The team fosters a collaborative environment and is building a best-in-class program to partner with the business to protect the Firm’s information and computer systems. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority.

Responsibilities

• Define and implement security guardrails for Generative AI, LLMs, and Agentic frameworks, ensuring safe enterprise adoption.
• Conduct specialized threat modeling, red teaming, and risk assessments for AI/ML models (e.g., testing for prompt injection, model theft, and data poisoning).
• Lead risk management activities, including application risk assessments, design reviews, and mitigation strategies for IT projects.
• Engage throughout the SDLC to identify vulnerabilities, conduct code reviews/penetration testing, and enforce secure coding standards.
• Evangelize AppSec and AI security best practices through developer education, training materials, and outreach.
• Design robust security architectures and integrate automated security testing (SAST/DAST/SCA) into CI/CD pipelines.
• Partner with Technology, Trading, Legal, and Compliance to create policies and communicate technical risks to non-technical stakeholders.

Qualifications

• Bachelor's degree or higher in Computer Science, Computer Engineering, IT Security or related field.
• 5+ years’ experience working as an Application Security Engineer, Software Engineer, or similar role.
• Deep understanding of AI-specific risks (OWASP Top 10 for LLMs) and experience securing applications utilizing LLMs.
• Experience working with AI models, Agentic frameworks and security risks associated with AI.
• Experience in working with global teams, collaborating on code and presentations.
• Demonstrated work experience in hybrid on-premise and Public Cloud environments (AWS/GCP/Azure)
• Strong understanding of security architectures, secure configuration principles/coding practices, cryptography fundamentals and encryption protocols.
• Experience with common SCM & CI/CD technologies like GitHub, Jenkins, Artifactory, etc. and integrating Security Scanning and Vulnerability Management into the CI/CD Pipelines
• Familiarity with static and dynamic security analysis tools, and SCA/SBOM solutions.
• Hands on experience with Secrets Management & Password Vault technologies such as Delinea Secret Server and/or Hashicorp Vault, etc.
• Strong experience in secure programming in languages such as Python, Java, C++, C#, or similar.
• Familiarity with Infrastructure as Code tools (CloudFormation, Terraform, Ansible, etc.)
• Familiarity with web application security testing tools and methodologies.
• Knowledge of various security frameworks and standards such as ISO 27001, NIST, OWASP, etc.
• Knowledge of Linux, OS internals and containers is a plus.
• Certifications like CISSP, CISM, CompTIA Security+, or CEH are advantageous.

XML job scraping automation by YubHub

The successful candidate will have a proven understanding in enterprise security and AI security and will focus on defining and implementing security guardrails for Generative AI, LLMs, and Agentic frameworks, ensuring safe enterprise adoption.

Key responsibilities include:

• Defining and implementing security guardrails for Generative AI, LLMs, and Agentic frameworks
• Conducting specialized threat modeling, red teaming, and risk assessments for AI/ML models
• Leading risk management activities, including application risk assessments, design reviews, and mitigation strategies for IT projects
• Engaging throughout the SDLC to identify vulnerabilities, conduct code reviews/penetration testing, and enforce secure coding standards
• Evangelizing AppSec and AI security best practices through developer education, training materials, and outreach

Qualifications include:

• Bachelor's degree or higher in Computer Science, Computer Engineering, IT Security or related field
• 5+ years' experience working as an Application Security Engineer, Software Engineer, or similar role
• Deep understanding of AI-specific risks (OWASP Top 10 for LLMs) and experience securing applications utilizing LLMs
• Experience working with AI models, Agentic frameworks and security risks associated with AI
• Experience in working with global teams, collaborating on code and presentations

Preferred qualifications include:

• Demonstrated work experience in hybrid on-premise and Public Cloud environments (AWS/GCP/Azure)
• Strong understanding of security architectures, secure configuration principles/coding practices, cryptography fundamentals and encryption protocols
• Experience with common SCM & CI/CD technologies like GitHub, Jenkins, Artifactory, etc. and integrating Security Scanning and Vulnerability Management into the CI/CD Pipelines
• Familiarity with static and dynamic security analysis tools, and SCA/SBOM solutions
• Hands on experience with Secrets Management & Password Vault technologies such as Delinea Secret Server and/or Hashicorp Vault, etc.
• Strong experience in secure programming in languages such as Python, Java, C++, C#, or similar
• Familiarity with Infrastructure as Code tools (CloudFormation, Terraform, Ansible, etc.)
• Familiarity with web application security testing tools and methodologies
• Knowledge of various security frameworks and standards such as ISO 27001, NIST, OWASP, etc.
• Knowledge of Linux, OS internals and containers is a plus
• Certifications like CISSP, CISM, CompTIA Security+, or CEH are advantageous

We offer a competitive salary and benefits package, as well as opportunities for professional growth and development.

XML job scraping automation by YubHub

Day-to-day, you’ll work on scaling infrastructure, improving deployment pipelines, and hardening our security posture. You’ll play a key role in evolving our DevSecOps practices while partnering closely with engineering teams to ensure services are built for reliability from day one.

We operate with production-grade discipline, supporting mission-critical services with stringent uptime requirements and a focus on automation, observability, and resilience.

The Platform & Infrastructure Engineering team in the Data Infrastructure organization is responsible for the reliability, scalability, and security of the company’s data platform. The team builds and operates the foundational systems that power data ingestion, transformation, analytics, and internal AI workloads at scale.

About the role:

• 5+ years of experience in Site Reliability Engineering, Platform Engineering, or Infrastructure Engineering roles
• Deep expertise in Kubernetes and containerized software services, including cluster design, operations, and troubleshooting in production environments
• Strong experience building and operating CI/CD systems, including tools such as Argo CD and GitHub Actions
• Proven experience owning production systems with high availability requirements (≥99.99% uptime), including incident response, SLI/SLO/SLA definition, error budgets, and postmortems
• Hands-on experience designing and operating geo-replicated, multi-region, active-active systems, including traffic routing, failover strategies, and data consistency tradeoffs
• Strong experience building and owning observability components, including metrics, logging, and tracing (e.g., Prometheus, Grafana, OpenTelemetry).
• Experience with infrastructure as code (e.g., Helm, Terraform, Pulumi) and automated environment provisioning
• Strong understanding of system performance tuning, capacity planning, and resource optimization in distributed systems
• Experience implementing and operating security best practices in cloud-native environments (e.g., secrets management, network policies, vulnerability scanning)

Preferred:

• Experience operating data platforms or data-intensive workloads (e.g., Spark, Airflow, Kafka, Flink)
• Familiarity with service mesh technologies (e.g., Istio, Linkerd)
• Experience working in regulated environments with compliance frameworks such as GDPR, SOC 2, HIPAA, or SOX
• Background in building internal developer platforms or self-service infrastructure

Wondering if you’re a good fit?

We believe in investing in our people, and value candidates who can bring their own diversified experiences to our teams – even if you aren’t a 100% skill or experience match.

Here are a few qualities we’ve found compatible with our team. If some of this describes you, we’d love to talk.

• You love building highly reliable systems that operate at scale
• You’re curious about how to continuously improve system resilience, security, and operations
• You’re an expert in diagnosing and solving complex distributed systems problems

Why CoreWeave?

At CoreWeave, we work hard, have fun, and move fast! We’re in an exciting stage of hyper-growth that you will not want to miss out on. We’re not afraid of a little chaos, and we’re constantly learning.

Our team cares deeply about how we build our product and how we work together, which is represented through our core values:

• Be Curious at Your Core
• Act Like an Owner
• Empower Employees
• Deliver Best-in-Class Client Experiences
• Achieve More Together

We support and encourage an entrepreneurial outlook and independent thinking. We foster an environment that encourages collaboration and provides the opportunity to develop innovative solutions to complex problems.

As we get set for take off, the growth opportunities within the organization are constantly expanding. You will be surrounded by some of the best talent in the industry, who will want to learn from you, too.

Come join us!

The base salary range for this role is $165,000 to $242,000. The starting salary will be determined based on job-related knowledge, skills, experience, and market location. We strive for both market alignment and internal equity when determining compensation.

In addition to base salary, our total rewards package includes a discretionary bonus, equity awards, and a comprehensive benefits program (all based on eligibility).

What We Offer

The range we’ve posted represents the typical compensation range for this role. To determine actual compensation, we review the market rate for each candidate which can include a variety of factors. These include qualifications, experience, interview performance, and location.

In addition to a competitive salary, we offer a variety of benefits to support your needs, including:

• Medical, dental, and vision insurance
• 100% paid for by CoreWeave
• Company-paid Life Insurance
• Voluntary supplemental life insurance
• Short and long-term disability insurance
• Flexible Spending Account
• Health Savings Account
• Tuition Reimbursement
• Ability to Participate in Employee Stock Purchase Program (ESPP)
• Mental Wellness Benefits through Spring Health
• Family-Forming support provided by Carrot
• Paid Parental Leave
• Flexible, full-service childcare support with Kinside
• 401(k) with a generous employer match
• Flexible PTO
• Catered lunch each day in our office and data center locations
• A casual work environment
• A work culture focused on innovative disruption

Our Workplace

While we prioritize a hybrid work environment, remote work may be considered for candidates located more than 30 miles from an office, based on role requirements for specialized skill sets.

New hires will be invited to attend onboarding at one of our hubs within their first month.

Teams also gather quarterly to support collaboration.

California Consumer Privacy Act - California applicants only

CoreWeave is an equal opportunity employer, committed to fostering an inclusive and supportive workplace.

All qualified applicants and candidates will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.

As part of this commitment and consistent with the Americans with Disabilities Act (ADA), CoreWeave will ensure that qualified applicants and candidates with disabilities are provided reasonable accommodations for the hiring process, unless such accommodation would cause an undue hardship.

If reasonable accommodation is needed, please contact: careers@coreweave.com.

Export Control Compliance

This position requires access to export controlled information.

To conform to U.S. Government export regulations applicable to that information, applicant must either be (A) a U.S. person, defined as a (i) U.S. citizen or national, (ii) U.S. lawful permanent resident (green card holder), (iii) refugee under 8 U.S.C. § 1157, or (iv) asylee under 8 U.S.C. § 1158, (B) eligible to access the export controlled information without restrictions, or (C) otherwise exempt from the export regulations.

If you are not a U.S. person, you will be required to provide documentation of your eligibility to access the export controlled information before being considered for this position.

Please note that CoreWeave is subject to the requirements of the U.S. Department of Commerce's Export Administration Regulations (EAR) and the U.S. Department of State's International Traffic in Arms Regulations (ITAR).

By applying for this position, you acknowledge that you have read and understood the export control requirements and that you will comply with them.

If you have any questions or concerns regarding the export control requirements, please contact: careers@coreweave.com.

XML job scraping automation by YubHub

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole.

The Security Engineering team protects Anthropic's AI systems and maintains the trust of our users and society. We define the authentication architecture for our training infrastructure, design the cryptographic foundations that protect model weights and training data, and drive the developer security program that shapes how engineers build and ship software.

Responsibilities:

• Build and maintain identity and secrets management systems, including credential issuance, rotation, and workload authentication across our multi-cloud environments
• Contribute to cluster security controls including RBAC policies, namespace isolation, workload identity, and pod security
• Implement and maintain cloud security controls including IAM, network segmentation, VPC architecture, and encryption across our multi-cloud and on-prem environments
• Design and implement secure development frameworks and libraries that make secure coding the path of least resistance for our engineering teams, including service to service authentication, serialization libraries, and tool proxies.
• Harden CI/CD pipelines against supply chain attacks through isolated build environments, signed attestations, dependency verification, and automated policy enforcement
• Identify and remediate security gaps through code review, threat modeling, and hands-on debugging
• Contribute to continuous cloud security posture management using infrastructure-as-code scanning, misconfiguration detection, and automated remediation

Requirements:

• At least 5 years of software engineering experience implementing and maintaining security-relevant systems in production
• Bachelor's degree in Computer Science or equivalent industry experience
• Strong programming skills in Python or at least one systems language such as Go or Rust
• Experience contributing to cloud security controls
• A track record of taking ownership of problems end to end, from identifying the issue to shipping and monitoring the fix
• Clear communication skills and the ability to work collaboratively across engineering teams
• Low ego and high empathy, with a genuine interest in helping teammates succeed
• Passion for AI safety and the role security engineering plays in building trustworthy AI systems

Preferred Qualifications:

• Contributions to developer security tooling including SAST, dependency scanning, or secure build infrastructure
• Familiarity with Kubernetes security primitives including RBAC, namespaces, network policies, and admission controllers
• Experience with cloud security posture management tooling, infrastructure-as-code security scanning, or automated remediation
• Experience with network security and isolation techniques including east-west controls, traffic inspection, and cloud network policy
• Experience with eBPF for security monitoring and enforcement, or developing kernel security policies
• Experience building secrets management or workload authentication systems, including familiarity with protocols such as OAuth 2.0, OIDC, SAML, or SPIFFE/SPIRE
• Background building or operating security systems in environments that support research workflows and rapid iteration

Benefits:

• Competitive compensation and benefits
• Optional equity donation matching
• Generous vacation and parental leave
• Flexible working hours
• Lovely office space in which to collaborate with colleagues

How to Apply:

If you're interested in this role, please submit your application through our website. We look forward to hearing from you!

Note: Anthropic is an equal opportunity employer and welcomes applications from diverse candidates.

XML job scraping automation by YubHub

You will work closely with engineering teams to integrate security into the software development lifecycle, build secure-by-default patterns, and ensure that products are resilient against modern threats.

This role combines hands-on technical work, security engineering, and collaboration with developers to guide secure design and remediation.

You will help implement security controls, perform assessments, and contribute to the continuous improvement of our security program.

Key responsibilities include:

• Integrating application security best practices into the development lifecycle by partnering with engineering teams and enabling automated security checks within CI/CD pipelines.

• Supporting and maintaining Application Security based tooling,including SAST, DAST, SCA, and secrets scanning,and helping developers interpret and remediate findings.

• Conducting secure code reviews, threat modeling sessions, and application architecture assessments to identify risks and propose mitigation strategies.

• Developing and maintaining security automation, guardrails, and reusable components.

• Assisting in defining and improving secure coding standards and application hardening practices.

• Supporting monitoring and detection efforts by helping improve application-level logging, telemetry, and alerting.

• Assisting in incident response activities related to application vulnerabilities, including verification, triage, and remediation support.

• Staying current on emerging threats, vulnerabilities, and best practices in application and product security.

• Contributing to documentation including security requirements, guidelines, and remediation playbooks.

• Participating in internal security reviews, compliance-driven assessments, and architectural walkthroughs.

• Developing and helping maintain existing application security tools, pipelines, and workflows.

• Collaborating with engineering and product teams to ensure secure deployment and continuous improvement of applications.

Requirements include:

• A bachelor’s degree in Computer Science, Engineering, MIS, or equivalent practical experience.

• 2–5 years of experience in application security, product security, software engineering with a security focus, or a related technical role.

• Strong understanding of application vulnerabilities and mitigation strategies (OWASP Top 10, CWE).

• Experience with CI/CD tooling, Git-based workflows, and modern development practices.

• Familiarity with cloud security concepts and hands-on experience with at least one cloud platform (AWS, Azure, or GCP).

• Experience with one or more programming languages such as Python, Go, Java, JavaScript/Typescript, or Ruby. (Java and Python preferred.)

• Experience with application security tools such as OWASP ZAP, Burp Suite, SAST/DAST tools, SCA, or dependency scanning.

• Knowledge of secure coding principles, API security, authentication, authorization, and secrets management.

• Strong problem-solving skills and the ability to communicate technical issues clearly to developers and cross-functional stakeholders.

• Understanding of agile development processes and working within engineering teams.

• Ability to Travel: This role will require 25% in-person travel for purposes including but not limited to new hire onboarding, team and department offsites, customer engagements, and other company events.

This role is based in our Boston office and follows a hybrid model, with an expectation of being onsite 1-2 days per week.

XML job scraping automation by YubHub

We are looking for builders and owners who operate with speed and urgency and execute with excellence. This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.

The Team

The Okta Privileged Access Management (PAM) team is building the future of identity for machines, services, and applications. We are seeking a world-class Staff Engineer to help us architect and build the high-performance core of our non-human identity platform.

Your work, in close collaboration with our principal engineers and architects, will be the foundation of our strategy for managing privileged access in the modern enterprise. If you are a systems programmer who thrives on influencing the design of high-performance, concurrent, and resilient security software, this is the role for you.

What you’ll be doing

• Contribute to Core Architecture:
• Partner with principal engineers and architects to design and implement a low-latency, high-throughput secrets engine for non-human identities
• Solve for Massive Scale:
• Write highly concurrent, performance-critical code capable of handling millions of machine-to-machine authentication and authorization requests
• Shape Technical Strategy:
• Play a key role in defining the long-term technical roadmap for scalability and performance, ensuring our platform can meet the demands of the largest enterprises
• Mentor and Elevate:
• As a senior engineer on the team, you will work with junior engineers to help them advance their SDLC expertise.
• On-Call:
• Participate in the rotational on-call activities with SRE and product development team

What you’ll bring to the role

• Required Experience:
• 8+ years of professional software engineering experience, with a heavy focus on backend or systems-level development
• Bachelor’s or Master’s degree in Computer Science, or equivalent practical experience
• Core Technical Expertise:
• Deep, hands-on expertise in multi-platform Go development and building high-performance, concurrent applications
• Experience designing or operating distributed systems
• Experience with secure systems (authn/authz, encryption, TLS, token handling, PKI, CAs, diagnosing TLS issues)
• Deep expertise in distributed storage systems, with a focus on replication, backup, and restore, and data management. (Postgres, etc.)
• Direct experience designing, building, or contributing to a secrets management, service mesh, or machine identity platform
• Expert-level at ergonomic API design (gRPC/openAPI), and building for reliability at scale
• Deep knowledge of cloud-native infrastructure
• Key Attributes:
• You are driven by the challenge of optimizing systems for performance, latency, and throughput, with a proven ability to diagnose complex, multi-system issues
• You have a proven track record of making significant contributions to the architecture of complex, mission-critical systems
• You thrive in an environment where you can focus on deep technical problems
• Bonus Points:
• Experience at a leading Cybersecurity or Infrastructure-as-Code company
• Contributions to open-source projects in the identity, security, or infrastructure space

And extra credit if you have experience in any of the following!

• Deep expertise in backend systems engineering
• Experience building and scaling beyond standard three-tier monolithic architectures, with a focus on modern distributed systems
• Have worked on projects with complex, established systems
• Possess significant, hands-on experience in a Linux/Unix environment

XML job scraping automation by YubHub

You'll work at the intersection of backend engineering and infrastructure, shaping architecture in Ruby on Rails and Go, guiding decisions around role-based access control (RBAC), GraphQL APIs, and Kubernetes deployment configuration.

In your first year, you'll help move Secrets Manager toward general availability, establish technical patterns the team can build on, and represent the team's point of view in cross-functional discussions.

You'll have end-to-end ownership, from design through production operations, with room to identify what should be built next and improve how the team delivers secure, reliable features.

Responsibilities

• Build and maintain secure, readable backend code primarily in Ruby on Rails, with some development in Go for targeted components.

• Design backend architecture for complex security features, including secrets access control, pipeline security enforcement, and OpenBao integration.

• Lead the development of role-based access control models, GraphQL APIs, and supporting application patterns for features owned by the team.

• Own features end to end, from technical design and implementation through deployment, validation, and production support.

• Collaborate with Product, security partners, and other engineering teams to document tradeoffs, align on direction, and deliver iteratively in a distributed environment.

• Improve code quality, maintainability, security, and performance through code review, design iteration, and internal standards for a high-scale web environment.

• Build and maintain Helm charts, including configuration, tuning, documentation, and automated testing for Kubernetes-based deployments.

• Validate features in Kubernetes environments, including GitLab Cloud Native and Cloud Native Hybrid deployments, using GitLab testing and performance testing frameworks.

Requirements

• Experience building and maintaining backend features with a focus on secure design, data handling, and production reliability.

• Ability to write production-quality code in Ruby on Rails, including use of framework security patterns and review for common application risks.

• Working knowledge of CI/CD concepts and the ways pipelines can be misconfigured, abused, or expose sensitive data.

• Familiarity with secrets management approaches and security practices for handling credentials in CI environments; experience with tools such as HashiCorp Vault or similar systems is helpful.

• Comfort collaborating across Product and engineering teams in an asynchronous, distributed environment and communicating technical tradeoffs clearly in writing.

• Ability to review merge requests with a security-first mindset and improve solutions through feedback and iteration.

• Experience debugging production issues, including investigation of security-related behavior and proposing practical fixes.

• Openness to learning adjacent domains and tools, including Go, container security, and software supply chain security; we welcome transferable experience from different technical backgrounds.

About the Team

The Pipeline Security team builds features that make GitLab CI pipelines more secure and trustworthy for teams running sensitive workloads. We own key parts of pipeline security within GitLab's CI/CD experience, with our current focus on native secrets management for CI pipelines and Supply-chain Levels for Software Artifacts (SLSA) Level 3 capabilities to strengthen software supply chain security.

XML job scraping automation by YubHub

Your work will shape GitLab's enterprise security posture in the rapidly growing software supply chain security market. You'll focus on SLSA Level 3 compliance, secrets management, CI/CD security hardening, and the foundations of GitLab's global zero trust architecture.

Some examples of our projects:

• SLSA Level 3 compliance and provenance attestation across GitLab's CI/CD platform
• Integrated secrets management and runner security for container-isolated, secure pipelines

You'll lead the end-to-end software supply chain security architecture for GitLab's CI/CD platform, including SLSA Level 3 implementation and CI infrastructure hardening. You'll drive cross-team technical strategy and decisions across our Software Supply Chain Security (SSCS) stage teams, aligning engineering work to SSCS strategic plans.

You'll collaborate with infrastructure and CI/CD teams to design and land long-term initiatives for secure, scalable runner architecture, container isolation, and pipeline security at scale. You'll propose and validate technical implementations that support architectural changes to improve CI/CD scaling and performance on critical paths.

You'll teach, mentor, and coach Staff Engineers and individual contributors, raising the bar on supply chain threat modeling, secrets management, artifact signing, and SBOM lifecycle practices.

You'll partner with Engineering Managers and senior leadership to define roadmaps, break down complex initiatives, and enable Staff Engineers to lead sub-department-wide efforts.

You'll engage with customers and external stakeholders as a technical consultant and spokesperson for GitLab's software supply chain security capabilities and roadmap.

You'll collaborate with product, security, and compliance stakeholders to ensure features meet enterprise security, governance, and regulatory expectations in the software supply chain security market.

Key responsibilities include:

• Providing architectural leadership across multiple engineering teams
• Shaping GitLab's enterprise security posture in the rapidly growing software supply chain security market
• Focusing on SLSA Level 3 compliance, secrets management, CI/CD security hardening, and the foundations of GitLab's global zero trust architecture

Key requirements include:

• Deep expertise in software supply chain security, including threat modeling for supply chain attack vectors, SLSA implementation and attestation systems, and SBOM generation and lifecycle management
• Strong knowledge of artifact signing and verification using the Sigstore ecosystem, including Cosign, Fulcio, Rekor, and in-toto attestations
• Experience designing and hardening CI/CD security, such as runner isolation, pipeline security controls, and secrets management in large-scale environments

Preferred qualifications include:

• Background in distributed systems and infrastructure, including building resilient CI/CD platforms that process high pipeline volumes and optimizing performance for critical paths
• Practical experience with container security and Kubernetes security, including admission controllers, policy controllers, workload isolation, and registry hardening
• Proficiency in Go or Rust in a production environment, combined with expert-level understanding of CI/CD workflows and DevSecOps best practices
• Experience operating as a Principal or Staff Engineer across multiple development teams, providing architectural leadership and partnering with Engineering Managers and senior leaders
• Demonstrated capacity to clearly communicate complex problems and solutions

Our Software Supply Chain Security stage engineering teams are responsible for authentication and access within GitLab. We also build features that help customers manage vulnerabilities, dependencies, security policies, and compliance frameworks across their organizations.

The base salary range for this role's listed level is currently for residents of the United States only. This range is intended to reflect the role's base salary rate in locations throughout the US. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, alignment with market data, and geographic location. The base salary range does not include any bonuses, equity, or benefits.

XML job scraping automation by YubHub

Fridtjof Nansen crossed the Arctic, going places no human had ever been. Together with our users, we're doing the same onchain , and someone needs to make sure we don't get killed on the way there.

We're building the single best platform for onchain investing , agentic trading, staking infrastructure, AI-powered analytics , and we're scaling fast. Fast enough that security can't be an afterthought bolted on later. It has to be built in, from the start, by someone who knows what they're doing.

Our mission:

Surface the signal and create winners.

What you'll do at Nansen

You'll be the person who makes sure we can move fast without breaking things that matter. That means embedding security into everything we build , cloud infrastructure, applications, CI/CD pipelines, AI systems, staking operations , across a generalist role that spans the full surface area.

• Run security assessments across systems, architectures, and code , find the vulnerabilities before someone else does
• Advise engineering teams on secure design decisions. You're a partner, not a blocker
• Deploy and maintain security infrastructure: SIEM, vulnerability scanning, endpoint protection, logging , the things that let us sleep at night
• Secure our CI/CD pipelines and deployment workflows end-to-end
• Own secrets management, key management, and access controls. No shortcuts
• Address LLM security head-on: API key management, prompt injection prevention, and the risks that come with shipping AI-powered products at speed
• Coordinate penetration tests and security audits with external vendors
• Create and maintain secure coding guidelines and code review processes that engineers actually follow
• Represent the Security Team in the incident response process
• Drive compliance readiness , SOC 2, ISO 27001 , pragmatically, not bureaucratically

What we're looking for

• You've built and hardened production security at scale , you know the difference between a policy document and an actually secure system
• Strong cloud security knowledge (AWS, GCP or equivalent). Container security and network security fundamentals
• Hands-on experience implementing security tooling, not just evaluating it
• Secrets and key management expertise , you've managed this at a company where it actually mattered
• You understand the security implications of AI/LLM and agent-based systems. This is new territory and we need someone thinking about it seriously
• CI/CD pipeline security is second nature
• Pragmatic about compliance , you can get us to SOC 2 without drowning the engineering team in process
• You don't just use AI as a tool. You think with it. AI-first isn't a checkbox , it's how you work
• Strong async communication skills , we're remote-first, Slack-and-docs-heavy, and EMEA hours are preferred for team overlap
• Bonus: blockchain, smart contract, or staking infrastructure security experience. Kubernetes and Terraform security. Incident response or security operations background

What we offer our crew

• Competitive salary. Meaningful equity. Real ownership in what you build
• Fully remote with two no-meeting days a week , because deep work doesn't happen in a Google Meet
• Annual company retreat and team off-sites in one of our offices: Singapore, Bangkok, London, and Oslo , flights and accommodation covered
• Unlimited AI tokens , Claude, OpenAI, whatever helps you move fast
• Your own OpenClaw for work
• Nansen Pro account: giving you full access to the most detailed onchain data in the market
• A team that started as data engineers and data scientists that has grown to over 80 builders. Your craft is respected here.
• Speed, ownership, curiosity, courage. These aren't values on a wall , they're how we run.
• A front-row seat (and a hand in building) the next chapter of finance

XML job scraping automation by YubHub

This role is highly hands-on and systems-oriented, sitting at the intersection of security, infrastructure, and distributed systems.

Your primary responsibilities will be to:

• Build and harden infrastructure security by designing and implementing security controls across cloud infrastructure, Kubernetes and containerized workloads, networking, service meshes, and edge systems, CI/CD pipelines and deployment systems, and secure compute environments for GPU workloads and model execution.
• Implement identity, secrets, and access controls, including machine identity and workload authentication, secrets management and encryption, least-privilege access, and short-lived credentials.
• Protect model weights, inference endpoints, and customer data, design secure data access pathways and isolation mechanisms, and ensure safe multi-tenant execution environments.
• Automate security guardrails directly into infrastructure and CI/CD, use Infrastructure-as-Code to enforce secure defaults, and continuously identify and remediate security gaps through automation.
• Identify and mitigate risks across infrastructure layers, defend against both external attackers and insider threats, and drive projects like network isolation, encryption, and secure service communication.

To succeed in this role, you'll need to have:

• 8+ years in security engineering, infrastructure, or SRE.
• Strong understanding of cloud security, networking fundamentals, Linux systems, and container security.
• Experience building or securing production infrastructure at scale.
• Deep knowledge of authentication and authorization systems, secrets management and cryptography basics, common vulnerabilities and attack vectors, and ability to design security controls across multiple layers.
• Proficiency in at least one language, experience with Infrastructure-as-Code, and strong automation mindset.

Nice to have experience with GPU infrastructure, multi-tenant platform isolation, service mesh architectures, and high-growth startup environments.

What makes this role unique is that you'll work on cutting-edge AI infrastructure security, secure GPU clusters, model execution, and real-time inference systems, have high ownership, and direct impact on developer trust and platform reliability.

Our security philosophy is to enable developers, automate everything, assume breach, and design for resilience.

In terms of compensation and benefits, we offer competitive salary, equity, full health, dental, and vision coverage, and opportunity to work on frontier AI infrastructure.

XML job scraping automation by YubHub

You'll partner with Security, Platform, Core Experience, Protocols, and Compliance to ship secure-by-default capabilities that meet bank-grade and auditor expectations while preserving developer velocity and client experience. You will define and own the roadmap for security platform capabilities across cloud defense, secrets management, HSM-bound workflows, and secure-by-default developer tooling.

You'll translate regulatory, audit, and risk requirements into usable product surfaces and guardrails for internal teams and client-facing flows. You will also establish crisp product requirements, success metrics, and post-ship control evidence so Security, Risk, and Audit can verify effectiveness without slowing teams.

We have created the Factors of Growth & Impact to help Villagers better measure impact and articulate coaching, feedback, and the rich and rewarding learning that happens while exploring, developing, and mastering the capabilities and contributions within and outside of the Security Product Manager role:

Technical Skills:

• Work closely with the security engineering team on the detail prioritization of the security product roadmap, balancing new capability development with technical debt retirement to ensure long-term platform health.
• Demonstrate deep strategic thinking in shaping the roadmap, considering threat landscape, regulatory requirements, competitive positioning, and customer needs to drive long-term security product success.
• Deliver complex, cross-functional security projects with multiple dependencies (Security Engineering, Platform, Core Experience, Compliance), demonstrating strong product management skills and ability to drive swift execution while maintaining quality.
• Drive comprehensive go-to-market strategy for security capabilities, including defining success metrics, tracking KPIs, and iterating based on data-driven insights.

Complexity and Impact of Work:

• Contribute strategic insights that significantly impact company direction, control coverage, and the security roadmap.
• Demonstrate product leadership that elevates team performance and effectiveness across security and platform domains.

Organizational Knowledge:

• Develop deep understanding of Anchorage's business model, organizational structure, regulatory posture, and strategic priorities.
• Build and maintain strong relationships with stakeholders across Security, Engineering, Compliance, Risk, and Ops to ensure effective collaboration.
• Navigate and improve organizational processes to enhance efficiency, safety, and auditability across teams.
• Contribute to organizational strategy through security product expertise, control design insights, and market intelligence.
• Drive company objectives through strategic security product decisions and initiatives.

Communication and Influence:

• Effectively influence and motivate others through respectful engagement, aligning teams with broader organizational security and product goals.
• Enable cross-functional collaboration through clear, consistent communication and strategic influence on decision-making at every level of the organization.
• Communicate clearly with executives, auditors, and prospective customers on control intent, coverage, evidence, and roadmap tradeoffs.
• Act as a thoughtful knowledge partner to senior leadership, helping improve organizational security dynamics through empathetic understanding.

You may be a fit for this role if you have:

• 6+ years in product management with 3+ focused on platform or security products in regulated or high-assurance environments.
• Strong technical fluency in one or more: cryptographic primitives, authN/Z, HSMs and key management, secrets management, secure software delivery, runtime isolation, threat modeling.
• Proven record shipping platform controls that are both developer-friendly and audit-ready.
• Experience converting regulatory or control frameworks (e.g., SOC 2, FFIEC, OCC expectations, ISO 27001) into practical product requirements.
• Comfortable operating across deeply technical teams and non-technical stakeholders (Security, Compliance, Risk, Ops, Client Success).
• Excellent written and verbal communication skills, adept at conveying complex security concepts clearly to diverse audiences.
• Experience in driving and managing complex projects across multiple teams, demonstrating exceptional leadership and problem-solving skills.
• Your empathy and adaptability not only complement others' working styles but also embody our culture of curiosity, creativity, and shared understanding.
• You self describe as some combination of the following: creative, humble, ambitious, detail oriented, hard working, trustworthy, eager to learn, methodical, action oriented, and tenacious.

Although not a requirement, bonus points if:

• Experience in digital assets or financial infrastructure.
• Hands-on experience with hardware signing flows, policy engines, or secure enclave/HSM integrations.
• Built systems for straight-through-processing with pre-authorization risk decisions.
• Familiarity with incident response and detection engineering product needs.
• You have written your own smart contract or dApp.
• You have built 0 to 1 products for financial institutions either as a PM or a developer.

Additional Information About Anchorage Digital:

Who we are The Anchorage Village, what we call our team, brings together the brightest minds from platform security, financial services, and distributed ledger technology.

XML job scraping automation by YubHub

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.

About the Team

The Security Engineering team protects Anthropic's AI systems and maintains the trust of our users and society. We define the authentication architecture for our training infrastructure, design the cryptographic foundations that protect model weights and training data, and drive the developer security program that shapes how engineers build and ship software.

About the role:

• Scope, design, and build complex security systems end to end, maintaining them through production and driving through ambiguous technical challenges with minimal oversight
• Identify systematic risks through threat modeling and risk assessment, then build the controls and infrastructure that address them
• Mentor engineers across the security team and broader engineering organisation, contribute to hiring, and grow security engineering culture at Anthropic
• Enable other teams to build their own security solutions by providing design pattern guidance and expanding security ownership beyond the security team

Developer security and supply chain

• Build and advance our developer security program by embedding security practices into the software development lifecycle and developer workflows
• Harden CI/CD pipelines against supply chain attacks through isolated build environments, signed attestations, dependency verification, and automated policy enforcement

Identity and secrets management

• Architect systems that protect sensitive assets including model weights, customer data, and training datasets
• Build and operate credential issuance, rotation, and workload authentication across our multi-cloud environments

Infrastructure security

• Implement and maintain cloud security controls including IAM, network segmentation, VPC architecture, and encryption across our multi-cloud and on-prem environments
• Contribute to cluster security controls including RBAC policies, namespace isolation, workload identity, and pod security
• Contribute to continuous cloud security posture management using infrastructure-as-code scanning, misconfiguration detection, and automated remediation

Secure frameworks

• Build critical security foundations including cryptographic frameworks, mTLS infrastructure, secure serialization, and authorization systems, designed to prevent entire classes of vulnerabilities and empower engineering teams to work securely without becoming security experts themselves
• Partner with product, research, infrastructure, and other security teams to ensure frameworks integrate smoothly with lower-layer security controls

You may be a good fit if you have:

• At least 8 years of software engineering experience with deep security expertise, including leading complex security initiatives independently
• Bachelor's degree in Computer Science or equivalent industry experience
• Strong programming skills in Python or at least one systems language such as Go, Rust, or C/C++
• Deep understanding of identity systems, cryptographic primitives, and secrets management
• Working knowledge of Kubernetes security primitives including RBAC, namespaces, network policies, and service accounts
• Experience leading cross-functional security initiatives and navigating complex organisational dynamics
• Outstanding communication skills, translating technical concepts effectively across all levels of the organisation
• A track record of bringing clarity and ownership to ambiguous technical problems and driving them to resolution
• Low ego and high empathy, with a history of growing the engineers around you and supporting diverse, inclusive teams
• Passion for AI safety and the role security engineering plays in building trustworthy AI systems

Strong candidates may also have:

• Designed or operated identity and secrets management systems for large-scale AI or cloud infrastructure
• Built security frameworks or libraries adopted across an engineering organisation
• Led a developer security program including supply chain security, secure build infrastructure, and SDLC integrations
• Built or secured CI infrastructure using Nix, Bazel, or Kubernetes-based deploy systems, with depth in toolchain issues, CI/CD pipelines, and developer workflow optimisation
• Implemented machine identity or workload authentication systems using SPIFFE/SPIRE, mTLS, or equivalent
• Understanding of Linux systems internals including namespaces, cgroups, and seccomp, and how these underpin container and workload isolation
• Contributed to the security architecture of multi-cloud environments including network segmentation, data protection, and access governance
• Experience with network security controls including admission controllers, CNI-level policy, service mesh security, and east-west traffic enforcement
• Experience building runtime security monitoring using eBPF or kernel security policies

Deadline to apply:

None, applications will be received on a rolling basis.

The annual compensation range for this role is listed below.

For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning the total amount of money an employee is expected to earn in a year, including bonuses and other forms of compensation.

XML job scraping automation by YubHub

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.

About the Team

The Security Engineering team protects Anthropic's AI systems and maintains the trust of our users and society. We define the authentication architecture for our training infrastructure, design the cryptographic foundations that protect model weights and training data, and drive the developer security program that shapes how engineers build and ship software.

The team works across several areas that collaborate closely: identity and secrets management, developer security and supply chain, infrastructure security, and secure frameworks. You will support one of these areas while contributing across others, with your focus shaped by your strengths and the team's priorities.

Responsibilities:

• Build and maintain identity and secrets management systems, including credential issuance, rotation, and workload authentication across our multi-cloud environments
• Contribute to cluster security controls including RBAC policies, namespace isolation, workload identity, and pod security
• Implement and maintain cloud security controls including IAM, network segmentation, VPC architecture, and encryption across our multi-cloud and on-prem environments
• Design and implement secure development frameworks and libraries that make secure coding the path of least resistance for our engineering teams, including service to service authentication, serialization libraries, and tool proxies.
• Harden CI/CD pipelines against supply chain attacks through isolated build environments, signed attestations, dependency verification, and automated policy enforcement
• Identify and remediate security gaps through code review, threat modeling, and hands-on debugging
• Contribute to continuous cloud security posture management using infrastructure-as-code scanning, misconfiguration detection, and automated remediation

You may be a good fit if you have:

• At least 5 years of software engineering experience implementing and maintaining security-relevant systems in production
• Bachelor's degree in Computer Science or equivalent industry experience
• Strong programming skills in Python or at least one systems language such as Go or Rust
• Experience contributing to cloud security controls
• A track record of taking ownership of problems end to end, from identifying the issue to shipping and monitoring the fix
• Clear communication skills and the ability to work collaboratively across engineering teams
• Low ego and high empathy, with a genuine interest in helping teammates succeed
• Passion for AI safety and the role security engineering plays in building trustworthy AI systems

Strong candidates may also have:

• Contributions to developer security tooling including SAST, dependency scanning, or secure build infrastructure
• Familiarity with Kubernetes security primitives including RBAC, namespaces, network policies, and admission controllers
• Experience with cloud security posture management tooling, infrastructure-as-code security scanning, or automated remediation
• Experience with network security and isolation techniques including east-west controls, traffic inspection, and cloud network policy
• Experience with eBPF for security monitoring and enforcement, or developing kernel security policies
• Experience building secrets management or workload authentication systems, including familiarity with protocols such as OAuth 2.0, OIDC, SAML, or SPIFFE/SPIRE
• Background building or operating security systems in environments that support research workflows and rapid iteration

Deadline to apply:

None. Applications will be reviewed on a rolling basis.

Logistics

Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team.

Your safety matters to us. To protect yourself from potential scams, remember that Anthropic recruiters only contact you from @anthropic.com email addresses. In some cases, we may partner with vetted recruiting agencies who will identify themselves as working on behalf of Anthropic. Be cautious of unsolicited messages or requests for sensitive information.

XML job scraping automation by YubHub

Microsoft AI are looking for a talented Member of Technical Staff, Software Engineer to join their MAI SuperIntelligence team in Zürich, Switzerland. This role sits at the heart of strategic decision-making, turning market data into actionable insights for a company that's revolutionising AI technology. You'll work directly with leadership to shape the company's direction in the AI market.

About the Role

As a Member of Technical Staff, Software Engineer, you will design and build core platform services for scalable training and evaluation, including cluster orchestration, job scheduling, data and compute pipelines, and artifact management. You will standardize containerized workflows by maintaining Docker images, CI/CD, and runtime configurations; advocate for best practices in security, reproducibility, and cost efficiency. You will implement end-to-end observability and operations through metrics, tracing, logging, dashboard development, monitoring, and automated alerts for model training and platform health (using Prometheus, Grafana, OpenTelemetry). You will architect and operate services on Azure cloud platforms, managing infrastructure-as-code (Terraform/Helm), secrets, networking, and storage. You will enhance developer experience by creating tools, CLIs, and portals that simplify job submission, metrics analysis, and experiment management for generalist software engineering and research teams.

Accountabilities

• Design and build core platform services for scalable training and evaluation, including cluster orchestration, job scheduling, data and compute pipelines, and artifact management.
• Standardize containerized workflows by maintaining Docker images, CI/CD, and runtime configurations; advocate for best practices in security, reproducibility, and cost efficiency.

The Candidate we're looking for

Experience:

• Strong software engineering background building reliable, scalable production systems (Python preferred).

Technical skills:

• Hands-on experience supporting large-scale ML / LLM training, evaluation, or experimentation infrastructure.
• Operating GPU-heavy workloads in cloud environments using Docker and Kubernetes (scheduling, utilization, isolation).
• Designing and running data / compute pipelines and orchestration (e.g., Airflow, Argo) with object storage (Azure Blob / S3).

Personal attributes:

• Building secure, reproducible platforms using CI/CD, infrastructure-as-code (Terraform, Helm), container security, and secrets management.

Benefits

• Competitive salary and benefits package.
• Opportunity to work with a talented team of engineers and researchers.
• Access to cutting-edge technology and resources.
• Flexible work arrangements, including remote work options.

XML job scraping automation by YubHub

What you'll do

• Work with our internal customers to design and implement new automated workflows
• Monitor our solutions to ensure they are running as expected, and debug and fix any issues found promptly, while communicating with our partners

What you need

• 3+ years of experience as a software engineer
• Object-oriented/scripting languages (e.g. Python, Groovy, C#, Java, or Ruby)
• Implement CI/CD pipelines (e.g. Jenkins, GitLab CI)
• Source control management tools (e.g. Perforce, Git)
• Configuration management tools (e.g. Chef, Ansible, Terraform, Packer)
• Cloud platforms (e.g. AWS, GCP, Azure)
• Containerization technologies (e.g. Docker, Kubernetes)
• Secrets management tools (e.g Vault)
• Artifact repositories (e.g. Artifactory, NPM, NuGet)
• Virtualization environments and tools (e.g. VMs, vSphere)
• Data and Observability tools (e.g. Splunk, Grafana, New Relic, Open Telemetry)

Why this matters

As a Software Engineer at Electronic Arts, you will have the opportunity to work on a wide range of projects and technologies, and to contribute to the development of our next-generation entertainment experiences. You will be part of a collaborative and dynamic team, and will have the opportunity to learn and grow with the company.

XML job scraping automation by YubHub