{"version":"0.1","company":{"name":"YubHub","url":"https://yubhub.co","jobsUrl":"https://yubhub.co/jobs/skill/risk-decisions"},"x-facet":{"type":"skill","slug":"risk-decisions","display":"Risk Decisions","count":2},"x-feed-size-limit":100,"x-feed-sort":"enriched_at desc","x-feed-notice":"This feed contains at most 100 jobs (the most recently enriched). For the full corpus, use the paginated /stats/by-facet endpoint or /search.","x-generator":"yubhub-xml-generator","x-rights":"Free to redistribute with attribution: \"Data by YubHub (https://yubhub.co)\"","x-schema":"Each entry in `jobs` follows https://schema.org/JobPosting. YubHub-native raw fields carry `x-` prefix.","jobs":[{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_6c1cd36d-464"},"title":"Senior Security Operations Engineer, Detection & Response","description":"<p>About Us</p>\n<p>dbt Labs is the pioneer of analytics engineering, helping data teams transform raw data into reliable, actionable insights. As of February 2025, we’ve grown from an open source project into the leading analytics engineering platform, now used by over 90,000 teams every week, driving data transformations and AI use cases.</p>\n<p>We’re backed by top-tier investors including Andreessen Horowitz, Sequoia Capital, and Altimeter. At our core, we believe in empowering data practitioners:</p>\n<ul>\n<li>Reliable, high-quality data is the fuel that propels AI-powered data engineering.</li>\n<li>AI is changing data work, fast. dbt’s data control plane keeps data engineers ahead of that curve.</li>\n<li>We empower engineers to deliver reliable, governed data faster, cheaper, and at scale.</li>\n</ul>\n<p>About the Security Team</p>\n<p>The mission of the Security Engineering team at dbt Labs is to provide clear, opinionated security guidance and scalable, secure-by-default offerings to engineers for the purpose of securing software development and enabling pragmatic risk decisions at dbt.</p>\n<p><strong>Responsibilities</strong></p>\n<p>As a Senior Security Operations Engineer on the Detection &amp; Response team, you will strengthen and maintain the company&#39;s security posture throughout the threat detection lifecycle from telemetry collection and continuous monitoring through threat detection, incident response, and security event management. You will serve as a subject matter expert for security operations across the dbt Labs&#39; teams and technology infrastructure, including multi-cloud production environments, identity, endpoints, and SaaS technologies.</p>\n<p><strong>Key Responsibilities</strong></p>\n<ul>\n<li>Participate in a 24/7 on-call rotation providing coverage for active security incidents, investigations, and security events across our global infrastructure.</li>\n<li>Lead investigation and remediation of security incidents, coordinating cross-functional response efforts to minimize impact and recovery time.</li>\n<li>Play a major role in bootstrapping an end to end D&amp;R alert and investigation pipeline.</li>\n<li>Triage and investigate security alerts from detection tools including Wiz Defend, Crowdstrike, and cloud security platforms to identify genuine threats and reduce false positives.</li>\n<li>Develop and maintain detection rules, runbooks, and response procedures mapped to the company&#39;s threat model.</li>\n<li>Automate alert triage workflows and improve mean time to detection and response through tooling and process enhancements, including leveraging AI enrichment and processing.</li>\n<li>Collaborate with Infrastructure and Application Security teams to implement secure-by-design principles and remediate identified security issues.</li>\n<li>Conduct security event analysis to identify policy violations, misconfigurations, and potential attack vectors before they become incidents.</li>\n<li>Partner with our Enterprise Security &amp; Technology team to enhance endpoint security controls and monitoring across endpoints (MacOS laptops &amp; some Windows and Linux-based development environments).</li>\n<li>Design and facilitate tabletop exercises and game days to test detection, response, recovery, and remediation capabilities.</li>\n<li>Contribute to the maturation of the security incident response program through documentation, training, and process improvements.</li>\n<li>Mentor junior security engineers and cross-functional team members on incident handling best practices.</li>\n</ul>\n<p><strong>Requirements</strong></p>\n<ul>\n<li>Demonstrated ability to excel in high-pressure situations; we need someone who can make sound decisions during active security incidents and can calmly serve as incident commander with confidence.</li>\n</ul>\n<p><strong>Qualifications</strong></p>\n<ul>\n<li>Have 8+ years of professional experience in security-related domains, including at least 4 years in security operations, incident response, threat hunting, or threat detection roles.</li>\n<li>Have demonstrable experience leading security incident investigations and coordinating cross-team response efforts.</li>\n</ul>\n<p><strong>What We Offer</strong></p>\n<ul>\n<li>Competitive compensation packages commensurate with experience, including salary, equity, and where applicable, performance-based pay.</li>\n<li>Opportunity to work with a leading analytics engineering platform and contribute to the growth and success of the company.</li>\n<li>Collaborative and dynamic work environment with a team of experienced professionals.</li>\n<li>Opportunities for professional growth and development.</li>\n</ul>\n<p><strong>How to Apply</strong></p>\n<p>If you are a motivated and experienced security professional looking for a new challenge, please submit your resume and cover letter to [insert contact information]. We look forward to hearing from you!</p>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_6c1cd36d-464","directApply":true,"hiringOrganization":{"@type":"Organization","name":"dbt Labs","sameAs":"https://www.getdbt.com/","logo":"https://logos.yubhub.co/getdbt.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/dbtlabsinc/jobs/4674498005","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Security Operations","Incident Response","Threat Hunting","Threat Detection","Cloud Security","Endpoint Security","Security Event Analysis","Security Incident Response","Tabletop Exercises","Game Days","Documentation","Training","Process Improvements","Mentoring","Security Engineering","Data Control Plane","Analytics Engineering","AI-Powered Data Engineering","Reliable High-Quality Data","Secure-By-Default Offerings","Pragmatic Risk Decisions","Multi-Cloud Production Environments","Identity","Endpoints","SaaS Technologies","Wiz Defend","Crowdstrike","Cloud Security Platforms","Detection Rules","Runbooks","Response Procedures","Mean Time to Detection","Mean Time to Response","AI Enrichment","AI Processing","Secure-By-Design Principles","Infrastructure Security","Application Security","Endpoint Security Controls","Monitoring"],"x-skills-preferred":[],"datePosted":"2026-04-18T15:52:43.496Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"US - Remote"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Security Operations, Incident Response, Threat Hunting, Threat Detection, Cloud Security, Endpoint Security, Security Event Analysis, Security Incident Response, Tabletop Exercises, Game Days, Documentation, Training, Process Improvements, Mentoring, Security Engineering, Data Control Plane, Analytics Engineering, AI-Powered Data Engineering, Reliable High-Quality Data, Secure-By-Default Offerings, Pragmatic Risk Decisions, Multi-Cloud Production Environments, Identity, Endpoints, SaaS Technologies, Wiz Defend, Crowdstrike, Cloud Security Platforms, Detection Rules, Runbooks, Response Procedures, Mean Time to Detection, Mean Time to Response, AI Enrichment, AI Processing, Secure-By-Design Principles, Infrastructure Security, Application Security, Endpoint Security Controls, Monitoring"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_7bc5c768-a5b"},"title":"Third Party Risk Senior Manager, APAC","description":"<p><strong>Third Party Risk Senior Manager, APAC</strong></p>\n<p>OpenAI is building a world-class supplier risk and third-party risk program to support our global growth across hardware, infrastructure, and critical partner ecosystems. We’re hiring a Senior Manager Third Party Risk in Singapore to lead Third-Party Risk Management (TPRM) execution across Asia, with a strong focus on electronics/device manufacturing supply chains and supplier compliance.</p>\n<p><strong>What you’ll do</strong></p>\n<ul>\n<li>Lead supplier and third-party risk due diligence across Asia (contract manufacturers, component suppliers, logistics partners, key service providers).</li>\n<li>Build and run an onsite supplier audit program, including corrective action plans (CAPA) and remediation verification.</li>\n<li>Drive supplier compliance initiatives aligned to leading industry standards (e.g., Responsible Business Alliance / RBA expectations), including labor, ethics, and management systems.</li>\n<li>Partner closely with Procurement, Legal/Compliance, Security, Privacy, and business teams to embed risk controls into supplier onboarding, contracting, and ongoing monitoring.</li>\n<li>Build and own regional reporting: supplier tier coverage, audit pipeline, open risks, remediation status, and trend insights for leadership.</li>\n<li>Support incident response for supplier-related issues (e.g., compliance findings, operational disruptions), ensuring fast and effective resolution.</li>\n</ul>\n<p><strong>What we’re looking for</strong></p>\n<ul>\n<li>6+ years of experience in supplier risk, third-party risk management, supply chain risk, supplier compliance/auditing, or related fields.</li>\n<li>Strong experience in complex electronics or device manufacturing ecosystems (contract manufacturing, component ecosystems, multi-tier supply chains).</li>\n<li>Demonstrated ability to run onsite audits and drive remediation outcomes (not just policy).</li>\n<li>Proven ability to influence cross-functional stakeholders and make risk decisions in fast-paced environments.</li>\n<li>Strong written and verbal communication—able to translate complex risk into clear decision narratives.</li>\n</ul>\n<p><strong>Nice to have</strong></p>\n<ul>\n<li>Experience with export controls/sanctions, forced labor risk programs, and supplier ownership/beneficial ownership diligence.</li>\n<li>Experience implementing GRC/TPRM tooling (e.g., OneTrust, Archer, ServiceNow GRC) and automating workflows.</li>\n<li>Familiarity with RBA programs and/or validated assessment approaches.</li>\n<li>Regional language skills (e.g., Mandarin) helpful but not required.</li>\n</ul>\n<p><strong>Location &amp; travel</strong></p>\n<p>This role is based in Singapore and will involve periodic travel within Asia to supplier sites.</p>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_7bc5c768-a5b","directApply":true,"hiringOrganization":{"@type":"Organization","name":"OpenAI","sameAs":"https://jobs.ashbyhq.com","logo":"https://logos.yubhub.co/openai.com.png"},"x-apply-url":"https://jobs.ashbyhq.com/openai/8908ef4d-2be3-409e-a058-e4e12987941c","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["supplier risk","third-party risk management","supply chain risk","supplier compliance/auditing","complex electronics or device manufacturing ecosystems","onsite audits","remediation outcomes","cross-functional stakeholders","risk decisions","written and verbal communication"],"x-skills-preferred":["export controls/sanctions","forced labor risk programs","supplier ownership/beneficial ownership diligence","GRC/TPRM tooling","RBA programs","validated assessment approaches","regional language skills"],"datePosted":"2026-03-06T18:29:18.758Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Singapore"}},"employmentType":"FULL_TIME","occupationalCategory":"Finance","industry":"Technology","skills":"supplier risk, third-party risk management, supply chain risk, supplier compliance/auditing, complex electronics or device manufacturing ecosystems, onsite audits, remediation outcomes, cross-functional stakeholders, risk decisions, written and verbal communication, export controls/sanctions, forced labor risk programs, supplier ownership/beneficial ownership diligence, GRC/TPRM tooling, RBA programs, validated assessment approaches, regional language skills"}]}