance, unlimited paid time off, visa sponsorship and relocation support Fast paced, mission driven environment focused on safely advancing AGI for humanity

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU. If you'd like to build the world's best AI cloud, join us. *Note: This position requires presence in our San Francisco or San Jose office location 4 days per week; Lambda's designated work from home day is currently Tuesday. What You'll Do Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives Manage IT Risk Register including risk identification, tracking, and prioritization. Assist with and drive remediation of control deficiencies and gaps Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.) Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires Assist control owners with root cause analysis and track risk management action plan progress. Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings Assist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements You Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements Have experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks Have experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations Possess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives Nice to Have Experience in the machine learning or computer hardware industry Experience with Security by Design and/or Privacy by Design principles Experience with standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework (CSF), NIST 800.53, NIST 800.171, CMMC, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks. Broad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks, databases, and ERP systems Familiarity with using third-party tools such as Audit Board, Whistic, RSA Archer, ServiceNow for third-party risk management Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Experience in the AI infrastructure, machine learning and/or computer hardware industry Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description. About Lambda Founded in 2012, with 500+ employees, and growing fast Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG Our values are publicly available: ************************* We offer generous cash & equity compensation Health, dental, and vision coverage for you and your dependents Wellness and commuter stipends for select roles 401k Plan with 2% company match (USA employees) Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the Role We're looking for an Operating Systems Security Engineer to harden and secure the OS layer of our infrastructure. You'll be responsible for designing and implementing OS-level security controls, from kernel hardening to runtime protection, ensuring our systems can withstand sophisticated attacks while maintaining the performance required for AI model training. This is a hands-on role where you'll work with cutting-edge hardware and implement novel security solutions for environments that don't exist anywhere else in the world. You'll need to balance extreme security requirements with the operational needs of researchers training models at unprecedented scale. What You'll Do: Design and implement hardened OS configurations for AI workloads across diverse hardware platforms Minimize attack surfaces by removing as many unnecessary components as possible from kernelspace and userspace Develop kernel security policies using SELinux, AppArmor, and custom Linux Security Modules and runtime enforcement mechanisms Implement and maintain full-disk encryption solutions for diverse storage systems Build security infrastructure for AI systems, research environments, and production services Create OS-level attestation and integrity monitoring systems Apply security patches, develop patches for custom kernel modules, and kernel hardening configurations Design secure boot processes and trusted execution environments Work with container teams to ensure proper workload isolation at the kernel level Design privilege separation and mandatory access control policies Implement secure update mechanisms for OS components Build tooling for security configuration management and compliance verification Serve as a subject matter expert for OS security questions and designs Who You Are: 5+ years of experience in operating systems security or kernel development Deep knowledge of Linux internals, including kernel subsystems and security frameworks (SELinux, AppArmor, seccomp, etc.) Experience with kernel hardening techniques and exploit mitigation Strong programming skills in C and systems programming languages Experience with eBPF for security monitoring and enforcement Understanding of virtualization and containerization security Track record of identifying and fixing OS-level security vulnerabilities Experience with security-focused Linux distributions Strong candidates may also have: Kernel development experience or contributions to Linux kernel Experience with real-time or embedded operating systems Knowledge of hardware security features and their OS integration Experience with secure boot technologies Experience with confidential computing and memory encryption technologies (SEV, TDX, SGX) Background in vulnerability research, exploit development, or fuzzing Experience with formal methods for OS verification Knowledge of hardware security features and their OS integration (TPM, HSM, secure enclaves) Deadline to apply: None. Applications will be reviewed on a rolling basis. The expected base compensation for this position is below. Our total compensation package for full-time employees includes equity, benefits, and may include incentive compensation. Annual Salary:$300,000-$405,000 USDLogistics Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices. Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this. We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team. How we're different We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact - advancing our long-term goals of steerable, trustworthy AI - rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills. The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences. Come work with us! Anthropic is a public benefit corporation headquartered in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues. Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.

Job Description Harmonic Security lets teams adopt AI tools safely by protecting sensitive data in real time with minimal effort. It gives enterprises full control and stops leaks so that their teams can innovate confidently. We are led by cybersecurity experts and backed by top investors including N47, Ten Eleven Ventures, and In-Q-Tel. As organizations accelerate their adoption of generative and agentic AI, the security landscape is shifting faster than ever before. Harmonic is building the research, insights, and technology foundations that help enterprises understand and mitigate AI risk-creating an opportunity for this role to shape the emerging field of AI security from the ground up. About the Team Harmonic's Security & TechOps team owns the systems, tooling, and research that keep Harmonic secure, trusted, and moving fast. We work across the entire lifecycle of how the company operates-from how we build software, to how we detect threats, to how we prove our security posture to customers, to how employees use the technology that powers their work. We focus on enabling speed without sacrificing safety. That means creating secure-by-default engineering practices, building automation and detections that reduce manual work, researching emerging AI security risks, running assurance programmes like SOC 2 and ISO 27001, and shaping the internal platforms that help teams work efficiently and securely. We're a hands-on, engineering-first group. We avoid box-ticking and heavy processes in favour of practical solutions, strong automation, and constant improvement. We collaborate closely across functions, operate with high ownership, and support each other through rapid growth. Our shared goal is to build the trust, systems, and capabilities that let Harmonic innovate confidently and at scale. About the Role Harmonic's Security team is breaking new ground in understanding the security risks that come with Generative and Agentic AI. Our mission is to equip security leaders and practitioners with clear, actionable insights on securing AI systems. This work should shape how the industry thinks about AI security, and our findings make their way onto the stages of the world's top security and AI conferences. As we embark on this mission, we're looking for a founding AI Security Researcher to build and lead Harmonic's AI Security Research program from the ground up. You'll define our research agenda, uncover real-world security risks in AI tools and platforms, and help shape how enterprises can adopt AI safely. This role blends hands-on technical research with public thought leadership - from identifying vulnerabilities in emerging AI systems to creating guides, publishing insights, and representing Harmonic at major industry events. You'll also play a key role in informing our product strategy, ensuring Harmonic stays ahead of evolving AI security threats and opportunities. What You'll Do Lead AI Security Research: Design and drive a greenfield research program focused on securing the use of AI systems and tools. Thought Leadership: Develop practitioner guides and actionable content on securing AI technologies (e.g., “How to secure ChatGPT Enterprise”). Public Engagement: Represent Harmonic at industry conferences (e.g., RSA, BlackHat, DEFCON) through talks, panels, and research presentations. Threat Intelligence: Research emerging AI threats and threat actors, assessing their impact on our customers and the broader ecosystem. Internal SME: Partner with Product Security to identify and mitigate AI-related risks across Harmonic's products and infrastructure. What Success Looks Like (6-12 months) Design, build, and operate a dedicated AI security research environment, enabling safe testing of generative and agentic AI systems and reproducible research workflows. Publish and present new, original research at a major security or AI conference (e.g., Black Hat USA, DEF CON, BSides, or equivalent) that offers actionable insights for practitioners and security leaders. Establish a consistent content pipeline, producing high-quality research write-ups, blogs, demos, or practitioner guides that clearly explain risks, attack paths, and defensive strategies. Develop recognisable external presence, securing initial press coverage or analyst mentions that highlight Harmonic's leadership in AI security. Contribute research that shapes internal product direction, informing detection capabilities, product security priorities, or policy decisions based on real-world risk findings. Requirements What You Bring Deep Technical Curiosity: 3-5 years of experience in cybersecurity or applied ML/AI security research, with a strong interest in how AI systems fail and can be attacked. AI Security Expertise: Hands-on experience assessing or red-teaming LLMs, generative AI tools, or AI-integrated SaaS products; familiarity with adversarial ML, model extraction, prompt injection, or data poisoning. Security Research Skills: Proven ability to design and execute independent research- identifying vulnerabilities, publishing technical findings, and proposing mitigations. Communication & Storytelling: Excellent written and verbal skills for translating complex research into accessible content - whether blog posts, practitioner guides, or conference talks. Public Presence: A strong desire to build a profile for presenting or contributing to security or AI conferences (e.g., Black Hat, DEF CON, RSA) You Might Be a Fit If You… You're comfortable figuring things out from scratch and don't wait for detailed instructions to start making progress. You're naturally curious - you like to dig into how AI systems actually work and break, and you keep up with new developments just because you find them interesting. You like solving hard, undefined problems and can turn ideas into experiments or results quickly. You enjoy working with others, sharing what you learn, and helping teammates succeed. You take pride in clear, honest communication - whether explaining a technical finding or giving feedback. You get energy from teaching others, writing, or speaking publicly about your work. You care about impact more than titles or process - you just want to enable other to use AI securely. Benefits Why Join Us This isn't just a job; it's an opportunity to be part of a team that is redefining cybersecurity. We believe today's talent is tomorrow's success, and we're committed to creating an environment where you can do the best work of your life. Competitive pay and meaningful equity with a direct stake in Harmonic's success We are open to this role being based out of our SF or London office. Depending: SF: Comprehensive benefits including health, dental, vision, 401k matching, and flexible time off UK: Comprehensive benefits, pension plan, generous PTO, and flexible hybrid work A small, passionate team that values transparency, creativity, and learning Thoughtful leadership that cares deeply about growth, impact, and people Annual global offsites (past trips include Lisbon and Nashville) The chance to directly shape both our product and our culture as we build a category-defining company Company Values Flourish in the Unknown: We relish being thrown into new, unfamiliar situations that require initiative and rapid decision-making.We orient ourselves quickly and deliver results with minimal guidance. Never Full: We never hesitate to raise our hands and take on challenges to assist those in need. We hunger for opportunities to learn and do more. Perfect Harmony: We have a genuine willingness to assist and support one another to create cohesion and unity. We foster success through collaboration and honest sharing of feedback and ideas, enabling everyone to grow and produce their best work.

At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you're a close but not exact match with the description, we hope you'll still consider applying. Want to learn more about life at Klaviyo? Visit careers.klaviyo.com to see how we empower creators to own their own destiny. As a Lead Security Engineer, you'll be a vital part of the Infrastructure Security Team, focusing on strengthening the security posture across Klaviyo's entire technology environment, developing security architectures and repeatable patterns and mentoring colleagues and junior security engineers. Unlike roles with a narrowly defined specialty, this position offers the opportunity to demonstrate your unique expertise-whether that's in cloud security, identity and access management, data protection, secure systems design, or other security domains. Your work will involve evaluating and hardening our infrastructure, collaborating with cross-functional teams, and leveraging AI to build scalable solutions to address emerging threats. We are looking for someone who is excited to bring their specialized skills to the team, shaping Klaviyo's security practices and helping us continue to raise the bar. How You Will Make a Difference Secure Klaviyo's infrastructure by designing, implementing, and maintaining scalable security controls across cloud, on-prem, and hybrid environments Evaluate and improve security configurations and policies across a range of technologies, using your domain expertise to reduce risk and enable secure-by-default architectures Collaborate with engineering and IT teams to embed security practices and develop repeatable security patterns across the development and deployment lifecycle Lead threat modeling, risk assessments, and architecture reviews in areas aligned with your specialty Develop automated solutions and infrastructure-as-code to drive consistent and reproducible security outcomes Stay ahead of the latest threats and advocate for innovative security solutions aligned with business needs Help define security standards and best practices at Klaviyo, championing their adoption across teams Who You Are Have 5+ years of experience in infrastructure or security engineering roles, with deep knowledge in one or more security focus areas (e.g., cloud security, IAM, endpoint security, data protection, detection engineering, compliance) Comfortable navigating ambiguity and defining priorities in a broad-scoped role Experienced working in modern cloud environments such as AWS, GCP, or Azure Familiar with infrastructure-as-code tools such as Terraform, CloudFormation, or Pulumi Proficient in secure systems design, threat modeling, and vulnerability management AI Agentic development and prompt engineering, MCP (AWS Bedrock, OpenAI, Anthropic) Able to clearly articulate complex security topics to technical and non-technical stakeholders Passionate about security, eager to learn from others and share your expertise Nice to have - certifications (e.g., CISSP, CKS, GCP/AWS Security certs) or equivalent practical experience We use Covey as part of our hiring and / or promotional process. For jobs or candidates in NYC, certain features may qualify it as an AEDT. As part of the evaluation process we provide Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound on April 3, 2025. Please see the independent bias audit report covering our use of Covey here Massachusetts Applicants: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Our salary range reflects the cost of labor across various U.S. geographic markets. The range displayed below reflects the minimum and maximum target salaries for the position across all our US locations. The base salary offered for this position is determined by several factors, including the applicant's job-related skills, relevant experience, education or training, and work location. In addition to base salary, our total compensation package may include participation in the company's annual cash bonus plan, variable compensation (OTE) for sales and customer success roles, equity, sign-on payments, and a comprehensive range of health, welfare, and wellbeing benefits based on eligibility. Your recruiter can provide more details about the specific salary/OTE range for your preferred location during the hiring process. Base Pay Range For US Locations:$188,000-$282,000 USD Get to Know Klaviyo We're Klaviyo (pronounced clay-vee-oh). We empower creators to own their destiny by making first-party data accessible and actionable like never before. We see limitless potential for the technology we're developing to nurture personalized experiences in ecommerce and beyond. To reach our goals, we need our own crew of remarkable creators-ambitious and collaborative teammates who stay focused on our north star: delighting our customers. If you're ready to do the best work of your career, where you'll be welcomed as your whole self from day one and supported with generous benefits, we hope you'll join us. AI fluency at Klaviyo includes responsible use of AI (including privacy, security, bias awareness, and human-in-the-loop). We provide accommodations as needed. By participating in Klaviyo's interview process, you acknowledge that you have read, understood, and will adhere to our Guidelines for using AI in the Klaviyo interview Process. For more information about how we process your personal data, see our Job Applicant Privacy Notice. Klaviyo is committed to a policy of equal opportunity and non-discrimination. We do not discriminate on the basis of race, ethnicity, citizenship, national origin, color, religion or religious creed, age, sex (including pregnancy), gender identity, sexual orientation, physical or mental disability, veteran or active military status, marital status, criminal record, genetics, retaliation, sexual harassment or any other characteristic protected by applicable law. IMPORTANT NOTICE: Our company takes the security and privacy of job applicants very seriously. We will never ask for payment, bank details, or personal financial information as part of the application process. All our legitimate job postings can be found on our official career site. Please be cautious of job offers that come from non-company email addresses (@klaviyo.com), instant messaging platforms, or unsolicited calls. By clicking "Submit Application" you consent to Klaviyo processing your Personal Data in accordance with our Job Applicant Privacy Notice. If you do not wish for Klaviyo to process your Personal Data, please do not submit an application. You can find our Job Applicant Privacy Notice here and here (FR).

Job Description Crusoe's mission is to accelerate the abundance of energy and intelligence. We're crafting the engine that powers a world where people can create ambitiously with AI - without sacrificing scale, speed, or sustainability. Be a part of the AI revolution with sustainable technology at Crusoe. Here, you'll drive meaningful innovation, make a tangible impact, and join a team that's setting the pace for responsible, transformative cloud infrastructure. About This Role: At Crusoe, the AI Security Engineer is central to ensuring the safety, integrity, and resilience of our rapidly evolving AI ecosystem. You will serve as the technical authority on securing Large Language Models (LLMs), AI-powered platforms, and the infrastructure that supports them-driving both strategy and execution for our next generation of secure AI systems. What You'll Be Working On: AI Security SME & Strategic Partner: Act as the technical leader and SME on the practical security of our AI and LLM ecosystem and define the long-term technical roadmap for AI security architecture and drive high-impact cross-functional initiatives. LLM Architecture & Design Ownership: Lead the design and implementation of highly secure Generative AI solutions for security applications, focusing on architectural patterns like Retrieval-Augmented Generation (RAG) AI-Powered Tooling & Automation: Architect and implement custom, AI-powered security tooling that automates threat detection, vulnerability analysis, and data access control, moving from proof-of-concept to production at scale. Secure MLOps & Governance: Establish governance and processes for secure MLOps pipelines. Define standards for model versioning, deployment, and monitoring, ensuring they meet rigorous compliance and security requirements. Threat Mitigation & Mentorship: Lead threat modeling exercises for novel AI systems. Apply advanced security and privacy best practices, and mentor senior engineers on secure development practices in the GenAI domain. System-Level Ownership: Drive the entire lifecycle of critical AI security projects. What You'll Bring to the Team: 3+ years of professional experience building and maintaining production systems, with strong Python programming skills and experience across the stack (backend/frontend). Deep expertise in advanced Generative AI techniques, including implementing Retrieval-Augmented Generation (RAG), designing AI Agents and Multi-step Cognitive Processes (MCP), and building with workflow orchestration frameworks. Proven ability to own the entire model lifecycle by designing and managing robust MLOps pipelines; experience with containerization (Docker), virtualization (VMs), and cloud platforms (AWS, GCP, Azure) is a plus. Experience in designing, implementing, and fine-tuning custom LLMs, coupled with a strong understanding of NLP fundamentals, transformer architectures, PyTorch/TensorFlow, and data structures. Strong curiosity about security, privacy, and threat modeling; a desire to safely "break" systems to secure them and apply best practices to AI pipelines and deployments. Strong product sense for rapid iteration and refinement based on data, combined with a collaborative mindset to work closely with engineers, product managers, and security analysts in a fast-paced environment. Benefits: Industry competitive pay Restricted Stock Units in a fast growing, well-funded technology company Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents Employer contributions to HSA accounts Paid Parental Leave Paid life insurance, short-term and long-term disability Teladoc 401(k) with a 100% match up to 4% of salary Generous paid time off and holiday schedule Cell phone reimbursement Tuition reimbursement Subscription to the Calm app MetLife Legal Company paid commuter benefit; $300 per month Compensation: Compensation will be paid in the range of $135,000 - $150,000. Restricted Stock Units are included in all offers. Compensation to be determined by the applicant's education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data. Crusoe is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.