The team fosters a collaborative environment and is building a best-in-class program to partner with the business to protect the Firm’s information and computer systems. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority.

Responsibilities

• Define and implement security guardrails for Generative AI, LLMs, and Agentic frameworks, ensuring safe enterprise adoption.
• Conduct specialized threat modeling, red teaming, and risk assessments for AI/ML models (e.g., testing for prompt injection, model theft, and data poisoning).
• Lead risk management activities, including application risk assessments, design reviews, and mitigation strategies for IT projects.
• Engage throughout the SDLC to identify vulnerabilities, conduct code reviews/penetration testing, and enforce secure coding standards.
• Evangelize AppSec and AI security best practices through developer education, training materials, and outreach.
• Design robust security architectures and integrate automated security testing (SAST/DAST/SCA) into CI/CD pipelines.
• Partner with Technology, Trading, Legal, and Compliance to create policies and communicate technical risks to non-technical stakeholders.

Qualifications

• Bachelor's degree or higher in Computer Science, Computer Engineering, IT Security or related field.
• 5+ years’ experience working as an Application Security Engineer, Software Engineer, or similar role.
• Deep understanding of AI-specific risks (OWASP Top 10 for LLMs) and experience securing applications utilizing LLMs.
• Experience working with AI models, Agentic frameworks and security risks associated with AI.
• Experience in working with global teams, collaborating on code and presentations.
• Demonstrated work experience in hybrid on-premise and Public Cloud environments (AWS/GCP/Azure)
• Strong understanding of security architectures, secure configuration principles/coding practices, cryptography fundamentals and encryption protocols.
• Experience with common SCM & CI/CD technologies like GitHub, Jenkins, Artifactory, etc. and integrating Security Scanning and Vulnerability Management into the CI/CD Pipelines
• Familiarity with static and dynamic security analysis tools, and SCA/SBOM solutions.
• Hands on experience with Secrets Management & Password Vault technologies such as Delinea Secret Server and/or Hashicorp Vault, etc.
• Strong experience in secure programming in languages such as Python, Java, C++, C#, or similar.
• Familiarity with Infrastructure as Code tools (CloudFormation, Terraform, Ansible, etc.)
• Familiarity with web application security testing tools and methodologies.
• Knowledge of various security frameworks and standards such as ISO 27001, NIST, OWASP, etc.
• Knowledge of Linux, OS internals and containers is a plus.
• Certifications like CISSP, CISM, CompTIA Security+, or CEH are advantageous.

XML job scraping automation by YubHub

The successful candidate will have a proven understanding in enterprise security and AI security and will focus on defining and implementing security guardrails for Generative AI, LLMs, and Agentic frameworks, ensuring safe enterprise adoption.

Key responsibilities include:

• Defining and implementing security guardrails for Generative AI, LLMs, and Agentic frameworks
• Conducting specialized threat modeling, red teaming, and risk assessments for AI/ML models
• Leading risk management activities, including application risk assessments, design reviews, and mitigation strategies for IT projects
• Engaging throughout the SDLC to identify vulnerabilities, conduct code reviews/penetration testing, and enforce secure coding standards
• Evangelizing AppSec and AI security best practices through developer education, training materials, and outreach

Qualifications include:

• Bachelor's degree or higher in Computer Science, Computer Engineering, IT Security or related field
• 5+ years' experience working as an Application Security Engineer, Software Engineer, or similar role
• Deep understanding of AI-specific risks (OWASP Top 10 for LLMs) and experience securing applications utilizing LLMs
• Experience working with AI models, Agentic frameworks and security risks associated with AI
• Experience in working with global teams, collaborating on code and presentations

Preferred qualifications include:

• Demonstrated work experience in hybrid on-premise and Public Cloud environments (AWS/GCP/Azure)
• Strong understanding of security architectures, secure configuration principles/coding practices, cryptography fundamentals and encryption protocols
• Experience with common SCM & CI/CD technologies like GitHub, Jenkins, Artifactory, etc. and integrating Security Scanning and Vulnerability Management into the CI/CD Pipelines
• Familiarity with static and dynamic security analysis tools, and SCA/SBOM solutions
• Hands on experience with Secrets Management & Password Vault technologies such as Delinea Secret Server and/or Hashicorp Vault, etc.
• Strong experience in secure programming in languages such as Python, Java, C++, C#, or similar
• Familiarity with Infrastructure as Code tools (CloudFormation, Terraform, Ansible, etc.)
• Familiarity with web application security testing tools and methodologies
• Knowledge of various security frameworks and standards such as ISO 27001, NIST, OWASP, etc.
• Knowledge of Linux, OS internals and containers is a plus
• Certifications like CISSP, CISM, CompTIA Security+, or CEH are advantageous

We offer a competitive salary and benefits package, as well as opportunities for professional growth and development.

XML job scraping automation by YubHub

This is a rare opportunity to architect and build distributed systems that will fundamentally change how large organisations approach application security and developer security workflows.

As the SRM Stage Lead, you'll be responsible for transforming our engineering culture toward high-performance distributed systems while delivering an exceptional user experience for both Application Security professionals and Developers.

You'll own the technical strategy for processing, analysing, and remediating vulnerabilities across massive codebases and complex enterprise environments.

Technical Leadership & Architecture

• Design distributed systems architecture capable of processing vulnerability data from thousands of repositories, millions of commits, and complex dependency graphs in real-time
• Drive storage system decisions for multi-petabyte security datasets, balancing query performance, cost efficiency, and data retention requirements across time-series, graph, and document storage paradigms
• Architect scalable analysis pipelines that can ingest vulnerability feeds, correlate findings across multiple security tools, and provide actionable intelligence to both security teams and individual developers
• Lead the technical evolution from monolithic security scanning to microservices-based, event-driven vulnerability management systems

Engineering Culture Transformation

• Champion high-performance systems thinking throughout the team, establishing patterns for horizontal scaling, efficient resource utilisation, and fault-tolerant distributed computing
• Establish technical standards for system observability, chaos engineering, and performance optimisation in security-critical systems
• Mentor and develop senior engineers in distributed systems design, database optimisation, and large-scale system architecture
• Drive architectural decision records (ADRs) for major technical decisions, particularly around data storage, processing frameworks, and system boundaries

Product & User Experience Excellence

• Own the end-to-end user journey (in partnership with PM) for both AppSec professionals managing enterprise-wide risk and developers receiving actionable security feedback in their workflow
• Design APIs and interfaces that abstract complexity while providing the power and flexibility that security professionals demand
• Collaborate with Product Management, UX and Product Design to translate complex technical capabilities into intuitive user experiences
• Establish feedback loops with large enterprise customers to ensure our technical solutions scale with their organisational complexity

Strategic Technical Execution

• Evaluate and integrate cutting-edge technologies in areas such as graph databases, stream processing, machine learning inference at scale, and distributed caching, in collaboration with GitLab’s Infrastructure, Data and AI teams
• Own the technical roadmap for vulnerability correlation, risk scoring, and automated remediation workflows
• Drive partnerships with other GitLab stages to ensure seamless integration across the DevSecOps platform
• Lead incident response for availability and performance issues in customer-facing security systems

What You’ll Bring

• 10+ years of software engineering experience with 5+ years leading distributed systems at scale (>100M daily operations)
• Deep expertise in designing and operating high-throughput, low-latency distributed systems with complex data models
• Proven experience with polyglot persistence strategies, including relational databases (PostgreSQL, Cloud Spanner), time-series databases, graph databases, and distributed key-value stores
• Strong background in stream processing frameworks (Apache Kafka, Apache Flink, or similar) and event-driven architectures
• Hands-on experience with container orchestration (Kubernetes) and cloud-native observability stacks
• Security domain knowledge with understanding of vulnerability assessment, static analysis, dependency scanning, or application security testing

Leadership & Communication

• Proven track record of leading and growing high-performing engineering teams (40+ engineers)
• Experience transforming engineering culture and establishing technical excellence standards in fast-growing organisations
• Strong technical communication skills with ability to present complex architectural decisions to executive stakeholders
• Collaborative leadership style with experience working across multiple engineering teams and product stakeholders

Problem-Solving & Innovation

• Systems thinking approach to complex technical problems with demonstrated ability to make appropriate trade-offs between performance, scalability, and maintainability
• Experience with A/B testing frameworks and data-driven decision making in technical contexts
• Track record of successfully delivering large-scale technical migrations or architectural transformations
• Startup or high-growth company experience with ability to balance technical debt with rapid feature delivery

About the team

Security Risk Management sits at the heart of modern DevSecOps. The systems you build will directly impact how Fortune 500 companies protect their applications and how millions of developers integrate security into their daily workflow.

You'll have the opportunity to define the future of application security tooling while working with some of the most challenging distributed systems problems in the industry.

The Technical Challenge

You'll be solving some of the most interesting distributed systems problems in the security space:

• Scale: Processing vulnerability data for organisations with 100,000+ repositories and millions of developers
• Performance: Sub-second query response times for complex security analytics across massive datasets
• Reliability: 99.95%+ uptime SLAs for security-critical workflows that can't afford downtime
• Complexity: Correlating findings across 20+ different security tools while maintaining data lineage and audit trails
• User Experience: Making complex security data accessible to both security experts and developers with varying security expertise

Salary

The base salary range for this role’s listed level is currently for residents of the United States.

XML job scraping automation by YubHub

Key Responsibilities: Conduct red and purple team engagements simulating advanced threat actors across our cloud infrastructure, endpoints, and bare metal deployments. Penetration test specific, high-value deployments. Contribute to AI-assisted security testing tooling and workflows. Work cross-functionally with other security and engineering teams, particularly on AI-specific attack scenarios. Document and present findings to technical and executive audiences, translating attack narratives into actionable risk insights that inform security roadmaps.

Requirements: 5+ years of hands-on experience in red teaming and offensive security operations. Deep expertise in at least two of: macOS security, Linux Security, Cloud security (GCP/AWS/Azure), Kubernetes, CI/CD pipelines. Track record of discovering novel attack vectors and chaining vulnerabilities creatively. Experience conducting adversarial simulations against well-defended environments. Strong engineering skills (Python, Go, or similar). Ability to write clear findings that drive action, helping teams understand risk and prioritize fixes. Collaborative approach, working in close collaboration with the blue team.

Preferred Qualifications: Prior work at organizations with state actor threat models. Interest in AI safety and how security engineering contributes to responsible AI developments. Background testing AI/ML systems or agentic workflows. Familiarity with detection engineering and SIEM/EDR platforms from the defensive side. Experience with data center security or hardware-based attacks.

XML job scraping automation by YubHub

About the Team: Anduril employs a variety of networks and networking infrastructures to support global operations. Information Systems Security Managers are in charge of directly supporting business lines that wish to deploy Anduril products in classified environments.

About the Job: As an Information Systems Security Manager, you will be responsible for providing expertise in documenting security controls to reduce the administrative cost of deploying Anduril's products into operational environments. You will partner with program and security teams to coordinate security artifacts in support of classified deployments. You will apply technology standards from the commercial space in classified, air-gapped environments.

Responsibilities:

• Provide expertise in documenting security controls to reduce the administrative cost of deploying Anduril's products into operational environments.
• Partner with program and security teams to coordinate security artifacts in support of classified deployments.
• Apply technology standards from the commercial space in classified, air-gapped environments.
• Collaborate with Information System Owners to understand key stakeholders' needs and provide complex technical solutions to meet contractual obligations.
• Tailor NIST 800-53 controls to determine applicability to the network environment and oversee the implementation of Continuous Monitoring for respective programs.
• Define, document, and conduct security scanning on Anduril's products and accredited information systems.
• Scope, shape, and orchestrate the development of features to ensure products meet compliance goals.

Required Qualifications:

• Design, develop, and implement secure systems and networks per NIST RMF, JSIG, and other industry standards.
• Integrate security best practices into Anduril's Software Development Lifecycle (SDLC) and infrastructure design, collaborating with internal IT and engineering teams.
• Conduct security risk assessments, vulnerability assessments, and audits to identify and mitigate threats.
• Recommend and implement security solutions, such as IDS/IPS, encryption protocols, and secure communications technologies.
• Develop and enforce access controls, encryption strategies, and other technical measures to safeguard systems.
• Maintain and update System Security Plans (SSPs), POA&Ms, and other accreditation documentation.

Preferred Qualifications:

• Experience with application security paradigms such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA).
• Proven experience in securing micro-services architecture, including implementing best practices and compliance with DoD cybersecurity standards.
• Experience with cybersecurity in unmanned and ground control system within DoD environments.
• Experience with containerization and kubernetes along with the best practices for securing them.
• Experience with Cloud Service Providers (CSPs) and the various tools they offer for implementing security and compliance best practices.

Salary: The salary range for this role is $146,000-$194,000 USD.

Benefits: Anduril offers top-tier benefits for full-time employees, including comprehensive medical, dental, and vision plans at little to no cost to you. Anduril also offers income protection, generous time off, family planning and parenting support, mental health resources, professional development, commuter benefits, relocation assistance, and a retirement savings plan.

Protecting Yourself from Recruitment Scams: Anduril is committed to maintaining the integrity of our Talent acquisition process and the security of our candidates. We've observed a rise in sophisticated phishing and fraudulent schemes where individuals impersonate Anduril representatives, luring job seekers with false interviews or job offers. These scammers often attempt to extract payment or sensitive personal information.

To ensure your safety and help you navigate your job search with confidence, please keep the following critical points in mind:

• No Financial Requests: Anduril will never solicit payment or demand personal financial details (such as banking information, credit card numbers, or social security numbers) at any stage of our hiring process. Our legitimate recruitment is entirely free for candidates.
• Please always verify communications:
• Direct from Anduril: If you receive an email from one of our recruiters, it will only come from an @anduril.com address.
• Via Agency Partner: If contacted by a recruiting agency for an Anduril role, their email will clearly identify their agency. If you suspect any suspicious activity, please verify the agency's authenticity by reaching out to contact@anduril.com.
• Exercise Caution with Unsolicited Outreach: If you receive any communication that appears suspicious, contains grammatical errors, or makes unusual requests, do not respond or engage with the sender.

XML job scraping automation by YubHub

Responsibilities: Conduct in-depth code reviews and static analysis to identify and mitigate security vulnerabilities in our applications Design and implement secure coding guidelines and best practices for development teams Collaborate closely with development teams to integrate security practices throughout the CI/CD pipeline Perform threat modeling and risk assessments for applications, developing mitigation strategies for potential risks Manage vulnerability tracking and remediation efforts, providing guidance to development teams Support incident response activities related to application security Stay current on emerging security threats and trends in cloud-native technologies and AI, continuously enhancing our security measures Evaluate and secure software supply chains, including producing and maintaining Software Bills of Materials (SBOMs) Address security concerns specific to AI and machine learning models, with a focus on the OWASP LLM Top 10

Basic Qualifications: Bachelor's degree in Computer Science, Cybersecurity, or a related field 3-5 years of experience in application security, with a strong focus on code security practices Deep understanding of secure coding practices, application security frameworks, and common vulnerabilities (e.g., OWASP Top 10) Proficiency in Python or Rust programming languages and experience with secure coding practices in these languages Experience securing CI/CD pipelines and implementing DevSecOps practices Familiarity with software supply chain security and SBOM generation tools Experience with security testing tools (e.g., Burp Suite, OWASP ZAP) and static/dynamic code analysis Understanding of AI/ML security implications, particularly those outlined in the OWASP LLM Top 10 Excellent communication skills, able to explain complex security issues to both technical and non-technical audiences

Preferred Skills and Experience: Experience with cloud platforms (e.g., GCP, AWS, Azure) and their security features Relevant security certifications (e.g., CSSLP, OSWE) Background in data privacy and compliance regulations relevant to cloud-native applications and AI systems Experience with GitOps and infrastructure-as-code security Familiarity with federated learning and privacy-preserving machine learning techniques Experience in building custom security tooling to enhance and automate security processes Interest in leveraging AI to automate security tasks and improve efficiency Contributions to open-source security projects or tools Experience in securing AI/ML models and data pipelines

Compensation and Benefits: $200,000 - $340,000 USD Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.

XML job scraping automation by YubHub

You will be the technical authority on hardware root of trust, secure boot, firmware integrity, embedded system hardening, and the security of third-party hardware integrations. Your work ensures that every component on the vessel is resilient against tampering, exploitation, and supply chain compromise, designed in from the start and maintained across the fleet lifecycle.

Key Responsibilities:

• Conduct hardware security assessments including fault injection, side-channel analysis, interface evaluation, and bus protocol analysis across Saronic-built and third-party hardware including sensors, radios, navigation systems, propulsion controllers, and communication modules

• Evaluate and harden physical interfaces, debug ports, maintenance access points, and removable media interfaces on vessel hardware

• Evaluate supply chain security risks for hardware components and recommend provenance validation, anti-tamper, and attestation controls

• Develop and maintain a hardware security testing capability including tooling, methodology, and repeatable test procedures

• Design and implement secure boot chains establishing hardware root of trust from power-on through application launch, integrating TPM, secure elements, and HSMs for device identity, key storage, measured boot, and remote attestation

• Design and implement secure firmware update mechanisms including signed updates, rollback protection, and verified delivery across the fleet

• Own the cryptographic key lifecycle for hardware-bound keys, including provisioning, rotation, revocation, and escrow

• Harden embedded Linux systems on vessel platforms, including kernel configuration, mandatory access controls, secure IPC, and attack surface reduction

• Secure operational technology protocols and interfaces used in vessel control systems, propulsion, navigation, and sensor fusion including CAN bus, NMEA, and maritime/industrial communication protocols

• Define security boundaries, trust zones, and segmentation strategies for vessel-internal compute and communication architectures

• Drive threat modeling across vessel hardware subsystems and translate findings into actionable engineering requirements

• Produce secure-by-design reference architectures and define hardware and firmware security standards, testing requirements, and acceptance criteria integrated into engineering workflows

Required Qualifications:

• 6+ years of hands-on experience in hardware security, embedded systems security, firmware security, or a closely related security engineering role

• Deep expertise in hardware hacking techniques including fault injection, side-channel attacks, JTAG/SWD exploitation, bus sniffing/injection, and physical security assessments

• Demonstrated experience designing and implementing secure boot chains, hardware root of trust, and secure firmware update mechanisms in production systems

• Strong experience assessing third-party hardware integrations and evaluating supply chain security risks

• Deep knowledge of embedded Linux security hardening, kernel security, and mandatory access control frameworks

• Experience with operational technology security, industrial protocols, or control system security

• Proficiency in C, C++, Python, or Rust in the context of firmware, embedded, or systems-level security work, and with hardware security testing tools

• Ability to obtain and maintain a security clearance

Preferred Qualifications:

• Experience in defense, aerospace, robotics, autonomy, maritime, or other high-assurance environments

• Experience with autonomous systems, unmanned vehicles, or safety-critical embedded platforms

• Experience with RTOS, microcontroller security, or resource-constrained device environments

• Knowledge of CAN bus, NMEA protocols, maritime communication systems, RF/GPS/GNSS security, or ICS security standards

• Familiarity with defense or safety-critical compliance frameworks (NIST SP 800-53, IEC 62443, Common Criteria, or equivalent)

• Relevant certifications such as OSEE, GXPN, GSE, or hardware-focused credentials

XML job scraping automation by YubHub

At Synopsys, interns dive into real-world projects, gaining hands-on experience while collaborating with our passionate teams worldwide,and having fun in the process! You'll have the freedom to share your ideas, unleash your creativity, and explore your interests. This is your opportunity to bring your solutions to life and work with cutting-edge technology that shapes not only the future of innovation but also your own career path.

Deploy and configure security tools for Software Composition Analysis (SCA), Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST), including project onboarding, configuration, and policy management.

Integrate security controls into CI/CD pipelines, such as quality gates, reporting mechanisms, and threshold management, to ensure early vulnerability detection.

Automate the collection, normalization, and publication of security results using dashboards, artifacts, and notifications.

Implement and manage dependency updates with tools like Dependabot and Renovate, including automated pull requests and update strategies.

Contribute to documentation (integration guides, best practices) while collaborating with development and infrastructure teams to improve the developer experience.

Participate in the analysis, prioritization, and tracking of security findings and remediation efforts.

Currently pursuing a Master’s degree or equivalent in cybersecurity, software engineering, DevOps/Cloud, or a related field.

Comfortable working in both Windows and Linux environments.

Understanding of CI/CD concepts and a keen interest in DevSecOps practices.

Experience with programming/scripting languages such as Python, Bash, Go, or Rust is a plus.

Familiarity with build and tooling systems (e.g., Bazel, Docker) and SDLC tools (e.g., Mend, Dependabot, Renovate).

Autonomy, attention to detail, strong problem-solving skills, and effective communication for collaboration within multidisciplinary teams.

Fluent/Professional English

XML job scraping automation by YubHub

Responsibilities: Scoping and performing mobile, web application, cloud, and infrastructure penetration tests. Collaborating with engineering teams to facilitate secure development, including reviewing and analysing proposed technical solutions to identify appropriate security controls, conducting code reviews of features and critical security components, and performing in-depth practical security testing. Advising on the remediation of security issues and identifying solutions to address root causes. Automating security testing and developing internal tooling to achieve continuous assurance. Identifying and implementing improvements to the team's internal processes and procedures. Mentoring less-experienced team members, leading by example in technical assessments, and promoting a collaborative approach to security across Starling.

Requirements: 5+ years technical information security experience. Experience in mobile, web application, cloud, and infrastructure penetration testing. Technical knowledge in mobile security (iOS and Android), web application security, networking and associated protocols, cloud security (AWS and GCP), containers and Kubernetes. Penetration testing qualifications (e.g. CREST Certified Tester, OSCP) or equivalent industry experience. Excellent verbal and written communication skills.

XML job scraping automation by YubHub

We are seeking an automation testing engineer to join our team in Shenzhen, China. As an automation testing engineer, you will be responsible for testing software products, including web and mobile applications, to ensure they meet high quality standards.

Responsibilities

• Test software products, including web and mobile applications, to ensure they meet high quality standards.
• Write and execute automation testing scripts to improve testing efficiency and coverage.
• Use Postman, RestAssured, or other tools to validate APIs.
• Use JIRA or similar tools to record and track defects.
• Design and execute test cases, test scenarios, and regression tests.
• Collaborate with development teams, product managers, and designers to ensure software quality.
• Perform performance and security testing as needed.

Requirements

• Have experience in manual and automation testing.
• Familiar with testing methods, test case design, and defect tracking.
• Have experience in testing web and mobile applications.
• Familiar with automation testing tools such as Selenium, Cypress, or Appium.
• Familiar with API testing using Postman, RestAssured, or other tools.
• Understand CI/CD processes and can integrate testing into development workflows.
• Have good English communication skills (written and spoken).
• Currently reside in Shenzhen or surrounding areas and can travel to Hong Kong as needed.

Preferred Skills

• Have experience in performance testing and security testing.
• Familiar with programming languages such as Python, Java, or JavaScript.
• Have experience in remote team collaboration and working with cross-time zone teams.

XML job scraping automation by YubHub

We are seeking a manual testing engineer to ensure our software products have an excellent user experience and high-quality standards.

Job Summary

As a manual testing engineer, your primary responsibility is to test software new features, including web and mobile application UI interfaces, user flows, and API testing. You will play a key role in discovering defects, optimizing testing processes, and ensuring high-quality delivery.

This role requires working from our Shenzhen office and may involve occasional travel to Hong Kong to collaborate with the team.

Responsibilities

• Manual Testing: Test web and mobile applications' new features to ensure UI interfaces and user flows meet expectations.
• API Testing: Use Postman, RestAssured, or other tools to validate API functionality.
• Defect Tracking & Reporting: Use JIRA or similar tools to record and track issues.
• Testing Planning & Execution: Design and execute test cases, test scenarios, and regression testing.
• Cross-Team Collaboration: Work closely with developers, product managers, and designers to ensure software quality.
• Performance & Security Testing (if required): Evaluate application performance, stability, and security.

Requirements

• Manual Testing Experience: Have solid manual testing experience and knowledge of software testing lifecycles and processes.
• Test Methodology: Familiar with test methods, test case design, and defect tracking.
• Web & Mobile UI/UX Testing Experience: Have experience testing web and mobile application UI/UX.
• API Testing: Familiar with API testing and use of Postman, RestAssured, or other tools.
• Good English Communication Skills: Have excellent written and verbal communication skills.
• Location: Reside in Shenzhen or surrounding areas and be able to work from the office, with occasional travel to Hong Kong.

Preferred Qualifications

• Performance Testing & Security Testing Experience: Have experience in performance testing and security testing.
• Programming Skills: Familiar with Python, Java, or JavaScript programming, which can be used for testing automation.
• Automation Testing Tools: Familiar with Selenium, Cypress, Appium, or other automation testing tools.
• CI/CD Process: Familiar with CI/CD processes and how to integrate testing into continuous delivery systems.
• Remote & Cross-Time Zone Team Collaboration: Have experience working with remote and cross-time zone teams, with excellent asynchronous communication skills.

Benefits

• Global Fintech Company: Work for a global fintech company with offices in Singapore, London, and Hong Kong.
• On-Site Work with Flexibility: Work primarily from the office with some flexibility, and collaborate with the Hong Kong team as needed.
• Front-End Projects: Participate in cutting-edge projects, enhancing your testing and automation skills.
• Quality-Driven Culture: Work in a quality-driven culture where the testing team plays a critical role in the development process.
• Competitive Salary & Benefits: Receive a competitive salary and benefits package, reflecting your contributions.

XML job scraping automation by YubHub

This is an ideal role for an experienced tester with an interest in cloud platform solutions, who is looking to further develop their automation testing experience.

Responsibilities

• A variety of backend testing with a focus on containers, deployments, APIs, authentication, access tokens etc...
• Functional, non-functional, regression and security testing
• Familiar with modern coding standards/practices and DevOps, CI/CD pipelines
• Strong knowledge of software QA methodologies, tools, and processes
• Experience with testing tools like JMeter, Postman, or other similar tools would be advantageous
• Exposure to C# / .Net would be beneficial
• Excellent troubleshooting and problem-solving skills, and a proven ability to write clear, concise, and comprehensive test plans and test cases

Benefits

• Excellent work/life balance, including a 4 ½ day working week
• Hybrid working (home and office-based split, requiring regular weekly attendance in the Auckland office)
• Medical and Life insurance (after qualifying period)
• Volunteer day, enhanced paid parental leave and wellness benefits
• Strong mentoring & career development focus
• Fun team events including the Vista Innovation Cup

XML job scraping automation by YubHub

We are seeking a highly skilled Testing Manager to lead and manage the testing process for IT projects and small changes, ensuring the quality and reliability of software applications and systems.

The Testing Manager plays a critical role in ensuring that software products meet quality standards, adhere to requirements, and deliver a positive user experience.

Key Responsibilities & Accountabilities

Test Planning

• Develop and implement comprehensive test strategies, plans, and schedules in alignment with project goals and timelines.

Test Execution

• Lead and oversee the testing process, including test case creation, test script development, test environment setup, and test execution.

Test Team Management

• Build and manage a high-performing test team (with contract and perm), including resource allocation, task assignment, performance monitoring, coaching and mentoring.

Stakeholder Management

• Collaborate with project stakeholders, such as project managers, business analysts, and developers, to ensure clear communication, requirements understanding, and timely issue resolution.

Test Documentation

• Create and maintain test artifacts, including test cases, test scripts, test data, and test reports, to ensure proper documentation and traceability of testing activities.

Defect Management

• Establish defect tracking and management processes, including defect identification, prioritisation, and resolution, to ensure timely and effective defect resolution.

Test Automation

• Define and implement test automation frameworks and tools to improve test efficiency, coverage, and reliability.

Quality Assurance

• Ensure quality assurance standards are in place and adherence to quality standards, processes, and best practices is maintained throughout the testing lifecycle across all projects and programmes.

Risk Management

• Identify and mitigate testing risks and issues, proactively addressing potential roadblocks that could impact testing timelines or quality.

Skills & Experience

• 8+ years in software testing, with at least 3 years in a managerial role.

• Strong knowledge of functional, regression, performance, and security testing.

• Experience in tools such as Playwright and knowledge of integrating testing in CI/CD pipelines.

• Familiarity with Agile, Scrum, and DevOps practices.

• Excellent leadership, communication, and stakeholder management skills.

• Experience with cloud-based testing environments (Azure).

• Knowledge of API testing and Dynamics 365 desirable.

• ISTQB or similar certification.

XML job scraping automation by YubHub

Role Details

What You Will Do

• Lead the development of comprehensive evaluation frameworks for AI/ML systems
• Develop core AI/ML modules, APIs, and backend services in Python required for framework development
• Conduct advanced performance and security testing, resolving systemic issues across AI pipelines and application stacks
• Build automation, performance and security test frameworks for web applications and services
• Collaborate with product owners, development teams

Requirements

• Bachelor's degree in Computer Science, Engineering, or related field
• Overall 5+ years of experience
• 4+ years of experience developing AI/ML modules, APIs, and backend services using Python
• 3+ years of experience testing web applications and web services
• 2+ years in building test automation frameworks using Python or similar languages
• Experience with AWS cloud services (Lambda, S3, EC2, EKS) and containerization tools like Docker
• Experience with software quality assurance processes and methodologies

Benefits

We adopt a holistic approach to our benefits programs, emphasizing physical, emotional, financial, career, and community wellness to support a balanced life. Our packages are tailored to meet local needs and may include healthcare coverage, mental well-being support, retirement savings, paid time off, family leaves, complimentary games, and more.

XML job scraping automation by YubHub

Helpshift is looking for a skilled Software Tester to join our team. As a Software Tester, you will work on projects that impact our conversations with consumers, bringing maximum value to them.

About the Team

At Helpshift, we have a QA Guild established which is responsible for performing QA for all projects that are executed across the organisation. The QA guild collaborates with engineering, product and design teams on implementation and user scenarios.

Role Details

Key Responsibilities

• Design Test Plans, Test Specifications and Test Cases for Product features.
• Take ownership of feature testing and drive to completion.
• Identify challenges, risks and provide test estimates for feature testing.
• Execute regression test suites.
• Perform exploratory testing.
• Driving and maintaining the automation test suites.
• Maximize test coverage for the most critical features of the system using automation.

Requirements

• 3+ years of experience in software testing and engineering.
• Proficiency in one of the programming/scripting languages (Java/JS).
• Hands on experience in version control systems like Git or SVN.

Benefits

• Hybrid setup.
• Worker's insurance.
• Paid Time Offs.
• Other employee benefits to be discussed by our Talent Acquisition team in India.

XML job scraping automation by YubHub

Product & Solutions Lead, Safety and Security

Location

San Francisco

Employment Type

Full time

Department

Intelligence & Investigations

Compensation

• $288K – $425K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

More details about our benefits are available to candidates during the hiring process.

This role is at-will and OpenAI reserves the right to modify base pay and other compensation components at any time based on individual performance, team or company results, or market conditions.

About the Team

The Intelligence & Investigations (I2) team detects and disrupts abuse and strategic risks so people can use AI safely. We translate real-world signals, investigations, and external threat intelligence into practical mitigations, operating guidance, and partner-ready support that improves safety outcomes across the AI ecosystem.

About the Role

As a Product & Solutions Lead focused on safety and security, you will build and operate 0–1 products, services, and technical solution packages that help developers and public institutions move from experimentation to durable, trusted outcomes—while maintaining public safety, transparency, and respect for privacy and rights.

This role balances two modes of delivery:

1. Bespoke products and technical solutions for strategic internal and external partners, and

1. Scalable product and solution packages that can be reused broadly across partners and deployments.

Training is a component of scale, but not the center of gravity. You will also ship reference implementations, playbooks, evaluation kits, and repeatable operating models that partners can adopt and operate.

You will work directly with engineers and a multidisciplinary group of safety and geopolitical analysts, and data and quantitative scientists to convert complex, evolving challenges into solutions that teams can adopt in high-stakes environments.

This role is based in San Francisco, CA (hybrid, 3 days/week). Relocation support is available.

In this role, you will:

• Own the 0–1 roadmap for safety and security solution offerings: define the target users, problem statements, tools, operating models, success metrics, and the set of reusable deliverables we ship.

• Design and ship bespoke technical solutions for priority partners (internal and external), then abstract what works into reusable patterns and toolkits.

• Build partner-ready technical artifacts: solution blueprints, reference architectures, evaluation and monitoring guidance, incident/response playbooks, and deployment checklists.

• Package open-source and proprietary capabilities into adoption-ready solutions (e.g., reference implementations, configuration patterns, validated workflows).

• Maintain a consistent delivery model across engagements: intake, scoping, governance alignment, execution cadence, and retrospectives that improve the offering over time.

• Translate evolving threats into actionable guidance and updates for solution packages (e.g., scams/fraud patterns, cyber-enabled threats, ecosystem abuse trends).

• Develop lightweight enablement components as needed: targeted technical modules, hands-on labs, and readiness assessments that accelerate adoption of the solutions.

• Define and instrument impact measurement: adoption milestones, readiness indicators, reliability and safety posture improvements, and partner satisfaction with outputs.

• Partner closely across engineering, safety, geopolitical analysis, and quantitative teams to ensure solutions are technically credible, threat-informed, and measurable.

• Communicate crisply and decision-readily to internal and external stakeholders: progress, trade-offs, risks, and recommendations.

You might thrive in this role if you:

• Have 6+ years in product, technical program leadership, solutions, or platform operations, especially in safety, security, risk, integrity, or enterprise/public-sector contexts.

• Have built 0–1 solution offerings (product plus services or productized services): taking ambiguous needs, shipping something concrete, then scaling it into a repeatable model.

• Have a builder’s mindset: comfortable incubating early-stage ideas, testing them with partners, and evolving them into durable, repeatable safety and security solutions.

• Can go deep with engineers and still produce partner-ready artifacts that are clear

XML job scraping automation by YubHub

Vendor Security Program Manager

Location

San Francisco; New York City; Seattle; Washington, DC

Employment Type

Full time

Location Type

Hybrid

Department

Security

Compensation

• SF, Seattle and NYC: $207K – $335K • Offers Equity
• Zone A: $186K – $301.5K • Offers Equity
• Zone B: $165.6K – $268K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

More details about our benefits are available to candidates during the hiring process.

This role is at-will and OpenAI reserves the right to modify base pay and other compensation components at any time based on individual performance, team or company results, or market conditions.

About the Team

The Vendor Security team sits at the core of our mission to ensure our technology benefits humanity safely and securely. We provide security assurances and robust compliance frameworks for our technology, people, and products. Our mission is to build trust with the world in our products and company. Our work is technical yet highly operational, strategically aligning with security and engineering teams to navigate and mitigate risks proactively. We prioritize impact, enable innovation, and foster a culture of continuous compliance and security awareness.

About the Role

As a Program Manager within the Vendor Security team, you will play a crucial role in protecting our organisation against external risks posed by suppliers, vendors, partners, and hardware manufacturers. Your responsibilities will include conducting comprehensive security assessments, building a program to manage global supply chain and vendor risks, and driving security initiatives across all of our third-party relationships. You will be analytical, detail-oriented, and proactive, capable of translating complex security evaluations into clear, actionable strategies.

The role is expected to operate with a strong point of view on risk. You will be responsible not only for identifying and documenting vendor and supply-chain risk, but for helping the company make informed trade-offs between speed, scale, and security. This role requires exceptional organisational skills, the ability to effectively communicate across different business functions, and a strong commitment to operational excellence in a dynamic environment.

This role may be based out of one of our US offices (San Francisco, Seattle, NYC or DC.) We use a hybrid work model of 3 days in the office per week and offer relocation assistance to new employees.

In this role, you will:

• Be the interface for Security to the rest of the organisation for vendors.

• Own vendor security risk decisions and escalation paths, including clearly documenting risk acceptance, mitigation plans, and executive-level trade-offs when security requirements cannot be fully met.

• Conduct deep, evidence-based security assessments of third parties, including review of architectures, configurations, controls, logs, and operational practices - moving beyond questionnaires and attestations to validate real-world security posture of vendors.

• Assess and manage security risk across a diverse vendor landscape, including SaaS providers, cloud and infrastructure partners, hardware manufacturers, chip suppliers, and other strategic or high-impact suppliers.

• Develop, build, and continuously improve the vendor security program and security supply chain risk management function at OpenAI.

• Develop, propose, and implement effective controls to mitigate identified vendor risks.

• Build and maintain collaborative partnerships with key internal stakeholders including Infrastructure Security, Product, Engineering, Legal, Procurement, and Threat Intelligence to ensure comprehensive security coverage of the vendor and third-party supply chain.

• Streamline and automate vendor and supply chain security processes to increase efficiency and reduce manual overhead.

You might thrive in this role if you have:

• Proven experience conducting third-party or supply chain security assessments, including building and scaling a vendor management security program.

• An in-depth understanding of information security principles and controls, including data protection, access management, proactive and reactive security measures, and application security.

• Comfort operating in ambiguity, with the ability to form defensible security opinions even when information is incomplete or uncertain.

• Strong analytical and problem-solving skills, with the ability to identify and mitigate complex security risks.

• Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and stakeholders.

• Strong organisational and project management skills, with the ability to prioritise tasks and manage multiple projects simultaneously.

• A strong commitment to operational excellence and continuous improvement, with a focus on delivering high-quality results in a dynamic environment.

• A passion for security and a desire to make a meaningful impact in the field.

XML job scraping automation by YubHub