The team fosters a collaborative environment and is building a best-in-class program to partner with the business to protect the Firm’s information and computer systems. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority.

Responsibilities

• Define and implement security guardrails for Generative AI, LLMs, and Agentic frameworks, ensuring safe enterprise adoption.
• Conduct specialized threat modeling, red teaming, and risk assessments for AI/ML models (e.g., testing for prompt injection, model theft, and data poisoning).
• Lead risk management activities, including application risk assessments, design reviews, and mitigation strategies for IT projects.
• Engage throughout the SDLC to identify vulnerabilities, conduct code reviews/penetration testing, and enforce secure coding standards.
• Evangelize AppSec and AI security best practices through developer education, training materials, and outreach.
• Design robust security architectures and integrate automated security testing (SAST/DAST/SCA) into CI/CD pipelines.
• Partner with Technology, Trading, Legal, and Compliance to create policies and communicate technical risks to non-technical stakeholders.

Qualifications

• Bachelor's degree or higher in Computer Science, Computer Engineering, IT Security or related field.
• 5+ years’ experience working as an Application Security Engineer, Software Engineer, or similar role.
• Deep understanding of AI-specific risks (OWASP Top 10 for LLMs) and experience securing applications utilizing LLMs.
• Experience working with AI models, Agentic frameworks and security risks associated with AI.
• Experience in working with global teams, collaborating on code and presentations.
• Demonstrated work experience in hybrid on-premise and Public Cloud environments (AWS/GCP/Azure)
• Strong understanding of security architectures, secure configuration principles/coding practices, cryptography fundamentals and encryption protocols.
• Experience with common SCM & CI/CD technologies like GitHub, Jenkins, Artifactory, etc. and integrating Security Scanning and Vulnerability Management into the CI/CD Pipelines
• Familiarity with static and dynamic security analysis tools, and SCA/SBOM solutions.
• Hands on experience with Secrets Management & Password Vault technologies such as Delinea Secret Server and/or Hashicorp Vault, etc.
• Strong experience in secure programming in languages such as Python, Java, C++, C#, or similar.
• Familiarity with Infrastructure as Code tools (CloudFormation, Terraform, Ansible, etc.)
• Familiarity with web application security testing tools and methodologies.
• Knowledge of various security frameworks and standards such as ISO 27001, NIST, OWASP, etc.
• Knowledge of Linux, OS internals and containers is a plus.
• Certifications like CISSP, CISM, CompTIA Security+, or CEH are advantageous.

XML job scraping automation by YubHub

The successful candidate will have a proven understanding in enterprise security and AI security and will focus on defining and implementing security guardrails for Generative AI, LLMs, and Agentic frameworks, ensuring safe enterprise adoption.

Key responsibilities include:

• Defining and implementing security guardrails for Generative AI, LLMs, and Agentic frameworks
• Conducting specialized threat modeling, red teaming, and risk assessments for AI/ML models
• Leading risk management activities, including application risk assessments, design reviews, and mitigation strategies for IT projects
• Engaging throughout the SDLC to identify vulnerabilities, conduct code reviews/penetration testing, and enforce secure coding standards
• Evangelizing AppSec and AI security best practices through developer education, training materials, and outreach

Qualifications include:

• Bachelor's degree or higher in Computer Science, Computer Engineering, IT Security or related field
• 5+ years' experience working as an Application Security Engineer, Software Engineer, or similar role
• Deep understanding of AI-specific risks (OWASP Top 10 for LLMs) and experience securing applications utilizing LLMs
• Experience working with AI models, Agentic frameworks and security risks associated with AI
• Experience in working with global teams, collaborating on code and presentations

Preferred qualifications include:

• Demonstrated work experience in hybrid on-premise and Public Cloud environments (AWS/GCP/Azure)
• Strong understanding of security architectures, secure configuration principles/coding practices, cryptography fundamentals and encryption protocols
• Experience with common SCM & CI/CD technologies like GitHub, Jenkins, Artifactory, etc. and integrating Security Scanning and Vulnerability Management into the CI/CD Pipelines
• Familiarity with static and dynamic security analysis tools, and SCA/SBOM solutions
• Hands on experience with Secrets Management & Password Vault technologies such as Delinea Secret Server and/or Hashicorp Vault, etc.
• Strong experience in secure programming in languages such as Python, Java, C++, C#, or similar
• Familiarity with Infrastructure as Code tools (CloudFormation, Terraform, Ansible, etc.)
• Familiarity with web application security testing tools and methodologies
• Knowledge of various security frameworks and standards such as ISO 27001, NIST, OWASP, etc.
• Knowledge of Linux, OS internals and containers is a plus
• Certifications like CISSP, CISM, CompTIA Security+, or CEH are advantageous

We offer a competitive salary and benefits package, as well as opportunities for professional growth and development.

XML job scraping automation by YubHub

In this role, you will work cross-functionally with Engineering, Security, IT, DevOps, and Finance to ensure the organisation meets SOX 404 compliance requirements in a rapidly scaling, technology-driven environment.

This is a unique opportunity to build IT SOX controls at an AI-first company, leveraging cutting-edge AI technology to create innovative, automated, and scalable compliance solutions.

You will help define how AI can transform traditional SOX processes,from continuous monitoring to intelligent risk assessment,while maintaining the rigor required for public company compliance.

As the Head of IT SOX, you will own SOX IT planning, scoping, testing, remediation, and reporting activities. You'll work directly with technical partners to design and implement scalable controls, oversee documentation, and manage communication with external auditors.

This role reports to the Head of Internal Audit and plays a critical part in strengthening internal control maturity as the company scales through pre-IPO readiness and longer term as a public company.

Responsibilities:

SOX IT Program Leadership

• Lead and manage the organisation's end-to-end IT SOX compliance program

• Own SOX IT planning, scoping, testing, remediation, and reporting activities

• Build scalable, automated, and sustainable controls to support growth through pre-IPO and post-IPO readiness

• Develop and maintain the SOX IT compliance roadmap aligned with organisational growth

• Pioneer the use of AI and automation technologies to enhance control effectiveness, continuous monitoring, and risk detection

• Drive IT controls rationalisation initiatives to optimise the control environment and increase reliance on IT automated controls (ITACs)

ITGC and Application Controls

• Design, implement, and monitor IT General Controls (ITGCs) across critical systems

• Evaluate and test application controls and IT automated controls (ITACs) to ensure proper functionality and compliance

• Conduct system and process risk assessments to identify control gaps and remediation needs

• Oversee control documentation and ensure audit-ready evidence is maintained

• Assess and monitor Systems Development Life Cycle (SDLC) controls for new system implementations and changes

Cross-Functional Partnership

• Partner with Engineering, Security, IT, DevOps, and Finance teams to implement scalable controls

• Work directly with technical partners to design controls that align with business operations

• Collaborate with process owners to identify control improvements and automation opportunities

• Support SEC cybersecurity disclosure requirements and ongoing monitoring of cyber risks

External Audit Management

• Serve as the primary point of contact for external auditors on IT SOX matters

• Manage audit requests, coordinate testing schedules, and facilitate audit walkthroughs

• Track and report on IT SOX compliance status to leadership, the Board, and Audit Committee

If you have 10+ years of hands-on IT audit and SOX compliance experience, preferably in both Big 4 and in-house internal audit/SOX leadership roles at a fast-paced technology company, you may be a good fit for this role.

XML job scraping automation by YubHub

At Gusto, we're on a mission to grow the small business economy. We handle the hard stuff , payroll, health insurance, 401(k)s, and HR , so owners can focus on their craft and their customers.

With teams in Denver, San Francisco, and New York, we support more than 400,000 small businesses nationwide and are building a workplace that reflects the people we serve.

All full-time employees receive competitive base pay, benefits, and equity (RSUs) , because everyone who helps build Gusto should share in its success. Offer amounts are determined by role, level, and location. Learn more about our Total Rewards philosophy.

AI is a fundamental part of how work gets done at Gusto. We expect all team members to actively engage with AI tools relevant to their role and grow their fluency as the technology evolves. AI experience requirements vary by role and will be assessed during the interview process.

About the Role:

Gusto is scaling our AI-powered risk function to support a complex, multi-entity business operating in highly regulated environments. As the Enterprise Risk Management Lead, you will own and operate Gusto's Enterprise Risk and Third Party Risk Management programs , built AI-first, designed to scale, and built to enable the business to move fast without breaking things.

This is a People Empowerer (manager) role. You balance hands-on program leadership with managing and developing a team of compliance professionals. You navigate the tension between "doing the work" and "leading the work" , contributing directly to complex, high-impact programs while ensuring your team delivers with excellence.

You are a change agent who influences how automated risk management gets done at Gusto, models AI-enabled ways of working, and helps others grow their own capabilities in the process.

You will champion the adoption of AI, machine learning, and process automation across risk monitoring, control testing, incident management, and reporting , and you will partner with Product, Data Science, and Engineering to make it explainable, adopted, compliant, and scalable.

Here’s what you’ll do day-to-day:

You manage initiatives that are complex in both scope and impact, influencing the strategic direction of Gusto's compliance risk management framework.

You apply a deep understanding of the regulatory landscape and how it intersects with Gusto's business model to proactively design and lead cross-functional risk programs.

You translate complex risk topics into clear, actionable guidance that senior leaders can immediately understand and operationalize.

You lead cross-functional working groups, align divergent perspectives, and drive cohesive progress toward shared goals , with minimal oversight.

As a PE, you balance individual risk and compliance contribution with team leadership.

You manage operations, professional development, resource allocation, and performance , while staying close enough to the work to be a credible, hands-on partner to your team and stakeholders.

You model responsible AI use, and act as a source of knowledge and mentorship , supporting your team's AI journey and helping others apply it responsibly and effectively.

AI-Enabled Risk Operations, Innovation & Transformation

This is how you and your team operate , not a side project.

• Champion the adoption of AI, machine learning, process automation, and advanced analytics to improve risk monitoring, control testing, and reporting across ERM, TPRM, and broader compliance functions

• Lead the integration of AI and automation into every phase of the risk lifecycle: vendor assessments, document ingestion and analysis, continuous monitoring and alerting, risk scoring, prioritization, and trend analysis

• Build intelligent risk monitoring and evaluation systems , including auto-tagging for risk issues, audit requests, and regulatory changes , that improve real-time visibility and eliminate manual effort across the enterprise risk portfolio

• Drive the digitalization of risk tools including RCSAs, KRIs, incident reporting, and audit tracking , transforming periodic, reactive processes into continuous intelligence systems with live leading and lagging indicators that enable real-time decision-making

• Partner with Product, Data Science, and Engineering to define requirements for AI-driven workflows, decisioning engines, and dashboards , ensuring explainability, auditability, and regulatory defensibility of all AI-enabled risk decisions

• Design and build intelligent dashboards and reporting tools that deliver real-time risk visibility and decision-quality insights to senior leadership and cross-functional stakeholders

• Design AI workflows with appropriate validation loops, human-in-the-loop checkpoints, and guardrails , ensuring outputs are reliable, governable, and meet regulatory standards before being used to frame risks, recommendations, or decisions

• Stay current on AI advancements and emerging technologies and proactively integrate new capabilities into team operations to increase velocity and scale

• Model responsible AI use , supporting ICs in their AI journeys and fostering a culture of intentional experimentation, accountability, and continuous improvement

Enterprise Risk Management

• Design, implement, and continuously improve Gusto's ERM framework, ensuring alignment with best practices and Gusto's stage of growth and strategic priorities across all entities

• Define and maintain Gusto's enterprise risk taxonomy, risk appetite statement, and key risk indicators spanning operational, regulatory, technology, financial, and reputational risk domains

• Lead Gusto's Enterprise Risk Management process , driving integration of risk practices across business functions, promoting a proactive risk culture, and ensuring incident management, root cause analysis, and lessons learned are systematically captured in an automated, AI forward way.

• Apply AI-assisted insights to enterprise risk datasets to surface systemic patterns, validate assumptions, prioritize risks, and deliver proactive, data-driven advisory to senior leadership

• Monitor the regulatory landscape (OCC, FDIC, CFPB, SEC, FINRA, GDPR, NIST, ISO, SOC) and leverage AI to proactively incorporate changes before they become compliance gaps

• Act as a key advisor to senior compliance leadership , translating complex risk findings into clear, actionable recommendations with minimal oversight

Third Party Risk Management (TPRM)

• Design, implement, and independently manage a high-impact, AI-first TPRM program with clear milestones, progress tracking, and measurable outcomes across all Gusto entities

• Manage the full third-party risk lifecycle , onboarding and risk profiling, periodic assessments, issue management, corrective action tracking, and offboarding , across suppliers, product partners, contractors, service providers, and cloud service providers , and do so in an AI and automated way.

• Maintain a centralized, authoritative vendor risk inventory and risk register, ensuring real-time visibility into Gusto's third-party risk posture

• Conduct periodic AI-driven audits and reviews of third-party compliance with contractual obligations and regulatory standards, identifying patterns that inform continuous program improvement

• Serve as the central orchestrator across Compliance, Security, Legal, Procurement, IT, and GRC for proactive and reactive third-party incident management

• Own Gusto's TPRM policy and maintain comprehensive documentation , risk assessments, audit findings, corrective actions , ensuring full accountability and traceability

People Leadership & Team Development

• Balance individual compliance contribution with team leadership , managing operations, professional development, resource allocation, and performance while staying close to the work

• Coach and develop ICs toward next

XML job scraping automation by YubHub

Key responsibilities include conducting supplier selection, partnering with strategic suppliers, managing CAPEX throughout NPI, conducting value-stream mapping, completing BOM risk assessments, ensuring completion of all component qualifications, reducing complexity through commonality optimization and component/supplier rationalization, and leading all cost engineering activities to converge the bottoms-up cost curve to product cost, maximizing the total cost of ownership (TCO) across the product lifecycle.

Required qualifications include a Bachelor's degree in engineering or other technical field, 3+ years of experience in sourcing engineering, supplier engagement and development, or design of electronics and/or mechanical devices, domain expertise of value/procurement engineering or TCO-related work at the component & product level, ability to travel up to 25% of the time, and ability to relocate, if not already local to be onsite in Costa Mesa, CA.

Preferred qualifications include a Master's degree or advanced technical degree, deeper experience within design & development of electronics and/or mechanical devices, advanced sourcing activities, including stints as commodity/sourcing managers, supplier development (technology, process, supply chain, etc.), early supplier engagement, ahead of product/engineering requirement realization, familiarity with developing high-tech products in a high-mix, low-volume environment, exposure to working in a fast-pace, start-up environment, and ability to obtain and maintain a U.S. TS clearance.

XML job scraping automation by YubHub

The TPM will be responsible for leading the SOX program, including onboarding, risk assessments, and control design for new features and significant engineering changes. They will also identify SOX risks and key controls, maintain the RCM, and oversee ITGCs and ITACs design and operating effectiveness.

The ideal candidate will have a proven track record of supporting product and engineering organizations, strong understanding of ITGCs, application controls, and risk assessments, and hands-on experience with SOX 404 control design, testing, issue management, and audit readiness.

In addition to the above responsibilities, the TPM will serve as the primary liaison to Internal and External Audit on technology- and product-related SOX matters, continuously improve the SOX program through metrics, automation, and monitoring, and track and resolve control issues, identify systemic gaps, and drive durable improvements to prevent recurrence.

If you're a motivated and experienced professional looking for a challenging role, please apply!

XML job scraping automation by YubHub

Key responsibilities include conducting supplier selection, partnering with strategic suppliers, managing CAPEX throughout NPI, conducting value-stream mapping, completing BOM risk assessments, ensuring completion of all component qualifications, reducing complexity through commonality optimization and component/supplier rationalization, and leading all cost engineering activities to converge the bottoms-up cost curve to product cost, maximizing the total cost of ownership (TCO) across the product lifecycle.

The ideal candidate will have a Bachelor's degree in engineering or other technical field, 5+ years of experience in sourcing engineering, supplier engagement and development, or design of electronics and/or mechanical devices, domain expertise of value/procurement engineering or TCO-related work at the component & product level, ability to travel 10% - 40% of the time, and ability to relocate if not already local to be onsite in Costa Mesa, CA.

Preferred qualifications include a Master's degree or advanced technical degree, deeper experience within design & development of electronics and/or mechanical devices, advanced sourcing activities, supplier development, early supplier engagement, familiarity with developing high-tech products in a high-mix, low-volume environment, exposure to working in a fast-pace, start-up environment, and ability to obtain and maintain a U.S. TS clearance.

XML job scraping automation by YubHub

As an Information Systems Security Officer, you will play a critical role in shaping classified, closed, or air-gapped environments in which to deploy Anduril products or software. You will be well-versed in a combination of Information Technology, Security, and government accreditation processes, and will utilize your sharp critical thinking skills to balance Business Line needs, product velocity, and customer requirements.

Responsibilities:

• Provide expertise in documenting security controls that apply to respective systems to meet cybersecurity framework requirements.
• Perform required security functions on an iterative basis to meet requirements and deliver results.
• Apply technology standards from the commercial space in classified, air-gapped environments.
• Assist the ISSM, fellow ISSOs, and other members of the Classified Infrastructure team to understand key stakeholders' needs and provide complex technical solutions to meet contractual obligations.
• Tailor NIST 800-53 controls to determine applicability to the network environment and oversee the implementation of Continuous Monitoring for respective programs.
• Define, document, and conduct security scanning on Anduril's products and accredited information systems.
• Scope, shape, and orchestrate the development of features to ensure products meet compliance goals.

Requirements:

• Design, develop, and implement secure systems and networks per NIST RMF, JSIG, and other industry standards.
• Participate and assist in security risk assessments, vulnerability assessments, and audits to identify and mitigate threats.
• Speak to and recommend security solutions, such as IDS/IPS, encryption protocols, and secure communications technologies.
• Develop and enforce access controls, encryption strategies, and other technical measures to safeguard systems.
• Maintain and update System Security Plans (SSPs), POA&Ms, and other accreditation documentation.
• Manage the organization's security posture, ensuring compliance with internal policies and external regulatory frameworks.
• Participate in the Authorization and Accreditation (A&A) processes to obtain/maintain system Authority to Operate (ATO).
• Able to assist, even lead, incident response efforts, including investigation, root cause analysis, containment, and reporting.
• Conduct regular audits, continuous monitoring, and risk assessments to ensure ongoing compliance and system resilience.
• Collaborate with government security officials, stakeholders, and teams to address security gaps and improve controls.
• Currently possesses and is able to maintain an active U.S. Top Secret security clearance.

Preferred Qualifications:

• Experience with industry standard tools such as Splunk, DISA STIGs, and SCC.
• The ability to understand programming/scripting languages, i.e. Python, Powershell, Bash
• An understanding of Linux Red Hat operating systems and SELinux policy.

XML job scraping automation by YubHub

About the Team: Anduril employs a variety of networks and networking infrastructures to support global operations. Information Systems Security Managers are in charge of directly supporting business lines that wish to deploy Anduril products in classified environments.

About the Job: As an Information Systems Security Manager, you will be responsible for providing expertise in documenting security controls to reduce the administrative cost of deploying Anduril's products into operational environments. You will partner with program and security teams to coordinate security artifacts in support of classified deployments. You will apply technology standards from the commercial space in classified, air-gapped environments.

Responsibilities:

• Provide expertise in documenting security controls to reduce the administrative cost of deploying Anduril's products into operational environments.
• Partner with program and security teams to coordinate security artifacts in support of classified deployments.
• Apply technology standards from the commercial space in classified, air-gapped environments.
• Collaborate with Information System Owners to understand key stakeholders' needs and provide complex technical solutions to meet contractual obligations.
• Tailor NIST 800-53 controls to determine applicability to the network environment and oversee the implementation of Continuous Monitoring for respective programs.
• Define, document, and conduct security scanning on Anduril's products and accredited information systems.
• Scope, shape, and orchestrate the development of features to ensure products meet compliance goals.

Required Qualifications:

• Design, develop, and implement secure systems and networks per NIST RMF, JSIG, and other industry standards.
• Integrate security best practices into Anduril's Software Development Lifecycle (SDLC) and infrastructure design, collaborating with internal IT and engineering teams.
• Conduct security risk assessments, vulnerability assessments, and audits to identify and mitigate threats.
• Recommend and implement security solutions, such as IDS/IPS, encryption protocols, and secure communications technologies.
• Develop and enforce access controls, encryption strategies, and other technical measures to safeguard systems.
• Maintain and update System Security Plans (SSPs), POA&Ms, and other accreditation documentation.

Preferred Qualifications:

• Experience with application security paradigms such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA).
• Proven experience in securing micro-services architecture, including implementing best practices and compliance with DoD cybersecurity standards.
• Experience with cybersecurity in unmanned and ground control system within DoD environments.
• Experience with containerization and kubernetes along with the best practices for securing them.
• Experience with Cloud Service Providers (CSPs) and the various tools they offer for implementing security and compliance best practices.

Salary: The salary range for this role is $146,000-$194,000 USD.

Benefits: Anduril offers top-tier benefits for full-time employees, including comprehensive medical, dental, and vision plans at little to no cost to you. Anduril also offers income protection, generous time off, family planning and parenting support, mental health resources, professional development, commuter benefits, relocation assistance, and a retirement savings plan.

Protecting Yourself from Recruitment Scams: Anduril is committed to maintaining the integrity of our Talent acquisition process and the security of our candidates. We've observed a rise in sophisticated phishing and fraudulent schemes where individuals impersonate Anduril representatives, luring job seekers with false interviews or job offers. These scammers often attempt to extract payment or sensitive personal information.

To ensure your safety and help you navigate your job search with confidence, please keep the following critical points in mind:

• No Financial Requests: Anduril will never solicit payment or demand personal financial details (such as banking information, credit card numbers, or social security numbers) at any stage of our hiring process. Our legitimate recruitment is entirely free for candidates.
• Please always verify communications:
• Direct from Anduril: If you receive an email from one of our recruiters, it will only come from an @anduril.com address.
• Via Agency Partner: If contacted by a recruiting agency for an Anduril role, their email will clearly identify their agency. If you suspect any suspicious activity, please verify the agency's authenticity by reaching out to contact@anduril.com.
• Exercise Caution with Unsolicited Outreach: If you receive any communication that appears suspicious, contains grammatical errors, or makes unusual requests, do not respond or engage with the sender.

XML job scraping automation by YubHub

In this role, you will work cross-functionally with Engineering, Security, IT, DevOps, and Finance to ensure the organisation meets SOX 404 compliance requirements in a rapidly scaling, technology-driven environment.

This is a unique opportunity to build IT SOX controls at an AI-first company, leveraging cutting-edge AI technology to create innovative, automated, and scalable compliance solutions.

As the Head of IT SOX, you will own SOX IT planning, scoping, testing, remediation, and reporting activities. You'll work directly with technical partners to design and implement scalable controls, oversee documentation, and manage communication with external auditors.

Responsibilities:

• Lead and manage the organisation's end-to-end IT SOX compliance program
• Own SOX IT planning, scoping, testing, remediation, and reporting activities
• Build scalable, automated, and sustainable controls to support growth through pre-IPO and post-IPO readiness
• Develop and maintain the SOX IT compliance roadmap aligned with organisational growth
• Pioneer the use of AI and automation technologies to enhance control effectiveness, continuous monitoring, and risk detection
• Drive IT controls rationalisation initiatives to optimise the control environment and increase reliance on IT automated controls (ITACs)

ITGC and Application Controls:

• Design, implement, and monitor IT General Controls (ITGCs) across critical systems
• Evaluate and test application controls and IT automated controls (ITACs) to ensure proper functionality and compliance
• Conduct system and process risk assessments to identify control gaps and remediation needs
• Oversee control documentation and ensure audit-ready evidence is maintained
• Assess and monitor Systems Development Life Cycle (SDLC) controls for new system implementations and changes

Cross-Functional Partnership:

• Partner with Engineering, Security, IT, DevOps, and Finance teams to implement scalable controls
• Work directly with technical partners to design controls that align with business operations
• Collaborate with process owners to identify control improvements and automation opportunities
• Support SEC cybersecurity disclosure requirements and ongoing monitoring of cyber risks

External Audit Management:

• Serve as the primary point of contact for external auditors on IT SOX matters
• Manage audit requests, coordinate testing schedules, and facilitate audit walkthroughs
• Track and report on IT SOX compliance status to leadership, the Board, and Audit Committee

You may be a good fit if you:

• Have 10+ years of hands-on IT audit and SOX compliance experience, preferably in both Big 4 and in-house internal audit/SOX leadership roles at a fast-paced technology company
• Have proven ability to establish or scale SOX IT compliance programs at newly public or pre-IPO companies
• Possess deep understanding of ITGCs, application controls, and risk assessments
• Have strong project management, analytical, and communication skills
• Hold a Bachelor's degree in Information Systems, Computer Science, Accounting, or a related field
• Are passionate about building scalable processes that support organisational growth and Anthropic's mission to create safe AI

Strong candidates may also have:

• Experience with Workday, Salesforce, NetSuite, GitHub, or other enterprise business systems
• CISA, CIA, CPA, or similar certification
• Experience supporting rapid company growth and scaling compliance programs accordingly
• Interest in or experience applying AI/ML technologies to audit, compliance, or risk management processes
• Understanding of financial data security and compliance requirements
• Experience working at a high-growth AI or technology company
• Familiarity with auditing modern software development environments

The annual compensation range for this role is $300,000-$360,000 USD.

XML job scraping automation by YubHub

The ideal candidate brings deep expertise in defense, shipbuilding, and advanced manufacturing, with exposure to AI-enabled, robotics, or autonomous vehicle technologies. This individual will have a proven record of designing and implementing world-class EHS programs in high-risk, high-technology, safety-critical maritime environments.

Responsibilities:

• Strategic Leadership & Organizational Development: Develop and execute a global EHS strategy that supports the rapid growth of defense, maritime, and AI/autonomous manufacturing programs.

• Scale the EHS organization across multiple international sites, ensuring regional compliance, consistent standards, and operational excellence.

• Coordinate with Security, Legal, and Compliance in all strategic planning, including facility expansion, technology integration, facility and operational controls, and entry into new international markets.

• Regulatory Compliance & Certification: Lead efforts to achieve and maintain ISO 14000 and ISO 45001 certifications and ensure compliance with ASTM E2920-24, DoD/NAVSEA standards, ISM, and other applicable defense and maritime environmental and health and safety regulations.

• Oversee audit programs, risk assessments, and corrective action plans across all operations, including those integrating AI, robotics, and autonomous technologies.

• Operational Excellence & Risk Management: Develop and implement scalable, data-driven EHS management systems.

• Drive advanced risk management initiatives.

• Oversight of serious incident investigations, regulator engagement, and executive communications.

Qualifications:

• Education & Credentials: Bachelor’s degree in Environmental Engineering, Safety Engineering, Industrial Hygiene, or related field (Master’s preferred).

• Professional certifications such as CSP, CIH, CHMM, ICS, PE, or CPEA preferred.

• Experience: Minimum 15+ years of progressive EHS leadership experience in a global EHS program in defense, maritime, shipbuilding, or advanced manufacturing industries.

• Experience in high hazard environments including shipbuilding or ship repair, aerospace or defense manufacturing, offshore oil & gas, heavy industrial manufacturing, large-scale energy.

• Maritime experience in shipyard safety, pier-side and at-sea testing, vessel commissioning and sea trials.

• Experience managing EHS for autonomous or remotely operated systems, robotics or unmanned platforms, complex software-hardware integration.

• Proven track record in achieving ISO 14001 and ISO 45001 certifications and ensuring ASTM E2920-24 compliance.

• Skills & Attributes: Strategic, visionary leadership with deep operational and technical EHS expertise.

• Strong understanding of risk management frameworks for autonomous and AI-enabled systems.

• Excellent cross-functional collaboration skills across engineering, software, and manufacturing disciplines.

• Exceptional communication, stakeholder engagement, and cross-cultural leadership abilities.

• Commitment to continuous improvement, sustainability, and ethical responsibility

Physical Requirements:

• Position occasionally requires the ability to work overtime and weekends when needed.
• Role requires up to 20% travel between CA, TX, LA, and VA with opportunities to travel to other US cities.
• Ability to lift 35 lbs unassisted.

Benefits:

• Medical Insurance: Comprehensive health insurance plans covering a range of services.
• Saronic pays 100% of the premium for employees and 80% for dependents.
• Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care.
• Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents.
• Time Off: Generous PTO and Holidays.
• Parental Leave: Paid maternity and paternity leave to support new parents.
• Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses.
• Retirement Plan: 401(k) plan with company match.
• Stock Options: Equity options to give employees a stake in the company’s success.
• Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage.
• Pet Insurance: Discounted pet insurance options including 24/7 Telehealth helpline.
• Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office

XML job scraping automation by YubHub

We're a global beauty company that has revolutionised the face of the industry by de-coding makeup applications for everyone, everywhere. Our easy-to-use, easy-to-choose, easy-to-gift range has broken records across countries, channels, and categories.

Job Title: Senior Project and Events Manager

We're looking for a strategic and hands-on Senior Project Manager to join our UK Leadership Team and report directly to the GM. You'll lead the end-to-end planning, coordination, and operational delivery of key cross-functional strategic projects and events, spanning tech, commercial, VM, store design, marketing, retail, operations, and education.

Responsibilities

• Lead Distribution & Operational Readiness: Act as the key gatekeeper for all upcoming distribution and CPA milestones. Manage critical timelines and decision points across functions, ensuring smooth internal and external reviews. Oversee operational readiness for new store openings and concessions, including supply chain and logistics coordination.

• Facilitate Measurement & Reporting: Support in driving post-project and event reviews to capture learnings and implement improvements. Collaboratively collate key KPIS with stakeholders for each activation and operational project, and ensure clear process & accountability mapping.

• Change Management & Communications: Own communication and integration for strategic initiatives such as tech upgrades, clienteling platforms, and SAP systems. Lead stakeholder engagement and ensure seamless regional adoption.

• Promotional Calendar & Commercial Moments: Manage promotional timelines, including AOV drivers and key commercial events. Oversee sign-off processes and coordinate cross-functional kick-offs to ensure flawless execution.

• Budget Governance: Own budget management processes across all functions, ensuring timely reviews, and approvals are met within given timeframes.

Event & Activation Management

• Retail Conference & Showcase PM Leadership: Co-lead major retail conference and product showcase events, managing cross-functional CPAs, logistics, presenter coordination, content reviews, and approvals. Act as on-the-day production lead, directing timelines and team responsibilities.

• Experiential Activations & Pop-Ups: Own CPAs, logistics, and approval timelines to deliver exceptional brand experiences. Act as on-the-day production lead, directing timelines and team responsibilities.

• Charlotte & Team Tilbury PA Events: Lead planning and execution of Charlotte Tilbury (founder) PA events, managing CPAs, logistics, and approvals. Collaborate closely with global teams to ensure alignment, consistency & approvals.

Reporting Relationships

• Reporting directly into the GM of the region

• Dotted line to full regional SLT

• Member of UK/PP/ANZ Lead team

• Closely collaborates with full UK cross-functional team

• Collaborates with the Global Marketing function

• Collaborates with Global Tech & Transformation teams

Requirements

• Proven experience in event management and retail operations within beauty, fashion, or luxury sectors.

• Previous senior project management experience

• Strong project management skills (tools like Asana, Monday.com).

• Financial acumen and governance discipline.

• Excellent stakeholder management and communication skills.

• Knowledge of H&S compliance, permits, and risk assessments.

• Ability to thrive in fast-paced, ambiguous environments.

Benefits

• Be a part of this values-driven, high-growth, magical journey with an ultimate vision to empower everyone, everywhere to be the best version of themselves.

• We're a hybrid model with flexibility, allowing you to work how best suits you.

• 25 days holiday (plus bank holidays) with an additional day to celebrate your birthday.

• Inclusive parental leave policy that supports all parents and carers throughout their parenting and caring journey.

• Financial security and planning with our pension and life assurance for all.

• Wellness and social benefits including Medicash, Employee Assist Programs, and regular social connects with colleagues.

• Bring your furry friend to work with you on our allocated dog-friendly days and spaces.

• And not to forget our generous product discount and gifting!

At Charlotte Tilbury Beauty, our mission is to empower everybody in the world to be the most beautiful version of themselves. We celebrate and support this by encouraging and hiring people with diverse backgrounds, cultures, voices, beliefs, and perspectives into our growing global workforce.

XML job scraping automation by YubHub

You will be part of a team that supports CIOs in managing central challenges such as geopolitical and macroeconomic uncertainty, cybersecurity, digital transformation, and budget restrictions. As a Cyber GRC Senior Consultant, you will work with security, IT, and compliance teams to strengthen cybersecurity, manage cyber risks, and ensure regulatory compliance.

Key Responsibilities

• Participate in global projects in an international team, supported by over 330,000 technical professionals from our parent company
• Contribute to the development of consulting offerings and innovative go-to-market solutions for the C-Suite to make cyber risks understandable and reducible
• Lead and conduct risk analyses according to the NIST CSF
• Be responsible for conceiving innovative new services using AI and ML where they offer real added value
• Support pre-sales, sales, and account management activities from the perspective of a subject matter expert

Requirements

• You have a clear career progression and experience working with renowned consulting firms and large commercial sector customers
• You bring a strong passion for cybersecurity and actively follow current industry trends and developments
• Your cybersecurity expertise includes:

+ A relevant university degree (Bachelor or Master) in Information Security, Cybersecurity, or IT Security + At least 1-5+ years of experience in the field of Cyber Security/Information Security + A broad business competence profile, including stakeholder management, problem-solving ability, and resilience + Experience in collecting, validating, analyzing, documenting, and communicating information to stakeholders

Desired Skills

• Good knowledge of the NIST Cybersecurity Framework (CSF)
• A further university degree in Cyber or Information Security
• Cyber Due Diligence Assessments
• Cyber Risk Management for third parties and supply chains
• Review of Incident Response Plans
• Support in tenders, RFP responses, and offers
• Conducting Crisis Management Exercises (CMX)
• Certifications such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM
• Participation in the development of Target Operating Models (TOMs) and RACI matrices
• Creation of Cyber Security Roadmaps
• Support in Post-Incident Reviews
• Analysis and summarization of Cyber Threat Intelligence Reports
• Implementation of Cyber Compliance Programs (DSGVO, DORA, ISO 27001, NIS2, SOX)
• Cyber Risk or Maturity Assessments
• Conception and/or implementation of Awareness Trainings
• Participation in Identity & Access Management Projects
• Participation in Privileged Access Management Projects

Ideal Candidate Profile

• Our ideal candidates have the following skills:

+ Strong business competence, particularly in stakeholder management and problem-solving + Experience in preparing and communicating complex information to stakeholders + Very good communication skills in German (C2) and English (C2) and project-related travel readiness + Enjoy working with customers from different industries + Experience in balancing technical and commercial requirements to develop practical solutions + Ability to build lasting business relationships at all levels + Ability to provide expert support and guidance to less experienced colleagues + Ability to explain complex cyber methods in a non-technical and understandable way (written and oral)

Benefits

You will be part of a team that supports CIOs in managing central challenges such as geopolitical and macroeconomic uncertainty, cybersecurity, digital transformation, and budget restrictions. Our team of business analysts, enterprise architects, and cyber security specialists combines operational, strategic, analytical, and innovative competencies to drive business-IT alignment, IT governance transformation, IT cost optimization, efficiency improvement, innovation promotion, and cyber risk, governance, and compliance topics.

About Infosys Consulting

You will be part of a globally renowned management consulting firm that is on the front-line of industry disruption. We are a mid-size player with a supportive, entrepreneurial spirit that works with a market-leading brand in every sector, while our parent organization Infosys is a top-5 powerhouse IT brand that is outperforming the market and experiencing rapid growth.

Our consulting business is annually recognized as one of the UK's top firms by the Financial Times and Forbes due to our client innovations, our cultural diversity, and dedicated training and career paths we offer to our consultants. We are committed to fostering an inclusive work culture that inspires everyone to deliver their best.

XML job scraping automation by YubHub

We are looking for a highly skilled Cyber GRC (Governance, Risk, and Compliance) Senior Consultant to help organizations strengthen their cybersecurity posture, manage cyber risks, and ensure regulatory compliance. The ideal candidate will have deep expertise in cybersecurity frameworks, risk management, regulatory compliance, and security governance.

As a Cyber GRC Senior Consultant, you will collaborate with client security, IT, and compliance teams to direct and oversee the development and implementation of cybersecurity policies, conduct risk assessments, and ensure adherence to global security standards and regulations.

Key Responsibilities:

Work on global projects with a truly global team, with the support of over 330,000 technical staff from our parent organization.

Contribute to the development of consulting go to market offerings and innovative solutions targeted at the C-Suite executive community that help them to understand and mitigate their cyber risks.

Direct and lead NIST CSF risk assessments

Oversee the design of innovative new services to lead the market incorporating AI and ML where it brings value.

Support presales, sales, and account management pursuits from a subject matter expert perspective.

Requirements

You will have already achieved strong career progression to date, and experience working with recognized consulting brands and large commercial sector clients. You will have a passion for cyber security and a genuine interest in staying updated with the latest industry trends and developments.

Your security experience must include:

A relevant undergrad or post grad degree (Infosec, Cyber Security, IT Security)

1-5 years+ in the field of cyber security/infosec.

A broad business skill set including stakeholder management, problem-solving, and resilience

Experience in gathering, validating, synthesizing, documenting, and communicating data and information for a range of audiences

Excellent interpersonal skills and strong written and verbal communication skills in country’s official language(s) (C2 proficiency) and English (C2 proficiency), project-related mobility/willingness to travel

Your diverse Security experience should include one or some of below:

A good understanding of NIST CSF

A post graduate degree in cyber /information security

Cyber Due Diligence Assessments

Third- Party & Supply chain Cyber Risk Management

Incident Response Plan review

Supporting bids, RFP responses and proposals

Crisis Management Exercises (CMX)

Accreditation such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM,

Helped design Target Operating Models (TOMs) and RACI Matrices

Helping the design of Cyber Security Roadmaps

Supporting Post Incident Reviews

Reading and summarising Cyber Threat Intelligence reports

Cyber Security Risk Assessments or Maturity Assessments

Design and/deliver awareness training.

Worked on Identity and Access Management projects.

Worked on Privileged access management projects

Our ideal candidate may have some of the following skills:

Have a broad business skill set including stakeholder management, problem-solving, and resilience

Have experience in gathering, validating, synthesizing, documenting, and communicating data and information for a range of audiences

Have excellent interpersonal skills and strong written and verbal communication skills in country’s official language(s) (C2 proficiency) and English (C2 proficiency), project-related mobility/willingness to travel

Enjoy working with different clients from different industries.

Have some experience in balancing technical and commercial considerations to develop practical advice or solutions for clients.

Be able to build strong and effective business relationships at all levels

Be able to support and oversee staff with less experience in their tasks

Be able to explain complex cyber methodologies using accessible non-technical language (both written and verbal)

_Given that this is just a short snapshot of the role we encourage you to apply even if you don't meet all the requirements listed above. We are looking for team members who strive to make an impact and are eager to learn. If this sounds like you and you feel you have the skills and experience required, then please apply now._

About your team

At the Tech Transformation practice, we help CIOs overcome their biggest challenges such as geopolitical and macroeconomic uncertainty, cybersecurity, digital transformation, and budget constraints; enabling them to leverage technology to deliver value to their business. We have a team of business analysts, enterprise architects and cybersecurity specialists with business, operational, strategic, analytical and innovation skills. that come together to drive business IT alignment, Transform IT governance, IT Cost containment, operating efficiency improvements, Innovation enablement and cybersecurity risk, governance, and compliance.

About Infosys Consulting

Be part of a globally renowned management consulting firm on the front-line of industry disruption and at the cutting edge of technology. We work with market leading brands across sectors. Our culture is inclusive and entrepreneurial. Being a mid-size consultancy within the scale of Infosys gives us the global reach to partner with our clients throughout their transformation journey.

Our core values, IC-LIFE, form a common code that helps us move forward. IC-LIFE stands for Inclusion, Equity and Diversity, Client, Leadership, Integrity, Fairness, and Excellence. To learn more about Infosys Consulting and our values, please visit our careers page.

Within Europe, we are recognized as one of the UK’s top firms by the Financial Times and Forbes due to our client innovations, our cultural diversity and dedicated training and career paths. Infosys is on the Germany’s top employers list for 2023. Management Consulting Magazine named us on their list of Best Firms to Work for. Furthermore, Infosys has been recognized by the Top Employers Institute, a global certification company, for its exceptional standards in employee conditions across Europe for five years in a row.

We offer industry-leading compensation and benefits, along with top training and development opportunities so that you can grow your career and achieve your personal goals. Curious to learn more? We’d love to hear from you.... Apply today!

XML job scraping automation by YubHub

Reporting to the Regional General Manager, you’ll take full ownership of day-to-day operations at our West Midlands site.

With safety, health and environmental standards front and centre, you’ll drive operational efficiency, boost financial performance, and deliver outstanding service to both internal and external customers. You’ll lead from the front — developing your team, championing innovation, and unlocking the site’s full potential all measured through clear, outcome-focused KPIs.

Success in this role means strong collaboration with the Regional General Manager and the Project and Maintenance Manager, while fostering a proactive, high-performance culture across the site.

Health, Safety & Environment

• Lead site health, safety and environmental performance, reducing incidents and embedding a strong safety-first culture.
• Enforce site rules and procedures, conducting investigations and disciplinaries where required.
• Ensure full compliance with permits, licences and legal obligations — achieving zero EA CAR scores, no discharge breaches, no reportable emissions, and no long-term waste stock.

Operational Performance

• Plan and coordinate treatments to maximise efficiency and capacity.
• Quote customers, review bookings and eliminate non-value-adding activities to consistently meet service KPIs.
• Drive continuous improvement across processes, systems and site standards.

Financial Management

• Control site budgets across treatment, disposal, labour and maintenance.
• Deliver strong monthly P&L performance and meet or exceed agreed financial targets.
• Identify cost-saving opportunities without compromising safety or service quality.

People & Leadership

• Oversee staffing levels, schedules and performance management.
• Set clear objectives and hold teams accountable for results.
• Work closely with the Site Manager and wider teams to ensure effective resourcing and collaboration.
• Develop your people through structured training, coaching and hands-on leadership.

Requirements

Our essential requirements.

• IOSH Managing Safely (or equivalent) is essential; COTC Level 4 in hazardous waste treatment and transfer is highly desirable.
• Experience managing operational teams in a fast-paced, regulated environment; hazardous waste or treatment/transfer station experience is desirable.
• Degree in Chemistry, Engineering, or a related science is preferred but not essential.
• Good working knowledge of site permitting, risk assessments, and ISO standards (9001, 14001, 45001), with confidence in leading investigations and disciplinaries.
• Proficient in MS Office, with strong organisational skills and the ability to manage a mixed-skills team effectively.

Benefits

And here’s why you’ll love it at Biffa.

• Ongoing career development, training and coaching – Because if you don’t grow, we don’t grow.
• Generous pension scheme.
• Retail and leisure discounts.
• Holiday and travel discounts.
• Life cover.

XML job scraping automation by YubHub

A core part of your role involves leading the operational team to deliver high performance, aligned with the company’s mission to foster a safe, productive, and inclusive workplace culture. This is a site-based role involving regular outdoor work in varying weather conditions, with rotational availability required for operational oversight outside of standard working hours.

Responsibilities

• Provide day-to-day operational oversight of the site, leading the foreman and plant operators to ensure efficiency, compliance, and achievement of operational targets.
• Ensure full compliance with Health & Safety legislation, company policies, risk assessments, SSOWs, SOPs, and the Site Traffic Management Plan.
• Monitor composting processes and key parameters using SCADA and other systems, ensuring compliance with ABP, PAS 100, and APHA requirements.
• Oversee equipment inspections, LOLER compliance, planned preventative maintenance, breakdown response, and accurate maintenance records.
• Manage contractors, visitors, and suppliers on site, including inductions, permits to work, procurement, and stock control within budget.
• Lead health, safety, and environmental performance, including inspections, audits, incident investigations, pest control, and continuous improvement initiatives.
• Lead, motivate, and manage the operational team, including rotas, training, performance management, inductions, and workforce planning.
• Maintain effective communication and reporting, acting as a key site contact for regulators and stakeholders, and supporting audits, inspections, and community engagement.

Requirements

• Demonstrable supervisory experience within waste management, composting, recycling, or a similar industrial environment.
• Proven experience producing and delivering risk assessments, permits to work, SOPs, and toolbox talks.
• Experience maintaining accurate operational records and extracting data from SCADA or similar automated control systems.
• Previous responsibility for ordering and managing consumables, PPE, lubricants, and spare parts.
• Strong working knowledge of health and safety legislation applicable to high-risk industrial or waste environments, with a focus on good housekeeping and site standards.
• Experience using and completing internal learning platforms or training modules.

Benefits

• Ongoing career development, training and coaching – Because if you don’t grow, we don’t grow.
• Car or allowance.
• Competitive salary.
• Generous pension scheme.
• Retail and leisure discounts.
• Holiday and travel discounts.
• Life cover.

XML job scraping automation by YubHub

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.

Responsibilities

As an Account Executive focused on Investment Banking & Capital Markets at Anthropic, you'll be part of the foundational team bringing frontier AI to one of the most complex and high-stakes sectors in finance. You'll drive adoption of Claude across investment banks, capital markets firms, asset managers, and sell-side research institutions—helping them transform workflows in deal execution, research production, trading operations, and client advisory.

You'll leverage deep consultative sales expertise and sector knowledge to secure strategic enterprise deals while becoming a trusted partner to stakeholders navigating AI deployment in highly regulated environments. In collaboration with GTM, Product, Policy, and Marketing teams, you'll shape our approach to this critical vertical and help define how AI transforms capital markets.

Responsibilities:

• Own the full sales cycle from prospecting through close, winning new business and driving revenue within investment banking and capital markets accounts. Navigate complex organisational structures to reach decision-makers across front office, middle office, and technology functions.

• Design and execute sales strategies tailored to the unique procurement dynamics, budget cycles, and risk considerations of capital markets institutions. Translate market intelligence into targeted account plans and campaigns.

• Identify and develop new use cases across investment banking workflows—M&A analysis, equity research, fixed income trading, compliance, and client reporting—collaborating cross-functionally to differentiate our offerings.

• Build consensus across complex stakeholder ecosystems including Managing Directors, technology leadership, risk and compliance officers, and procurement teams.

• Serve as the voice of the customer internally, gathering feedback from users and conveying market needs to inform product roadmaps, security requirements, and go-to-market positioning.

• Contribute to the evolution of our financial services sales methodology by documenting learnings, refining playbooks, and identifying process improvements that drive productivity and consistency.

You may be a good fit if you have:

• 7+ years of enterprise B2B sales experience, with significant time selling into investment banks, capital markets firms, or asset managers

• A track record of closing complex, six- and seven-figure deals within financial institutions by navigating both technical requirements and business use cases

• Deep familiarity with how investment banks and capital markets firms buy technology—including vendor risk assessments, security reviews, and multi-stakeholder approval processes

• Experience negotiating enterprise agreements within financial services procurement frameworks, including navigating legal, compliance, and infosec requirements

• Proven history of exceeding revenue targets by effectively managing pipeline and executing a disciplined sales process

• Strong executive presence and the ability to present confidently to audiences ranging from analysts and associates to C-suite executives

• Understanding of investment banking and capital markets workflows, pain points, and competitive dynamics

• A strategic, analytical mindset combined with creative tactical execution

• Genuine enthusiasm for AI and its potential to transform financial services, paired with appreciation for the importance of safe and responsible deployment

Logistics

Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work.

Your safety matters to us. To protect yourself from potential scams, remember that Anthropic recruiters only contact you from @anthropic.com email addresses. In some cases, we may partner with vetted recruiting agencies who will identify themselves as working on behalf of Anthropic. Be cautious of emails from other domains. Legitimate Anthropic recruiters will never ask for money, fees, or banking information before your first day. If you're ever unsure about a communication, don't hesitate to reach out to us directly.

XML job scraping automation by YubHub

Location

New York City

Employment Type

Full time

Location Type

Hybrid

Department

Security

Compensation

• $260K – $385K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance related bonus for eligible employees and benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick and safe time (1 hour per 30 hours worked)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

More details about our benefits are available to candidates during the hiring process.

About the Team

Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity. The Security team protects OpenAI’s technology, people, and products. We are technical in what we build but are operational in how we do our work, and are committed to supporting all products and research at OpenAI. Our Security team tenets include: prioritizing for impact, enabling researchers, preparing for future transformative technologies, and engaging a robust security culture.

About the Role

As a Security Engineer, Application Security you will be responsible for identifying and mitigating security vulnerabilities within software applications through building security tools, code reviews, penetration testing, and security assessments.

We’re looking for people who will work closely with development teams to ensure secure coding practices are integrated throughout the software development lifecycle, preventing security risks before they emerge. You will also provide security guidance to developers and other stakeholders, fostering a culture of security awareness within the organization.

The role is preferred to be based in San Francisco, Seattle or New York City but may consider remote work. We use a hybrid work model of 3 days in the office per week and offer relocation assistance to new employees.

In this role, you will:

• Perform Security Assessments: Conduct regular security assessments, code reviews, and penetration testing to identify vulnerabilities in applications and software.

• Develop and Implement Security Tools: Design, develop, and implement security tools, frameworks, and methodologies to protect applications against security threats.

• Collaborate with Development Teams: Work closely with development teams to ensure security best practices are integrated throughout the software development lifecycle (SDLC), including secure coding guidelines.

• Threat Modeling and Risk Assessment: Conduct threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies.

• Vulnerability Management: Track, analyze, and manage vulnerabilities in applications, providing guidance and support for remediation efforts.

• Incident Response Support: Assist in investigating, analyzing, and responding to security incidents related to applications, ensuring timely resolution and documentation of incidents.

• Stay Current on Security Trends: Continuously stay updated on the latest security threats, vulnerabilities, and technologies to enhance security measures in applications.

You might thrive in this role if you:

• Extensive experience in information security, cybersecurity, or a related field, with a significant portion of that experience in leadership or management roles.

• Deep understanding of security technologies, tools, and best practices, including experience with secure coding practices, threat modeling, risk assessments, and incident response.

• Experience in application security, software development, or related areas with a strong understanding of secure coding practices and application security frameworks.

• Proficiency in programming languages (such as Python, Java, C++, etc.), knowledge of security tools (e.g., Burp Suite, OWASP ZAP), and familiarity with security protocols and encryption methods.

• Strong written and verbal communication skills, with the ability to explain complex security issues to both technical and non-technical audiences

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve this, we are building a team of talented engineers, researchers, and designers who share our vision and values.

XML job scraping automation by YubHub

Security Engineer, Application Security

Location

San Francisco

Employment Type

Full time

Location Type

Hybrid

Department

Security

Compensation

• $260K – $385K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance related bonus for eligible employees and benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick and safe time (1 hour per 30 hours worked)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

More details about our benefits are available to candidates during the hiring process.

This role is at-will and OpenAI reserves the right to modify base pay and other compensation components at any time based on individual performance, team or company results, or market conditions.

About the Team

Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity. The Security team protects OpenAI’s technology, people, and products. We are technical in what we build but are operational in how we do our work, and are committed to supporting all products and research at OpenAI. Our Security team tenets include: prioritizing for impact, enabling researchers, preparing for future transformative technologies, and engaging a robust security culture.

About the Role

As a Security Engineer, Application Security you will be responsible for identifying and mitigating security vulnerabilities within software applications through building security tools, code reviews, penetration testing, and security assessments.

We’re looking for people who will work closely with development teams to ensure secure coding practices are integrated throughout the software development lifecycle, preventing security risks before they emerge. You will also provide security guidance to developers and other stakeholders, fostering a culture of security awareness within the organization.

The role is preferred to be based in San Francisco, Seattle or New York City but may consider remote work. We use a hybrid work model of 3 days in the office per week and offer relocation assistance to new employees.

In this role, you will:

• Perform Security Assessments: Conduct regular security assessments, code reviews, and penetration testing to identify vulnerabilities in applications and software.

• Develop and Implement Security Tools: Design, develop, and implement security tools, frameworks, and methodologies to protect applications against security threats.

• Collaborate with Development Teams: Work closely with development teams to ensure security best practices are integrated throughout the software development lifecycle (SDLC), including secure coding guidelines.

• Threat Modeling and Risk Assessment: Conduct threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies.

• Vulnerability Management: Track, analyze, and manage vulnerabilities in applications, providing guidance and support for remediation efforts.

• Incident Response Support: Assist in investigating, analyzing, and responding to security incidents related to applications, ensuring timely resolution and documentation of incidents.

• Stay Current on Security Trends: Continuously stay updated on the latest security threats, vulnerabilities, and technologies to enhance security measures in applications.

You might thrive in this role if you:

• Extensive experience in information security, cybersecurity, or a related field, with a significant portion of that experience in leadership or management roles.

• Deep understanding of security technologies, tools, and best practices, including experience with secure coding practices, threat modeling, risk assessments, and incident response.

• Experience in application security, software development, or related areas with a strong understanding of secure coding practices and application security frameworks.

• Proficiency in programming languages (such as Python, Java, C++, etc.), knowledge of security tools (e.g., Burp Suite, OWASP ZAP), and familiarity with security protocols and encryption methods.

• Strong written and verbal communication skills, with the ability to explain complex security issues to both technical and non-technical audiences

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve this, we are committed to advancing the state-of-the-art in AI research and development.

XML job scraping automation by YubHub

Location

San Francisco

Employment Type

Full time

Department

Finance

Compensation

• $216K – $240K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

Benefits

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

About the Team

The Internal Controls function sits within the broader Finance Risk Management (FRM) organization and plays a key role in strengthening the integrity, scalability, and reliability of OpenAI’s finance-critical operations.

Our team designs and governs the Internal Controls over Financial Reporting (ICFR) framework that supports accurate, transparent financial results. We focus on business-process controls across areas like Order-to-Cash, Compute, Data, Global Financial Close, Accounting Operations, Real Estate and AI infrastructure-related spend. We work closely with Product, GTM, Corporate Finance, Legal, BizOps, Strategic Finance, Accounting, Finance Platforms and Compliance to ensure processes are well-designed, well-documented, and audit-ready.

FRM, as the broader function, leads OpenAI’s financial risk posture—spanning governance over internal controls, third-party risk, audit readiness, and financial systems oversight. Together, we provide the foundation of trust that enables OpenAI to operate at global scale.

About the Role

We’re seeking a Senior Manager, Financial Risk Management to shape and scale the readiness frameworks and ways of working that underpin OpenAI’s SOX/ICFR program and broader FRM priorities. This is a highly cross-functional role for someone who can translate ambiguity into clear standards, expectations, and decision paths—so workstream owners can move quickly and consistently.

You’ll be a core partner to Finance, Systems, and operational leaders—aligning stakeholders, driving remediation progress, and turning complex, multi-team efforts into crisp leadership updates and decision asks. Success in this role requires strong judgment, clear communication, and the ability to drive outcomes through influence.

This role is based in San Francisco, CA. We use a hybrid work model of 3 days in the office per week and offer relocation assistance to new employees.

In this role, you will:

• Build and scale the ICFR readiness framework (standards, playbooks, governance, and review cadences) that ensures business-process controls stay consistent, auditable, and scalable as OpenAI grows.

• Lead process/controls design for key finance and spend domains for your assigned pillars (e.g. Revenue, Compute, Financial Close, Accounting Operations), translating complex workflows into clear risks, controls, and ownership models.

• Drive risk assessments and control rationalization (what matters most, where to automate, where to simplify), using data and business context to focus effort on highest-impact reporting risks.

• Run targeted assessments for new/changed areas and translate them into clear expectations, owners, and timelines.

• Provide governance and oversight of the Big 4 provider’s execution of RCMs, narratives, and end-to-end process documentation, ensuring that all documentation is accurate, up-to-date, and fully prepared for testing—clearly articulating evidence requirements and system dependencies.

• Oversee issue management and remediation for your process areas, ensuring deficiencies are root-caused, fixed at the system or process level, and sustainably closed.

• Serve as primary liaison for audits and internal stakeholders for your domains—anticipating requests, aligning on PBC expectations, and communicating control health, risks, and progress through clear metrics and reporting.

• Partner with workstream leads and co-sourced teams to ensure outputs are consistent, high-quality, and leadership-ready.

You might thrive in this role if you have:

• Bachelor’s or Master’s degree in Accounting, Finance, Business Administration, or a related field; CPA, CA, CISA or equivalent strongly preferred.

• 10+ years of experience in financial risk management, internal audit, or financial process transformation, preferably in high-growth, technology-enabled or product-driven env

XML job scraping automation by YubHub

Location

Seattle

Employment Type

Full time

Department

Security

Compensation

• $260K – $385K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance related bonus for eligible employees and benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick and safe time (1 hour per 30 hours worked)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

More details about our benefits are available to candidates during the hiring process.

About the Team

Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity. The Security team protects OpenAI’s technology, people, and products. We are technical in what we build but are operational in how we do our work, and are committed to supporting all products and research at OpenAI. Our Security team tenets include: prioritizing for impact, enabling researchers, preparing for future transformative technologies, and engaging a robust security culture.

About the Role

As a Security Engineer, Application Security you will be responsible for identifying and mitigating security vulnerabilities within software applications through building security tools, code reviews, penetration testing, and security assessments.

We’re looking for people who will work closely with development teams to ensure secure coding practices are integrated throughout the software development lifecycle, preventing security risks before they emerge. You will also provide security guidance to developers and other stakeholders, fostering a culture of security awareness within the organization.

The role is preferred to be based in San Francisco, Seattle or New York City but may consider remote work. We use a hybrid work model of 3 days in the office per week and offer relocation assistance to new employees.

In this role, you will:

• Perform Security Assessments: Conduct regular security assessments, code reviews, and penetration testing to identify vulnerabilities in applications and software.

• Develop and Implement Security Tools: Design, develop, and implement security tools, frameworks, and methodologies to protect applications against security threats.

• Collaborate with Development Teams: Work closely with development teams to ensure security best practices are integrated throughout the software development lifecycle (SDLC), including secure coding guidelines.

• Threat Modeling and Risk Assessment: Conduct threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies.

• Vulnerability Management: Track, analyze, and manage vulnerabilities in applications, providing guidance and support for remediation efforts.

• Incident Response Support: Assist in investigating, analyzing, and responding to security incidents related to applications, ensuring timely resolution and documentation of incidents.

• Stay Current on Security Trends: Continuously stay updated on the latest security threats, vulnerabilities, and technologies to enhance security measures in applications.

You might thrive in this role if you:

• Extensive experience in information security, cybersecurity, or a related field, with a significant portion of that experience in leadership or management roles.

• Deep understanding of security technologies, tools, and best practices, including experience with secure coding practices, threat modeling, risk assessments, and incident response.

• Experience in application security, software development, or related areas with a strong understanding of secure coding practices and application security frameworks.

• Proficiency in programming languages (such as Python, Java, C++, etc.), knowledge of security tools (e.g., Burp Suite, OWASP ZAP), and familiarity with security protocols and encryption methods.

• Strong written and verbal communication skills, with the ability to explain complex security issues to both technical and non-technical audiences

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass

XML job scraping automation by YubHub

Type: Full-Time

Location: Bahrain, Sakhir

Qualification and Skills Required:

1. Bachelor’s degree in Occupational Health & Safety, Environmental Science, or a related field.
2. 1–3 years of HSE experience, preferably in technical or industrial settings.
3. Strong knowledge of HSE standards and documentation.

Key Responsibilities includes but not limited to:

1. Support the implementation of HSE policies and procedures.
2. Conduct inspections, audits, and risk assessments.
3. Maintain HSE records and monitor PPE usage.
4. Assist in incident investigations and corrective actions.
5. Deliver safety inductions and awareness sessions.
6. Help organise emergency drills and HSE Committee meetings.
7. Promote environmental compliance and safe work practices.

Benefits:

• Competitive salary and benefits package
• Opportunities for career growth and professional development
• Collaborative and dynamic work environment

Duration:

1 year

XML job scraping automation by YubHub

What you'll do

As a Governance, Risk & Compliance Lead, you will be responsible for implementing and leading frameworks such as SOC2, ISO 27001 and HIPAA. You will also ensure and maintain compliance with GDPR, CCPA, CPRA and other privacy regulations.

• Implement and lead frameworks such as SOC2, ISO 27001 and HIPAA. Ensuring compliance with certification requirements
• Ensure and maintain compliance with GDPR, CCPA, CPRA and other privacy regulations
• Design and build scalable audit management processes and documentation systems that will support future expansion to additional compliance frameworks
• Conduct risk assessments and mitigate data security and compliance risks
• Write, update and enact policies capturing security, privacy, and AI safety requirements
• Follow and help shape the AI regulatory and standards landscape to keep the company at the forefront of industry developments and best practices

What you need

• 6+ years of experience leading engagements in audit and compliance
• Experience leading compliance teams
• Worked in high tech companies in cloud-native environments
• Able to translate complex compliance requirements into clear and actionable work-streams
• Strong commitment to cross-functional collaboration with IT, Security, GTM, and Engineering
• Self-motivated, detailed and organized, with a diligent approach to project completion
• Excellent written, verbal, and interpersonal communication skills

XML job scraping automation by YubHub

What you'll do

From a Health and Safety point of view, my main responsibilities include ensuring compliance with all health and safety regulations, conducting regular risk assessments, and implementing safety protocols to prevent accidents. I also oversee the maintenance of safety equipment, provide training and guidance to staff on safe practices, and review current legislation to make sure we're following the latest regulations.

What you need

For Health and Safety, excellent attention to detail helps in day-to-day work (such as conducting risk assessments etc). Effective communication and interpersonal skills are also needed, especially when it comes to training staff, as well as communicating with engineers, technicians, and drivers when I'm trackside.

XML job scraping automation by YubHub