We are seeking a highly technical Security Engineer to join our Product Security team. This role is integral to ensuring the security and integrity of our products and services.
\nYou will conduct in-depth code reviews, implement security best practices, and influence the overall security strategy. Your expertise in TypeScript, Python, Kubernetes, CI/CD, SAST, DAST, and terraform orchestration will be crucial in identifying and mitigating potential security vulnerabilities.
\nYou will:
\nIdeally, you’d have:
\nCompensation packages at Scale for eligible roles include base salary, equity, and benefits. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position, determined by work location and additional factors, including job-related skills, experience, interview performance, and relevant education or training.
\nYou’ll also receive benefits including, but not limited to: Comprehensive health, dental and vision coverage, retirement benefits, a learning and development stipend, and generous PTO. Additionally, this role may be eligible for additional benefits such as a commuter stipend.
\nThe base salary range for this full-time position in the location of Washington DC/Hawaii is: $205,700-$257,400 USD
\nThe base salary range for this full-time position in the location of St. Louis/Suffolk is: $171,600-$214,500 USD
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_901202b0-bfa","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Scale","sameAs":"https://www.scale.com/","logo":"https://logos.yubhub.co/scale.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/scaleai/jobs/4651559005","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$205,700-$257,400 USD (Washington DC/Hawaii), $171,600-$214,500 USD (St. Louis/Suffolk)","x-skills-required":["TypeScript","Python","Kubernetes","CI/CD","SAST","DAST","terraform orchestration"],"x-skills-preferred":["NodeJS","modern Javascript application design","Kubernetes backed services","SAST and DAST tools and methodologies","terraform orchestration for infrastructure management"],"datePosted":"2026-04-18T15:59:56.896Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"St. Louis, MO; Washington, DC"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"TypeScript, Python, Kubernetes, CI/CD, SAST, DAST, terraform orchestration, NodeJS, modern Javascript application design, Kubernetes backed services, SAST and DAST tools and methodologies, terraform orchestration for infrastructure management","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":171600,"maxValue":257400,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_acef3d4c-b32"},"title":"Security Engineer, Product Security","description":"We are seeking a highly technical Security Engineer to join our Product Security team. This role is integral to ensuring the security and integrity of our products and services.
\nYou will conduct in-depth code reviews, implement security best practices, and influence the overall security strategy. Your expertise in TypeScript, Python, AWS, CI/CD, SAST, DAST, and terraform orchestration will be crucial in identifying and mitigating potential security vulnerabilities.
\nYou will:
\nIdeally, you’d have:
\nCompensation packages at Scale for eligible roles include base salary, equity, and benefits. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position, determined by work location and additional factors, including job-related skills, experience, interview performance, and relevant education or training. Scale employees in eligible roles are also granted equity based compensation, subject to Board of Director approval. Your recruiter can share more about the specific salary range for your preferred location during the hiring process, and confirm whether the hired role will be eligible for equity grant. You’ll also receive benefits including, but not limited to: Comprehensive health, dental and vision coverage, retirement benefits, a learning and development stipend, and generous PTO. Additionally, this role may be eligible for additional benefits such as a commuter stipend.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_acef3d4c-b32","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Scale","sameAs":"https://www.scale.com/","logo":"https://logos.yubhub.co/scale.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/scaleai/jobs/4643029005","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$237,600-$297,000 USD","x-skills-required":["TypeScript","Python","AWS","CI/CD","SAST","DAST","Terraform"],"x-skills-preferred":["NodeJS","Kubernetes","Modern Javascript application design"],"datePosted":"2026-04-18T15:57:42.582Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"New York, NY; San Francisco, CA; Seattle, WA; Washington, DC"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"TypeScript, Python, AWS, CI/CD, SAST, DAST, Terraform, NodeJS, Kubernetes, Modern Javascript application design","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":237600,"maxValue":297000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_45a87931-4a2"},"title":"Security Engineer - Platform Security","description":"We're seeking a talented and driven Security Engineer to join our Platform Security team. You will build cutting-edge security solutions to protect our Kubernetes-based infrastructure and advance secure AI-driven systems.
\nIn this role, you will design and implement AI-powered security tools, proactively address vulnerabilities, and champion secure engineering practices across the organisation.
\nIdeal candidates are passionate about impactful innovation, excel at writing clean, efficient code, and thrive in fast-paced environments to support xAI's mission of creating a trusted and secure global digital platform.
\nResponsibilities:
\nBasic Qualifications:
\nPreferred Skills and Experience:
\nITAR Requirements:
\nTo conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or be eligible to obtain the required authorisations from the U.S. Department of State. Learn more about the ITAR here.
\nCompensation and Benefits:
\n$180,000 - $440,000 USD
\nBase salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_45a87931-4a2","directApply":true,"hiringOrganization":{"@type":"Organization","name":"xAI","sameAs":"https://www.xai.com/","logo":"https://logos.yubhub.co/xai.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/xai/jobs/4835611007","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$180,000 - $440,000 USD","x-skills-required":["Python","Rust","Go","Grok","Docker","Kubernetes","Burp Suite","OWASP ZAP","SAST/DAST","SBOM management","dependency scanning"],"x-skills-preferred":["AI-driven security tools","integrating AI into security workflows","Kubernetes-based environments","securing cloud-native infrastructure","driving technical decisions","influencing security practices","challenging the status quo","transformative security solutions","collaboration skills","dynamic cross-functional teams"],"datePosted":"2026-04-18T15:51:56.952Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Palo Alto, CA"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Python, Rust, Go, Grok, Docker, Kubernetes, Burp Suite, OWASP ZAP, SAST/DAST, SBOM management, dependency scanning, AI-driven security tools, integrating AI into security workflows, Kubernetes-based environments, securing cloud-native infrastructure, driving technical decisions, influencing security practices, challenging the status quo, transformative security solutions, collaboration skills, dynamic cross-functional teams","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":180000,"maxValue":440000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_5ca1d076-26a"},"title":"Information Systems Security Manager","description":"Job Title: Information Systems Security Manager
\nAbout the Team: Anduril employs a variety of networks and networking infrastructures to support global operations. Information Systems Security Managers are in charge of directly supporting business lines that wish to deploy Anduril products in classified environments.
\nAbout the Job: As an Information Systems Security Manager, you will be responsible for providing expertise in documenting security controls to reduce the administrative cost of deploying Anduril's products into operational environments. You will partner with program and security teams to coordinate security artifacts in support of classified deployments. You will apply technology standards from the commercial space in classified, air-gapped environments.
\nResponsibilities:
\nRequired Qualifications:
\nPreferred Qualifications:
\nSalary: The salary range for this role is $146,000-$194,000 USD.
\nBenefits: Anduril offers top-tier benefits for full-time employees, including comprehensive medical, dental, and vision plans at little to no cost to you. Anduril also offers income protection, generous time off, family planning and parenting support, mental health resources, professional development, commuter benefits, relocation assistance, and a retirement savings plan.
\nProtecting Yourself from Recruitment Scams: Anduril is committed to maintaining the integrity of our Talent acquisition process and the security of our candidates. We've observed a rise in sophisticated phishing and fraudulent schemes where individuals impersonate Anduril representatives, luring job seekers with false interviews or job offers. These scammers often attempt to extract payment or sensitive personal information.
\nTo ensure your safety and help you navigate your job search with confidence, please keep the following critical points in mind:
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_5ca1d076-26a","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Anduril","sameAs":"https://www.anduril.com/","logo":"https://logos.yubhub.co/anduril.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/andurilindustries/jobs/4861096007","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$146,000-$194,000 USD","x-skills-required":["Design, develop, and implement secure systems and networks per NIST RMF, JSIG, and other industry standards","Integrate security best practices into Anduril's Software Development Lifecycle (SDLC) and infrastructure design, collaborating with internal IT and engineering teams","Conduct security risk assessments, vulnerability assessments, and audits to identify and mitigate threats","Recommend and implement security solutions, such as IDS/IPS, encryption protocols, and secure communications technologies","Develop and enforce access controls, encryption strategies, and other technical measures to safeguard systems"],"x-skills-preferred":["Experience with application security paradigms such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA)","Proven experience in securing micro-services architecture, including implementing best practices and compliance with DoD cybersecurity standards","Experience with cybersecurity in unmanned and ground control system within DoD environments","Experience with containerization and kubernetes along with the best practices for securing them","Experience with Cloud Service Providers (CSPs) and the various tools they offer for implementing security and compliance best practices"],"datePosted":"2026-04-18T15:44:18.711Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Washington, District of Columbia, United States"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Design, develop, and implement secure systems and networks per NIST RMF, JSIG, and other industry standards, Integrate security best practices into Anduril's Software Development Lifecycle (SDLC) and infrastructure design, collaborating with internal IT and engineering teams, Conduct security risk assessments, vulnerability assessments, and audits to identify and mitigate threats, Recommend and implement security solutions, such as IDS/IPS, encryption protocols, and secure communications technologies, Develop and enforce access controls, encryption strategies, and other technical measures to safeguard systems, Experience with application security paradigms such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA), Proven experience in securing micro-services architecture, including implementing best practices and compliance with DoD cybersecurity standards, Experience with cybersecurity in unmanned and ground control system within DoD environments, Experience with containerization and kubernetes along with the best practices for securing them, Experience with Cloud Service Providers (CSPs) and the various tools they offer for implementing security and compliance best practices","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":146000,"maxValue":194000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_0ae6f8dc-4fd"},"title":"Staff Engineer, AI Security","description":"Join the team as Twilio's next Staff Engineer, AI Security.
\nAs a Staff Engineer, AI Security on the AppSec team, you'll lead autonomous defense for the AI lifecycle. Build multi-agent frameworks and secure gateways while integrating real-time security gates and identity standards. By mentoring Security and R&D to define the MLSecOps roadmap, you'll ensure a 'secure-by-default' future for agentic workflows and resilient AI innovation.
\nResponsibilities:
\nServe as the primary subject matter expert for all AI and machine learning security initiatives across security and R&D.
\nDesign and manage AI gateways to provide a centralized control plane for authentication and authorization and rate limiting across all model and tool interactions.
\nBuild and maintain an autonomous security agentic framework that utilizes multi agent orchestration for end to end investigation and alert triage and remediation.
\nDevelop agentic identity models using OAuth 2.1 to propagate identity across trust boundaries and prevent the confused deputy problem.
\nHelp govern the AI augmented software development lifecycle by integrating real time security gates into the developer environment and CI/CD pipeline.
\nManage Agentic Security Solutions that secure AI lifecycle and manage AI workloads at runtime.
\nAuthor company wide AI security standards and implement these security checks across Twilio's stack.
\nImplement human in the loop checkpoints and transactional safety protocols for high impact or destructive agentic actions.
\nPartner with engineering leadership to set the long term roadmap for identity centric security and automated posture management.
\nAct as a knowledge multiplier by mentoring security engineers and developing secure by default paved road templates for R&D teams
\nQualifications:
\n8+ years of experience in security engineering with at least 3 years focused on AI or machine learning security operations (MLSecOps).
\nExpertise in orchestrating multi-agent systems with AWS Strands, LangGraph, and CrewAI, specializing in runtime isolation, PII redaction, and defending against indirect prompt injection in agentic environments.
\nHands-on experience with AI-specific frameworks (e.g., MITRE ATLAS, MAESTRO, OWASP Top 10 for LLMs/Agents/MCP) to threat model and defend against a wide spectrum of risks, including direct/indirect prompt injection, training data poisoning, tool poisoning, and data exfiltration within agentic workflows.
\nProficiency in securing end-to-end AI pipelines, from data ingestion and training to model deployment and monitoring.
\nStrong communication skills to translate complex AI risks into actionable business logic for stakeholders.
\nDesired:
\nHands-on experience in modern application security tooling including SAST and SCA and DAST with experience adapting these tools to catch AI specific vulnerabilities like indirect prompt injection.
\nExpertise in identity standards including OAuth 2.1 and PKCE.
\nExperience with AI Red Teaming and conducting adversarial simulations against Large Language Models (LLMs) and agentic systems.
\nProficiency in at least one general programming language (Python, Go, etc) with experience in container security and workload isolation.
\nProven ability to operate with autonomy and drive high impact outcomes in ambiguous environments by identifying and executing on critical projects without predefined roadmaps or direct supervision.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_0ae6f8dc-4fd","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Twilio","sameAs":"https://www.twilio.com/","logo":"https://logos.yubhub.co/twilio.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/twilio/jobs/7821462","x-work-arrangement":"remote","x-experience-level":"staff","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["security engineering","AI and machine learning security","multi-agent systems","AWS Strands","LangGraph","CrewAI","runtime isolation","PII redaction","indirect prompt injection","AI-specific frameworks","MITRE ATLAS","MAESTRO","OWASP Top 10 for LLMs/Agents/MCP","end-to-end AI pipelines","data ingestion","training","model deployment","monitoring","strong communication skills"],"x-skills-preferred":["modern application security tooling","SAST and SCA and DAST","identity standards","OAuth 2.1","PKCE","AI Red Teaming","adversarial simulations","Large Language Models","container security","workload isolation"],"datePosted":"2026-04-18T15:44:10.579Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Remote - Ireland"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"security engineering, AI and machine learning security, multi-agent systems, AWS Strands, LangGraph, CrewAI, runtime isolation, PII redaction, indirect prompt injection, AI-specific frameworks, MITRE ATLAS, MAESTRO, OWASP Top 10 for LLMs/Agents/MCP, end-to-end AI pipelines, data ingestion, training, model deployment, monitoring, strong communication skills, modern application security tooling, SAST and SCA and DAST, identity standards, OAuth 2.1, PKCE, AI Red Teaming, adversarial simulations, Large Language Models, container security, workload isolation"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_27d6fab4-848"},"title":"Staff Product Security Engineer","description":"Job Title: Staff Product Security Engineer
\nLocation: United States
\nDepartment: Security
\nJob Description:
\nThis role can be based remotely anywhere in the United States. The Product Security Team's mission is to left-shift SDLC (Security Development Lifecycle) processes for all code written in Databricks (for customer use or supporting customers internally) to reduce the likelihood of introducing new vulnerabilities in production and minimize the count and effect of externally identified vulnerabilities on Databricks Services.
\nYou will be an individual contributor on the product security team at Databricks, managing SDLC functions for features and products within Databricks. This would include, but is not limited to, security design reviews, threat models, manual code reviews, exploit writing, and exploit chain creation. You will also support IR and VRP programs when there is a vulnerability report or a product security incident.
\nYou will work with a global team, spread across various locations in the US and EMEA.
\nThe impact you will have:
\nWhat we look for:
\nPay Range Transparency:
\nDatabricks is committed to fair and equitable compensation practices. The pay range(s) for this role is listed below and represents the expected base salary range for non-commissionable roles or on-target earnings for commissionable roles. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on the factors above, Databricks anticipated utilizing the full width of the range. The total compensation package for this position may also include eligibility for annual performance bonus, equity, and the benefits listed above.
\nFor more information regarding which range your location is in visit our page here.
\nZone 1 Pay Range: $190,000 - $261,250 USD
\nZone 2 Pay Range: $171,000 - $235,200 USD
\nZone 3 Pay Range: $161,500 - $222,100 USD
\nZone 4 Pay Range: $152,000 - $209,000 USD
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_27d6fab4-848","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Databricks","sameAs":"https://databricks.com","logo":"https://logos.yubhub.co/databricks.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/databricks/jobs/7882009002","x-work-arrangement":"remote","x-experience-level":"staff","x-job-type":"full-time","x-salary-range":"$190,000 - $261,250 USD","x-skills-required":["threat modeling","security design reviews","manual code reviews","exploit writing","exploit chain creation","incident response","vulnerability response","SAST tools","DAST tools","automation","FedRamp","PCI","HIPAA","risk management","security processes","productivity","SDLC process","web security","cloud security","systems security","applied cryptography","programming languages","scripting","fuzzing"],"x-skills-preferred":[],"datePosted":"2026-04-18T15:42:34.724Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"United States"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"threat modeling, security design reviews, manual code reviews, exploit writing, exploit chain creation, incident response, vulnerability response, SAST tools, DAST tools, automation, FedRamp, PCI, HIPAA, risk management, security processes, productivity, SDLC process, web security, cloud security, systems security, applied cryptography, programming languages, scripting, fuzzing","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":190000,"maxValue":261250,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_5c7e46c8-c5c"},"title":"Application Security Intern","description":"We're looking for a curious and motivated Application Security Intern to help us build secure products and development practices at VGS. As an Application Security Intern, you will partner with security and engineering teams to evaluate application risk, improve secure software development workflows, and help developers ship software safely in an environment that handles highly sensitive payment and identity data.
\nYour responsibilities will include:
\nWe're looking for someone with a strong interest in secure software design, cloud-native architectures, and automation. You should have a foundational understanding of application security concepts, such as the OWASP Top 10, API security, authentication and authorization, secure coding, and common software vulnerabilities.
\nAt VGS, we have a remote-first philosophy, and we're looking for someone who is comfortable working independently and collaboratively as part of a team.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_5c7e46c8-c5c","directApply":true,"hiringOrganization":{"@type":"Organization","name":"VGS","sameAs":"https://www.vgs.com","logo":"https://logos.yubhub.co/vgs.com.png"},"x-apply-url":"https://jobs.lever.co/verygoodsecurity/32fe92a6-13d5-4132-b77c-a7a5ed74f38b","x-work-arrangement":"remote","x-experience-level":"entry","x-job-type":"internship","x-salary-range":null,"x-skills-required":["application security","secure software development","cloud-native architectures","automation","OWASP Top 10","API security","authentication and authorization","secure coding","common software vulnerabilities"],"x-skills-preferred":["LMMs","threat modeling","Burp Suite","SAST/DAST tools","CI/CD pipelines","Docker/Kubernetes","cloud environments"],"datePosted":"2026-04-17T13:08:01.601Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"San Francisco"}},"jobLocationType":"TELECOMMUTE","employmentType":"INTERN","occupationalCategory":"Engineering","industry":"Technology","skills":"application security, secure software development, cloud-native architectures, automation, OWASP Top 10, API security, authentication and authorization, secure coding, common software vulnerabilities, LMMs, threat modeling, Burp Suite, SAST/DAST tools, CI/CD pipelines, Docker/Kubernetes, cloud environments"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_4b414123-045"},"title":"Product Security Engineer II","description":"We are seeking a Product Security Engineer II to join our growing security team. This role will be critical in ensuring the security of our products across the entire software development lifecycle (SDLC) and provide support on different security initiatives.
\nYou will work closely with engineering, product, and operations teams to embed security best practices from design through to deployment.
\nKey responsibilities include:
\nSupporting the execution of a comprehensive product security strategy that aligns with the company's goals and risk appetite.\nWorking hands-on across code, infrastructure, and CI/CD to create agents, services, and pipelines that detect, prevent, and remediate risks leveraging AI where it adds value.\nDesigning, building, and operating security automation for the SDLC (code scanning, dependency risk management, secrets detection, policy-as-code) integrated into CI/CD.\nPerforming manual design and implementation reviews of Greenlight products and services from a security perspective.\nEstablishing and enforcing secure development standards (i.e., API security, security patterns, IaC, etc.) and best practices across the organization.\nServing as a subject matter expert on the practical security of our AI and LLM ecosystem. Leading threat modeling exercises for novel AI systems applying advanced security and privacy best practices.\nLeveraging automations and tools to continuously test, fuzz, and validate products and platform components for security issues.\nPerforming penetration testing and retesting to validate fixes.\nResponsible for triaging findings from security researchers and leading incident response for PSIRT.\nOn-call support for incident response and leading product-related security events and vulnerabilities.\nFostering a culture of security awareness and ownership across the Engineering and Product organizations.\nStaying current with the latest security threats, vulnerabilities, and industry best practices to continuously evolve our security controls and processes.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_4b414123-045","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Greenlight","sameAs":"https://www.greenlight.com/","logo":"https://logos.yubhub.co/greenlight.com.png"},"x-apply-url":"https://jobs.lever.co/greenlight/6daa8340-f262-454c-be7d-e3adc813fe0e","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Node.js","Java/Kotlin","React","Redux","Swift","SwiftUI","AWS","MySQL","DynamoDB","Redis","Kubernetes","Ambassador","Helm","Rancher","SAST","DAST","IAST","Penetration testing","Fuzzing","Scripting","Automation","Exploit writing","Cloud security principles"],"x-skills-preferred":["Security assessment of IoT hardware/firmware","Contribution to security community","Experience at Fintech or similar regulated companies","Startup Agility"],"datePosted":"2026-04-17T12:36:02.056Z","jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Finance","skills":"Node.js, Java/Kotlin, React, Redux, Swift, SwiftUI, AWS, MySQL, DynamoDB, Redis, Kubernetes, Ambassador, Helm, Rancher, SAST, DAST, IAST, Penetration testing, Fuzzing, Scripting, Automation, Exploit writing, Cloud security principles, Security assessment of IoT hardware/firmware, Contribution to security community, Experience at Fintech or similar regulated companies, Startup Agility"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_ace25108-b9c"},"title":"Staff Product Security Engineer","description":"We are seeking an experienced and motivated Staff Product Security Engineer to join our growing Security team. As a Staff Product Security Engineer, you will be responsible for the end-to-end security of our consumer products, digital platform, and emerging hardware device line.
\nYour day-to-day will involve leading security architecture/design review and threat modeling sessions with product and engineering teams, translating threats into actionable, risk-rated engineering remediations prioritized by severity, conducting hands-on penetration testing and security assessments across our full product stack, and driving PSIRT operations by triaging incoming vulnerability reports, leading technical investigations, coordinating remediation with engineering, scoring severity (CVSS), managing coordinated disclosure with external researchers, and on-call incidents.
\nYou will also shape the posture of our AI-assisted development environment, defining and enforcing enterprise policies for Claude and Cursor, and partner across the organization, sitting in design review with architects, advising product managers and engineering teams on security and compliance implications of new features, briefing executives on emerging AI threats, mentoring junior security engineers, and collaborating with the AI team on securing ML pipelines.
\nAs a champion of security culture, you will run developer training on secure coding with AI assistants, evangelize security by design for products, and ensure every engineer understands that product security is an enabler and not a gate.
\nYou will bring 10+ years of product security experience spanning application security, cloud security, and secure SDLC, expert-level threat modeling using STRIDE, PASTA, or equivalent across web, mobile, cloud, embedded, and AI systems, hands-on penetration testing skills across applications, API, cloud infrastructure, and hardware/firmware, and deep hands-down AI security expertise and expert-level understanding of OWASP Top 10 for LLM, API, Web, Mobile, and practical experience with MITRE.
\nYou will have strong hands-on experience in security tools SAST, DAST, SCA, and securing AI development tools specifically Claude and Cursor, and understand MCP security risks and know how to architect enterprise guardrails that enable safe AI-assisted development.
\nYou will also have strong programming ability and capability to review code, build security tools, automate workflows, and be credible with the engineering teams you partner with.
\nPreferred experience includes hardware and embedded security experience with knowledge of secure boot, firmware integrity, hardware root of trust, and IoT threat modeling experience, and experience in the Financial industry, knowledge of PCI DSS, COPPA, or demonstrated ability to learn regulated domains quickly.
\nWork perks at Greenlight include medical, dental, vision, and HSA match, paid life insurance, AD&D, and disability benefits, traditional 401k with company match, unlimited PTO, paid company holidays and pop-up bonus holidays, professional development stipends, mental health resources, 1:1 financial planners, fertility healthcare, 100% paid parental and caregiving leave, plus cleaning service and meals during your leave, flexible WFH, both remote and in-office opportunities, fully stocked kitchen, catered lunches, and occasional in-office happy hours, and employee resource groups.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_ace25108-b9c","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Greenlight","sameAs":"https://www.greenlight.com/","logo":"https://logos.yubhub.co/greenlight.com.png"},"x-apply-url":"https://jobs.lever.co/greenlight/18b7ac30-dbf6-4078-bf50-06772c47fdc7","x-work-arrangement":"remote","x-experience-level":"staff","x-job-type":"full-time","x-salary-range":"$165,000-200,000","x-skills-required":["product security","application security","cloud security","secure SDLC","threat modeling","penetration testing","security assessments","PSIRT operations","AI security","OWASP Top 10","MITRE","SAST","DAST","SCA","Claude","Cursor","MCP security","firmware integrity","hardware root of trust","IoT threat modeling"],"x-skills-preferred":["hardware and embedded security","PCI DSS","COPPA"],"datePosted":"2026-04-17T12:35:45.706Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Atlanta"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Finance","skills":"product security, application security, cloud security, secure SDLC, threat modeling, penetration testing, security assessments, PSIRT operations, AI security, OWASP Top 10, MITRE, SAST, DAST, SCA, Claude, Cursor, MCP security, firmware integrity, hardware root of trust, IoT threat modeling, hardware and embedded security, PCI DSS, COPPA","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":165000,"maxValue":200000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_b1f3d4c9-57d"},"title":"Internship DevSecOps – master level","description":"Our internship programs offer real-world projects, hands-on experience, and opportunities to collaborate with passionate teams globally. Explore your interests, share your ideas, and bring them to life while shaping your career path within our inclusive culture that fosters innovation and collaboration.
\nAt Synopsys, interns dive into real-world projects, gaining hands-on experience while collaborating with our passionate teams worldwide,and having fun in the process! You'll have the freedom to share your ideas, unleash your creativity, and explore your interests. This is your opportunity to bring your solutions to life and work with cutting-edge technology that shapes not only the future of innovation but also your own career path.
\nDeploy and configure security tools for Software Composition Analysis (SCA), Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST), including project onboarding, configuration, and policy management.
\nIntegrate security controls into CI/CD pipelines, such as quality gates, reporting mechanisms, and threshold management, to ensure early vulnerability detection.
\nAutomate the collection, normalization, and publication of security results using dashboards, artifacts, and notifications.
\nImplement and manage dependency updates with tools like Dependabot and Renovate, including automated pull requests and update strategies.
\nContribute to documentation (integration guides, best practices) while collaborating with development and infrastructure teams to improve the developer experience.
\nParticipate in the analysis, prioritization, and tracking of security findings and remediation efforts.
\nCurrently pursuing a Master’s degree or equivalent in cybersecurity, software engineering, DevOps/Cloud, or a related field.
\nComfortable working in both Windows and Linux environments.
\nUnderstanding of CI/CD concepts and a keen interest in DevSecOps practices.
\nExperience with programming/scripting languages such as Python, Bash, Go, or Rust is a plus.
\nFamiliarity with build and tooling systems (e.g., Bazel, Docker) and SDLC tools (e.g., Mend, Dependabot, Renovate).
\nAutonomy, attention to detail, strong problem-solving skills, and effective communication for collaboration within multidisciplinary teams.
\nFluent/Professional English
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_b1f3d4c9-57d","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Synopsys","sameAs":"https://careers.synopsys.com","logo":"https://logos.yubhub.co/careers.synopsys.com.png"},"x-apply-url":"https://careers.synopsys.com/job/villeurbanne/internship-devsecops-master-level/44408/93253148208","x-work-arrangement":"onsite","x-experience-level":"entry","x-job-type":"internship","x-salary-range":null,"x-skills-required":["Software Composition Analysis (SCA)","Static Application Security Testing (SAST)","Dynamic Application Security Testing (DAST)","CI/CD pipelines","DevSecOps practices","Python","Bash","Go","Rust","Bazel","Docker","Mend","Dependabot","Renovate"],"x-skills-preferred":[],"datePosted":"2026-04-05T13:21:58.480Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Villeurbanne"}},"employmentType":"INTERN","occupationalCategory":"Engineering","industry":"Technology","skills":"Software Composition Analysis (SCA), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), CI/CD pipelines, DevSecOps practices, Python, Bash, Go, Rust, Bazel, Docker, Mend, Dependabot, Renovate"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_92a78695-a57"},"title":"Software Engineer, DevEx","description":"We are seeking an experienced Software Engineer, Developer Experience to own and foster a collaborative, automated, and efficient software development lifecycle. In this role, you will collaborate closely with product engineering teams to ensure consistent code health, accelerate development velocity through well-maintained CI pipelines, faster builds, and secure release processes.
\nYour mission is to empower our software engineering team with seamless workflows while securing our production environments.
\nResponsibilities:
\nTeam Collaboration & Advocacy:
\nAbout you:
\nProven problem-solving and communication skills — ability to contextualizing, gauging risks and getting buy-in for high stakes and impactful solutions.
\nOwnership, high agency and desire to improve things for others.
\nAutonomy, self-drive and ability to work well in a fast-paced startup environment.
\nLow ego and team spirit mindset.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_92a78695-a57","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Mistral AI","sameAs":"https://mistral.ai"},"x-apply-url":"https://jobs.lever.co/mistral/c9e16eb0-0cb9-423d-8495-a96d10782622","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["scripting languages (Go, Python...)","software development best practices","developer experience engineering","site reliability engineering","multi-cloud infrastructures (AWS / GCP / Azure or On-Prem)","security tools & approaches (OWASP, SAST, DAST, SCA, vulnerability scanners)"],"x-skills-preferred":[],"datePosted":"2026-03-10T11:31:30.226Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Paris"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"scripting languages (Go, Python...), software development best practices, developer experience engineering, site reliability engineering, multi-cloud infrastructures (AWS / GCP / Azure or On-Prem), security tools & approaches (OWASP, SAST, DAST, SCA, vulnerability scanners)"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_c96e9df0-24a"},"title":"Director - Off-Board Cybersecurity","description":"As the Director of Off-Board & Infrastructure Cybersecurity, you will lead a global organisation of senior leaders and engineers across critical security pillars. Your mission is to move security from a defensive 'gatekeeper' to a competitive advantage that builds customer trust and enables rapid innovation across the global Ford Product Portfolio.
\nResponsibilities:
\nImplementing an Enterprise ASPM framework, driving 'Shift Left' security integration (SAST, DAST, SCA) into developer workflows, and managing the security of the software supply chain, including Software Bill of Materials (SBOM) for off-board services.
\nProtecting 'North-South' and 'East-West' traffic, establishing API governance, securing multi-cloud infrastructure for Software-Defined Vehicles (SDV) and OTA updates, directing Zero Trust Architecture strategies, and overseeing modern identity protocols like OAuth2, OIDC, and FIDO.
\nDirecting Ford's Vehicle PKI strategy, managing cryptographic lifecycles with KMS and HSMs, and leading the transition to quantum-resistant cryptographic standards.
\nSecuring the end-to-end charging value chain (BlueOval Charge Network, home charging, commercial depots), implementing 'Plug & Charge' (ISO 15118), and partnering with external entities for Critical Infrastructure Protection (V2G, bi-directional power flow).
\nQualifications:
\nBachelor's degree in Computer Science, Cybersecurity, or Engineering (Master's or PhD highly preferred).
\n15+ years in Cybersecurity or Software Engineering, with at least 7 years in a senior leadership role within a global Fortune 100 enterprise.
\nProven track record of managing large-scale PKI deployments, securing cloud-native microservices, and implementing enterprise-grade IAM and DevSecOps programs.
\nExceptional ability to translate deeply technical cryptographic and infrastructure risks into business-impact narratives for non-technical stakeholders.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_c96e9df0-24a","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Ford Motor Company","sameAs":"https://efds.fa.em5.oraclecloud.com"},"x-apply-url":"https://efds.fa.em5.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_1/job/59811","x-work-arrangement":"remote","x-experience-level":"executive","x-job-type":"full-time","x-salary-range":"$138,240-261,720","x-skills-required":["Enterprise ASPM framework","SAST","DAST","SCA","Software Bill of Materials (SBOM)","API governance","Zero Trust Architecture","OAuth2","OIDC","FIDO","KMS","HSMs","PKI strategy","quantum-resistant cryptographic standards","Plug & Charge (ISO 15118)","Critical Infrastructure Protection (V2G, bi-directional power flow)"],"x-skills-preferred":[],"datePosted":"2026-03-09T11:00:48.053Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"United States"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Automotive","skills":"Enterprise ASPM framework, SAST, DAST, SCA, Software Bill of Materials (SBOM), API governance, Zero Trust Architecture, OAuth2, OIDC, FIDO, KMS, HSMs, PKI strategy, quantum-resistant cryptographic standards, Plug & Charge (ISO 15118), Critical Infrastructure Protection (V2G, bi-directional power flow)","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":138240,"maxValue":261720,"unitText":"YEAR"}}}]}