You will gain insights into the information security field of an ISO 27001-certified company and work closely with the team to ensure the security of our systems and data.

The internship will last for 6 months, and you will be expected to work full-time. A valid matriculation during the entire internship period is required.

As a Praktikant, you will have the opportunity to learn about the company's culture and values, and contribute to the team's efforts to ensure the security of our information systems.

If you are interested in this opportunity, please submit your application, including your latest degree, current matriculation certificate, and any relevant work or internship certificates.

XML job scraping automation by YubHub

As a technology and business partner, MHP digitizes its customers' processes and products and supports them in their IT transformations along the entire value chain. As a digitization pioneer in mobility and manufacturing, MHP transfers its expertise to different industries and is the premium partner for thought leaders on their way to a Better Tomorrow.

At MHP, you will continuously grow with your projects and objectives in an innovative and supportive environment. That makes us the perfect sparring partner for your career, fueling your growth as an expert in your field while expanding your business network.

We value the authenticity that comes from bringing your individual strengths into the team. Diversity plays a key role in our culture, and it brings different visions & flavors into the mix.

• We all share a strong team spirit. Every win, big or small, belongs to all of us.
• We always welcome curiosity, creativity, and unconventional thinking patterns.
• We recognize the importance of healthy, tight-knit communities and sustainable environmental changes, and we strive to enact positive change in any form within our reach.
• We’re here to co-create your ideal career growth plan tailored to your professional aspirations.

XML job scraping automation by YubHub

The successful candidate will have a proven understanding in enterprise security and AI security and will focus on defining and implementing security guardrails for Generative AI, LLMs, and Agentic frameworks, ensuring safe enterprise adoption.

Key responsibilities include:

• Defining and implementing security guardrails for Generative AI, LLMs, and Agentic frameworks
• Conducting specialized threat modeling, red teaming, and risk assessments for AI/ML models
• Leading risk management activities, including application risk assessments, design reviews, and mitigation strategies for IT projects
• Engaging throughout the SDLC to identify vulnerabilities, conduct code reviews/penetration testing, and enforce secure coding standards
• Evangelizing AppSec and AI security best practices through developer education, training materials, and outreach

Qualifications include:

• Bachelor's degree or higher in Computer Science, Computer Engineering, IT Security or related field
• 5+ years' experience working as an Application Security Engineer, Software Engineer, or similar role
• Deep understanding of AI-specific risks (OWASP Top 10 for LLMs) and experience securing applications utilizing LLMs
• Experience working with AI models, Agentic frameworks and security risks associated with AI
• Experience in working with global teams, collaborating on code and presentations

Preferred qualifications include:

• Demonstrated work experience in hybrid on-premise and Public Cloud environments (AWS/GCP/Azure)
• Strong understanding of security architectures, secure configuration principles/coding practices, cryptography fundamentals and encryption protocols
• Experience with common SCM & CI/CD technologies like GitHub, Jenkins, Artifactory, etc. and integrating Security Scanning and Vulnerability Management into the CI/CD Pipelines
• Familiarity with static and dynamic security analysis tools, and SCA/SBOM solutions
• Hands on experience with Secrets Management & Password Vault technologies such as Delinea Secret Server and/or Hashicorp Vault, etc.
• Strong experience in secure programming in languages such as Python, Java, C++, C#, or similar
• Familiarity with Infrastructure as Code tools (CloudFormation, Terraform, Ansible, etc.)
• Familiarity with web application security testing tools and methodologies
• Knowledge of various security frameworks and standards such as ISO 27001, NIST, OWASP, etc.
• Knowledge of Linux, OS internals and containers is a plus
• Certifications like CISSP, CISM, CompTIA Security+, or CEH are advantageous

We offer a competitive salary and benefits package, as well as opportunities for professional growth and development.

XML job scraping automation by YubHub

Tonies is the world's leading interactive audio platform for children, with over 10 million Tonieboxes and 125 million Tonies sold globally. Our intuitive, screen-free system empowers children to learn and play independently in a safe and engaging way.

As Manager Digital Trust & Security, you will lead the strategic expansion of our security service offerings. You will bridge the gap between technical architecture and business-centric consulting, ensuring our digital infrastructure remains resilient while fostering consumer trust across our global operations.

Responsibilities:

• Strategic Governance & Architecture: Define the global security vision and design scalable architectures to mitigate complex cyber threats across our media and hardware footprints.
• Trust Infrastructure Management: Architect and manage the security technology stack, ensuring our global IT assets and infrastructures remain resilient against emerging threats.
• Proactive Risk & Compliance: Lead comprehensive vulnerability assessments and recommend mitigation strategies that align with industry standards such as ISO 27001.
• Operational Excellence: Oversee incident response lifecycles, from real-time resolution to deep-dive post-incident analysis and reporting.
• Security Culture & Training: Develop and execute global training programs to embed security awareness into the company DNA, ensuring compliance across all departments.
• Cross-Functional Leadership: Partner with Enterprise Architecture and Application Management to integrate security-by-design into every product and internal service.

What we are looking for:

• Expertise: Several years of leadership in security or service management within the technology or consumer electronics sector.
• Technical Breadth: Deep understanding of security frameworks, cloud security (AWS/GCP), and modern monitoring platforms.
• Strategic Mindset: Proven ability to translate complex security risks into actionable business insights for diverse stakeholders.
• Lateral Leadership: A collaborative leader capable of managing cross-functional initiatives in a fast-paced, global environment.
• Communication: Professional fluency in English and German is essential for our global coordination.
• Mandatory: Demonstrable expertise in at least two security domains, backed by relevant professional certifications.
• Preferred: Advanced credentials in Cloud Security or specialized standards like ISO 27001.

Why tonies?

Our benefits vary by location. The following benefits apply in Germany:

• Global Teamwork: We collaborate across departmental and country borders on our vision to bring the Toniebox into every child's room in the world.
• Come as you are: This applies not only to the dress code but also to everything else. Because only where you truly feel comfortable can you give your best.
• Mobility: Choose the option that suits you best - a Deutschlandticket (public transport ticket) for unlimited mobility, a monthly contribution for an office parking space, a leasing bicycle, or a remote work subsidy.
• Enhanced Security: Benefit from subsidies for company pension plans, occupational pension schemes, and occupational disability insurance.
• Rest & Time Off: Enjoy 30 days of paid annual leave as well as three additional days off such as Rosenmontag, Christmas Eve, and New Year's Eve. After one year of employment, you can also use up to 10 'toniecation days' (unpaid leave days).
• Continuous Learning: Benefit from our internal and external training opportunities as well as an individual learning budget to continuously expand your knowledge.
• Language Learning & Relaxation: Improve your communication skills with the language learning app Babbel and find relaxation through our access to the meditation app Calm.
• Discounts: Benefit from attractive discounts on our entire range of tonies products.

XML job scraping automation by YubHub

At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world's largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies.

Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks.

We are looking for people who have the instinct to spot a "normalized" problem and the AI-native curiosity to create a solution using the latest tools. Our culture is built on iteration, leveraging AI to ship faster today to make it better tomorrow, while ensuring that every improvement, no matter how small, is shared across the team to lift everyone up.

Available Location: London, United Kingdom

About Cloudflare's Security Team

Security is at the heart of Cloudflare's mission to help build a better Internet. Anytime we push code, it automatically affects the millions of Internet properties (powering websites, remote teams, APIs, mobile apps, etc.) running on our global network. Cloudflare's network is one of the largest in the world, spanning over 330 cities in more than 125 countries, and operating within 50 milliseconds of 95% of the Internet-connected population.

The Security Governance, Risk and Compliance team (GRC) is a sub-team of Security. Our job is to make sure that Cloudflare has the right controls in place to secure our systems and customer data. We work cross-functionally with almost every team at Cloudflare to implement new controls, manage risk, and demonstrate our security posture to auditors and customers.

About the Internship Program

The ideal Security intern is passionate about making the Internet a more secure place. You will work alongside experienced security team members to partner with them in planning, executing and overseeing initiatives that help improve Cloudflare's security posture. We are looking for interns who are curious, proactive, and able to approach problems with a "security-first" mindset.

This is a unique opportunity for candidates who want to learn how to defend systems at a scale that few other companies can offer.

What you'll do

As a GRC intern, you won't just be checking boxes. Over 12 weeks, you will:

• Execute a specialized project that directly improves Cloudflare's security posture.

• Improve the maturity of Cloudflare's Security Compliance program by working on projects like:

Evaluating the efficacy of Cloudflare security controls implemented across the organization.

Developing and implementing automated solutions to improve Governance, Risk, and Compliance processes and operations, integrating with existing security, engineering, and AI tools.

Supporting the security risk register by triaging and assessing potential risks, proposing mitigation strategies, and presenting key security insights to leadership.

Supporting Cloudflare's security data center audits and assessments.

Work cross-functionally with Legal, People, Engineering, and Finance teams to integrate security into the fabric of the company.

Work closely with a mentor who will provide hands-on guidance in your specific security domain.

Connect and learn from our executives and leadership team including our co-founders.

Present your security project to the entire company at the end of the internship.

Write for our Cloudflare blog and be featured on Cloudflare.tv sessions.

Desirable skills, knowledge and experience

• Working knowledge of industry-standard frameworks such as NIST 800-53, ISO 27001, or SOC 2 principles through coursework or personal study.

• Understanding of risk management methodologies - identifying threats, assessing impact/likelihood, and suggesting mitigation strategies.

• Ability to write basic Python scripts to automate repetitive tasks, such as interacting with APIs or data cleaning.

• Workflow Logic & Orchestration - experience with "if-this-then-that" logic in automation platforms.

• Understanding how to "instruct" AI models effectively and leverage them to perform day-to-day tasks.

• Demonstrated critical thinking skills and drive to learn and adapt new technologies.

• Curiosity, empathy and ability to get things done.

• Ability to commit to a minimum 12 week summer internship.

• In the office 3-5 days a week in the London office

Bonus points

• Demonstrated passion for security & software development, such as personal projects, open-source contributions, or experience

You've built something with our developer platform using Cloudflare for Students

What Makes Cloudflare Special?

We're not just a highly ambitious, large-scale technology company. We're a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.

Project Galileo: Since 2014, we've equipped more than 2,400 journalism and civil society organizations in 111 countries with powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by Cloudflare's enterprise customers--at no cost.

Athenian Project: In 2017, we created the Athenian Project to ensure that state and local governments have the highest level of protection and reliability for free, so that their constituents have access to election information and voter registration. Since the project, we've provided services to more than 425 local government election websites in 33 states.

1.1.1.1: We released 1.1.1.1 to help fix the foundation of the Internet by building a faster, more secure and privacy-centric public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever released.

Here’s the deal - we don’t store client IP addresses never, ever. We will continue to abide by our privacy commitment and ensure that no user data is sold to advertisers or used to target consumers.

Sound like something you’d like to be a part of? We’d love to hear from you!

This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology controlled under these U.S. export laws without sponsorship for an export license.

Cloudflare is proud to be an equal opportunity employer. We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness. All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law. We are an AA/Veterans/Disabled Employer.

Cloudflare provides

XML job scraping automation by YubHub

This role requires strong technical depth, sound operational judgment, and comfort operating in a fast-moving environment. You will work closely with Security, Systems Engineering, People Ops, and Engineering to support the full employee lifecycle while continuously improving reliability, automation, and operational maturity.

Key responsibilities include administering identity and access management platforms, managing macOS and Windows endpoints, administering ITSM platforms, and troubleshooting across SaaS, endpoint, identity, and network layers. You will also create and maintain technical documentation for systems and operational procedures.

In addition to a competitive salary, we offer a variety of benefits to support your needs, including medical, dental, and vision insurance, company-paid life insurance, voluntary supplemental life insurance, short and long-term disability insurance, flexible spending account, health savings account, tuition reimbursement, ability to participate in employee stock purchase program (ESPP), mental wellness benefits through Spring Health, family-forming support provided by Carrot, paid parental leave, flexible PTO, catered lunch each day in our office and data center locations, and a casual work environment.

XML job scraping automation by YubHub

In this role, you will work closely with Engineering and DevOps teams to design, implement, and maintain secure cloud infrastructure, CI/CD pipelines, and containerized environments.

You will play a key role in strengthening our security posture across AWS and GCP, automating security controls through infrastructure as code, and ensuring compliance with industry standards such as PCI DSS and SOC 2, enabling Yuno to scale securely in the global payments ecosystem.

Responsibilities:

• Design, build, and maintain secure and scalable internal security solutions and tools using Python to support security operations and strengthen technical controls.

• Improve and manage security configurations in AWS and GCP (including WAF, Security Hub, IAM policies, SIEM integrations and other critical services) to continuously strengthen our overall cloud security posture and ensure best practices are implemented.

• Implement and maintain security processes and technical controls that support compliance requirements (e.g., PCI DSS, ISO 27001/27701, SOC 2).

• Collaborate with different teams on cross-functional security initiatives, providing technical expertise and ensuring alignment with best practices.

• Explore and evaluate emerging technologies and architectures (e.g., AI integrations) to ensure secure adoption.

Skills You Need:

• 4+ years of hands-on experience in security engineering or similar technical security roles.

• Strong experience designing and developing security tools or internal products to support security operations using Python.

• Solid knowledge of AWS and GCP security services and configurations.

• Practical experience working with compliance frameworks (e.g., PCI DSS, ISO 27001/27701, SOC 2) in cloud environments.

• Strong problem-solving skills and the ability to communicate and collaborate effectively with cross-functional teams.

• Verbal and written English fluency.

Preferred Qualifications:

• Familiarity with SIEM platforms and security monitoring tools.

• Experience with Kubernetes and container security.

• Experience with infrastructure as code (e.g., Terraform, CloudFormation).

• Familiarity with emerging architectures (e.g., serverless, event-driven, AI integrations).

• Experience embedding security practices across the software development lifecycle, including CI/CD pipelines.

XML job scraping automation by YubHub

The ideal candidate brings experience securing aerospace or defense products and approaches compliance as an enabler of mission success. This role emphasizes practical, engineering-driven security decisions that balance regulatory requirements with system performance, autonomy, and operational realities.

Responsibilities: Serve as the product security lead and ISSM for operational autonomous aircraft platforms. Own and guide RMF activities, including ATO packages, ongoing authorization, and customer security engagements Translate security and compliance requirements into product-appropriate, technically sound controls Partner closely with systems, software, hardware, and platform engineering teams throughout the product lifecycle Evaluate the security impact and operational tradeoffs of design decisions Support government and customer audits, assessments, and security reviews Contribute to the maturation of product security and compliance practices across Shield AI

Required qualifications: Experience functioning as an Information System Security Manager (ISSM) or senior ISSO for complex systems Experience securing aerospace and/or defense products Strong working knowledge of RMF, NIST 800-53, and the ATO process Enough systems engineering or technical depth to assess the reasonableness and impact of security requirements Ability to work effectively with engineering teams in fast-paced, product-driven environments Active U.S. Secret security clearance Ability to work on-site in Frisco, TX

Preferred qualifications: Active Top Secret (TS) clearance Experience with CMMC and ISO 27001 implementation or assessment Product security experience beyond enterprise IT or GRC-only roles Commercial technology experience in addition to defense Familiarity with secure development lifecycles and embedded or autonomous systems

$138,000 - $207,000 a year Full-time regular employee offer package: Pay within range listed + Bonus + Benefits + Equity Temporary employee offer package: Pay within range listed above + temporary benefits package (applicable after 60 days of employment)

XML job scraping automation by YubHub

This individual will oversee engineers responsible for software integrations, SharePoint solutions, and Atlassian system administration, ensuring that Shield AI's enterprise platforms remain scalable, secure, and aligned with business needs.

The ideal candidate brings a blend of technical expertise, program leadership, and people management experience to drive the delivery of reliable, automated solutions across Shield AI's internal systems.

Key responsibilities include:

• Leading, developing, and mentoring a team of engineers supporting enterprise software applications, integrations, and collaboration platforms.

• Driving the design, delivery, and lifecycle management of Shield AI's enterprise technology stack, including Microsoft 365, SharePoint, Atlassian, and other internal platforms.

• Partnering closely with cross-functional stakeholders to deliver secure, scalable enterprise solutions that enable efficient operations across Shield AI.

• Overseeing application governance, performance, and compliance in coordination with Cybersecurity and IT teams.

• Supporting integration of SaaS platforms with identity systems, workflows, and data automation pipelines.

• Establishing and maintaining best practices for DevOps automation, CI/CD, and application lifecycle management within Enterprise Operations.

• Developing strategic roadmaps and project plans that align technology initiatives with business priorities.

• Fostering collaboration, professional development, and operational excellence across the Enterprise Technology Solutions team.

• Leading effectively in a dynamic startup setting, balancing competing priorities and guiding teams through rapid change with clarity and confidence.

XML job scraping automation by YubHub

Fridtjof Nansen crossed the Arctic, going places no human had ever been. Together with our users, we're doing the same onchain , and someone needs to make sure we don't get killed on the way there.

We're building the single best platform for onchain investing , agentic trading, staking infrastructure, AI-powered analytics , and we're scaling fast. Fast enough that security can't be an afterthought bolted on later. It has to be built in, from the start, by someone who knows what they're doing.

Our mission:

Surface the signal and create winners.

What you'll do at Nansen

You'll be the person who makes sure we can move fast without breaking things that matter. That means embedding security into everything we build , cloud infrastructure, applications, CI/CD pipelines, AI systems, staking operations , across a generalist role that spans the full surface area.

• Run security assessments across systems, architectures, and code , find the vulnerabilities before someone else does
• Advise engineering teams on secure design decisions. You're a partner, not a blocker
• Deploy and maintain security infrastructure: SIEM, vulnerability scanning, endpoint protection, logging , the things that let us sleep at night
• Secure our CI/CD pipelines and deployment workflows end-to-end
• Own secrets management, key management, and access controls. No shortcuts
• Address LLM security head-on: API key management, prompt injection prevention, and the risks that come with shipping AI-powered products at speed
• Coordinate penetration tests and security audits with external vendors
• Create and maintain secure coding guidelines and code review processes that engineers actually follow
• Represent the Security Team in the incident response process
• Drive compliance readiness , SOC 2, ISO 27001 , pragmatically, not bureaucratically

What we're looking for

• You've built and hardened production security at scale , you know the difference between a policy document and an actually secure system
• Strong cloud security knowledge (AWS, GCP or equivalent). Container security and network security fundamentals
• Hands-on experience implementing security tooling, not just evaluating it
• Secrets and key management expertise , you've managed this at a company where it actually mattered
• You understand the security implications of AI/LLM and agent-based systems. This is new territory and we need someone thinking about it seriously
• CI/CD pipeline security is second nature
• Pragmatic about compliance , you can get us to SOC 2 without drowning the engineering team in process
• You don't just use AI as a tool. You think with it. AI-first isn't a checkbox , it's how you work
• Strong async communication skills , we're remote-first, Slack-and-docs-heavy, and EMEA hours are preferred for team overlap
• Bonus: blockchain, smart contract, or staking infrastructure security experience. Kubernetes and Terraform security. Incident response or security operations background

What we offer our crew

• Competitive salary. Meaningful equity. Real ownership in what you build
• Fully remote with two no-meeting days a week , because deep work doesn't happen in a Google Meet
• Annual company retreat and team off-sites in one of our offices: Singapore, Bangkok, London, and Oslo , flights and accommodation covered
• Unlimited AI tokens , Claude, OpenAI, whatever helps you move fast
• Your own OpenClaw for work
• Nansen Pro account: giving you full access to the most detailed onchain data in the market
• A team that started as data engineers and data scientists that has grown to over 80 builders. Your craft is respected here.
• Speed, ownership, curiosity, courage. These aren't values on a wall , they're how we run.
• A front-row seat (and a hand in building) the next chapter of finance

XML job scraping automation by YubHub

Key responsibilities include:

• Conducting cybersecurity risk assessments and designing and implementing key internal controls
• Compiling reporting and metrics to ensure the effectiveness of our security program
• Identifying and evaluating risk to the company's Information Security Program and creating and improving controls to manage operational risks
• Ensuring these controls continue to perform as expected, without any issues or deviations

We are looking for someone with expert knowledge and wide-ranging experience with regulatory and industry frameworks/standards/methodologies/technology, including NIST 800-53, NIST Cybersecurity Framework, ISO 27001, SOC 1/2, cloud environments, logical security, change management, and computer operations.

The ideal candidate will have excellent project management skills, be able to lead and execute key team projects from start to finish, and have a deep understanding of the IT threat landscape for the industry and cloud environments.

In addition to your technical skills, you should be able to communicate proactively, take ownership in assigned work/projects, and be comfortable asking questions when something is unclear or to further knowledge in a specific area.

If you are a strong contributor with the ability to significantly contribute to medium-to-large projects and overall Anchorage Digital culture, we encourage you to apply for this exciting opportunity.

XML job scraping automation by YubHub

Join us to transform the future through continuous technological innovation.

As an Information Security Analyst, you will be an integral part of the Synopsys Corporate Information Security group, working within a mature Governance, Risk, and Compliance (GRC) Team. This team collaborates closely with the Director of Information Security, Manager of GRC, and stakeholders across the organization to raise the overall security and compliance posture for Synopsys.

Your responsibilities will include:

• Identifying, documenting, monitoring, and reporting on risk register items, KPIs/KRIs, including the monitoring of security control efficacy.
• Demonstrating experience with governance, risk, and compliance tools.
• Working with security control frameworks such as ISO 27001, SOC 2 Type II, NIST 800-53, NIST CSF, and similar.
• Presenting security risks to a wide audience, including risk owners and other stakeholders.
• Interacting with Synopsys IT and business stakeholders to understand risks to critical infrastructure by defining potential business impact with the responsibility to apply effective mitigation strategies.
• Providing guidance on control implementations related to governance frameworks, regulations, and corporate security policies.
• Understanding of security functions including Incident Management, Change Management, Identity and Access Management, and Vendor Security Risk Management.
• Conducting third-party (vendor) risk assessments in collaboration with stakeholders.
• Providing security requirements to both internal partners and external third-party providers.
• Effectively communicating and working with a global team.
• Maintaining, enforcing, and tracking the Synopsys Information Security Exception process.
• Staying current with industry, regulatory, and legal requirements relevant to security, compliance, and privacy.

You will be responsible for enhancing Synopsys' overall security and compliance posture by building and improving the GRC portfolio. You will also enable and transform the risk management program to address the evolving cybersecurity threat landscape. Ensure regulatory compliance as the company continues to grow. Strengthen risk assessments of suppliers and partners, contributing to a robust security framework.

To be successful in this role, you will need:

• A bachelor's degree in Computer Science, Information Systems, or a related field.
• Typically, 5-7 years of experience in a related field.
• Knowledge of common certification and attestation programs such as ISO 27001 and SOC 2 Type II, ISO 31000.
• Practical working experience with control frameworks like ISO 27001, NIST 800-53, SOC 2 Type II and NIST CSF.
• Excellent organizational skills with attention to detail and the ability to multitask for project prioritization.
• Effective communication skills with internal and external customers, executive managers, and team members.
• Ability to understand the intent of compliance requirements to provide effective and meaningful examination.

We offer a comprehensive range of health, wellness, and financial benefits to cater to your needs. Our total rewards include both monetary and non-monetary offerings. Your recruiter will provide more details about the salary range and benefits during the hiring process.

At Synopsys, we want talented people of every background to feel valued and supported to do their best work. Synopsys considers all applicants for employment without regard to race, color, religion, national origin, gender, sexual orientation, age, military veteran status, or disability.

XML job scraping automation by YubHub

The role is responsible for multiple individual program leaders, overseeing the Manager of Vulnerability Management and Validation, and collaborating closely with the Security Leadership Team. This Manager combines broad cybersecurity and business knowledge to reduce the company's cyber risk posture over time. This leader serves as a trusted advisor to executive leadership by translating technical assurance outcomes into clear, business-relevant risk insights.

Key responsibilities include:

• Hire, develop, inspire, reward, and retain a highly qualified and diverse team
• Apply strong leadership and strategic thinking to a diverse set of opportunities and challenges
• Create an environment that fosters accountability and engagement at all levels
• Establish and maintain excellent working relationships and partnerships across the Technology Organization functions, business partners, and external vendors and suppliers

The ideal candidate will have 7+ years of cybersecurity experience in architecture, engineering, operations, or compliance, and 5+ years of experience in leading teams. They should also have demonstrated ability to be an inclusive leader, strong leadership abilities, and outstanding credibility and ability to build strong relationships within the company and industry.

XML job scraping automation by YubHub

You thrive in collaborative settings, working seamlessly with cross-functional teams such as Finance, Legal, Audit, and HR, and are adept at implementing innovative security solutions that elevate organisational posture. Your analytical mindset is matched by your critical thinking skills, allowing you to assess potential threats, evaluate risk mitigation strategies, and communicate findings clearly to executive leadership and stakeholders globally.

You are passionate about advancing risk management programs, enhancing compliance, and tracking enterprise security risks to keep pace with the ever-evolving cybersecurity landscape. Your commitment to continuous learning ensures you stay ahead of industry trends and regulatory changes, making you a valuable partner in Synopsys' growth and transformation.

You take ownership of your work, demonstrate high ethical standards, and enjoy tackling complex challenges unique to the Synopsys business and systems architecture. Your ability to translate technical concepts into actionable business solutions empowers the organisation to achieve its strategic goals securely and efficiently.

Responsibilities

• Conduct security risk assessments of suppliers, partners, and internal systems, rating risks and recommending mitigation controls.
• Identify, document, monitor, and report on risk register items, KPIs/KRIs, and security control efficacy.
• Present security risks and findings to diverse audiences, including risk owners, senior management, and global stakeholders.
• Collaborate with business groups to implement new solutions, processes, and remediate outstanding security issues.
• Work closely within the GRC team to detect potential security weaknesses and develop creative solutions tailored to Synopsys' systems architecture.
• Provide guidance on control implementations, governance frameworks, and corporate security policies.
• Conduct third-party (vendor) risk assessments and communicate requirements to internal and external partners.
• Maintain, enforce, and track the Synopsys Information Security Exception process.
• Stay current with industry, regulatory, and legal requirements relevant to security, compliance, and privacy.

Requirements

• Bachelor's degree in Computer Science, Information Systems, or a related field (or equivalent experience).
• 5-7 years of hands-on experience in information security, risk management, or compliance.
• In-depth knowledge of certification and attestation programs (ISO 27001, SOC 2 Type II, ISO 31000).
• Practical experience with security control frameworks (ISO 27001, NIST 800-53, SOC 2 Type II, NIST CSF).
• Excellent organisational skills and attention to detail, with the ability to prioritise multiple projects.
• Effective communication skills with internal/external customers, executive managers, and global teams.
• Ability to interpret compliance requirements and provide meaningful risk analysis.

Benefits

We offer a comprehensive range of health, wellness, and financial benefits to cater to your needs. Our total rewards include both monetary and non-monetary offerings. Your recruiter will provide more details about the salary range and benefits during the hiring process.

XML job scraping automation by YubHub

This is an excellent opportunity for a Support Bar Analyst (IT Help Desk) with excellent communication and leadership skills, looking to make an impact within a fast-paced and dynamic environment. The role reports to the Head of Local Support and involves working closely with colleagues in other offices to deliver a seamless service to our users.

Responsibilities:

• Act as front-line support for local and/or time zone-based employees
• Serve as the main point of contact for our customers via email, walk-ups, and chat support
• Respond promptly and professionally to customer inquiries and troubleshoot issues related to our products and services
• Utilize relevant software and databases to effectively diagnose, track, and resolve customer issues and address complaints
• Maintain accurate records, including call logs and ticketing systems, to track customer interactions and issue resolution
• Collaborate with other teams to identify and resolve technical issues
• Stay up-to-date with industry trends and provide input on continuous improvement to the Helpdesk and customer service workflows
• Identify and escalate issues requiring urgent attention to the appropriate parties
• Ensure SLAs are met and that our internal users are provided with an exceptional user experience
• Ensure that all IT assets in the local office are managed and maintained to a high standard
• Ensure compliance with all relevant regulations and legislation related to workplace services, health and safety, and environmental management

Requirements:

• Global experience within a business services environment and ideally video games development and/or working in a highly technical development environment
• Strong knowledge of first and second-line support operations
• Desirable knowledge of ServiceNow and industry trends
• Excellent relationship-building skills
• Ability to work in a matrix management environment
• Proven work experience in a customer service or Helpdesk role
• Excellent communication and active listening skills with a customer-first mindset
• Ability to operate effectively in a dynamic, fast-paced environment and multitask effectively
• Ability to learn quickly and adapt to new software applications and technologies
• Excellent problem-solving skills
• Strong customer service orientation, with a focus on delivering high-quality services to employees and stakeholders

Skills and experience desired:

• Manage the deployment, configuration, and maintenance of mobile devices, including tablets, smartphones, consoles, Meeting Room solutions (Intune, Autopilot, EMS, MDM, VDI)
• Manage the deployment, configuration, and maintenance of user peripherals
• Provide 3rd-line support for mobility applications to team members, customers
• Helping Keywords gain compliance in Local and global standards (ISO 27001, Cyber Essentials Plus)
• Collaborate with other stakeholders to ensure application security and data privacy are maintained
• Evaluate emerging technologies and provide recommendations for improving mobility services by closely working with OEMs and Vendors
• Develop and maintain technical documentation related to mobility solutions, providing training where needed to other departments on mobility solutions
• Basic knowledge of ITIL process

XML job scraping automation by YubHub

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

About the Team

OpenAI’s Platform and Infrastructure Engineering organization advances the mission of deploying artificial general intelligence (AGI) for the benefit of all by delivering secure, scalable, and resilient technology solutions. Our team builds and maintains robust infrastructure that safeguards OpenAI’s data and systems while ensuring employees are well-equipped and seamlessly connected. By prioritizing security, reliability, and user-centric solutions, we empower OpenAI employees to drive impactful AI research, corporate operations, and product innovation.

About the Role

As a Client Platform Engineer at OpenAI, you will play a pivotal role in securing, enhancing, and maintaining our endpoint management infrastructure across macOS, Windows, iOS, and Android devices. Your focus will be on building scalable, automated solutions that ensure seamless deployments, advanced security configurations, and efficient operational workflows. You will collaborate closely with IT, Security, and Engineering teams to implement modern endpoint management practices using automation, Infrastructure-as-Code (IaC), and monitoring strategies. This role offers an opportunity to work with cutting-edge tools and contribute to building a security-first, automation-driven endpoint ecosystem.

In this role, you will:

• Design, build, implement, and maintain scalable and performant endpoint management infrastructure to facilitate best-in-class security of the OpenAI fleet comprised of macOS, Windows, iOS, and Android endpoints.

• Deliver critical endpoint management efficiencies and capabilities through bespoke software development and implementation of both industry-standard open source tooling and first-party software solutions.

• Employ modern Infrastructure-as-Code (IaC) methodologies, develop GitOps-driven solutions to deliver consensus-based fleet management capabilities at scale.

• Build and maintain CI/CD pipelines for fleet management infrastructure, deploying to progressively tested environments across multiple clouds (Azure, AWS, GCP).

• Drive initiatives to adopt emerging CPE technologies, industry best practices, and optimize processes for scalability and operational efficiency.

• Partner with cross-functional teams to ensure seamless endpoint user experiences while maintaining strict security standards and continually increasing the bar.

You may be a fit for this role if you have:

• Proficiency in a modern programming language (Python, Golang, Ruby, etc.)

• Extensive hands-on experience with Jamf PRO and Microsoft Intune to ensure comprehensive secure fleet management as well as experience with similar cloud identity providers.

• Demonstrated success and experience with open source endpoint management tooling for configuration management, mobile device management, application management, and telemetry such as Salt, Puppet, Munki, Nano/MicroMDM, osquery, Autopkg, WinGet, etc.

• History of developing and delivering secure, reliable, scalable, and technology solutions.

• Deep knowledge and experience managing corporate infrastructure at scale with Infrastructure-as-Code (IaC) practices & GitOps workflows (Terraform, Ansible, Chef, etc.)

• Experience integrating and operating fleet management infrastructure with CI/CD pipelines and DevOps workflows.

• Proven track record of deploying and operating fleet management infrastructure in public cloud environments (Azure, AWS, GCP).

• A self-starter with strong analytical and problem-solving skills.

You might thrive in this role if you have:

• Deep experience with open-source fleet management tools and frameworks.

• Experience with containerization technologies such as Docker and Kubernetes.

• Familiarity with compliance frameworks such as SOC 2, ISO 27001, FedRAMP, and NIST.

• Strong soft skills, including stakeholder communication and cross-functional collaboration.

• Relevant professional certifications such as CISSP, CISA, CISM, CCSP.

• A security thought leader with contributions to CPE open-source projects or technical communities.

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity.

We are an equal opportunity employer, and we do not discriminate on the basis of

XML job scraping automation by YubHub

As an Enterprise Product Engineer at Cursor, you'll architect, implement, and deploy projects end-to-end to build enterprise-grade features that help large organisations adopt and scale with Cursor.

You may be a fit if

You have an entrepreneurial spirit and love creating outsized business impact. You want to be at the frontier of AI transformation with the best companies in the world. You're passionate about building great products that blend excellent engineering with a taste for models and design. You have a propensity for creative ideas and have a knack for making powerful tools without compromising their ease-of-use.

Responsibilities

• Architect, implement, and deploy projects end-to-end to build enterprise-grade features that help large organisations adopt and scale with Cursor.
• Collaborate with cross-functional teams to define and deliver product roadmaps that meet business objectives.
• Analyse customer needs and develop solutions that meet their requirements.
• Work closely with the design team to create user-centred products that are both functional and aesthetically pleasing.
• Develop and maintain high-quality code that is scalable, maintainable, and efficient.
• Participate in code reviews to ensure that the codebase is of the highest quality.
• Stay up-to-date with the latest technologies and trends in the industry.

Benefits

• Competitive salary and benefits package.
• Opportunity to work with a recognised leader in the AI industry.
• Collaborative and dynamic work environment.
• Flexible working hours and remote work options.
• Access to the latest technologies and tools.
• Opportunities for professional growth and development.

What we're looking for

• 3+ years of experience in software development, preferably in a product engineering role.
• Strong understanding of software development principles, patterns, and best practices.
• Experience with Agile development methodologies and version control systems.
• Strong problem-solving skills and attention to detail.
• Excellent communication and collaboration skills.
• Experience with cloud-based technologies and containerisation.
• Familiarity with machine learning and AI concepts.
• Experience with design thinking and user-centred design.
• Strong understanding of security principles and best practices.
• Experience with DevOps practices and tools.
• Familiarity with testing frameworks and methodologies.
• Experience with continuous integration and continuous deployment.
• Strong understanding of scalability and performance optimisation.
• Experience with monitoring and logging tools.
• Familiarity with containerisation and orchestration.
• Experience with cloud-based storage and databases.
• Familiarity with security frameworks and best practices.
• Experience with compliance and regulatory requirements.
• Familiarity with industry standards and best practices.

Preferred skills

• Experience with Python, Java, or C++.
• Familiarity with cloud-based platforms such as AWS or Azure.
• Experience with containerisation and orchestration tools such as Docker and Kubernetes.
• Familiarity with machine learning and AI frameworks such as TensorFlow or PyTorch.
• Experience with design thinking and user-centred design tools such as Sketch or Figma.
• Familiarity with testing frameworks and methodologies such as JUnit or PyUnit.
• Experience with continuous integration and continuous deployment tools such as Jenkins or GitLab CI/CD.
• Familiarity with monitoring and logging tools such as Prometheus or Grafana.
• Experience with security frameworks and best practices such as OWASP or NIST.
• Familiarity with compliance and regulatory requirements such as GDPR or HIPAA.
• Experience with industry standards and best practices such as ISO 27001 or PCI-DSS.

Salary range

£80,000 - £120,000 per annum.

Category

Engineering.

Industry

Technology.

Experience level

Mid.

Employment type

Full-time.

Workplace type

Remote.

Required skills

• Software development principles, patterns, and best practices.
• Agile development methodologies and version control systems.
• Problem-solving skills and attention to detail.
• Communication and collaboration skills.
• Cloud-based technologies and containerisation.
• Machine learning and AI concepts.
• Design thinking and user-centred design.
• Security principles and best practices.
• DevOps practices and tools.
• Testing frameworks and methodologies.
• Continuous integration and continuous deployment.
• Scalability and performance optimisation.
• Monitoring and logging tools.
• Containerisation and orchestration.
• Cloud-based storage and databases.
• Security frameworks and best practices.
• Compliance and regulatory requirements.
• Industry standards and best practices.

Preferred skills

• Python, Java, or C++.
• Cloud-based platforms such as AWS or Azure.
• Containerisation and orchestration tools such as Docker and Kubernetes.
• Machine learning and AI frameworks such as TensorFlow or PyTorch.
• Design thinking and user-centred design tools such as Sketch or Figma.
• Testing frameworks and methodologies such as JUnit or PyUnit.
• Continuous integration and continuous deployment tools such as Jenkins or GitLab CI/CD.
• Monitoring and logging tools such as Prometheus or Grafana.
• Security frameworks and best practices such as OWASP or NIST.
• Compliance and regulatory requirements such as GDPR or HIPAA.
• Industry standards and best practices such as ISO 27001 or PCI-DSS.

XML job scraping automation by YubHub

Security GRC Engineers design, implement, and scale our governance, risk, and compliance (GRC) program. You will lead automation of compliance workflows, build self-serve tools to enable GTM teams, and ensure our products and infrastructure meet the highest security standards. This role combines technical implementation with strategic program development, directly shaping how we build trust with customers.

You may be a fit if

• You have experience with GRC frameworks (SOC 2, ISO 27001, ISO 27701, ISO/IEC 42001).
• You have hands-on technical skills to automate compliance workflows and integrate with engineering systems.
• You have proven ability to balance technical implementation with program strategy.
• You have strong cross-functional collaboration skills, especially with engineering, GTM, and auditors.

Sample projects include

• Automate evidence gathering and continuous control testing.
• Optimise compliance monitoring and alerting systems; provide guidance on remediation.
• Generate security program KPIs and maintain a platform for documenting risks, controls, and assessments.
• Build self-serve tools and automation to streamline customer security diligence.
• Support GTM teams by providing scalable ways to address customer security concerns.
• Maintain corporate security policies and map them to relevant frameworks.
• Draft security best practices and drive company-wide awareness and training programs.
• Lead the development and maturity of GRC strategies aligned with SOC 2, ISO 27001, ISO/IEC 42001, and related standards.
• Partner with auditors, regulators, and business stakeholders to define and implement security requirements and controls.
• Conduct security compliance reviews for new products, features, and vendors.

Benefits

• Competitive salary
• Opportunity to work with a talented team
• Professional development and growth opportunities
• Flexible working hours

Requirements

• Will you now or in the future require visa sponsorship to work in the country where this position is located?
• Has someone at Cursor referred you for this role? If so, please include their email here

XML job scraping automation by YubHub

We are seeking an IT Systems Administrator to be the primary owner and escalation point for Replit's enterprise collaboration platforms. The successful candidate will be responsible for advanced administration, secure configuration, licensing strategy, feature evaluation and implementation, and complex troubleshooting of platforms such as Google Workspace and Slack.

What You'll Do

• Own and administer SaaS collaboration platforms include Google Workspace, Slack, message hygiene, IT ticketing, digital signing and knowledge management

• Serve as the primary escalation point for advanced administration, configuration and troubleshooting of collaboration platforms

• Act as the subject matter expert (SME) and platform owner for assigned systems, responsible for architecture decisions, configuration standards, lifecycle management and long-term roadmap alignment

• Own licensing strategy across administered platforms, ensuring appropriate license assignment, cost optimization, feature alignment, renewal management and utilization reporting

• Evaluate, test, and implement new features and platform capabilities in alignment with security, compliance and business requirements

• Troubleshoot and resolve complex platform issues, including availability disruptions, integration failures, permission misconfigurations and automation breakdowns

• Partner with Security Operations (SecOps) to investigate and remediate platform-related security incidents and policy violations

• Participate in internal and external audits, ensuring systems meet SOC 2 and ISO 27001 compliance requirements, prepare audit evidence and support control walkthroughs

• Develop documentation, standards, and operational runbooks for Tier 1/Tier 2 support teams

• Conduct POC/POV collaboration platforms to address business requirements

Required Skills & Experience

• 6+ years of experience administering enterprise SaaS collaboration platforms in a cloud-first environment (Google Workspace, Slack, Notion)

• Deep expertise administering Google Workspace Enterprise (security controls, lifecycle management, DLP, Vault, Drive permissions, shared resources)

• Strong experience administering Slack Enterprise, including governance of apps, data retention policies, enterprise security settings, and Slack Connect

• Experience administering an ITSM or ticketing platform including workflow configuration and reporting

• Experience administering Notion or similar knowledge management platforms

• Demonstrated experience managing SaaS licensing models, renewals, utilization tracking, and cost optimization

• Experience collaborating with SecOps on incident response and security investigations

• Working knowledge of SOC 2 and ISO 27001 control frameworks and audit readiness processes

• Strong analytical troubleshooting skills with the ability to diagnose complex cross-system issues

Bonus Qualifications

• Active Replit user and passionate about making software creation more accessible

• Experience administering Microsoft Office 365 and Zoom

• Understanding of conferencing and webinar platforms

• Exposure to AI enabled tools such as notetakers and personal assistants

• Been part of a rapid growth SaaS startup

Full-Time Employee Benefits Include

• Competitive Salary & Equity

• 401(k) Program with a 4% match

• Health, Dental, Vision and Life Insurance

• Short Term and Long Term Disability

• Paid Parental, Medical, Caregiver Leave

• Commuter Benefits

• Monthly Wellness Stipend

• Autonomous Work Environment

• In Office Set-Up Reimbursement

• Flexible Time Off (FTO) + Holidays

• Quarterly Team Gatherings

• In Office Amenities

XML job scraping automation by YubHub

We are seeking an IT Administrator - Endpoint Management to own the enterprise endpoint strategy with primary responsibility for administering Replit’s MDM platforms, enforcing secure baseline configurations aligned to CIS Level 1 benchmarks and ensuring all corporate endpoints (primarily macOS) are properly patched, compliant, and securely configured.

What You'll Do

• Own and administer enterprise endpoint management platforms with primary responsibility for Iru/Kandji configuration, policy design, and lifecycle management

• Establish and enforce enterprise endpoint standards aligned to CIS Level 1 benchmarks

• Design, implement, and maintain secure baseline configurations for macOS endpoints ensuring systems are hardened and secure by default

• Ensure all endpoints remain compliant with patching policies, minimum OS requirements, and approved software versions through automated enforcement

• Administer and maintain an internal approved application catalog including packaging, version control, testing and secure deployment

• Ensure endpoint detection and response (EDR) tooling is properly deployed, configured and monitored (SentinalOne preferred)

• Implement and enforce appropriate data loss prevention (DLP) measures across endpoints to protect corporate data and intellectual property

• Develop compliance dashboards and reporting to track endpoint posture, remediation timelines and risk exposure

• Partner closely with Security Operations (SecOps) to investigate, contain, and remediate endpoint-related security incidents

• Participate in incident response activities including forensic coordination, containment actions and post-incident remediation

• Contribute to internal and external audits, ensuring endpoint controls meet SOC 2 and ISO 27001 requirements; prepare evidence and support auditor walkthroughs

• Own licensing strategy across administered platforms, ensuring appropriate license assignment, cost optimization, feature alignment, renewal management and utilization reporting

• Continuously evaluate new endpoint features, security capabilities, and OS updates

• Create and maintain technical documentation, configuration standards and operational runbooks

Required Skills & Experience

• 6+ years of experience in endpoint administration, device management, and enterprise IT operations in a cloud-first environment

• Hands-on expertise administering Iru/Kandji or comparable Apple-focused MDM solutions

• Understanding of MDM solutions for Microsoft Windows and Linux (Jump Cloud preferred)

• Strong understanding of CIS Level 1 controls and endpoint hardening principles

• Experience deploying and administering EDR solutions and coordinating with security teams on alert triage and remediation

• Experience managing OS patching strategies, update enforcement policies and compliance reporting

• Familiarity with DLP technologies and endpoint-based data protection controls

• Experience participating in compliance programs aligned to SOC 2 and ISO 27001 frameworks supporting audit evidence collection and control validation processes

• Strong troubleshooting skills with the ability to diagnose complex endpoint configuration and policy conflicts

• Clear documentation and communication skills with the ability to articulate technical risk and remediation strategies

Bonus Qualifications

• Active Replit user and passionate about making software creation more accessible

• Been part of a rapid growth SaaS startup

Full-Time Employee Benefits Include

• Competitive Salary & Equity

• 401(k) Program with a 4% match

• Health, Dental, Vision and Life Insurance

• Short Term and Long Term Disability

• Paid Parental, Medical, Caregiver Leave

• Commuter Benefits

• Monthly Wellness Stipend

• Autonomous Work Environment

• In Office Set-Up Reimbursement

• Flexible Time Off (FTO) + Holidays

• Quarterly Team Gatherings

• In Office Amenities

Want to learn more about what we are up to?

• Meet the Replit Agent

• Replit: Make an app for that

• Replit Blog

• Amjad TED Talk

Interviewing + Culture at Replit

• Operating Principles

• Reasons not to work at Replit

Compensation Range

$95K - $175K

XML job scraping automation by YubHub

San Francisco

Employment Type

Full time

Location Type

Hybrid

Department

Applied AI

Compensation

• $255K – $440K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

More details about our benefits are available to candidates during the hiring process.

This role is at-will and OpenAI reserves the right to modify base pay and other compensation components at any time based on individual performance, team or company results, or market conditions.

About the Team The Payments Team is working to make AGI financially sustainable by enabling OpenAI to accept payments across our existing products (ChatGPT, ChatGPT for Teams, API) and supporting future commercial experiences. We own the user-facing payments experience, direct integrations with payment service providers, and other supporting infrastructure that powers checkout and payment flows. Payments works closely with teams across Finance, Legal, Growth, Product, external vendors and more to ensure our payments infrastructure scales with the business and supports evolving commercial goals.

About the Role As a Software Engineer on the Payments Team, you will play a pivotal role in shaping the infrastructure that powers OpenAI’s financial systems. You’ll design and build core payments systems, partner with cross-functional teams to deliver scalable solutions, and ensure that our financial systems support rapid product iteration and global reach. We’re looking for people who are pragmatic, collaborative, and energized by the opportunity to build systems that are foundational to OpenAI’s long-term mission and sustainability.

This role is based in San Francisco, CA. We use a hybrid work model of 3 days in the office per week and offer relocation assistance to new employees.

In this role, you will:

• Architect, implement and scale core payment infrastructure.
• Build robust and extensible financial primitives to enable rapid iteration and support hyper-growth.
• Collaborate closely with internal and external stakeholders (e.g. Finance, GTM, Product, etc) to translate business requirements into clean, scalable technical systems.
• Demonstrate high levels of ownership to get changes shipped in the highly-regulated domain of payments.
• Create a seamless user experience for checkout around the world.
• Improve the reliability, observability and auditability of money movement at OpenAI.

You might thrive in this role if you:

• Have 5+ years of professional experience in software engineering, ideally with a focus on payments or financial systems at scale.
• Are familiar with payment processors (e.g., Stripe, Adyen, Braintree) or have built similar internal financial systems, e.g. storing cardholder data, pricing, online commerce, etc.
• Bring a strong product mindset and a desire to deeply understand product needs and design for long-term flexibility.
• Thrive in high-growth, ambiguous environments, and can balance fast execution with technical rigor and system reliability.
• Excellent communication skills, with ability to build consensus among stakeholders both internally and externally.

About OpenAI OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity.

XML job scraping automation by YubHub

What you'll do

As a Governance, Risk & Compliance Lead, you will be responsible for implementing and leading frameworks such as SOC2, ISO 27001 and HIPAA. You will also ensure and maintain compliance with GDPR, CCPA, CPRA and other privacy regulations.

• Implement and lead frameworks such as SOC2, ISO 27001 and HIPAA. Ensuring compliance with certification requirements
• Ensure and maintain compliance with GDPR, CCPA, CPRA and other privacy regulations
• Design and build scalable audit management processes and documentation systems that will support future expansion to additional compliance frameworks
• Conduct risk assessments and mitigate data security and compliance risks
• Write, update and enact policies capturing security, privacy, and AI safety requirements
• Follow and help shape the AI regulatory and standards landscape to keep the company at the forefront of industry developments and best practices

What you need

• 6+ years of experience leading engagements in audit and compliance
• Experience leading compliance teams
• Worked in high tech companies in cloud-native environments
• Able to translate complex compliance requirements into clear and actionable work-streams
• Strong commitment to cross-functional collaboration with IT, Security, GTM, and Engineering
• Self-motivated, detailed and organized, with a diligent approach to project completion
• Excellent written, verbal, and interpersonal communication skills

XML job scraping automation by YubHub

What you'll do

Internal Audit

• Partner with management to shape and implement the annual Internal Audit Plan, with a strong focus on cyber and technology, ensuring alignment with the Enterprise Risk Profile, strategic objectives, and key business priorities.
• Lead cyber and technology audits delivered by co-sourced partners, ensuring high-quality outcomes, strong business engagement, and seamless collaboration on hybrid audits.

What you need

• 8+ years’ experience in internal audit, including 3+ years in a leadership role, ideally within a global, multi-regional organization.

XML job scraping automation by YubHub