{"version":"0.1","company":{"name":"YubHub","url":"https://yubhub.co","jobsUrl":"https://yubhub.co/jobs/skill/common-attack-vectors"},"x-facet":{"type":"skill","slug":"common-attack-vectors","display":"Common Attack Vectors","count":2},"x-feed-size-limit":100,"x-feed-sort":"enriched_at desc","x-feed-notice":"This feed contains at most 100 jobs (the most recently enriched). For the full corpus, use the paginated /stats/by-facet endpoint or /search.","x-generator":"yubhub-xml-generator","x-rights":"Free to redistribute with attribution: \"Data by YubHub (https://yubhub.co)\"","x-schema":"Each entry in `jobs` follows https://schema.org/JobPosting. YubHub-native raw fields carry `x-` prefix.","jobs":[{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_9bf55fe3-b2b"},"title":"Detection & Response Engineer","description":"<p>We are seeking a skilled and proactive Detection &amp; Response Engineer to join our security team. In this critical role, you will be responsible for detecting, investigating, and responding to security incidents across our cloud-native and AI-focused infrastructure.</p>\n<p><strong>Responsibilities</strong></p>\n<ul>\n<li>Monitor and analyse security alerts and logs to identify potential threats and anomalies</li>\n<li>Develop, implement, and maintain detection rules and correlation logic in our SIEM platform</li>\n<li>Conduct thorough investigations of security incidents, performing root cause analysis and impact assessments</li>\n<li>Lead incident response efforts, coordinating with relevant teams to contain and mitigate threats</li>\n<li>Create and maintain incident response playbooks and runbooks</li>\n<li>Perform regular threat hunting activities to proactively identify potential security risks</li>\n<li>Develop and refine metrics and reporting to track the effectiveness of detection and response capabilities</li>\n<li>Collaborate with other security teams to improve overall security posture and incident handling processes</li>\n<li>Stay current with emerging threats, attack techniques, and defensive strategies in the cloud-native and AI domains</li>\n</ul>\n<p><strong>Basic Qualifications</strong></p>\n<ul>\n<li>Bachelor&#39;s degree in Computer Science, Cybersecurity, or a related field</li>\n<li>3-5 years of experience in security operations, incident response, or a similar role</li>\n<li>Strong understanding of cybersecurity principles, attack techniques, and defensive strategies</li>\n<li>Proficiency in at least one scripting language (e.g., Python, Rust) for automation and tool development</li>\n<li>Experience with SIEM platforms and log analysis tools</li>\n<li>Familiarity with cloud environments (e.g., AWS, GCP, Azure) and their security features</li>\n<li>Knowledge of network protocols, system administration, and common attack vectors</li>\n<li>Strong analytical and problem-solving skills with attention to detail</li>\n<li>Excellent communication skills and ability to work effectively under pressure</li>\n</ul>\n<p><strong>Preferred Skills and Experience</strong></p>\n<ul>\n<li>Relevant security certifications (e.g., GCIH, GCIA, SANS)</li>\n<li>Experience with threat intelligence platforms and their integration into detection processes</li>\n<li>Familiarity with AI/ML security implications, particularly those outlined in the OWASP LLM Top 10</li>\n<li>Knowledge of software supply chain security and SBOM analysis</li>\n<li>Experience with containerized environments and Kubernetes security</li>\n<li>Experience in building custom security tools or integrations to enhance detection and response capabilities</li>\n<li>Interest in leveraging AI to improve threat detection and automate response processes</li>\n<li>Contributions to open-source security projects or threat research</li>\n<li>Experience with digital forensics and malware analysis</li>\n</ul>\n<p><strong>Compensation and Benefits</strong></p>\n<p>$200,000 - $340,000 USD</p>\n<p>Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short &amp; long-term disability insurance, life insurance, and various other discounts and perks.</p>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_9bf55fe3-b2b","directApply":true,"hiringOrganization":{"@type":"Organization","name":"xAI","sameAs":"https://www.xai.com/","logo":"https://logos.yubhub.co/xai.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/xai/jobs/4559148007","x-work-arrangement":"onsite","x-experience-level":"mid","x-job-type":"full-time","x-salary-range":"$200,000 - $340,000 USD","x-skills-required":["cybersecurity principles","attack techniques","defensive strategies","scripting language","SIEM platforms","log analysis tools","cloud environments","network protocols","system administration","common attack vectors"],"x-skills-preferred":["relevant security certifications","threat intelligence platforms","AI/ML security implications","software supply chain security","containerized environments","Kubernetes security","custom security tools","digital forensics","malware analysis"],"datePosted":"2026-04-18T15:23:47.430Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Palo Alto, CA"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"cybersecurity principles, attack techniques, defensive strategies, scripting language, SIEM platforms, log analysis tools, cloud environments, network protocols, system administration, common attack vectors, relevant security certifications, threat intelligence platforms, AI/ML security implications, software supply chain security, containerized environments, Kubernetes security, custom security tools, digital forensics, malware analysis","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":200000,"maxValue":340000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_f940647d-c39"},"title":"SOC Engineer","description":"<p>We are looking for a SOC Engineer to join our Security Operations team and help defend a fast-moving, cloud-native AI vibe-coding platform. In this role, you will stay on top of emerging threats—from 0-days and active exploitation campaigns to bug bounty findings and customer-reported issues—and rapidly determine their relevance and potential impact to Replit.</p>\n<p>This is a hands-on, investigative role requiring strong technical depth, understanding of modern software engineering and CI/CD systems, familiarity with cloud-native infrastructure (especially GCP), and the ability to work across multiple teams in a fast-paced environment.</p>\n<p><strong>Responsibilities</strong></p>\n<p><strong>Threat Awareness &amp; Rapid Assessment</strong></p>\n<ul>\n<li>Continuously monitor emerging threats, including bad actor activity, 0-day vulnerabilities, public exploitation campaigns, bug bounty reports, and customer-reported security issues</li>\n</ul>\n<ul>\n<li>Quickly assess the applicability of these threats to Replit’s cloud infrastructure, SaaS services, internal tooling, and platform components.</li>\n</ul>\n<p><strong>Investigation &amp; Impact Analysis</strong></p>\n<ul>\n<li>Conduct targeted investigations to determine whether Replit is already impacted by a newly discovered threat, vulnerability, or exploit.</li>\n</ul>\n<ul>\n<li>Analyze logs, telemetry, and system behaviors using SIEM, metrics, Cloud Logging, and related tools.</li>\n</ul>\n<ul>\n<li>Identify gaps or weaknesses in existing detection or visibility and propose improvements.</li>\n</ul>\n<p><strong>Containment, Mitigation &amp; Cross-Team Collaboration</strong></p>\n<ul>\n<li>Research potential impact paths and develop mitigation strategies for confirmed or applicable threats.</li>\n</ul>\n<ul>\n<li>Partner closely with Security, SRE, and Engineering teams to coordinate and implement containment, patches, configuration updates, or code-level fixes.</li>\n</ul>\n<ul>\n<li>Document findings, mitigations, and follow-up actions clearly for internal teams.</li>\n</ul>\n<p><strong>Required Skills &amp; Experience</strong></p>\n<ul>\n<li>Strong understanding of software engineering fundamentals, including code structure, build systems, dependencies, and package ecosystems—enabling effective partnership with Engineering teams.</li>\n</ul>\n<ul>\n<li>Understanding of CI/CD pipelines and DevOps workflows, enabling collaboration with Infrastructure and DevOps teams.</li>\n</ul>\n<ul>\n<li>Solid knowledge of cloud architecture, especially Google Cloud Platform (GCP) services used in modern cloud-native deployments.</li>\n</ul>\n<ul>\n<li>Familiarity with SaaS architectures, identity systems, and integration patterns for effective collaboration with Cloud Security teams.</li>\n</ul>\n<ul>\n<li>Hands-on experience with SIEM, Cloud Logging, and log-based investigation workflows.</li>\n</ul>\n<ul>\n<li>Ability to perform investigations using log data, behavioral indicators, and threat intelligence.</li>\n</ul>\n<ul>\n<li>General understanding of vulnerability lifecycles, exploitability analysis, and common attack vectors.</li>\n</ul>\n<p><strong>Preferred Qualifications</strong></p>\n<ul>\n<li>Experience with threat intelligence, security research, or vulnerability analysis.</li>\n</ul>\n<ul>\n<li>Familiarity with Kubernetes, containers, serverless infrastructure, or modern distributed systems.</li>\n</ul>\n<ul>\n<li>Ability to write scripts or small tools for investigation or automation (Python, Go, Bash).</li>\n</ul>\n<ul>\n<li>Experience working with bug bounty programs or coordinated vulnerability disclosure workflows.</li>\n</ul>\n<ul>\n<li>Experience in fast-paced, cloud-native, or AI/ML-driven environments.</li>\n</ul>\n<p><strong>What We Value</strong></p>\n<ul>\n<li>Curiosity &amp; initiative: Strong desire to understand attacker behaviors, emerging threats, and how they apply to real-world systems.</li>\n</ul>\n<ul>\n<li>Speed &amp; analytical rigor: Ability to quickly assess high-risk vulnerabilities with clear, evidence-based reasoning.</li>\n</ul>\n<ul>\n<li>Collaboration: Comfort working across cross-functional teams spanning Security, SRE, Engineering, and Infrastructure.</li>\n</ul>\n<ul>\n<li>Clear communication: Ability to explain findings, risks, and mitigation strategies to stakeholders at all levels.</li>\n</ul>\n<ul>\n<li>Ownership mindset: Takes initiative to drive investigations, improvements, and remediations to completion</li>\n</ul>\n<ul>\n<li>Continuous learning: Passion for staying up to date on new vulnerabilities, exploit trends, and cloud-native security best practices.</li>\n</ul>\n<p><strong>Full-Time Employee Benefits Include:</strong></p>\n<p>💰 Competitive Salary &amp; Equity</p>\n<p>💹 401(k) Program with a 4% match</p>\n<p>⚕️ Health, Dental, Vision and Life Insurance</p>\n<p>🩼 Short Term and Long Term Disability</p>\n<p>🚼 Paid Parental, Medical, Caregiver Leave</p>\n<p>🚗 Commuter Benefits</p>\n<p>📱 Monthly Wellness Stipend</p>\n<p>🧑‍💻 Autonomous Work Environment</p>\n<p>🖥 In Office Set-Up Reimbursement</p>\n<p>🏝 Flexible Time Off (FTO) + Holidays</p>\n<p>🚀 Quarterly Team Gatherings</p>\n<p>☕ In Office Amenities</p>\n<p><strong>Want to learn more about what we are up to?</strong></p>\n<ul>\n<li>Meet the Replit Agent</li>\n</ul>\n<ul>\n<li>Replit: Make an app for that</li>\n</ul>\n<ul>\n<li>Replit Blog</li>\n</ul>\n<ul>\n<li>Amjad TED Talk</li>\n</ul>\n<p><strong>Interviewing + Culture at Replit</strong></p>\n<ul>\n<li>Operating Principles</li>\n</ul>\n<ul>\n<li>Reasons not to work at Replit</li>\n</ul>\n<p>To achieve our mission of making programming more accessible around the world, we need our team to be representative of the world. We welcome your unique perspective and experiences in shaping this product. We encourage people from all kinds of backgrounds to apply, including and especially</p>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_f940647d-c39","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Replit","sameAs":"https://jobs.ashbyhq.com","logo":"https://logos.yubhub.co/replit.com.png"},"x-apply-url":"https://jobs.ashbyhq.com/replit/54051fe0-045f-46b1-a2b8-a730575b05eb","x-work-arrangement":"hybrid","x-experience-level":"mid","x-job-type":"full-time","x-salary-range":"$180K – $250K","x-skills-required":["software engineering fundamentals","CI/CD systems","cloud-native infrastructure","GCP services","SaaS architectures","identity systems","integration patterns","SIEM","Cloud Logging","log-based investigation workflows","vulnerability lifecycles","exploitability analysis","common attack vectors"],"x-skills-preferred":["threat intelligence","security research","vulnerability analysis","Kubernetes","containers","serverless infrastructure","modern distributed systems","Python","Go","Bash","bug bounty programs","coordinated vulnerability disclosure workflows","fast-paced","cloud-native","AI/ML-driven environments"],"datePosted":"2026-03-07T15:20:18.290Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Foster City, CA"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"software engineering fundamentals, CI/CD systems, cloud-native infrastructure, GCP services, SaaS architectures, identity systems, integration patterns, SIEM, Cloud Logging, log-based investigation workflows, vulnerability lifecycles, exploitability analysis, common attack vectors, threat intelligence, security research, vulnerability analysis, Kubernetes, containers, serverless infrastructure, modern distributed systems, Python, Go, Bash, bug bounty programs, coordinated vulnerability disclosure workflows, fast-paced, cloud-native, AI/ML-driven environments","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":180000,"maxValue":250000,"unitText":"YEAR"}}}]}