Introduction to role

Cybersecurity sits at the heart of our IT strategy. As we move towards ambitious objectives, we are looking for individuals who focus on innovation to maintain a sustainable risk position against an evolving threat landscape, who recognise that adversaries may include organised crime syndicates or state-sponsored attackers, and who understand attackers' motivations and ways of working.

In this role, you will operate within AstraZeneca's global cybersecurity organisation, collaborating with and influencing multiple functions across China, India, Mexico, Sweden, the US and the UK. Ready to help defend a global enterprise where technology directly supports life-changing medicines?

Accountabilities

In this role, you will engineer cybersecurity solutions across cloud, on-premises and third-party collaboration environments, with a predominant focus on cloud and data. You will collaborate with other teams to perform, assess and evolve IT processes that intersect our cybersecurity priorities, ensuring security is embedded into how work gets done. You will map governance and compliance frameworks and their controls to technical implementation, shifting hardening processes as far left as possible in the lifecycle. You will leverage deep understanding of threats, weaknesses and vulnerabilities around cloud and data to help other areas respond promptly and effectively to contain breaches or address areas of concern. You will also contribute to continuous improvement by analysing incidents, refining standards and influencing architectural decisions that balance risk, performance and usability.

How will you use your expertise to raise the bar?

Essential Skills/Experience

• Minimum 10 years of experience
• Bachelor's Degree
• Must have broad enterprise IT experience with significant cloud and data exposure.
• Must have in-depth understanding of security and networking protocols, cryptography, and modern authentication and authorization protocols.
• Must have experience designing, deploying, and operating secure networks, systems, application and security architectures at scale.
• Must have experience configuring and managing cloud security services in an AWS, Azure and GCP at organisation at scale.
• Must have experience researching, designing, and implementing security policies, standards, and procedures, including those in cybersecurity frameworks such as MITRE ATT&CK, NIST CSF, NIST SP.800- 53, and NIST SP.800-61, as well as implementing cloud security reference architectures.
• Should have experience working in a software development and systems administration organisation, implementing DevSecOps and process automation.
• Should have the ability to conduct post-mortem on security incidents and take post-mortem data to drive uplift in policies, procedures, standards.
• Familiarity with CSPM, CNAPP, and Cloud EDR platforms
• Expertise with Microsoft Defender, Sentinel and Splunk

Desirable Skills/Experience

• Identify and articulate architectural trade-offs.
• Embed process, governance and security into workflow and technology.
• Design and implement software tools and services using modern programming languages.
• Manage and lead projects delivering prioritised initiatives at challenging deadlines.
• Exert positive influence in a matrixed organisation to drive technology evolution.
• Drive efforts to achieve process and technology improvement at scale.

The annual base pay for this position ranges from 136,044.00 - 204,066.00 USD Annual (80% - 120%). Hourly and salaried non-exempt employees will also be paid overtime pay when working qualifying overtime hours. Base pay offered may vary depending on multiple individualised factors, including market location, job-related knowledge, skills, and experience. In addition, our positions offer a short-term incentive bonus opportunity; eligibility to participate in our equity-based long-term incentive programme (salaried roles), to receive a retirement contribution (hourly roles), and commission payment eligibility (sales roles).

Benefits offered included a qualified retirement programme [401(k) plan]; paid vacation and holidays; paid leaves; and, health benefits including medical, prescription drug, dental, and vision coverage in accordance with the terms and conditions of the applicable plans. Additional details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, employee will be in an 'at-will position' and the Company reserves the right to modify base pay (as well as any other discretionary payment or compensation programme) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.

When we put unexpected teams in the same room, we unleash bold thinking with the power to inspire life-changing medicines. In-person working gives us the platform we need to connect, work at pace and challenge perceptions. That's why we work, on average, a minimum of three days per week from the office. But that doesn't mean we're not flexible. We balance the expectation of being in the office while respecting individual flexibility. Join us in our unique and ambitious world.

AstraZeneca offers an environment where cybersecurity work has real-world impact on patients' lives, not just systems and data. Here, technology experts collaborate with scientists and business teams to unlock the potential of data, analytics, AI and machine learning, constantly experimenting with new approaches while keeping critical platforms secure. There is strong investment in digital capabilities, room to explore modern tools through initiatives like hackathons, and a culture that values curiosity, coaching and continuous learning so that every day brings opportunities to grow skills and shape both personal development and the future of healthcare technology.

If this role matches your skills and ambitions, apply now and help protect the digital foundations that enable life-changing medicines!

Date Posted 17-Apr-2026 Closing Date 03-May-2026

Our mission is to build an inclusive environment where equal employment opportunities are available to all applicants and employees. In furtherance of that mission, we welcome and consider applications from all qualified candidates, regardless of their protected characteristics. If you have a disability or special need that requires accommodation, please complete the corresponding section in the application form.

XML job scraping automation by YubHub

This is a unique opportunity to shape how frontier AI models handle dual-use cybersecurity knowledge,balancing the tremendous potential of AI to advance legitimate security research and defensive capabilities while preventing misuse by malicious actors.

In this role, you will lead and grow a team of technical specialists focused on cyber threat modeling and evaluation frameworks. You will serve as the primary domain expert on cyber harms, advising cross-functional teams on threat landscapes and mitigation strategies.

You will collaborate closely with internal and external threat modeling experts to develop training data for safety systems, and with ML engineers to train these systems, optimizing for both robustness against adversarial attacks and low false-positive rates for legitimate security researchers.

You will also analyze safety system performance in traffic, identifying gaps and proposing improvements. You will conduct regular reviews of existing policies and enforcement systems to identify and address gaps and ambiguities related to cybersecurity risks.

You will develop rigorous stress-testing of safeguards against evolving cyber threats and product surfaces. You will partner with Research, Product, Policy, Security Team, and Frontier Red Team to ensure cybersecurity safety is embedded throughout the model development lifecycle.

You will translate cybersecurity domain knowledge into actionable safety requirements and clearly articulated policies. You will contribute to external communications, including model cards, blog posts, and policy documents related to cybersecurity safety.

You will monitor emerging technologies and threat landscapes for their potential to contribute to new risks and mitigation strategies, and strategically address these.

You will mentor and develop team members, fostering a culture of technical excellence and responsible AI development.

To be successful in this role, you will need to have:

• An M.S. or PhD in Computer Science, Cybersecurity, or a related technical field, OR equivalent professional experience in offensive or defensive cybersecurity
• 5+ years of hands-on experience in cybersecurity, with deep expertise in areas such as vulnerability research, exploit development, network security, malware analysis, or penetration testing
• 2+ years of experience managing technical teams or leading complex technical projects with multiple stakeholders
• Experience in scientific computing and data analysis, with proficiency in programming (Python preferred)
• Deep expertise in modern cybersecurity, including both offensive techniques (vulnerability research, exploit development, penetration testing, malware analysis) and defensive measures (detection, monitoring, incident response)
• Demonstrated ability to create threat models and translate technical cyber risks into policy frameworks
• Familiarity with responsible disclosure practices, vulnerability coordination, and cybersecurity frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework, CWE/CVE systems)
• Strong analytical and writing skills, with the ability to navigate ambiguity and explain complex technical concepts to non-technical stakeholders
• Experience developing policies or guidelines at scale, balancing safety concerns with enabling legitimate use cases
• A passion for learning new skills and an ability to rapidly adapt to changing techniques and technologies
• Comfort working in a fast-paced environment where priorities may shift as AI capabilities evolve
• Track record of translating specialized technical knowledge into actionable safety policies or enforcement guidelines

Preferred qualifications include:

• Background in AI/ML systems, particularly experience with large language models
• Experience developing ML-based security systems or adversarial ML research
• Experience working with defense, intelligence, or security organizations (e.g., NSA, CISA, national labs, security contractors)
• Published security research, disclosed vulnerabilities, or participated in bug bounty programs
• Understanding of Trust & Safety operations and content moderation at scale
• Certifications such as OSCP, OSCE, GXPN, or equivalent demonstrating technical depth
• Understanding of dual-use security research concerns and ethical considerations in AI safety

The annual compensation range for this role is $320,000-$405,000 USD.

XML job scraping automation by YubHub

Key responsibilities include:

• Contributing to define, collect, and analyze security KPIs and KRIs for the security organization.
• Developing and implementing a comprehensive detection and response strategy and roadmap aligned with Squarespace's overall business objectives and risk appetite.
• Overseeing the Security Operations Center (SOC) activities, including threat detection, monitoring, analysis, and proactive hunting.
• Owning the health and effectiveness of the SIEM and SOAR platforms, ensuring high-quality data ingestion, alert tuning, and automated response logic.
• Establishing and maintaining a robust incident response program, including defining incident playbooks, leading major incident investigations, and conducting post-incident reviews to drive continuous improvement.
• Designing and leading regular tabletop exercises to test the organization's readiness for various incident scenarios.
• Serving as the Incident Commander for major security events, coordinating with teams such as Legal, Communications, and HR to ensure clear internal communication and regulatory compliance.
• Identifying, evaluating, and implementing new security technologies and tools to enhance detection, prevention, and response capabilities.
• Driving continuous improvement of security operations processes through automation, tooling, and best practices.
• Staying abreast of emerging security threats, vulnerabilities, and industry trends and proactively advising leadership on necessary adjustments to strengthen Squarespace's security posture.
• Building, mentoring, and leading a high-performing team of security professionals, fostering a culture of continuous learning, collaboration, and accountability.
• Acting as a key liaison and trusted advisor to internal stakeholders on security-related matters.
• Managing relationships with external security vendors and partners, ensuring effective service delivery and technology adoption.

Requirements include:

• A bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
• 7+ years of experience in cybersecurity, with at least 2 years in a leadership or team-lead role.
• Deep expertise in Incident Response and Detection Engineering.
• Strong knowledge of cloud security operations, specifically within AWS or GCP environments.
• Hands-on experience managing and tuning SIEM and SOAR platforms.
• Experience automating security workflows and incident response playbooks to reduce manual effort.
• Familiarity with security frameworks such as MITRE ATT&CK and NIST.
• Excellent communication skills with the ability to lead technical teams during high-pressure incidents and explain complex threats to non-technical stakeholders.
• Knowledge of software development, design, and technical operations.

Benefits include:

• Health insurance with 100% covered premiums for you, your spouse or partner, and your dependent children.
• Life and income protection.
• Fertility and adoption benefits.
• Headspace mindfulness app subscription.
• Global Employee Assistance Program.
• Pension benefits with employer match.
• Flexible paid time off.
• 26 weeks paid maternity leave and 12 weeks paid paternity leave.
• 2 weeks paid family care leave.
• Education reimbursement.
• Employee donation match to community organizations.
• 7 Global Employee Resource Groups (ERGs).
• Free lunch and snacks.
• Close proximity to cultural landmarks such as Dublin Castle and St. Patrick's Cathedral.

XML job scraping automation by YubHub

At Cloudflare, we are on a mission to help build a better Internet. We run one of the world's largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies.

Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks.

About the Team

Cloudforce One is Cloudflare's threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state advanced persistent threats (APTs).

About the Role

We are seeking a talented Senior Manager, Incident Response to join us in growing our Cloudforce One organization, where you will be instrumental in building a proactive and threat intelligence-driven approach to protecting Cloudflare and its customers from sophisticated and evolving threat actors.

Responsibilities

As a REACT Consultant, you will respond to customer security incidents in on-premises and cloud environments. You will detect and disrupt cyber threat activity across customer networks and cloud environments. You will engage with customers at all levels including Executive, VP, Director, and managerial levels. You will serve an integral role in the discovery and analysis of cyber threat intrusions, working alongside forensic analysts, threat researchers, detection engineers, and malware analysts to detect and mitigate malicious activity.

The findings you uncover will help identify Tactics, Techniques, and Procedures (TTPs) of ongoing threat activity to protect your customer and the greater Cloudflare customer base.

Requirements

Our ideal candidate will have 1-2 years of previous experience in cybersecurity with at least 1+ years in Digital Forensics or Incident Response. Candidates will have experience with hands-on forensic analysis in a Windows, Mac, and Linux environment. Ideally, this candidate will have experience triaging malware using static or dynamic analysis on Windows, macOS, or UNIX-based platforms.

You will be responsible correlating threat actor activity across the customers environment. Outstanding candidates will possess excellent verbal and written communication skills. You will also have experience with incident response reports and reliably be able to write simple scripts in Python or Golang.

Examples of desirable skills, knowledge and experience include:

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, related technical field, or equivalent training/practical experience
• 3+ years of previous experience in cyber security
• 2+ years of Incident Response experience
• 1+ years of customer-facing role
• Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists
• Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise
• Network Forensic Analysis: strong knowledge of network protocols, network analysis tools like Bro/Zeek or Suricata, and ability to perform analysis of associated network logs
• Reverse Engineering: ability to understand the capabilities of static and dynamic malware analysis
• Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations
• Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations
• Cloud Incident Response: knowledge in any of the following areas: AWS, Azure, GCP incident response methodologies
• Communications: strong ability to communicate executive and/or detailed level findings to clients; ability to effectively communicate tasks, guidance, and methodology with internal teams
• Strong written and verbal communication skills, with the ability to establish and maintain strong working relationships with business groups
• Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
• Familiarity with various cloud environments (AWS, Azure, O365, Google, Cloudflare)
• Understanding of MITRE ATT&CK and NIST Cyber Security Frameworks standards and requirements
• In-depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systems

Bonus Points:

• Proficient in Python or Golang, capable of writing modular code that can be installed on a remote system
• Proficient with Yara and writing rules to detect similar malware samples
• Understanding of source code, hex, binary, regular expression, data correlation, and analysis such as network flow and system logs
• Practical malware analysis experience with static, dynamic, and automated malware analysis techniques
• Possess mid-level experience as a Malware Analyst able to reverse engineer various file formats and analyze complex malware samples
• Reverse engineering experience with APT malware with an understanding of common infection vectors
• Knowledgeable of current malware techniques to evade detection and obstruct analysis
• Experience writing malware reports on unique and interesting aspects of malware
• Experience with malware attribution
• Experience with tracking and identifying threats through Indicator of Compromise (IOCs) pivoting and infrastructure enumeration
• Familiarity with bash command line executables to conduct static analysis and investigate IOCs

Travel requirements

Ability to travel up to 20% of the time

Position may require foreign and domestic travel, passport will be required

XML job scraping automation by YubHub

You'll conduct hands-on penetration testing, lead red team engagements, and collaborate with blue team counterparts to validate and improve detection and response capabilities. Your work will directly influence how Stripe builds, ships, and secures financial infrastructure used by millions of businesses worldwide.

Responsibilities:

Conduct comprehensive penetration tests across web applications, APIs, cloud environments (AWS/GCP/Azure), mobile applications, and internal infrastructure.

Plan and execute red team engagements that emulate the TTPs of cyber and criminal threat actors targeting financial services, including initial access, lateral movement, persistence, and data exfiltration scenarios.

Perform assumed-breach and objective-based assessments to test detection and response capabilities in coordination with defensive teams.

Partner with detection engineering, threat intelligence, and incident response teams to validate security controls, identify coverage gaps, and improve detection fidelity.

Contribute adversary tradecraft insights to inform detection rule development, threat hunting hypotheses, and incident response playbooks.

Support incident investigations by providing offensive expertise, log analysis, and root cause analysis when required.

Design, develop, and maintain custom offensive tools, scripts, and automation frameworks to enhance assessment efficiency and coverage.

Build internal platforms and workflows that enable scalable, repeatable offensive operations.

Contribute to internal security tooling repositories and champion engineering best practices within the team.

Automate repetitive testing tasks, payload generation, and reporting workflows using modern development practices.

Produce clear, actionable reports that communicate technical findings, business risk, and remediation guidance to both technical and non-technical stakeholders.

Act as a subject-matter expert and primary point of contact for stakeholder teams engaged in offensive security programs and Stripe-wide security initiatives.

Lead offensive security projects end-to-end, mentor junior team members, and foster a culture of continuous learning and knowledge sharing.

Stay current with emerging threats, vulnerabilities, and attack techniques; share research internally and contribute to the broader security community.

XML job scraping automation by YubHub

In this role, you will:

Perform manual and automated testing of web applications, APIs, and mobile apps (iOS/Android). Conduct network and cloud level assessments with various tooling. Triage and validate reports from automated scanners or bug bounty hunters to eliminate false positives and escalate true positives. Perform initial prompt injection and jailbreak tests on AI prototypes, services, and applications using established checklists (OWASP Top 10 for LLMs). Draft high-quality reports that detail the "path to compromise" with clear, reproducible steps for developers. Manage and update the team's testing infrastructure (e.g., Burp Suite, and basic C2 listeners). Provide direct technical guidance to engineering teams on how to patch vulnerabilities like XSS, SQLi, and IDOR. Design and lead multi-week Red Team operations that mimic specific threat actors (APTs) to test the SIRT detection capabilities. Build custom payloads, droppers, and obfuscated scripts to bypass EDR/AV and maintain stealth. Build automated testing frameworks for AI systems (e.g., using PyRIT, Promptfoo, or Garak) to test for models related to sensitive data leakage. Execute sophisticated attacks against AWS/Azure/K8s, focusing on IAM misconfigurations and container escapes. Collaborate with SIRT and Detection Engineering to tune SIEM alerts based on the techniques used during an engagement. Oversee the organization's bug bounty program, identifying trends in submissions to suggest broad architectural security changes.

Twilio values diverse experiences from all kinds of industries, and we encourage everyone who meets the required qualifications to apply.

XML job scraping automation by YubHub

Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organisations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence.

This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.

About the Role

As a Staff Detection & Response Engineer at Okta, you will occupy a high-impact leadership role within our Security Operations organisation. This is not just a technical role; it is a strategic one. You will influence security decisions across multiple teams, drive innovation in our defence-in-depth strategies, and act as a force multiplier for our global security posture.

You will be responsible for leading complex threat hunts, managing major security incidents, and architecting the detection frameworks that protect Okta’s infrastructure and customers. You will serve as a bridge between executive leadership and technical teams, ensuring our security objectives align with broader business trends and strategic goals.

What You’ll Do

Technical Leadership & Innovation

• Threat Hunting: Lead complex, hypothesis-driven threat hunts based on vague intelligence, and develop refined methodologies for the broader team to follow.

• Detection Engineering: Write novel detections and solve complex querying challenges. You will establish the frameworks and standards for detection engineering across the entire security organisation.

• Architectural Influence: Design and validate the effectiveness of preventative control chains and influence the selection and architecture of new security solutions.

• Incident Response: Serve as the technical lead for major incidents, including investigating threats in 'foreign' or uncommon environments by leveraging frameworks and your professional network.

Global Mindset

While Okta maintains a 24x7 posture, there is a requirement to be available in a crisis out of (your business) hours, and as a thought leader, to interface with colleagues globally.

Strategic Execution

• Project Ownership: Own multi-quarter objectives and drive them to success, developing project plans that align with Okta’s strategic VMTs (Vision, Metrics, and Targets) and budget.

• Problem Solving: Navigate issues of diverse scope, analysing data against current business trends to provide innovative solutions.

• Innovation: Secure resources for and drive innovation initiatives across multiple teams, facilitating cross-functional workshops to generate new security solutions.

Team Advocacy & Mentorship

• Culture Building: Foster an inclusive, collaborative environment by sharing wins, rewarding team efforts, and encouraging diverse perspectives.

• Mentorship: Act as an advisor to junior colleagues, providing actionable feedback and helping others align their career goals with organisational objectives.

• Consensus Driving: Drive consensus and resolve issues within cross-functional teams, ensuring all stakeholders are aligned on security priorities.

Who You Are

• Expert Investigator: You have a deep understanding of threat actor TTPs and can navigate complex systems even when documentation is sparse.

• Effective Communicator: You can translate complex technical problems for any audience, from executive leadership to junior analysts.

• Resilient Leader: You have a 'bottom-line' orientation, persisting through obstacles and setbacks to achieve results.

• Self-Aware & Empathetic: You proactively seek feedback, know your limits, and lead with empathy and compassion.

• Collaboratively Minded: You prioritise the development of others and establish internal and external networks of coaches and mentors.

Qualifications

• Proven experience in a high-growth SaaS or security-focused environment.

• Expertise in querying languages, detection frameworks (e.g., MITRE ATT&CK), and modern IR toolsets.

• Experience managing communications during crises or major security incidents.

• Demonstrated ability to lead project teams and manage budget/resource requirements.

• Strong background in automating response workflows and refining preventative controls.

Why Okta?

Okta is the World’s Identity Company. We are building a world where anyone can safely use any technology. As a Staff Engineer, you will play a pivotal role in ensuring that vision remains a reality.

#LI-HYBRID

P6513_3323862

Below is the annual salary range for candidates located in Canada. Your actual salary will depend on factors such as your skills, qualifications, and experience. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental, and vision insurance, RRSP with a match, healthcare spending, telemedicine, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program, please visit: https://rewards.okta.com/can.

The annual base salary range for this position for candidates located in Canada is between: $141,000-$211,000 CAD

The Okta Experience

• Supporting Your Well-Being

• Driving Social Impact

• Developing Talent and Fostering Connection + Community

We are intentional about connection. Our global community, spanning over 20 offices worldwide, is united by a drive to innovate. Your journey begins with an immersive, in-person onboarding experience designed to accelerate your impact and connect you to our mission and team from day one.

XML job scraping automation by YubHub

We are looking for a delivery architect that demonstrates visionary leadership by orchestrating and implementing Elastic solutions, generating customer business value from our products. Grouping responsibilities in the following areas:

Assess and Design

• Thoroughly analyze and understand customer business pain points and intricate technical challenges
• Gather requirements in complex enterprise customer environments
• Master Elastic solution architectural design on platforms integrating with other enterprise technologies
• Create and build out customer road maps
• Demonstrate technical authority by proficiently articulating complex technical solutions in clear language, effectively persuading the audience to embrace recommended best practices while presenting and delivering Elastic's optimal solutions.

Implement and Deliver

• Lead technology workshops that include hands-on mentoring, whiteboarding, and solution development
• Deliver outcome-based solutions
• Lead, hands-on-deploy (from data onboarding, configuration, visualizations, alerting), and seamlessly integrate Elastic products and APIs into intricate platform architectures, harnessing years of technical expertise
• Master data modeling, develop and optimize queries, tune and scale clusters, prioritizing fast search and analytics at scale
• Solve our customers’ most challenging platform, configuration, data and cyber security problems

Grow and Expand

• Orchestrate and implement capacity planning in mission-critical environments
• Perform technical audits, upgrades, platform migrations, and use-case expansion
• Work with and guide our customers along their ever-maturing Cyber journey

Influence and Collaborate

• Work closely with the Elastic Engineering, Product Management, and Support teams to identify feature enhancements, extensions, and product defects
• Engage with the Elastic Sales team to scope opportunities while assessing technical risks, questions, or concerns
• Be a mentor/coach for your fellow Elastic consultants
• Demonstrated ability to communicate to a variety of stakeholders up to the C-suite level

What You Bring Along

• Minimum of 5 years as a Consulting Architect or senior IT functional leadership experience
• History of working as a Consultant delivering professional services engagements
• Strong customer advocacy, relationship-building, presentation and communications skills
• Ability to lead meetings with project owners and C-level stakeholders.
• Ability to articulate the business value of an outcome-based delivery while being technically savvy and hands-on
• Demonstrated experience of technical leadership throughout project lifecycles
• Solid experience deploying Elastic Security solutions or similar domains (Splunk, Arcsight, IBM QRadar). Alternatively, at least 2 years experience working as a Security Analyst, preferably utilising SIEM or endpoint security applications in a Threat Detection and Response focussed role
• Knowledge of the MITRE ATT&CK framework and how it can be applied for Enterprise defence
• Fundamental understanding and experience of security tool capabilities
• Understanding and passion for cyber security and open-source technology
• Hands-on experience in on-prem systems and/or public/private cloud platforms like AWS, Azure, GCP, Openstack
• Hands-on experience in Linux
• Good understanding of networking, security, containerization, serverless, DevOps in system landscapes and infrastructure automation knowledge.
• Experience utilising programming or scripting languages in a corporate environment like Python, Javascript, Go or Chef/Puppet etc.
• Understanding of databases
• Ability and willingness to travel from time to time as required
• Comfortable working remotely in a highly distributed team

Bonus Points

• BS in Computer Science or related Information Security / Cybersecurity field
• Certifications and specialized training in Information Security and Cybersecurity
• Deep understanding of Enterprise cyber defence in large networks
• Deep understanding of Elasticsearch and Lucene, including Elastic Certified Engineer certification
• Experience working closely with a pre-sales organization in scoping the needs of Customers
• Experience with Statement of Work delivery
• Experience with both Agile and Waterfall methodologies
• Experience contributing to an open-source project or documentation
• Endpoint tool skills and experience ingesting network feeds into Elastic for security purposes
• Experience as a Software Engineer, System Administrator, or DevOps Engineer

Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

• Competitive pay based on the work you do here and not your previous salary
• Health coverage for you and your family in many locations
• Ability to craft your calendar with flexible locations and schedules for many roles
• Generous number of vacation days each year
• Increase your impact - We match up to $2000 (or local currency equivalent) for financial donations and service
• Up to 40 hours each year to use toward volunteer projects you love
• Embracing parenthood with minimum of 16 weeks of parental leave

XML job scraping automation by YubHub

As a Staff Engineer, AI Security on the AppSec team, you'll lead autonomous defense for the AI lifecycle. Build multi-agent frameworks and secure gateways while integrating real-time security gates and identity standards. By mentoring Security and R&D to define the MLSecOps roadmap, you'll ensure a 'secure-by-default' future for agentic workflows and resilient AI innovation.

Responsibilities:

Serve as the primary subject matter expert for all AI and machine learning security initiatives across security and R&D.

Design and manage AI gateways to provide a centralized control plane for authentication and authorization and rate limiting across all model and tool interactions.

Build and maintain an autonomous security agentic framework that utilizes multi agent orchestration for end to end investigation and alert triage and remediation.

Develop agentic identity models using OAuth 2.1 to propagate identity across trust boundaries and prevent the confused deputy problem.

Help govern the AI augmented software development lifecycle by integrating real time security gates into the developer environment and CI/CD pipeline.

Manage Agentic Security Solutions that secure AI lifecycle and manage AI workloads at runtime.

Author company wide AI security standards and implement these security checks across Twilio's stack.

Implement human in the loop checkpoints and transactional safety protocols for high impact or destructive agentic actions.

Partner with engineering leadership to set the long term roadmap for identity centric security and automated posture management.

Act as a knowledge multiplier by mentoring security engineers and developing secure by default paved road templates for R&D teams

Qualifications:

8+ years of experience in security engineering with at least 3 years focused on AI or machine learning security operations (MLSecOps).

Expertise in orchestrating multi-agent systems with AWS Strands, LangGraph, and CrewAI, specializing in runtime isolation, PII redaction, and defending against indirect prompt injection in agentic environments.

Hands-on experience with AI-specific frameworks (e.g., MITRE ATLAS, MAESTRO, OWASP Top 10 for LLMs/Agents/MCP) to threat model and defend against a wide spectrum of risks, including direct/indirect prompt injection, training data poisoning, tool poisoning, and data exfiltration within agentic workflows.

Proficiency in securing end-to-end AI pipelines, from data ingestion and training to model deployment and monitoring.

Strong communication skills to translate complex AI risks into actionable business logic for stakeholders.

Desired:

Hands-on experience in modern application security tooling including SAST and SCA and DAST with experience adapting these tools to catch AI specific vulnerabilities like indirect prompt injection.

Expertise in identity standards including OAuth 2.1 and PKCE.

Experience with AI Red Teaming and conducting adversarial simulations against Large Language Models (LLMs) and agentic systems.

Proficiency in at least one general programming language (Python, Go, etc) with experience in container security and workload isolation.

Proven ability to operate with autonomy and drive high impact outcomes in ambiguous environments by identifying and executing on critical projects without predefined roadmaps or direct supervision.

XML job scraping automation by YubHub

This role is heavily weighted toward detection engineering. You should think in terms of adversary behaviour and telemetry coverage, not just alert triage. You'll own detections end-to-end: from identifying gaps in coverage, through designing and testing detection logic, to tuning and validating in production.

Key Responsibilities:

• Design, build, test, and tune high-fidelity detection rules and analytic queries across endpoint, cloud, network, identity, and DLP telemetry sources

• Develop and maintain detection content using detection-as-code practices including version-controlled logic, automated testing, and CI/CD deployment

• Map detection coverage to MITRE ATT&CK, identify gaps, and prioritise new detection development based on threat intelligence and business risk

• Engineer correlation rules, behavioural analytics, and anomaly-based detections that minimise false positives while surfacing real adversary tradecraft

• Own the detection lifecycle from initial development through production tuning, performance monitoring, and retirement

• Build and operate pipelines to ingest, normalise, enrich, and manage security telemetry at scale across diverse data sources, using Terraform and infrastructure-as-code practices to deploy and maintain logging and detection infrastructure

• Design and maintain log collection, parsing, and enrichment configurations that ensure the right telemetry is available at the right fidelity for detection and investigation

• Evaluate and onboard new telemetry sources as Saronic's infrastructure and threat landscape evolve

• Monitor pipeline health, data quality, and ingestion reliability to ensure detections operate on complete and accurate data

• Develop and manage automated response playbooks in SOAR platforms to accelerate containment and reduce analyst toil

• Build automation that enriches alerts with contextual data, reducing investigation time and improving analyst decision-making

• Support incident response efforts and translate lessons learned into improved detections and playbooks

• Partner with SOC analysts, Cloud Security, Product Security, and IT teams to close visibility and detection gaps across environments

• Collaborate with threat intelligence to ensure detection engineering is informed by current adversary TTPs relevant to defence, maritime, and autonomous systems

Required Qualifications:

• 3+ years of hands-on experience in detection engineering, security operations, security automation, or a closely related security engineering role

• Demonstrated experience designing, testing, and tuning detection rules and analytic queries across production security telemetry (endpoint, cloud, network, identity, or DLP)

• Hands-on experience with SIEM platforms and proficiency with query languages such as SPL, KQL, or equivalent

• Experience building and operating security data pipelines, including log ingestion, normalisation, enrichment, and data quality management

• Understanding of data engineering concepts including ETL pipelines, data modelling, schema design, and indexing as applied to security telemetry

• Hands-on coding experience in Python, PowerShell, Go, or Rust for security automation, detection tooling, or pipeline development, and familiarity with Terraform for managing detection and logging infrastructure as code

• Understanding of MITRE ATT&CK framework and its application to detection coverage and gap analysis

• Ability to obtain and maintain a security clearance

Preferred Qualifications:

• Experience in defence, aerospace, robotics, autonomy, or other high-assurance environments

• Experience with EDR platforms including custom detection rule creation and telemetry analysis

• Experience with cloud-native detection in AWS and Microsoft 365/Azure

• Experience using Terraform to deploy and manage security monitoring infrastructure, log pipeline components, or cloud-native security service configurations

• Hands-on experience with incident response, threat hunting, or adversary emulation

• Exposure to embedded Linux, operational technology, or ICS telemetry and detection

• Familiarity with NIST SP 800-171, NIST SP 800-53, or CMMC and their logging and monitoring requirements

• Relevant certifications such as GCIH, GCIA, GCDA, GSOM, OSDA, or OSCP

Additional Information:

• Benefits: Medical Insurance, Dental and Vision Insurance, Time Off, Parental Leave, Competitive Salary, Retirement Plan, Stock Options, Life and Disability Insurance, Pet Insurance

• This role requires access to export-controlled information or items that require 'U.S. Person' status.

XML job scraping automation by YubHub

Your day-to-day will involve leading security architecture/design review and threat modeling sessions with product and engineering teams, translating threats into actionable, risk-rated engineering remediations prioritized by severity, conducting hands-on penetration testing and security assessments across our full product stack, and driving PSIRT operations by triaging incoming vulnerability reports, leading technical investigations, coordinating remediation with engineering, scoring severity (CVSS), managing coordinated disclosure with external researchers, and on-call incidents.

You will also shape the posture of our AI-assisted development environment, defining and enforcing enterprise policies for Claude and Cursor, and partner across the organization, sitting in design review with architects, advising product managers and engineering teams on security and compliance implications of new features, briefing executives on emerging AI threats, mentoring junior security engineers, and collaborating with the AI team on securing ML pipelines.

As a champion of security culture, you will run developer training on secure coding with AI assistants, evangelize security by design for products, and ensure every engineer understands that product security is an enabler and not a gate.

You will bring 10+ years of product security experience spanning application security, cloud security, and secure SDLC, expert-level threat modeling using STRIDE, PASTA, or equivalent across web, mobile, cloud, embedded, and AI systems, hands-on penetration testing skills across applications, API, cloud infrastructure, and hardware/firmware, and deep hands-down AI security expertise and expert-level understanding of OWASP Top 10 for LLM, API, Web, Mobile, and practical experience with MITRE.

You will have strong hands-on experience in security tools SAST, DAST, SCA, and securing AI development tools specifically Claude and Cursor, and understand MCP security risks and know how to architect enterprise guardrails that enable safe AI-assisted development.

You will also have strong programming ability and capability to review code, build security tools, automate workflows, and be credible with the engineering teams you partner with.

Preferred experience includes hardware and embedded security experience with knowledge of secure boot, firmware integrity, hardware root of trust, and IoT threat modeling experience, and experience in the Financial industry, knowledge of PCI DSS, COPPA, or demonstrated ability to learn regulated domains quickly.

Work perks at Greenlight include medical, dental, vision, and HSA match, paid life insurance, AD&D, and disability benefits, traditional 401k with company match, unlimited PTO, paid company holidays and pop-up bonus holidays, professional development stipends, mental health resources, 1:1 financial planners, fertility healthcare, 100% paid parental and caregiving leave, plus cleaning service and meals during your leave, flexible WFH, both remote and in-office opportunities, fully stocked kitchen, catered lunches, and occasional in-office happy hours, and employee resource groups.

XML job scraping automation by YubHub

You are a passionate and experienced cybersecurity professional with a keen eye for detail and a deep understanding of threat detection and mitigation. You thrive in fast-paced, collaborative environments and are energized by the challenge of staying ahead of evolving cyber threats. Your technical expertise spans across log aggregation platforms like Elastic, scripting languages such as Python, and enterprise SIEMs. You have a strong grasp of threat actor techniques, vulnerabilities, and exploits, and you leverage frameworks like Mitre ATT&CK to inform your detection strategies.

You are committed to continuous learning, regularly updating your knowledge to remain at the forefront of cybersecurity advancements. Your analytical mindset enables you to dissect complex security incidents and identify patterns that others might miss. You value clear documentation and process consistency, ensuring that your work can be easily understood and replicated by your peers.

You are a natural communicator, able to articulate security concepts to both technical and non-technical stakeholders. Your collaborative spirit drives cross-functional engagement, enhancing the organization’s security posture. With a high tolerance for autonomy, you are comfortable taking initiative and leading projects to completion. Certifications such as CISSP, GCIH, GCFE, GCFA, or GMON are a testament to your dedication, but your practical experience is what truly sets you apart.

You will be responsible for building detection logics using log aggregation platforms like Elastic in large enterprise environments, maintaining and improving existing detection tools and systems to ensure optimal performance and reliability, creating and maintaining documentation for detection processes and procedures to ensure clarity and consistency, utilizing your knowledge of threat actor techniques, vulnerabilities, and exploits to identify and help mitigate potential security risks, collaborating with cross-functional teams to enhance overall security posture and response strategies, staying up-to-date with the latest advancements in cybersecurity to continuously improve detection capabilities.

By joining our team, you will enhance the security posture of Synopsys by identifying and mitigating potential threats, contribute to the development and maintenance of robust detection tools and systems, improve the efficiency and effectiveness of security operations through automation and scripting, provide valuable insights and recommendations to enhance overall security strategies, support the continuous improvement of detection processes and procedures, and elevate the organization's resilience and readiness against emerging cyber threats.

XML job scraping automation by YubHub

We are looking for a cybersecurity expert to lead our efforts to prevent AI misuse in the cyber domain. As a Cyber Harms Technical Policy Manager, you will lead a team applying deep technical expertise to inform the design of safety systems that detect harmful cyber behaviours and prevent misuse by sophisticated threat actors.

In this role, you will:

• Lead and grow a team of technical specialists focused on cyber threat modelling and evaluation frameworks
• Design and oversee execution of capability evaluations ('evals') to assess the cyber-relevant capabilities of new models
• Create comprehensive cyber threat models, including attack vectors, exploit chains, precursor identification, and weaponization techniques
• Develop and iterate on usage policies that govern responsible use of our models for emerging capabilities and use cases related to cyber harms
• Serve as the primary domain expert on cyber harms, advising cross-functional teams on threat landscapes and mitigation strategies
• Collaborate closely with internal and external threat modelling experts to develop training data for safety systems, and with ML engineers to train these systems, optimising for both robustness against adversarial attacks and low false-positive rates for legitimate security researchers
• Analyse safety system performance in traffic, identifying gaps and proposing improvements
• Conduct regular reviews of existing policies and enforcement systems to identify and address gaps and ambiguities related to cybersecurity risks
• Develop rigorous stress-testing of safeguards against evolving cyber threats and product surfaces
• Partner with Research, Product, Policy, Security Team, and Frontier Red Team to ensure cybersecurity safety is embedded throughout the model development lifecycle
• Translate cybersecurity domain knowledge into actionable safety requirements and clearly articulated policies
• Contribute to external communications, including model cards, blog posts, and policy documents related to cybersecurity safety
• Monitor emerging technologies and threat landscapes for their potential to contribute to new risks and mitigation strategies, and strategically address these
• Mentor and develop team members, fostering a culture of technical excellence and responsible AI development

You may be a good fit if you have:

• An M.S. or PhD in Computer Science, Cybersecurity, or a related technical field, OR equivalent professional experience in offensive or defensive cybersecurity
• 5+ years of hands-on experience in cybersecurity, with deep expertise in areas such as vulnerability research, exploit development, network security, malware analysis, or penetration testing
• 2+ years of experience managing technical teams or leading complex technical projects with multiple stakeholders
• Experience in scientific computing and data analysis, with proficiency in programming (Python preferred)
• Deep expertise in modern cybersecurity, including both offensive techniques (vulnerability research, exploit development, penetration testing, malware analysis) and defensive measures (detection, monitoring, incident response)
• Demonstrated ability to create threat models and translate technical cyber risks into policy frameworks
• Familiarity with responsible disclosure practices, vulnerability coordination, and cybersecurity frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework, CWE/CVE systems)
• Strong analytical and writing skills, with the ability to navigate ambiguity and explain complex technical concepts to non-technical stakeholders
• Experience developing policies or guidelines at scale, balancing safety concerns with enabling legitimate use cases
• A passion for learning new skills and an ability to rapidly adapt to changing techniques and technologies
• Comfort working in a fast-paced environment where priorities may shift as AI capabilities evolve
• Track record of translating specialised technical knowledge into actionable safety policies or enforcement guidelines

Preferred Qualifications:

• Background in AI/ML systems, particularly experience with large language models
• Experience developing ML-based security systems or adversarial ML research
• Experience working with defence, intelligence, or security organisations (e.g., NSA, CISA, national labs, security contractors)
• Published security research, disclosed vulnerabilities, or participated in bug bounty programs
• Understanding of Trust & Safety operations and content moderation at scale
• Certifications such as OSCP, OSCE, GXPN, or equivalent demonstrating technical depth
• Understanding of dual-use security research concerns and ethical considerations in AI safety

XML job scraping automation by YubHub