The Cybersecurity / SRE team at xAI is focused on ensuring the security and reliability of X Money. This role will primarily focus on the X Money platform but will also cross over with the X Social platform.

You'll be responsible for securing and maintaining the reliability of X Money's infrastructure. You'll work closely with cross-functional teams to enhance security measures, improve system resilience, and implement best practices.

Responsibilities

• Build and secure mission-critical applications in a hybrid cloud environment.
• Manage identities and roles effectively.
• Monitor and remediate infrastructure to comply with regulations and best practices (e.g., PCI, NIST CSF).
• Maintain a SIEM and all data pipelines needed for reliable alerting.
• Design and implement secure container standards and automation to enable frictionless developer workflows.
• Maintain Kubernetes security aligned with current best practices.
• Build, deploy, and maintain security operations infrastructure using Python, Terraform, and Puppet.
• Secure and enhance CI/CD pipelines.
• Integrate and maintain code scanning platforms.
• Develop dashboards and alerts from security metrics.
• Own security projects: identify issues and implement solutions.
• Apply critical analysis and problem-solving skills.

Basic Qualifications

• Proven experience securing hybrid AWS/on-premises environments, including IAM and overall security posture.
• Strong proficiency in Python, Terraform, and Puppet.
• Certifications like CISA, CRISC, CGEIT, Security+, CASP+, or similar preferred.
• Deep expertise in Kubernetes and container security.
• Hands-on expertise building GitHub Actions and workflows.
• Extensive experience with Prometheus, Grafana, CloudWatch, and Karma.
• Well versed in management and integrations of Wazuh
• Hands-on experience with security scanning tools (Semgrep, Trivy, Falco).
• Proactive mindset with strong ownership and problem-solving skills.
• Excellent critical thinking and analytical abilities.

Compensation and Benefits

$180,000 - $440,000 USD

Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.

XML job scraping automation by YubHub

This role combines technical depth, strategic thinking, and the autonomy to design workflows that will protect infrastructure driving the future of AI.

Key Responsibilities:

• Build and scale AI-powered triage workflows: evaluate tools (LLM integration, TINES orchestration), architect solutions, and deploy to production
• Drive intelligent, risk-based vulnerability prioritization while simultaneously training AI models,your assessments become the foundation for automation
• Influence automation priorities: recommend which areas of the vulnerability pipeline would most benefit from automation to improve team efficiency
• Design and implement automated detection-to-ticket pipelines: build workflows that generate vulnerability detections, test them, scale across the environment, and auto-create Jira tickets
• Execute remediation campaigns: build automated workflows for EOL product removal, vulnerable software upgrades, and OS migrations at scale
• Manage embargoed vendor disclosures from hardware partners, including embargo verification and zero-day response coordination
• Lead security incident investigations related to high-profile vulnerabilities, coordinating cross-functional response and impact assessment
• Participate in on-call rotation for rapid-response vulnerability analysis during active zero-day events or critical security incidents
• Partner with IT, Infrastructure, and Engineering teams to drive remediation efforts, enforce SLAs, and escalate blockers strategically
• Write daily operations reports documenting vulnerability trends, remediation velocity, and emerging threats for security leadership
• Drive process improvements and workflow automation to improve operational efficiency and reduce manual toil

Requirements:

• 7+ years of relevant experience with demonstrated impact in vulnerability management, application security, platform security, or cloud security engineering
• Bachelor’s or Master’s degree in Computer Science, Computer Engineering, Electrical Engineering, or equivalent practical experience
• Proven hands-on experience building security automation (SOAR workflows, detection pipelines, or vulnerability prioritization frameworks)
• Deep subject matter expertise with vulnerability management best practices: CVSS, EPSS, CISA KEV, exploit intelligence, and compensating controls
• Strong development background with proficiency in Python, Go, or similar languages for building production-grade security tools
• Experience with modern vulnerability management tooling such as Wiz, Semgrep, Rapid7, or similar platforms
• Demonstrated ability to partner with cross-functional teams (IT, SRE, Engineering) to drive remediation without formal authority
• Strong familiarity with common security vulnerabilities and the ability to judge their severity and business impact

Preferred Qualifications:

• Practical experience building AI/ML-powered security workflows (LLM integration, automated triage, human-in-the-loop validation)
• Experience managing hardware security vulnerabilities (GPU/DPU firmware, BMC/IPMI, specialized compute environments)
• Production experience with security automation platforms such as TINES, Splunk SOAR, or serverless frameworks (AWS Lambda)
• Strong DevOps, DevSecOps, or SRE background with experience in AWS/GCP/Azure cloud services and Infrastructure as Code (Terraform, CloudFormation)
• Deep understanding of container security and Kubernetes (image scanning, admission control, runtime protection, supply chain security)
• Experience supporting customer audits (SOC 2, ISO 27001, FedRAMP) with vulnerability evidence and control validation
• Experience integrating vulnerability management into modern CI/CD pipelines with a 'shift-left' mentality

What We Offer:

The base salary range for this role is $165,000 to $242,000. The starting salary will be determined based on job-related knowledge, skills, experience, and market location. We strive for both market alignment and internal equity when determining compensation. In addition to base salary, our total rewards package includes a discretionary bonus, equity awards, and a comprehensive benefits program (all based on eligibility).

The range we’ve posted represents the typical compensation range for this role. To determine actual compensation, we review the market rate for each candidate which can include a variety of factors. These include qualifications, experience, interview performance, and location.

XML job scraping automation by YubHub

You'll work at the intersection of backend engineering and infrastructure, shaping architecture in Ruby on Rails and Go, guiding decisions around role-based access control (RBAC), GraphQL APIs, and Kubernetes deployment configuration.

In your first year, you'll help move Secrets Manager toward general availability, establish technical patterns the team can build on, and represent the team's point of view in cross-functional discussions.

You'll have end-to-end ownership, from design through production operations, with room to identify what should be built next and improve how the team delivers secure, reliable features.

Responsibilities

• Build and maintain secure, readable backend code primarily in Ruby on Rails, with some development in Go for targeted components.

• Design backend architecture for complex security features, including secrets access control, pipeline security enforcement, and OpenBao integration.

• Lead the development of role-based access control models, GraphQL APIs, and supporting application patterns for features owned by the team.

• Own features end to end, from technical design and implementation through deployment, validation, and production support.

• Collaborate with Product, security partners, and other engineering teams to document tradeoffs, align on direction, and deliver iteratively in a distributed environment.

• Improve code quality, maintainability, security, and performance through code review, design iteration, and internal standards for a high-scale web environment.

• Build and maintain Helm charts, including configuration, tuning, documentation, and automated testing for Kubernetes-based deployments.

• Validate features in Kubernetes environments, including GitLab Cloud Native and Cloud Native Hybrid deployments, using GitLab testing and performance testing frameworks.

Requirements

• Experience building and maintaining backend features with a focus on secure design, data handling, and production reliability.

• Ability to write production-quality code in Ruby on Rails, including use of framework security patterns and review for common application risks.

• Working knowledge of CI/CD concepts and the ways pipelines can be misconfigured, abused, or expose sensitive data.

• Familiarity with secrets management approaches and security practices for handling credentials in CI environments; experience with tools such as HashiCorp Vault or similar systems is helpful.

• Comfort collaborating across Product and engineering teams in an asynchronous, distributed environment and communicating technical tradeoffs clearly in writing.

• Ability to review merge requests with a security-first mindset and improve solutions through feedback and iteration.

• Experience debugging production issues, including investigation of security-related behavior and proposing practical fixes.

• Openness to learning adjacent domains and tools, including Go, container security, and software supply chain security; we welcome transferable experience from different technical backgrounds.

About the Team

The Pipeline Security team builds features that make GitLab CI pipelines more secure and trustworthy for teams running sensitive workloads. We own key parts of pipeline security within GitLab's CI/CD experience, with our current focus on native secrets management for CI pipelines and Supply-chain Levels for Software Artifacts (SLSA) Level 3 capabilities to strengthen software supply chain security.

XML job scraping automation by YubHub

Your work will shape GitLab's enterprise security posture in the rapidly growing software supply chain security market. You'll focus on SLSA Level 3 compliance, secrets management, CI/CD security hardening, and the foundations of GitLab's global zero trust architecture.

Some examples of our projects:

• SLSA Level 3 compliance and provenance attestation across GitLab's CI/CD platform
• Integrated secrets management and runner security for container-isolated, secure pipelines

You'll lead the end-to-end software supply chain security architecture for GitLab's CI/CD platform, including SLSA Level 3 implementation and CI infrastructure hardening. You'll drive cross-team technical strategy and decisions across our Software Supply Chain Security (SSCS) stage teams, aligning engineering work to SSCS strategic plans.

You'll collaborate with infrastructure and CI/CD teams to design and land long-term initiatives for secure, scalable runner architecture, container isolation, and pipeline security at scale. You'll propose and validate technical implementations that support architectural changes to improve CI/CD scaling and performance on critical paths.

You'll teach, mentor, and coach Staff Engineers and individual contributors, raising the bar on supply chain threat modeling, secrets management, artifact signing, and SBOM lifecycle practices.

You'll partner with Engineering Managers and senior leadership to define roadmaps, break down complex initiatives, and enable Staff Engineers to lead sub-department-wide efforts.

You'll engage with customers and external stakeholders as a technical consultant and spokesperson for GitLab's software supply chain security capabilities and roadmap.

You'll collaborate with product, security, and compliance stakeholders to ensure features meet enterprise security, governance, and regulatory expectations in the software supply chain security market.

Key responsibilities include:

• Providing architectural leadership across multiple engineering teams
• Shaping GitLab's enterprise security posture in the rapidly growing software supply chain security market
• Focusing on SLSA Level 3 compliance, secrets management, CI/CD security hardening, and the foundations of GitLab's global zero trust architecture

Key requirements include:

• Deep expertise in software supply chain security, including threat modeling for supply chain attack vectors, SLSA implementation and attestation systems, and SBOM generation and lifecycle management
• Strong knowledge of artifact signing and verification using the Sigstore ecosystem, including Cosign, Fulcio, Rekor, and in-toto attestations
• Experience designing and hardening CI/CD security, such as runner isolation, pipeline security controls, and secrets management in large-scale environments

Preferred qualifications include:

• Background in distributed systems and infrastructure, including building resilient CI/CD platforms that process high pipeline volumes and optimizing performance for critical paths
• Practical experience with container security and Kubernetes security, including admission controllers, policy controllers, workload isolation, and registry hardening
• Proficiency in Go or Rust in a production environment, combined with expert-level understanding of CI/CD workflows and DevSecOps best practices
• Experience operating as a Principal or Staff Engineer across multiple development teams, providing architectural leadership and partnering with Engineering Managers and senior leaders
• Demonstrated capacity to clearly communicate complex problems and solutions

Our Software Supply Chain Security stage engineering teams are responsible for authentication and access within GitLab. We also build features that help customers manage vulnerabilities, dependencies, security policies, and compliance frameworks across their organizations.

The base salary range for this role's listed level is currently for residents of the United States only. This range is intended to reflect the role's base salary rate in locations throughout the US. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, alignment with market data, and geographic location. The base salary range does not include any bonuses, equity, or benefits.

XML job scraping automation by YubHub

As a Staff Engineer, AI Security on the AppSec team, you'll lead autonomous defense for the AI lifecycle. Build multi-agent frameworks and secure gateways while integrating real-time security gates and identity standards. By mentoring Security and R&D to define the MLSecOps roadmap, you'll ensure a 'secure-by-default' future for agentic workflows and resilient AI innovation.

Responsibilities:

Serve as the primary subject matter expert for all AI and machine learning security initiatives across security and R&D.

Design and manage AI gateways to provide a centralized control plane for authentication and authorization and rate limiting across all model and tool interactions.

Build and maintain an autonomous security agentic framework that utilizes multi agent orchestration for end to end investigation and alert triage and remediation.

Develop agentic identity models using OAuth 2.1 to propagate identity across trust boundaries and prevent the confused deputy problem.

Help govern the AI augmented software development lifecycle by integrating real time security gates into the developer environment and CI/CD pipeline.

Manage Agentic Security Solutions that secure AI lifecycle and manage AI workloads at runtime.

Author company wide AI security standards and implement these security checks across Twilio's stack.

Implement human in the loop checkpoints and transactional safety protocols for high impact or destructive agentic actions.

Partner with engineering leadership to set the long term roadmap for identity centric security and automated posture management.

Act as a knowledge multiplier by mentoring security engineers and developing secure by default paved road templates for R&D teams

Qualifications:

8+ years of experience in security engineering with at least 3 years focused on AI or machine learning security operations (MLSecOps).

Expertise in orchestrating multi-agent systems with AWS Strands, LangGraph, and CrewAI, specializing in runtime isolation, PII redaction, and defending against indirect prompt injection in agentic environments.

Hands-on experience with AI-specific frameworks (e.g., MITRE ATLAS, MAESTRO, OWASP Top 10 for LLMs/Agents/MCP) to threat model and defend against a wide spectrum of risks, including direct/indirect prompt injection, training data poisoning, tool poisoning, and data exfiltration within agentic workflows.

Proficiency in securing end-to-end AI pipelines, from data ingestion and training to model deployment and monitoring.

Strong communication skills to translate complex AI risks into actionable business logic for stakeholders.

Desired:

Hands-on experience in modern application security tooling including SAST and SCA and DAST with experience adapting these tools to catch AI specific vulnerabilities like indirect prompt injection.

Expertise in identity standards including OAuth 2.1 and PKCE.

Experience with AI Red Teaming and conducting adversarial simulations against Large Language Models (LLMs) and agentic systems.

Proficiency in at least one general programming language (Python, Go, etc) with experience in container security and workload isolation.

Proven ability to operate with autonomy and drive high impact outcomes in ambiguous environments by identifying and executing on critical projects without predefined roadmaps or direct supervision.

XML job scraping automation by YubHub

In this role, you will design, implement, and maintain secure cloud infrastructure and ensure the integrity of our cloud-native applications.

Responsibilities:

• Design and implement secure cloud architectures across multiple cloud platforms (e.g., AWS, GCP, Azure)
• Develop and maintain Infrastructure as Code (IaC) templates with embedded security controls
• Conduct regular security assessments and audits of cloud infrastructure and services
• Implement and manage cloud security tools and services (e.g., CSPM, CWPP, CASB)
• Collaborate with development teams to ensure security best practices are integrated into CI/CD pipelines
• Monitor and respond to security events and incidents in cloud environments
• Develop and maintain cloud security policies, standards, and procedures
• Stay current with emerging cloud security threats and mitigation strategies

Basic Qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, or a related field
• 3-5 years of experience in cloud security or related roles
• Strong understanding of cloud security principles, compliance frameworks, and best practices
• Proficiency in at least one cloud platform (AWS, GCP, or Azure) and associated security services
• Experience with Infrastructure as Code tools (e.g., Terraform, CloudFormation)
• Familiarity with containerization technologies and their security implications
• Knowledge of network security concepts and protocols
• Experience with scripting languages (e.g., Python, Bash) for automation and tool development

Preferred Skills and Experience:

• Relevant security certifications (e.g., CCSP, CSSK, AWS Security Specialty)
• Experience with multi-cloud environments and cloud-to-cloud security
• Knowledge of DevSecOps practices and tools
• Experience with Kubernetes and container security
• Experience in building custom cloud security tools or integrations
• Interest in leveraging AI for cloud security monitoring and automation
• Contributions to open-source cloud security projects
• Experience with securing AI/ML workloads in cloud environments

Compensation and Benefits:

$200,000 - $340,000 USD

Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.

XML job scraping automation by YubHub

In this role, you will work closely with Engineering and DevOps teams to design, implement, and maintain secure cloud infrastructure, CI/CD pipelines, and containerized environments.

You will play a key role in strengthening our security posture across AWS and GCP, automating security controls through infrastructure as code, and ensuring compliance with industry standards such as PCI DSS and SOC 2, enabling Yuno to scale securely in the global payments ecosystem.

Responsibilities:

• Design, build, and maintain secure and scalable internal security solutions and tools using Python to support security operations and strengthen technical controls.

• Improve and manage security configurations in AWS and GCP (including WAF, Security Hub, IAM policies, SIEM integrations and other critical services) to continuously strengthen our overall cloud security posture and ensure best practices are implemented.

• Implement and maintain security processes and technical controls that support compliance requirements (e.g., PCI DSS, ISO 27001/27701, SOC 2).

• Collaborate with different teams on cross-functional security initiatives, providing technical expertise and ensuring alignment with best practices.

• Explore and evaluate emerging technologies and architectures (e.g., AI integrations) to ensure secure adoption.

Skills You Need:

• 4+ years of hands-on experience in security engineering or similar technical security roles.

• Strong experience designing and developing security tools or internal products to support security operations using Python.

• Solid knowledge of AWS and GCP security services and configurations.

• Practical experience working with compliance frameworks (e.g., PCI DSS, ISO 27001/27701, SOC 2) in cloud environments.

• Strong problem-solving skills and the ability to communicate and collaborate effectively with cross-functional teams.

• Verbal and written English fluency.

Preferred Qualifications:

• Familiarity with SIEM platforms and security monitoring tools.

• Experience with Kubernetes and container security.

• Experience with infrastructure as code (e.g., Terraform, CloudFormation).

• Familiarity with emerging architectures (e.g., serverless, event-driven, AI integrations).

• Experience embedding security practices across the software development lifecycle, including CI/CD pipelines.

XML job scraping automation by YubHub

Key Responsibilities

• Own the security architecture for Saronic's AWS environments, including multi-account strategy, network segmentation, identity architecture, and data protection across commercial AWS and AWS GovCloud

• Design and maintain secure-by-default Terraform modules and IaC standards that teams adopt as the standard path, enforcing least privilege, secure defaults, and compliance requirements

• Implement preventive controls (SCPs, permission boundaries, policy-as-code) and detective controls (Config rules, CloudTrail analysis, GuardDuty) as a unified, layered security model

• Design and enforce IAM patterns across AWS accounts, services, and workloads including least-privilege policies, permission boundaries, cross-account access, federation, and service-to-service authentication

• Implement and govern secrets management using tools such as AWS Secrets Manager or Vault, integrated into CI/CD and runtime environments

• Partner with DevOps and Platform Engineering to embed security into CI/CD pipelines, infrastructure provisioning, and deployment workflows

• Build automated compliance validation into infrastructure pipelines and replace manual security gates with automated guardrails wherever possible

• Create self-service security tooling and patterns that allow teams to operate with speed and autonomy while maintaining compliance

• Integrate logging, monitoring, and alerting across cloud infrastructure to validate control effectiveness and detect misconfigurations or threats

• Build and tune cloud-native detections using CloudTrail, GuardDuty, Config, and SIEM integrations

• Support incident response for cloud security events, drive root-cause analysis, and translate findings into improved guardrails and controls

Required Qualifications:

• 6+ years of hands-on experience in cloud security engineering, infrastructure security, DevSecOps, or a closely related security engineering role

• Expert-level proficiency with Terraform, including module design, state management, policy-as-code, and managing complex multi-environment configurations

• Deep expertise in AWS security services and architecture, including IAM, Organizations, SCPs, Control Tower, CloudTrail, Config, GuardDuty, Security Hub, KMS, and VPC security

• Demonstrated experience building security guardrails and reusable infrastructure patterns that engineering teams adopt without friction

• Strong experience with CI/CD pipeline security, IaC review processes, and automated compliance validation

• Experience operating in AWS GovCloud or FedRAMP-regulated cloud environments

• Strong proficiency in Python, Go, Rust, or equivalent languages for building security automation and tooling

• Ability to obtain and maintain a security clearance

Preferred Qualifications:

• Experience in defence, aerospace, robotics, autonomy, or other high-assurance environments

• Experience designing multi-account AWS landing zones and organisational security architectures from the ground up

• Hands-on experience with Kubernetes security, container security, and service mesh security in cloud-native environments

• Familiarity with NIST SP 800-171, NIST SP 800-53, FedRAMP, or Cloud Computing SRG Impact Levels

• Experience with infrastructure drift detection, automated remediation, and continuous compliance monitoring

• Relevant certifications such as AWS Security Specialty, AWS Solutions Architect Professional, HashiCorp Terraform Associate/Engineer, CCSP, or CISSP

Additional Information

Benefits: Medical Insurance: Comprehensive health insurance plans covering a range of services. Saronic pays 100% of the premium for employees and 80% for dependents. Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care. Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents. Time Off: Generous PTO and Holidays. Parental Leave: Paid maternity and paternity leave to support new parents. Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses. Retirement Plan: 401(k) plan. Stock Options: Equity options to give employees a stake in the company’s success. Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage. Pet Insurance: Discounted pet insurance options including 24/7 Telehealth helpline. Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office

This role requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3).

XML job scraping automation by YubHub

Fridtjof Nansen crossed the Arctic, going places no human had ever been. Together with our users, we're doing the same onchain , and someone needs to make sure we don't get killed on the way there.

We're building the single best platform for onchain investing , agentic trading, staking infrastructure, AI-powered analytics , and we're scaling fast. Fast enough that security can't be an afterthought bolted on later. It has to be built in, from the start, by someone who knows what they're doing.

Our mission:

Surface the signal and create winners.

What you'll do at Nansen

You'll be the person who makes sure we can move fast without breaking things that matter. That means embedding security into everything we build , cloud infrastructure, applications, CI/CD pipelines, AI systems, staking operations , across a generalist role that spans the full surface area.

• Run security assessments across systems, architectures, and code , find the vulnerabilities before someone else does
• Advise engineering teams on secure design decisions. You're a partner, not a blocker
• Deploy and maintain security infrastructure: SIEM, vulnerability scanning, endpoint protection, logging , the things that let us sleep at night
• Secure our CI/CD pipelines and deployment workflows end-to-end
• Own secrets management, key management, and access controls. No shortcuts
• Address LLM security head-on: API key management, prompt injection prevention, and the risks that come with shipping AI-powered products at speed
• Coordinate penetration tests and security audits with external vendors
• Create and maintain secure coding guidelines and code review processes that engineers actually follow
• Represent the Security Team in the incident response process
• Drive compliance readiness , SOC 2, ISO 27001 , pragmatically, not bureaucratically

What we're looking for

• You've built and hardened production security at scale , you know the difference between a policy document and an actually secure system
• Strong cloud security knowledge (AWS, GCP or equivalent). Container security and network security fundamentals
• Hands-on experience implementing security tooling, not just evaluating it
• Secrets and key management expertise , you've managed this at a company where it actually mattered
• You understand the security implications of AI/LLM and agent-based systems. This is new territory and we need someone thinking about it seriously
• CI/CD pipeline security is second nature
• Pragmatic about compliance , you can get us to SOC 2 without drowning the engineering team in process
• You don't just use AI as a tool. You think with it. AI-first isn't a checkbox , it's how you work
• Strong async communication skills , we're remote-first, Slack-and-docs-heavy, and EMEA hours are preferred for team overlap
• Bonus: blockchain, smart contract, or staking infrastructure security experience. Kubernetes and Terraform security. Incident response or security operations background

What we offer our crew

• Competitive salary. Meaningful equity. Real ownership in what you build
• Fully remote with two no-meeting days a week , because deep work doesn't happen in a Google Meet
• Annual company retreat and team off-sites in one of our offices: Singapore, Bangkok, London, and Oslo , flights and accommodation covered
• Unlimited AI tokens , Claude, OpenAI, whatever helps you move fast
• Your own OpenClaw for work
• Nansen Pro account: giving you full access to the most detailed onchain data in the market
• A team that started as data engineers and data scientists that has grown to over 80 builders. Your craft is respected here.
• Speed, ownership, curiosity, courage. These aren't values on a wall , they're how we run.
• A front-row seat (and a hand in building) the next chapter of finance

XML job scraping automation by YubHub

Role summary Mistral AI is looking for a DevSecOps Engineer to architect and maintain the security posture of our rapidly scaling AI infrastructure and application lifecycle. You will treat security as a seamless enabler for our research and engineering teams. Your objective is to embed robust security controls into our CI/CD pipelines, infrastructure environments, and developer workflows, without compromising deployment velocity.

Responsibilities • Drive threat modeling and risk prioritization exercises, serving as the security counterpart to system-design reviews for our core infrastructure and new products. • Own end-to-end vulnerability management across CI/CD pipelines and runtime environments, covering both underlying infrastructure and applications. • Secure our Kubernetes deployments and containerized workloads, implementing advanced pod and node hardening to prevent lateral movement across distributed systems. • Define and enforce Infrastructure-as-Code security by building robust Terraform guardrails and integrating policy-as-code directly into deployment pipelines. • Design and execute a comprehensive security tooling strategy, managing solutions for CNAPP, CSPM, SAST, SCA, secrets management, and SBOM-CVE tracking. • Champion developer enablement by building secure defaults, streamlining remediation workflows, and drafting actionable security guidelines. • Build foundational security automation to scale alongside hyper-growth, minimizing manual overhead while establishing a pragmatic security culture from the ground up.

About you • 5+ years of experience in DevSecOps, Security Engineering, or Cloud Security, ideally acting as an early security hire in a fast-paced or hyper-scale environment. • Deep understanding of Kubernetes and container security, alongside strong experience securing Infrastructure-as-Code (Terraform) across major cloud providers. • Strong programming and scripting skills (Python, Go, or similar) to build security automation and seamlessly integrate diverse security tools into the developer workflow. • Extensive experience deploying and tuning modern security tooling with a pragmatic approach to vulnerability management and threat modeling. • Strong communication skills with a proven track record of partnering with developers and researchers to embed secure defaults without creating engineering friction.

XML job scraping automation by YubHub

This role is highly hands-on and systems-oriented, sitting at the intersection of security, infrastructure, and distributed systems.

Your primary responsibilities will be to:

• Build and harden infrastructure security by designing and implementing security controls across cloud infrastructure, Kubernetes and containerized workloads, networking, service meshes, and edge systems, CI/CD pipelines and deployment systems, and secure compute environments for GPU workloads and model execution.
• Implement identity, secrets, and access controls, including machine identity and workload authentication, secrets management and encryption, least-privilege access, and short-lived credentials.
• Protect model weights, inference endpoints, and customer data, design secure data access pathways and isolation mechanisms, and ensure safe multi-tenant execution environments.
• Automate security guardrails directly into infrastructure and CI/CD, use Infrastructure-as-Code to enforce secure defaults, and continuously identify and remediate security gaps through automation.
• Identify and mitigate risks across infrastructure layers, defend against both external attackers and insider threats, and drive projects like network isolation, encryption, and secure service communication.

To succeed in this role, you'll need to have:

• 8+ years in security engineering, infrastructure, or SRE.
• Strong understanding of cloud security, networking fundamentals, Linux systems, and container security.
• Experience building or securing production infrastructure at scale.
• Deep knowledge of authentication and authorization systems, secrets management and cryptography basics, common vulnerabilities and attack vectors, and ability to design security controls across multiple layers.
• Proficiency in at least one language, experience with Infrastructure-as-Code, and strong automation mindset.

Nice to have experience with GPU infrastructure, multi-tenant platform isolation, service mesh architectures, and high-growth startup environments.

What makes this role unique is that you'll work on cutting-edge AI infrastructure security, secure GPU clusters, model execution, and real-time inference systems, have high ownership, and direct impact on developer trust and platform reliability.

Our security philosophy is to enable developers, automate everything, assume breach, and design for resilience.

In terms of compensation and benefits, we offer competitive salary, equity, full health, dental, and vision coverage, and opportunity to work on frontier AI infrastructure.

XML job scraping automation by YubHub

Start with an opening paragraph (no heading): what the role is, who the company is, why it matters. If the ad mentions salary, include it here.

Rephrase bullet points in your own words while keeping the factual content. Combine related points where it makes sense.

For benefits/perks: gather them from anywhere in the ad into one section. If the ad mentions nothing about benefits, omit a benefits section entirely.

Do not invent information that is not in the original ad.

About the role The Anti-Abuse team is the front line defending Replit's platform from exploitation. We detect and shut down phishing deployments, prevent cryptomining on free-tier infrastructure, stop LLM token farming, and keep bad actors from weaponizing the platform against our users. This is adversarial work: attackers adapt constantly, and we build the detection systems, heuristics, and automated responses that stay ahead of them.

What makes this role unique is the AI-native nature of Replit's platform. You'll work on problems that barely exist elsewhere: building guardrails for AI-generated code, detecting prompt injection attacks at scale, and using LLMs as a defensive tool against abuse. If you want hands-on experience applying AI to security problems, this is one of the few places you can do it in production with real attackers. You'll own problems end-to-end, from identifying emerging abuse patterns to shipping the systems that stop them at scale.

In this role you will…

• Design and implement LLM guardrails that detect abuse scenarios in AI-generated code and agent interactions
• Build AI-powered detection systems that use LLMs to identify malicious patterns, classify threats, and automate response decisions
• Build and operate abuse detection systems that identify phishing, cryptomining, account takeover, and financial fraud across millions of daily user actions
• Design automated response mechanisms that enforce platform policies without manual intervention
• Own the full abuse response lifecycle: detection, investigation, enforcement, and handling appeals alongside Support and Legal
• Analyze attack patterns using BigQuery and Hex, turning investigation findings into new detection rules
• Maintain and extend internal detection tools (Slurper, Netwatch) that continuously monitor user activity
• Integrate and tune security scanners (SAST, SCA) in CI pipelines with tight performance SLAs
• Track abuse trends, measure detection effectiveness, and adapt defenses as attack patterns evolve

Required skills and experience:

• 4+ years of experience in security engineering, anti-abuse, trust & safety, or fraud detection
• Strong programming skills in Python and/or TypeScript for building detection systems and automation
• Experience with SQL and data analysis at scale (BigQuery, Snowflake, or similar)
• Experience building or fine-tuning ML/LLM-based classifiers for security or abuse detection
• Familiarity with prompt injection, jailbreaking, and other LLM-specific attack vectors
• Ability to investigate complex abuse patterns and translate findings into automated defenses
• Familiarity with common attack patterns: phishing infrastructure, account takeover, credential stuffing, resource abuse
• Clear communication skills for working across Security, Support, Legal, and Engineering teams.

Nice to have:

• Experience at a platform company dealing with user-generated content or compute abuse (hosting providers, cloud platforms, developer tools)
• Background in fraud detection, payment abuse, or financial crime
• Familiarity with device fingerprinting, IP reputation, and email validation services
• Experience with CI/CD security tooling (SAST, SCA, Dependabot, Snyk)
• Knowledge of container security, Linux internals, or cloud infrastructure (GCP preferred)
• Prior work with abuse reporting pipelines, trust & safety tooling, or content moderation systems

Tools + Tech Stack for this role

• Languages: Python, TypeScript, Go, SQL
• Data: BigQuery, Hex
• Detection tools: Slurper, Netwatch, Stytch (device fingerprint); ClearOut (email reputation)
• CI/CD Security: Dependabot, Snyk, SAST/SCA scanners
• Infrastructure: GCP, Kubernetes
• Collaboration: Linear, Slack, Zendesk (for abuse reports)

This role may _not_ be a fit if

• You prefer deep security research over building operational detection systems
• You want to focus on vulnerability management, pentesting, or bug bounty triage (that's our Security team)
• You're looking for a role with predictable, well-defined problems rather than constantly adapting to adversarial behavior
• You prefer working in isolation rather than partnering closely with Support, Legal, and cross-functional teams
• You're uncomfortable making enforcement decisions that affect real users

_This is a full-time role that can be held from our Foster City, CA office. The role has an in-office requirement of Monday, Wednesday, and Friday._

Full-Time Employee Benefits Include: 💰 Competitive Salary & Equity 💹 401(k) Program with a 4% match ⚕️ Health, Dental, Vision and Life Insurance 🩼 Short Term and Long Term Disability 🚼 Paid Parental, Medical, Caregiver Leave 🚗 Commuter Benefits 📱 Monthly Wellness Stipend 🧑‍💻 Autonomous Work Environment 🖥 In Office Set-Up Reimbursement 🏝 Flexible Time Off (FTO) + Holidays 🚀 Quarterly Team Gatherings ☕ In Office Amenities

XML job scraping automation by YubHub

Location

San Francisco

Employment Type

Full time

Department

Security

Compensation

• $293K – $385K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

Benefits

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

About the Team

The team’s mission is to accelerate the secure evolution of agentic AI systems at OpenAI. To achieve this, the team designs, implements, and continuously refines security policies, frameworks, and controls that defend OpenAI’s most critical assets—including the user and customer data embedded within them—against the unique risks introduced by agentic AI.

About the Role

As a Security Engineer on the Agent Security Team, you will be at the forefront of securing OpenAI’s cutting-edge agentic AI systems. Your role will involve designing and implementing robust security frameworks, policies, and controls to safeguard OpenAI’s critical assets and ensure the safe deployment of agentic systems. You will develop comprehensive threat models, partner tightly with our Agent Infrastructure group to fortify the platforms that power OpenAI’s most advanced agentic systems, and lead efforts to enhance safety monitoring pipelines at scale.

Responsibilities

• Architecting security controls for agentic AI – design, implement, and iterate on identity, network, and runtime-level defenses (e.g., sandboxing, policy enforcement) that integrate directly with the Agent Infrastructure stack.

• Building production-grade security tooling – ship code that hardens safety monitoring pipelines across agent executions at scale.

• Collaborating cross-functionally – work daily with Agent Infrastructure, product, research, safety, and security teams to balance security, performance, and usability.

• Influencing strategy & standards – shape the long-term Agent Security roadmap, publish best practices internally and externally, and help define industry standards for securing autonomous AI.

Requirements

• Strong software-engineering skills in Python or at least one systems language (Go, Rust, C/C++), plus a track record of shipping and operating secure, high-reliability services.

• Deep expertise in modern isolation techniques – experience with container security, kernel-level hardening, and other isolation methods.

• Hands-on network security experience – implementing identity-based controls, policy enforcement, and secure large-scale telemetry pipelines.

• Clear, concise communication that bridges engineering, research, and leadership audiences; comfort influencing roadmaps and driving consensus.

• Bias for action & ownership – you thrive in ambiguity, move quickly without sacrificing rigor, and elevate the security bar company-wide from day one.

• Cloud security depth on at least one major provider (Azure, AWS, GCP), including identity federation, workload IAM, and infrastructure-as-code best practices.

• Familiarity with AI/ML security challenges – experience addressing risks associated with advanced AI systems (nice-to-have but valuable)

Preferred Qualifications

• Experience with container orchestration (e.g., Kubernetes) and service mesh technologies (e.g., Istio, Linkerd).

• Knowledge of cloud security frameworks and compliance standards (e.g., HIPAA, PCI-DSS).

• Familiarity with machine learning and AI frameworks (e.g., TensorFlow, PyTorch).

• Experience with DevOps tools and practices (e.g., CI/CD pipelines, containerization).

What We Offer

• Competitive salary and benefits package

• Opportunity to work with a talented team of engineers and researchers

• Collaborative and dynamic work environment

• Professional growth and development opportunities

• Flexible work arrangements

• Access to cutting-edge technology and tools

How to Apply

If you are a motivated and experienced security engineer looking to join a dynamic team, please submit your application, including your resume and a cover letter, to [insert contact information]. We look forward to hearing from you!

XML job scraping automation by YubHub

Location

Remote - US; New York City; San Francisco; Seattle

Employment Type

Full time

Location Type

Remote

Department

Security

Compensation

• SF, Seattle or NYC $230K – $385K • Offers Equity
• Zone A $207K – $346.5K • Offers Equity
• Zone B $184K – $308K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

Benefits

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
• 401(k) retirement plan with employer match
• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
• Mental health and wellness support
• Employer-paid basic life and disability coverage
• Annual learning and development stipend to fuel your professional growth
• Daily meals in our offices, and meal delivery credits as eligible
• Relocation support for eligible employees
• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

About the Team

Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity.

The Security team protects OpenAI’s technology, people, and products. We are technical in what we build but are operational in how we do our work, and are committed to supporting all products and research at OpenAI. Our Security team tenets include: prioritizing for impact, enabling researchers, preparing for future transformative technologies, and engaging a robust security culture.

About the Role

OpenAI is seeking a Security Engineer to join our Infrastructure Security (InfraSec) team. InfraSec protects the foundations of OpenAI’s research and production environments, spanning GPU supercomputing clusters, multi-cloud infrastructure, datacenters, networking, storage, and the critical services that power our frontier AI models. Our charter includes securing everything from bare-metal hardware and firmware, to Kubernetes clusters and service meshes, to data storage and access pathways for highly sensitive model weights and user data.

In this role, you will:

• Design and build security controls across diverse layers (e.g., physical hardware, firmware/BMC, OS, Kubernetes, networks, and CI/CD) to defend against sophisticated adversaries and insider threats.
• Collaborate with engineering and security teams to drive deployment of security enhancements and control changes across broad-scale infrastructure.
• Tackle high-impact projects such as checkpoint encryption, network isolation, secret management, and machine identity, while continuously raising the security bar for emerging AI workloads.
• Take a generalist approach to building security controls, balancing a mix of security expertise and broad technical skillsets to adapt to evolving challenges.

You will thrive in this role if you have:

• Deep understanding of security principles, best practices, and common vulnerabilities.
• A proactive mindset, with the ability to identify and address security gaps or inefficiencies through automation and tooling.
• A track record of delivering scalable solutions and driving impactful changes across infrastructure in real-world projects.
• Expertise in the security of cloud platforms (e.g., Amazon AWS, Microsoft Azure), especially securing multi-cloud networks and infrastructure, and designing cloud agnostic systems.
• Experience securing on-prem deployments and datacenters from construction to multi-tenant use.
• Familiarity with container security, orchestration security, and authentication/authorization.
• Strong analytical and problem-solving skills, with an ability to think critically and objectively assess security risks.
• Excellent communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders.
• Excitement about collaborating with cross-functional teams to build secure, reliable systems that scale globally.

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity.

XML job scraping automation by YubHub

Location

Remote - US; New York City; San Francisco; Seattle

Employment Type

Full time

Location Type

Remote

Department

Security

Compensation

• SF, Seattle or NYC $230K – $385K • Offers Equity
• Zone A $207K – $346.5K • Offers Equity
• Zone B $184K – $308K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

Benefits

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
• 401(k) retirement plan with employer match
• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
• Mental health and wellness support
• Employer-paid basic life and disability coverage
• Annual learning and development stipend to fuel your professional growth
• Daily meals in our offices, and meal delivery credits as eligible
• Relocation support for eligible employees
• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

About the Team

Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity.

The Security team protects OpenAI’s technology, people, and products. We are technical in what we build but operational in how we execute, and we support every product and research effort at OpenAI. Our tenets include prioritizing for impact, enabling researchers and developers, preparing for future transformative technologies, and fostering a strong, collaborative security culture.

About the Role

OpenAI is seeking a Security Software Engineer to join the Infrastructure Security (InfraSec) team.

InfraSec safeguards the core of OpenAI’s research and production environments—GPU supercomputing clusters, multi-cloud infrastructure, datacenters, networking, storage, and the critical services that power our frontier AI models. Our charter spans everything from bare-metal hardware and firmware to Kubernetes clusters, service meshes, and the data pathways that carry highly sensitive model weights and user data.

As a Security Software Engineer, you will design and build critical foundational services, such as authentication systems, egress/ingress proxies, access brokers, and key management platforms, that demand high standards of reliability, scalability, and software craftsmanship. These systems form the security backbone of OpenAI’s supercomputing environment and must remain robust under intense scale and adversarial pressure.

In this role, you will:

• Architect and implement production-grade security services (e.g., auth services, access brokers, secure proxies, key-management infrastructure) that provide strong guarantees across hardware, operating systems, Kubernetes, networks, and CI/CD.
• Partner with infrastructure and research engineers to embed security into high-performance compute clusters, enabling rapid model training and deployment without compromising protection.
• Develop automation and detection tooling to continuously identify and mitigate risks in large-scale cloud and on-prem environments.
• Drive high-impact initiatives such as line-speed encryption, machine identity, and network isolation, continuously raising the security bar for emerging AI workloads.
• Lead or participate in design reviews and threat models to ensure new systems launch with strong security foundations and operational excellence.

You will thrive in this role if you have:

• Strong software engineering skills in languages such as Python, Go, Rust, or C/C++, with a track record of shipping and operating high-reliability distributed services.
• Experience building or operating critical security infrastructure (e.g., auth services, service-to-service proxies, certificate or key-management systems).
• Deep understanding of security principles, best practices, and common vulnerabilities.
• Expertise in securing large-scale cloud platforms (e.g., Azure, AWS, GCP), including multi-cloud networks and cloud-agnostic system design.
• Familiarity with container and orchestration security (Kubernetes, service meshes) and modern authentication/authorization standards (OIDC, mTLS, SPIFFE/SPIRE).
• A proactive mindset, with the ability to identify and address security gaps or inefficiencies through automation and tooling.
• A track record of delivering scalable solutions and driving impactful changes across infrastructure in real-world projects.
• Strong analytical and problem-solving skills, with an ability to think critically and objectively assess security risks.
• Excellent communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders.
• Excitement about collaborating

XML job scraping automation by YubHub

Offensive Security Engineer, Agent Security

Location

San Francisco; New York City; Remote - US; Seattle; Washington, DC

Employment Type

Full time

Department

Security

Compensation

• San Francisco, Seattle, New York$347K – $490K • Offers Equity
• Zone A$312.3K – $490K • Offers Equity
• Zone B$277.6K – $490K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

More details about our benefits are available to candidates during the hiring process.

This role is at-will and OpenAI reserves the right to modify base pay and other compensation components at any time based on individual performance, team or company results, or market conditions.

About the Team

Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity. The Security team protects OpenAI’s technology, people, and products. We are technical in what we build but are operational in how we do our work, and are committed to supporting all products and research at OpenAI. Our Security team tenets include: prioritizing for impact, enabling researchers, preparing for future transformative technologies, and engaging a robust security culture.

About the Role

We're seeking an exceptional Principal-level Offensive Security Engineer to challenge and strengthen OpenAI's security posture. This role isn't your typical red team job - it's an opportunity to engage broadly and deeply, craft innovative attack simulations, collaborate closely with defensive teams, and influence strategic security improvements across the organization.

You'll have the chance to not only find vulnerabilities but actively drive their resolution, automate offensive techniques with cutting-edge technologies, and use your unique attacker perspective to shape our security strategy.

This role will be primarily focused on continuously testing our agent powered products like codex and operator. These systems are uniquely valuable targets because they’re rapidly evolving, have access to perform sensitive actions on behalf of users, and have large, diverse attack surfaces. You will play a crucial role in securing our agents by hunting for realistic vulnerabilities that emerge from the interactions between the applications, infrastructure, and models that power them.

In this role you will:

• Continuously hunt for vulnerabilities in the interactions between the applications, infrastructure, and models that power our agentic products.

• Conduct open-scope red and purple team operations, simulating realistic attack scenarios.

• Collaborate proactively with defensive security teams to enhance detection, response, and mitigation capabilities.

• Perform comprehensive penetration testing on our diverse suite of products.

• Leverage advanced automation and OpenAI technologies to optimize your offensive security work.

• Present insightful, actionable findings clearly and compellingly to inspire impactful change.

• Influence security strategy by providing attacker-driven insights into risk and threat modeling.

You might thrive in this role if you have:

• 7+ years of hands-on red team experience or exceptional accomplishments demonstrating equivalent expertise.

• Deep expertise conducting offensive security operations within modern technology companies.

• Experience designing, developing, or testing assessing the security of AI-powered systems.

• Experience working finding, exploiting and mitigating common vulnerabilities in AI systems like prompt injection, leaking sensitive data, confused deputies, and dynamically generated UI components.

• Exceptional skill in code review, identifying novel and subtle vulnerabilities.

• Proven experience performing offensive security assessments in at least one hyperscaler cloud environment (Azure preferred).

• Demonstrated mastery assessing complex technology stacks, including:

• Highly customized Kubernetes clusters

• Container environments

• CI/CD pipelines

• GitHub security

• macOS and Linux operating systems

• Data science tooling and environments

• Python-based web services

• React-based frontend applications
• Strong intuitive understanding of trust boundaries and risk assessment in dynamic contexts.

• Excellent coding skills, capable of writing robust tools and automation for offensive operations.

• Ability to communicate complex technical concepts to both technical and non-technical stakeholders.

Experience Level

Senior

Employment Type

Full-time

Workplace Type

Remote

Category

Engineering

Industry

Technology

Salary Range

$347K – $490K • Offers Equity

Required Skills

• Red team experience
• Offensive security operations
• AI-powered systems security
• Vulnerability assessment
• Penetration testing
• Automation
• Code review
• Cloud security
• Kubernetes
• Container security
• CI/CD pipelines
• GitHub security
• macOS and Linux operating systems
• Data science tooling and environments
• Python-based web services
• React-based frontend applications

Preferred Skills

• Azure cloud security
• Highly customized Kubernetes clusters
• Container environments
• CI/CD pipelines
• GitHub security
• macOS and Linux operating systems
• Data science tooling and environments
• Python-based web services
• React-based frontend applications

XML job scraping automation by YubHub

Location

San Francisco

Employment Type

Full time

Department

Applied AI

Compensation

• $230K – $385K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

More details about our benefits are available to candidates during the hiring process.

This role is at-will and OpenAI reserves the right to modify base pay and other compensation components at any time based on individual performance, team or company results, or market conditions.

About the Team

The Monetization team is a new cross-functional group working across engineering, product, research, and design to build the foundational systems that will help OpenAI scale access to intelligence responsibly. Our mission is to develop user-first, privacy-preserving monetization products—including next-generation ads experiences—that strengthen user trust, unlock economic opportunity, and support OpenAI’s long-term innovation.

Monetization plays a critical role in enabling OpenAI to continue pushing the boundaries of AI capabilities while ensuring the benefits of AGI are broadly shared. We believe monetization must be aligned with user value, uphold rigorous privacy and safety standards, and sustain a healthy ecosystem of developers and businesses.

This team operates in a greenfield environment and moves quickly through prototyping, experimentation, and iterative deployment. We partner closely with Product, Design, and Research to bring research breakthroughs into real-world systems at global scale.

About the Role

We’re looking for an experienced Software Engineer to help build the core monetization and ads systems at OpenAI. This is a foundational role responsible for designing and implementing the infrastructure, APIs, and user-facing experiences that will power OpenAI’s next-generation monetization products—including ads.

You’ll work across the full technical stack to architect, build, and ship 0→1 systems that are robust, safe, and scalable. You will collaborate deeply with Product, Design, and Research to define the future of monetized AI experiences and ensure these systems meet OpenAI’s highest standards for safety, privacy, and policy alignment.

This role is exclusively based across our San Francisco and Seattle sites. We offer relocation assistance to new employees.

In this role, you will:

• Design, build, and scale the core infrastructure behind OpenAI’s monetization and ads products

• Develop advertiser-facing APIs and tools that enable the creation, management, and measurement of ads

• Build integrations with external partners and help create enterprise-grade monetization products

• Architect distributed systems and services that operate at massive scale with strong reliability, usability, privacy, and performance guarantees

• Work closely with Product, Research, and Design to translate product requirements into high-quality technical solutions

• Drive 0→1 product development through rapid prototyping, experimentation, and iterative deployment

• Contribute to technical strategy, propose new directions, and help shape the roadmap for monetization and ads platforms

• Maintain high engineering rigor through strong testing, documentation, and operational best practices

• Uphold the highest levels of safety, privacy, fairness, and policy compliance across all monetization systems

• Help continuously refine engineering processes, culture, and best practices within a fast-moving, multidisciplinary team

You might thrive in this role if you:

• Have 7+ years of experience building high-scale consumer, enterprise, or ads-related systems

• Have a track record of architecting and delivering complex distributed systems with high reliability and performance requirements

• Are comfortable navigating ambiguous product spaces and contributing to technical roadmaps and long-term direction

• Bring strong product intuition and enjoy collaborating deeply with Product, Design, and Research

• Thrive in 0→1 environments where systems, architecture, and user experiences must be defined from scratch

• Communicate clearly, think holistically, and make decisions rooted in both user needs and long-term sustainability

• Are motivated by building privacy-preserving, safe, and user-first monetization systems

• Bonus: Have experience in ads systems, marketing, or related fields

XML job scraping automation by YubHub

Microsoft AI are looking for a talented Member of Technical Staff, Software Engineer to join their MAI SuperIntelligence team in Zürich, Switzerland. This role sits at the heart of strategic decision-making, turning market data into actionable insights for a company that's revolutionising AI technology. You'll work directly with leadership to shape the company's direction in the AI market.

About the Role

As a Member of Technical Staff, Software Engineer, you will design and build core platform services for scalable training and evaluation, including cluster orchestration, job scheduling, data and compute pipelines, and artifact management. You will standardize containerized workflows by maintaining Docker images, CI/CD, and runtime configurations; advocate for best practices in security, reproducibility, and cost efficiency. You will implement end-to-end observability and operations through metrics, tracing, logging, dashboard development, monitoring, and automated alerts for model training and platform health (using Prometheus, Grafana, OpenTelemetry). You will architect and operate services on Azure cloud platforms, managing infrastructure-as-code (Terraform/Helm), secrets, networking, and storage. You will enhance developer experience by creating tools, CLIs, and portals that simplify job submission, metrics analysis, and experiment management for generalist software engineering and research teams.

Accountabilities

• Design and build core platform services for scalable training and evaluation, including cluster orchestration, job scheduling, data and compute pipelines, and artifact management.
• Standardize containerized workflows by maintaining Docker images, CI/CD, and runtime configurations; advocate for best practices in security, reproducibility, and cost efficiency.

The Candidate we're looking for

Experience:

• Strong software engineering background building reliable, scalable production systems (Python preferred).

Technical skills:

• Hands-on experience supporting large-scale ML / LLM training, evaluation, or experimentation infrastructure.
• Operating GPU-heavy workloads in cloud environments using Docker and Kubernetes (scheduling, utilization, isolation).
• Designing and running data / compute pipelines and orchestration (e.g., Airflow, Argo) with object storage (Azure Blob / S3).

Personal attributes:

• Building secure, reproducible platforms using CI/CD, infrastructure-as-code (Terraform, Helm), container security, and secrets management.

Benefits

• Competitive salary and benefits package.
• Opportunity to work with a talented team of engineers and researchers.
• Access to cutting-edge technology and resources.
• Flexible work arrangements, including remote work options.

XML job scraping automation by YubHub

What you'll do

You will play a key role in designing, maintaining, and scaling our Kubernetes-based infrastructure, supporting mission-critical applications, and automating operational workflows in a secure and resilient environment.

• Administer and maintain on-prem Kubernetes clusters, including installation, upgrades, patching, and monitoring.
• Automate infrastructure provisioning and configuration management using ArgoCD.
• Troubleshoot system, container, and network-level issues across distributed environments.

What you need

• Proven hands-on experience managing on-premises Kubernetes environments (kubeadm, containerd, etc.).
• Strong experience with ArgoCD for GitOps workflows and continuous delivery.
• Strong knowledge of observability and monitoring stacks, including Grafana Alloy, Prometheus, metrics pipelines, and alerting.

XML job scraping automation by YubHub