{"version":"0.1","company":{"name":"YubHub","url":"https://yubhub.co","jobsUrl":"https://yubhub.co/jobs/skill/cloud-security-concepts"},"x-facet":{"type":"skill","slug":"cloud-security-concepts","display":"Cloud Security Concepts","count":2},"x-feed-size-limit":100,"x-feed-sort":"enriched_at desc","x-feed-notice":"This feed contains at most 100 jobs (the most recently enriched). For the full corpus, use the paginated /stats/by-facet endpoint or /search.","x-generator":"yubhub-xml-generator","x-rights":"Free to redistribute with attribution: \"Data by YubHub (https://yubhub.co)\"","x-schema":"Each entry in `jobs` follows https://schema.org/JobPosting. YubHub-native raw fields carry `x-` prefix.","jobs":[{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_7ad63033-e7e"},"title":"Senior Security Engineer I, Vulnerability Management","description":"<p>We are seeking a Senior Security Engineer I to join our Vulnerability Management team. This is an execution-focused role where you will perform hands-on triage, drive remediation follow-through, and improve day-to-day operational quality across cloud and specialized infrastructure environments.</p>\n<p>Key responsibilities include:</p>\n<ul>\n<li>Performing hands-on vulnerability triage and risk assessment using team-defined standards and playbooks</li>\n<li>Tracking remediation progress with owner teams, escalating blockers, and ensuring clean issue closure</li>\n<li>Supporting automated triage workflows by validating outputs and improving signal quality</li>\n<li>Contributing to automated remediation campaigns (e.g., EOL cleanup, vulnerable software upgrades, and fix verification)</li>\n<li>Supporting zero-day and embargo response by helping inventory affected assets and tracking owner-team deployment status</li>\n<li>Participating in incident investigations by gathering technical evidence and supporting impact analysis</li>\n<li>Participating in on-call rotation for critical vulnerability events</li>\n<li>Maintaining high-quality documentation, runbooks, and operational updates</li>\n</ul>\n<p>The ideal candidate will have 3+ years of relevant experience in vulnerability management, security operations, application security, or related security engineering. Key skills include a strong understanding of vulnerability assessment fundamentals, hands-on experience with vulnerability management platforms, proficiency in scripting/automation for workflow support, and familiarity with cloud security concepts.</p>\n<p>In addition to a competitive salary, we offer a variety of benefits to support your needs, including medical, dental, and vision insurance, 100% paid for by CoreWeave, company-paid life insurance, and flexible PTO.</p>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_7ad63033-e7e","directApply":true,"hiringOrganization":{"@type":"Organization","name":"CoreWeave","sameAs":"https://www.coreweave.com","logo":"https://logos.yubhub.co/coreweave.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/coreweave/jobs/4654263006","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$139,000 to $204,000","x-skills-required":["vulnerability management","security operations","application security","vulnerability assessment fundamentals","vulnerability management platforms","scripting/automation for workflow support","cloud security concepts"],"x-skills-preferred":["security automation/SOAR platforms","container/Kubernetes vulnerability workflows","hardware-adjacent vulnerability domains","compliance evidence collection"],"datePosted":"2026-04-18T15:53:49.171Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Livingston, NJ / New York, NY / Sunnyvale, CA / Bellevue, WA"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"vulnerability management, security operations, application security, vulnerability assessment fundamentals, vulnerability management platforms, scripting/automation for workflow support, cloud security concepts, security automation/SOAR platforms, container/Kubernetes vulnerability workflows, hardware-adjacent vulnerability domains, compliance evidence collection","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":139000,"maxValue":204000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_aff17a60-097"},"title":"Application Security Engineer","description":"<p>As a Security Engineer focused on Application and Product Security, you will play a key role in improving the security posture of our applications, services, and development ecosystem.</p>\n<p>You will work closely with engineering teams to integrate security into the software development lifecycle, build secure-by-default patterns, and ensure that products are resilient against modern threats.</p>\n<p>This role combines hands-on technical work, security engineering, and collaboration with developers to guide secure design and remediation.</p>\n<p>You will help implement security controls, perform assessments, and contribute to the continuous improvement of our security program.</p>\n<p>Key responsibilities include:</p>\n<ul>\n<li>Integrating application security best practices into the development lifecycle by partnering with engineering teams and enabling automated security checks within CI/CD pipelines.</li>\n</ul>\n<ul>\n<li>Supporting and maintaining Application Security based tooling,including SAST, DAST, SCA, and secrets scanning,and helping developers interpret and remediate findings.</li>\n</ul>\n<ul>\n<li>Conducting secure code reviews, threat modeling sessions, and application architecture assessments to identify risks and propose mitigation strategies.</li>\n</ul>\n<ul>\n<li>Developing and maintaining security automation, guardrails, and reusable components.</li>\n</ul>\n<ul>\n<li>Assisting in defining and improving secure coding standards and application hardening practices.</li>\n</ul>\n<ul>\n<li>Supporting monitoring and detection efforts by helping improve application-level logging, telemetry, and alerting.</li>\n</ul>\n<ul>\n<li>Assisting in incident response activities related to application vulnerabilities, including verification, triage, and remediation support.</li>\n</ul>\n<ul>\n<li>Staying current on emerging threats, vulnerabilities, and best practices in application and product security.</li>\n</ul>\n<ul>\n<li>Contributing to documentation including security requirements, guidelines, and remediation playbooks.</li>\n</ul>\n<ul>\n<li>Participating in internal security reviews, compliance-driven assessments, and architectural walkthroughs.</li>\n</ul>\n<ul>\n<li>Developing and helping maintain existing application security tools, pipelines, and workflows.</li>\n</ul>\n<ul>\n<li>Collaborating with engineering and product teams to ensure secure deployment and continuous improvement of applications.</li>\n</ul>\n<p>Requirements include:</p>\n<ul>\n<li>A bachelor’s degree in Computer Science, Engineering, MIS, or equivalent practical experience.</li>\n</ul>\n<ul>\n<li>2–5 years of experience in application security, product security, software engineering with a security focus, or a related technical role.</li>\n</ul>\n<ul>\n<li>Strong understanding of application vulnerabilities and mitigation strategies (OWASP Top 10, CWE).</li>\n</ul>\n<ul>\n<li>Experience with CI/CD tooling, Git-based workflows, and modern development practices.</li>\n</ul>\n<ul>\n<li>Familiarity with cloud security concepts and hands-on experience with at least one cloud platform (AWS, Azure, or GCP).</li>\n</ul>\n<ul>\n<li>Experience with one or more programming languages such as Python, Go, Java, JavaScript/Typescript, or Ruby. (Java and Python preferred.)</li>\n</ul>\n<ul>\n<li>Experience with application security tools such as OWASP ZAP, Burp Suite, SAST/DAST tools, SCA, or dependency scanning.</li>\n</ul>\n<ul>\n<li>Knowledge of secure coding principles, API security, authentication, authorization, and secrets management.</li>\n</ul>\n<ul>\n<li>Strong problem-solving skills and the ability to communicate technical issues clearly to developers and cross-functional stakeholders.</li>\n</ul>\n<ul>\n<li>Understanding of agile development processes and working within engineering teams.</li>\n</ul>\n<ul>\n<li>Ability to Travel: This role will require 25% in-person travel for purposes including but not limited to new hire onboarding, team and department offsites, customer engagements, and other company events.</li>\n</ul>\n<p>This role is based in our Boston office and follows a hybrid model, with an expectation of being onsite 1-2 days per week.</p>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_aff17a60-097","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Starburst","sameAs":"https://www.starburst.io/","logo":"https://logos.yubhub.co/starburst.io.png"},"x-apply-url":"https://job-boards.greenhouse.io/starburst/jobs/5119301008","x-work-arrangement":"hybrid","x-experience-level":"mid","x-job-type":"full-time","x-salary-range":"$130,000-$170,000 USD","x-skills-required":["CI/CD tooling","Git-based workflows","modern development practices","cloud security concepts","application security tools","secure coding principles","API security","authentication","authorization","secrets management"],"x-skills-preferred":["Python","Go","Java","JavaScript/Typescript","Ruby"],"datePosted":"2026-04-18T15:51:05.628Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Boston, MA"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"CI/CD tooling, Git-based workflows, modern development practices, cloud security concepts, application security tools, secure coding principles, API security, authentication, authorization, secrets management, Python, Go, Java, JavaScript/Typescript, Ruby","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":130000,"maxValue":170000,"unitText":"YEAR"}}}]}