To succeed in this role, you will need to have completed a degree or comparable education, plus at least 4–5 years of experience in Cyber Security, with a focus on SOC, SIEM, or Detection Engineering. You should have experience with common security technologies, such as SIEM, XDR, EDR, and vulnerability management tools, as well as a solid understanding of incident response processes. Ideally, you will have experience with Microsoft Sentinel, Microsoft Defender, CrowdStrike, or Palo Alto Cortex SOAR.

As a Cyber Security Specialist at MHP, you will be part of a dynamic team that values diversity, creativity, and unconventional thinking patterns. You will have the opportunity to grow with your projects and objectives in an innovative and supportive environment. MHP offers a competitive salary and benefits package, as well as opportunities for professional development and career growth.

XML job scraping automation by YubHub

You will design and ship high-precision detections across cloud services and enterprise SaaS, develop automation that shortens response timelines, and mature the telemetry pipelines that make it all possible. Your ability to write production-quality code is just as important as your ability to triage an alert.

Responsibilities:

• Engineer, test, and deploy detection logic across cloud and enterprise environments, treating detections as software with version control, peer review, and measurable performance.

• Build and maintain incident response automation, runbooks, and tooling that reduce containment timelines without sacrificing developer velocity.

• Mature telemetry pipelines through improved schema design, normalization, enrichment, and quality checks that reduce false positives and increase signal fidelity.

• Perform digital incident investigations to identify and contain potential security breaches.

• Conduct digital forensics and malware analysis to understand attack vectors and adversary methodologies.

• Integrate alerting with messaging and ticketing systems to enable fast, traceable response workflows.

• Partner cross-functionally with IT, security, and engineering teams to harden identity and access patterns, close logging and forensics gaps, and implement maintainable guardrails that scale with the organisation.

• Utilize threat intelligence platforms to improve hunting, detection, and response workflows.

• Clearly explain the significance and impact of incidents, providing actionable recommendations to both technical and non-technical stakeholders.

Ideal Candidate:

• 5+ years of experience in Detection Engineering, Incident Response, or Security Operations, with a strong emphasis on building and shipping security tooling and automation.

• Proficiency in at least one programming language (e.g., Python, Go) and comfort writing production-grade code , not just scripts.

• Hands-on experience designing or improving detection pipelines, SIEM content, and alerting workflows in cloud-native environments.

• Practical experience with SIEM, EDR, and SOAR tools, with a preference for candidates who have built integrations or extended these platforms programmatically.

• Strong understanding of modern cyber threats, common attack techniques, and adversary TTPs.

• Familiarity with digital forensics tools and malware analysis techniques.

• Experience with cloud-native environments (e.g., AWS, GCP, Azure) and the security telemetry those environments generate.

• Exposure to threat intelligence platforms and integrating intel into detection and investigation workflows.

• Strong communication skills, with the ability to translate complex security findings into clear business impact.

• Relevant security certifications (e.g., GCIH, GCFA, GCIA, CISSP, GDSA) are a plus.

Compensation packages at Scale for eligible roles include base salary, equity, and benefits. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position, determined by work location and additional factors, including job-related skills, experience, interview performance, and relevant education or training. Scale employees in eligible roles are also granted equity based compensation, subject to Board of Director approval. Your recruiter can share more about the specific salary range for your preferred location during the hiring process, and confirm whether the hired role will be eligible for equity grant. You’ll also receive benefits including, but not limited to: Comprehensive health, dental and vision coverage, retirement benefits, a learning and development stipend, and generous PTO. Additionally, this role may be eligible for additional benefits such as a commuter stipend.

XML job scraping automation by YubHub

You’ll play a critical role on a fast-growing team with the opportunity to make a significant impact in a short period of time. You will be responsible for product messaging, positioning, sales and partner enablement, new product launches, revenue planning, and collaboration with the demand generation team.

You will be the “voice to our customers” in the way we present our products and solutions to the world. Our ideal candidate will be creative, analytical, and extremely well organized, with a high-level of attention to detail.

Responsibilities:

• Be the voice to our customers and assist with the marketing of the AI and Endpoint Management capabilities in the Tanium AEM Platform.

• Support the product & solutions go-to-market plan that aligns with the revenue goals and develop marketing assets and overall execution plan in support of major launches.

• Analyze the market, buyers, trends, industry-specific problems, and competitors to create strategic positioning that differentiates Tanium in the Autonomous Endpoint Management market.

• Support the development of solutions-based sales plays.

• Identify target personas, understand their key business problems, and pain points, and articulate Tanium’s value proposition to drive desired outcomes.

• Work closely with product management, sales leadership, enablement, customer success, and marketing teams across all activities.

• Leverage strong content creation background to develop content, including sales tools, whitepapers, custom one-sheets, event collateral, and thought-leadership content.

• Collaborate with demand generation teams to execute targeted campaigns that drive pipeline.

• Partner with sales, product etc. to facilitate feedback and drive continuous improvement of the product positioning, sales enablement tools etc.

• Conduct market research, including buyer interviews to inform marketing content and create actionable insights.

• Present to customers, partners, and sales teams.

Requirements:

• 7+ years minimum experience in product marketing, solutions marketing, or outbound product management required.

• Experience supporting go-to-market plans including messaging, content, and sales enablement.

• Basic knowledge of endpoint management and security.

• A good knowledge of generative and agentic AI and how it is used to transform business processes.

• Familiarity with ITSM, SIEM, SOAR, EDR solutions a plus.

• Experience understanding technology at a deep level and ability translate to business needs concisely is required.

• Experience developing presentations to customers, sales teams, and partners preferred.

• Solid experience in positioning work and writing marketing content for complex products and/or market dynamics.

Preferred Skills:

• Strong presentation skills are required. Must be comfortable speaking in front of various audience levels.

• You are a team player, knowing how to work well cross-functionally to rally teams around team strategy and plans.

• You can balance both the art and science of marketing – having great creative intuition and an insatiable appetite for data and insights.

• Understanding of basic branding principles: brand identity, building equity, brand voice, etc. a plus.

• You possess excellent business judgment; ability to prioritize independently, overcome blockers, create clarity, and move forward even in ambiguous circumstances.

• A profound sense of ownership and accountability is required along with the ability to influence (and inspire) and sometimes skeptical audiences.

What you’ll get:

The annual base salary range for this full-time position is $95,000 to $290,000.

This range is an estimate for what Tanium will pay a new hire. The actual annual base salary offered may be adjusted based on a variety of factors, including but not limited to, location, education, skills, training, and experience.

In addition to an annual base salary, team members will receive equity awards and a generous benefits package consisting of medical, dental and vision plan, family planning benefits, health savings account, flexible spending account, transportation savings account, 401(k) retirement savings plan with company match, life, accident and disability coverage, business travel accident insurance, employee assistance programs, disability insurance, and other well-being benefits.

XML job scraping automation by YubHub

The Insider Risk Team works cross-functionally to deter, identify, investigate and mitigate risks to Anthropic's most critical assets,our people, our data, and our infrastructure.

Responsibilities:

• Triage custom technical detection alerts
• Independently conduct end-to-end insider risk investigations while working closely with IT, Detection and Response, Legal, HR and other cross-functional teams
• Monitor and triage external threats targeting employees
• Conduct sensitive interviews of employees or other involved parties
• Perform technical analysis of logs from SIEM, DLP, UEBA systems
• Leverage AI tools (Claude, Claude Code) to accelerate investigation workflows and data analysis
• Build and maintain investigation documentation
• Assist in iterating and improving on processes, procedures and systems to detect, mitigate and investigate insider risks
• Work cross-functionally to develop, refine and operationalize insider risk indicators, scenarios and mitigation strategies
• Provide rapid-turnaround security assessments to support business operations
• Support education and awareness programs to promote a robust security culture
• Serve as the subject matter expert for insider risk and provide training to team members as needed

You may be a good fit if you have:

• Bachelor's degree and/or higher education in a related field
• 5-8 years of experience in insider risk, corporate investigations or a related domain
• 3-5 years experience in conducting investigative interviews
• Experience conducting OSINT for threat assessment, or counterintelligence
• Experience leveraging DLP, UEBA, SIEM, SOAR and other insider risk security tooling for detections and investigations
• Broad understanding of internal and external investigations, cybersecurity, interview techniques, risk assessment and managing strong cross-functional relationships
• Ability to communicate complex security findings clearly and concisely to non-technical stakeholders (written and verbal)
• Track record of rapid response to time-sensitive security requests
• Comfort operating across organizational boundaries (Security, People, Legal, IT)
• Exceptional communication, collaboration skills and the ability to lead projects with little guidance
• Demonstrated ability to operate independently with minimal oversight while managing sensitive cases

Strong candidates may also have:

• Experience working in the technology industry or at/with AI/ML companies
• Experience with counterintelligence investigations and nation-state threat actor TTPs
• Background in open-source intelligence collection and analysis
• Track record of AI/LLM adoption for productivity gains in investigative work
• Experience contributing to a high growth startup environment
• Specialized knowledge of risks unique to the AI sector
• Experience with data exfiltration investigations across multiple vectors (email, cloud, removable media)
• Experience working in government, defense, or high-security environments

What makes you successful here:

• Entrepreneurial mindset: You see gaps and fill them without being asked
• Technical + human balance: Equal comfort analyzing log data and conducting sensitive interviews
• AI-native approach: You leverage LLMs to work smarter, not just harder
• Mission alignment: You understand AI safety stakes and insider risk's role in protecting that mission
• Judgment under uncertainty: You make sound decisions with incomplete information
• Clear communicator: You distill complex findings into actionable insights for diverse audiences
• Cross-functional navigator: You build relationships and collaborate effectively across teams

Annual compensation range for this role is $245,000-$305,000 USD.

XML job scraping automation by YubHub

Key responsibilities include:

• Contributing to define, collect, and analyze security KPIs and KRIs for the security organization.
• Developing and implementing a comprehensive detection and response strategy and roadmap aligned with Squarespace's overall business objectives and risk appetite.
• Overseeing the Security Operations Center (SOC) activities, including threat detection, monitoring, analysis, and proactive hunting.
• Owning the health and effectiveness of the SIEM and SOAR platforms, ensuring high-quality data ingestion, alert tuning, and automated response logic.
• Establishing and maintaining a robust incident response program, including defining incident playbooks, leading major incident investigations, and conducting post-incident reviews to drive continuous improvement.
• Designing and leading regular tabletop exercises to test the organization's readiness for various incident scenarios.
• Serving as the Incident Commander for major security events, coordinating with teams such as Legal, Communications, and HR to ensure clear internal communication and regulatory compliance.
• Identifying, evaluating, and implementing new security technologies and tools to enhance detection, prevention, and response capabilities.
• Driving continuous improvement of security operations processes through automation, tooling, and best practices.
• Staying abreast of emerging security threats, vulnerabilities, and industry trends and proactively advising leadership on necessary adjustments to strengthen Squarespace's security posture.
• Building, mentoring, and leading a high-performing team of security professionals, fostering a culture of continuous learning, collaboration, and accountability.
• Acting as a key liaison and trusted advisor to internal stakeholders on security-related matters.
• Managing relationships with external security vendors and partners, ensuring effective service delivery and technology adoption.

Requirements include:

• A bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
• 7+ years of experience in cybersecurity, with at least 2 years in a leadership or team-lead role.
• Deep expertise in Incident Response and Detection Engineering.
• Strong knowledge of cloud security operations, specifically within AWS or GCP environments.
• Hands-on experience managing and tuning SIEM and SOAR platforms.
• Experience automating security workflows and incident response playbooks to reduce manual effort.
• Familiarity with security frameworks such as MITRE ATT&CK and NIST.
• Excellent communication skills with the ability to lead technical teams during high-pressure incidents and explain complex threats to non-technical stakeholders.
• Knowledge of software development, design, and technical operations.

Benefits include:

• Health insurance with 100% covered premiums for you, your spouse or partner, and your dependent children.
• Life and income protection.
• Fertility and adoption benefits.
• Headspace mindfulness app subscription.
• Global Employee Assistance Program.
• Pension benefits with employer match.
• Flexible paid time off.
• 26 weeks paid maternity leave and 12 weeks paid paternity leave.
• 2 weeks paid family care leave.
• Education reimbursement.
• Employee donation match to community organizations.
• 7 Global Employee Resource Groups (ERGs).
• Free lunch and snacks.
• Close proximity to cultural landmarks such as Dublin Castle and St. Patrick's Cathedral.

XML job scraping automation by YubHub

Key responsibilities include:

• Performing hands-on vulnerability triage and risk assessment using team-defined standards and playbooks
• Tracking remediation progress with owner teams, escalating blockers, and ensuring clean issue closure
• Supporting automated triage workflows by validating outputs and improving signal quality
• Contributing to automated remediation campaigns (e.g., EOL cleanup, vulnerable software upgrades, and fix verification)
• Supporting zero-day and embargo response by helping inventory affected assets and tracking owner-team deployment status
• Participating in incident investigations by gathering technical evidence and supporting impact analysis
• Participating in on-call rotation for critical vulnerability events
• Maintaining high-quality documentation, runbooks, and operational updates

The ideal candidate will have 3+ years of relevant experience in vulnerability management, security operations, application security, or related security engineering. Key skills include a strong understanding of vulnerability assessment fundamentals, hands-on experience with vulnerability management platforms, proficiency in scripting/automation for workflow support, and familiarity with cloud security concepts.

In addition to a competitive salary, we offer a variety of benefits to support your needs, including medical, dental, and vision insurance, 100% paid for by CoreWeave, company-paid life insurance, and flexible PTO.

XML job scraping automation by YubHub

You'll evolve the technical foundation of our Trust program by automating security controls, building integrations between security tools and GRC platforms, and creating scalable processes that enable Brex to maintain compliance efficiently as we expand into new markets.

You'll work at the intersection of security, engineering, and compliance , translating regulatory requirements into technical solutions and building automation that eliminates manual toil.

You'll leverage your deep understanding of SOC 2, PCI DSS, ISO 27001, AI governance frameworks, and others to both design controls for emerging compliance requirements and mature existing programs through automation and continuous monitoring.

You’ll support Trust Assurance, Third Party Risk Management, and other Security Risk Management initiatives.

Working with our Engineering, Infrastructure, and Product teams, you'll translate compliance frameworks into technical controls and build automated systems that help us achieve world-class security as Brex expands.

Your contributions will directly accelerate Brex's maturity.

You'll design workflows using Tines, build integrations between security and GRC systems, and create dashboards for security metrics.

You'll implement controls across the technology stack, support multiple audits (SOC 2, PCI DSS, SOX/ITGC, FINRA, ISO), and contribute to AI governance framework implementation (ISO 42001, NIST AI RMF, EU AI Act).

You'll have autonomy to build innovative solutions, collaborating cross-functionally to implement controls that enable growth while communicating technical concepts effectively across the organization.

This role will be based in our San Francisco office. We are a hybrid environment that combines the energy and connections of being in the office with the benefits and flexibility of working from home.

Responsibilities:

Manage and scale IT infrastructure, services and tooling

Work with a diverse group of IT partners to optimize our provided services

Implement new services in support of Information Technologies vision

Scale our services by implementing configuration as code via Terraform providers or APIs

Operationalize and upskill IT and its partners by producing documentation and leading training sessions

Evangelize best practices both internally and externally facing

Requirements:

5+ years of experience in GRC, IT Governance, or Security Engineering with a strong track record of automating manual compliance workflows.

Deep experience with security frameworks such as SOC 2, PCI DSS, ISO 27001, and NIST CSF, specifically within cloud-native environments.

Technical proficiency in Python (or similar scripting languages) and experience building integrations using APIs to connect security tools with GRC systems.

Builder mindset with the ability to design and implement automated control testing, continuous monitoring, and data-driven security metrics.

Exceptional cross-functional collaboration and communication skills.

Strong systems thinking.

Bias for action.

Bonus points:

Previous experience in Fintech or banking environments navigating complex regulatory landscapes.

Hands-on experience with Tines or other SOAR platforms to automate security operations.

Familiarity with AI/ML governance frameworks (NIST AI RMF, ISO 42001) or securing agentic systems.

Deep knowledge of Cloud Security (AWS/GCP), infrastructure-as-code (Terraform), or DevSecOps practices.

Relevant industry certifications such as CISSP, CISA, or CCSP.

Experience building metrics dashboards for security visualization and reporting.

Active contributions to the GRC or Security community through open-source projects or public research.

Compensation: The expected salary range for this role is $153,600 - $192,000.

XML job scraping automation by YubHub

You will report to the Senior Manager in the OFCTO organization.

Key responsibilities include:

• Strategic Customer Engagement: Support strategic customer conversations aligning with technical and engineering leaders and stakeholders. Deliver on emerging trends, industry best practices, and identity-driven digital transformation. Assist in preparing executive-level messaging and participate in strategic discussions to align Okta's solutions with customer business outcomes.

• Technical Leadership: Provide strategic and technical guidance to Solutions Engineering teams across both the Okta and Auth0 identity platforms. Collaborate with the Global Office of Field CTO office team to deliver actionable insights from the field, validate customer needs, and identify recurring trends for the Okta Product & Engineering teams.

• Field Enablement and Collaboration: Contribute to frameworks, tools, and content to support Solutions Engineering teams in executing effectively. Partner with sales leadership to identify and address critical business opportunities and challenges. Drive cross-functional collaboration to ensure seamless execution of global initiatives.

• Market Influence: Represent Okta as a thought leader in the identity and security space. Influence industry standards and participate in relevant technical advisory boards.

• Innovation and Strategy: Partner closely with OFCTO teams as an advocate for customer-driven innovation, market trends, and GTM insights to provide input to influence product teams. Support, derive, and champion strategic initiatives that enhance Okta's differentiation and business impact.

Position Requirements:

• Identity & Directory Services Mastery: Deep Infrastructure Knowledge: Expert-level understanding of Active Directory (AD) and Azure AD (Entra ID) or similar, including Group Policy Objects (GPOs), Kerberos, and OIDC/SAML protocols.

• Multi-IdP Ecosystems: Proficiency in managing and securing diverse Identity Providers (IdPs) like Okta, Ping Identity, and Google Workspace.

• Hybrid Identity: Experience managing the complexities of identity synchronization between on-premises environments and the cloud.

• Device Identity & Access Management Mastery: Passwordless Expertise: Deep, hands-on knowledge of FIDO2/WebAuthn, Passkeys, and implementing passwordless authentication strategies using solutions like Okta FastPass.

• Endpoint & Device Context: Strong understanding of Desktop MFA, device registration, and leveraging device posture signals from MDM/UEM (e.g., Jamf, Intune, Workspace ONE) and EDR (e.g., CrowdStrike) platforms to enforce risk-based access policies.

• PKI & Certificate Management: Familiarity with certificate-based authentication and its role in establishing device trust.

• Identity Threat Detection & Response (ITDR): Threat Landscape Knowledge: A thorough understanding of modern identity attack vectors, including phishing, token theft, MFA bypass techniques, and lateral movement.

• Behavioral Analysis: Experience with User and Entity Behavior Analytics (UEBA) and the ability to interpret threat signals to detect and respond to suspicious activity.

• Security Ecosystem Integration: Proficiency in designing solutions that integrate identity platforms with SIEM (e.g., Splunk, Sentinel) and SOAR tools for automated threat response.

• Strong communication and presentation skills, with experience contributing to technical events.

Travel expectation: up to 40% for customer meetings, industry events, and internal off-sites.

This is a remote position.

XML job scraping automation by YubHub

Responsibilities:

• Respond to incidents as part of a distributed 24x7 operations and on-call schedule.
• Triage and respond to security events and alerts, ensuring quick and effective containment.
• Contribute to security investigations, conducting analysis and forensics across a range of data sources to determine the timeline and impact of security events.
• Build automations, including leveraging AI and agentic platforms, to deliver autonomous capabilities, expedite your work, and scale the impact of the team.
• Communicate technical decisions through design docs and tech talks, and mentor junior security responders via security guidance, design reviews, and code reviews.

What we look for:

• Bachelor's Degree AND 4+ years experience in Incident Response work OR Master's Degree AND 2+ years experience.
• Strong cloud security background in at least 1 of AWS, GCP, or Azure, and working knowledge of the others.
• Knowledge of AI/LLM and agentic capabilities, including effective prompting and use of MCP, agents, and agent skills.
• Broad security subject matter expertise.
• Expertise in few core IR skills (DFIR, Reverse Engineering, Traditional Network Security, Storage and access security, Sandboxing, Compute security, etc.).
• Experience with Enterprise Security and SaaS applications.
• Working knowledge of a SIEM and SOAR.
• Experience building Incident Response Tooling and scripting language skills.

XML job scraping automation by YubHub

Responsibilities:

• Build an AI-powered platform responsible for all aspects of detection and response capabilities, from detection development to incident response
• Design and implement scalable data pipelines for ingesting and processing security telemetry across our rapidly growing infrastructure
• Architect solutions for storing and efficiently querying large volumes of security-relevant data
• Create rapid prototypes and proof-of-concepts for new security tooling and analytics capabilities
• Work closely with security and infrastructure teams to understand requirements and deliver solutions
• Mentor engineers and contribute to hiring and growth of the Security team
• Participate in on-call rotations

You may be a good fit if you

• Have 7+ years of experience in software engineering with a focus on security, infrastructure, or data pipelines
• Have a track record of building and maintaining internal developer tools or security platforms
• Have a strong understanding of data processing pipelines and experience working with large-scale logging systems
• Have experience with test-driven software development or CI/CD (a plus for direct experience with detection-as-code workflows)
• Have experience with infrastructure-as-code (Terraform, CloudFormation)
• Have experience with query optimization for large datasets
• Have experience building stable and scalable services on cloud infrastructure and serverless architectures
• Can write maintainable and secure code in Python
• Have experience working with security teams and translating requirements into technical solutions
• Can lead technical projects with minimal guidance
• Have a track record of driving engineering excellence through high standards, constructive code reviews, and mentorship
• Can lead cross-functional security initiatives and navigate complex organizational dynamics
• Have strong communication skills with the ability to translate technical concepts effectively across all organizational levels
• Have demonstrated success in bringing clarity and ownership to ambiguous technical problems
• Have strong systems thinking with the ability to identify and mitigate risks in complex environments

Strong candidates may also have experience with

• Building security tooling from the ground up
• Implementing security monitoring solutions (SIEM, log aggregation, EDR)
• Detection engineering or security operations
• SOAR platform or automation development
• Data lake or database architecture
• API design and internal platform creation
• Applying ML/AI to security problems
• Scaling security operations in a high-growth environment

Logistics

• Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience
• Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience
• Minimum years of experience: Years of experience required will correlate with the internal job level requirements for the position
• Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.
• Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

XML job scraping automation by YubHub

At Cloudflare, we're on a mission to help build a better Internet. We protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code.

As a Senior Security AI Engineer, you will be the technical architect for our Agentic AI roadmap. Your mission is to move beyond simple automation scripts and build a fleet of 'AI Team Members',intelligent helper agents that execute complex security algorithms, process flows, and assessment logic.

Responsibilities

• Agent Architecture: Design and deploy multi-agent systems that follow complex security algorithms and assessment flows to automate manual SOC and Assurance tasks.

• Skill Engineering: Standardize agent capabilities by creating and maintaining skills.md files and specialized Markdown documentation that define agentic personas and execution boundaries.

• Workflow Training: Train and fine-tune LLMs to function as 'helper agents' capable of executing autonomous AI workflows as integral members of the Security Engineering team.

• Infrastructure as Agents: Utilize Cloudflare Workers, Vectorize, and AI Gateway to build serverless, low-latency agentic architectures for real-time traffic analysis and remediation.

• Autonomous Assessment: Build and scale the engine for autonomous vendor security reviews and M&A assessments, transforming qualitative data into quantitative risk insights.

Requirements

• Experience: 4+ years in Information Security or Software Engineering, with at least 1+ years focused on AI Engineering, Agentic AI, or Advanced Automation using Opencode

• AI Expertise: Deep understanding of LLM orchestration, prompt engineering, and building agentic loops (e.g., LangChain, AutoGen, or custom frameworks).

• Agent Development: Proven ability to create agents from structured definitions (skills.md) and automate tasks that follow strict process/algorithmic flows.

• Cloudflare Ecosystem: Expert knowledge of Cloudflare Workers, KV, Durable Objects, and R2. Experience with Cloudflare AI tools is a significant plus.

• Languages: Mastery of Windsurf, Opencode or Rust.

• Security Domain: Strong grasp of Cyber Security fundamentals, including SIEM/SOAR logic, UEBA, and risk assessment frameworks.

Preferred Qualifications

• Experience building custom Agentic AI solutions that have replaced enterprise-grade 3rd party security software.

• Background in M&A Security Due Diligence or Vendor Risk Management automation.

• Prior experience building edge-based security products or AI-driven log-push integrations.

• Certifications: CISSP or specialized AI/Machine Learning certifications.

XML job scraping automation by YubHub

This role combines technical depth, strategic thinking, and the autonomy to design workflows that will protect infrastructure driving the future of AI.

Key Responsibilities:

• Build and scale AI-powered triage workflows: evaluate tools (LLM integration, TINES orchestration), architect solutions, and deploy to production
• Drive intelligent, risk-based vulnerability prioritization while simultaneously training AI models,your assessments become the foundation for automation
• Influence automation priorities: recommend which areas of the vulnerability pipeline would most benefit from automation to improve team efficiency
• Design and implement automated detection-to-ticket pipelines: build workflows that generate vulnerability detections, test them, scale across the environment, and auto-create Jira tickets
• Execute remediation campaigns: build automated workflows for EOL product removal, vulnerable software upgrades, and OS migrations at scale
• Manage embargoed vendor disclosures from hardware partners, including embargo verification and zero-day response coordination
• Lead security incident investigations related to high-profile vulnerabilities, coordinating cross-functional response and impact assessment
• Participate in on-call rotation for rapid-response vulnerability analysis during active zero-day events or critical security incidents
• Partner with IT, Infrastructure, and Engineering teams to drive remediation efforts, enforce SLAs, and escalate blockers strategically
• Write daily operations reports documenting vulnerability trends, remediation velocity, and emerging threats for security leadership
• Drive process improvements and workflow automation to improve operational efficiency and reduce manual toil

Requirements:

• 7+ years of relevant experience with demonstrated impact in vulnerability management, application security, platform security, or cloud security engineering
• Bachelor’s or Master’s degree in Computer Science, Computer Engineering, Electrical Engineering, or equivalent practical experience
• Proven hands-on experience building security automation (SOAR workflows, detection pipelines, or vulnerability prioritization frameworks)
• Deep subject matter expertise with vulnerability management best practices: CVSS, EPSS, CISA KEV, exploit intelligence, and compensating controls
• Strong development background with proficiency in Python, Go, or similar languages for building production-grade security tools
• Experience with modern vulnerability management tooling such as Wiz, Semgrep, Rapid7, or similar platforms
• Demonstrated ability to partner with cross-functional teams (IT, SRE, Engineering) to drive remediation without formal authority
• Strong familiarity with common security vulnerabilities and the ability to judge their severity and business impact

Preferred Qualifications:

• Practical experience building AI/ML-powered security workflows (LLM integration, automated triage, human-in-the-loop validation)
• Experience managing hardware security vulnerabilities (GPU/DPU firmware, BMC/IPMI, specialized compute environments)
• Production experience with security automation platforms such as TINES, Splunk SOAR, or serverless frameworks (AWS Lambda)
• Strong DevOps, DevSecOps, or SRE background with experience in AWS/GCP/Azure cloud services and Infrastructure as Code (Terraform, CloudFormation)
• Deep understanding of container security and Kubernetes (image scanning, admission control, runtime protection, supply chain security)
• Experience supporting customer audits (SOC 2, ISO 27001, FedRAMP) with vulnerability evidence and control validation
• Experience integrating vulnerability management into modern CI/CD pipelines with a 'shift-left' mentality

What We Offer:

The base salary range for this role is $165,000 to $242,000. The starting salary will be determined based on job-related knowledge, skills, experience, and market location. We strive for both market alignment and internal equity when determining compensation. In addition to base salary, our total rewards package includes a discretionary bonus, equity awards, and a comprehensive benefits program (all based on eligibility).

The range we’ve posted represents the typical compensation range for this role. To determine actual compensation, we review the market rate for each candidate which can include a variety of factors. These include qualifications, experience, interview performance, and location.

XML job scraping automation by YubHub

About the role

We're seeking an exceptional engineer to join Anthropic's Detection Platform team to build and scale our next-generation security analytics infrastructure. In this role, you'll architect and implement data pipelines that process massive amounts of security telemetry, develop ML-powered detection systems, and create innovative solutions that leverage Claude to transform security operations.

Responsibilities:

• Build AI-powered platform responsible for all aspects of D&R capabilities from detection development to incident response
• Design and implement scalable data pipelines for ingesting and processing security telemetry across our rapidly growing infrastructure
• Architect solutions for storing and efficiently querying large volumes of security-relevant data
• Create rapid prototypes and proof-of-concepts for new security tooling and analytics capabilities
• Work closely with security and infrastructure teams to understand requirements and deliver solutions
• Mentor engineers and contribute to hiring and growth of the Security team
• Participate in on-call shifts

You may be a good fit if you:

• 7+ years of experience in software engineering with a focus on security, infrastructure and/or data pipelines
• Track record of building and maintaining internal developer tools or security platforms
• Strong understanding of data processing pipelines and experience working with large-scale logging systems

Strong candidates may also have experience with:

• Experience building security tooling from the ground up
• Background in implementing security monitoring solutions (SIEM, log aggregation, EDR)
• Background in detection engineering or security operations
• SOAR platform/automation development
• Data lake / Database architecture
• API design and internal platform creation
• Track record of applying ML/AI to security problems
• Experience scaling security operations in a high-growth environment

Logistics

• Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience
• Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience
• Minimum years of experience: Years of experience required will correlate with the internal job level requirements for the position
• Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.
• Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

How we're different

We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact , advancing our long-term goals of steerable, trustworthy AI , rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills.

Come work with us!

Anthropic is a public benefit corporation headquartered in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues.

XML job scraping automation by YubHub

In this role, you will have the opportunity to shape our security capabilities from the ground up alongside our world-class research and security teams. You will lead cybersecurity Incident Response efforts covering diverse domains from external attacks to insider threats involving all layers of Anthropic's technology stack.

Key responsibilities include:

• Developing and deploying novel tooling that may leverage Large Language Models to enhance detection, investigation, and response capabilities
• Creating and optimizing detections, playbooks, and workflows to quickly identify and respond to potential incidents
• Reviewing Incident Response metrics and procedures and driving continuous improvement
• Working cross-functionally with other security and engineering teams

Note: This position will require participation in an on-call rotation.

To be successful in this role, you will need:

• 3+ years of software engineering experience, with security experience a plus
• 5+ years of detection engineering, incident response, or threat hunting experience
• A solid understanding of cloud environments and operations
• Experience working with engineering teams in a SaaS environment
• Exceptional communication and collaboration skills
• An ability to lead projects with little guidance
• The ability to pick up new languages and technologies quickly
• Experience handling security incidents and investigating anomalies as part of a team
• Knowledge of EDR, SIEM, SOAR, or related security tools

Strong candidates may also have experience with:

• Performing security operations or investigations involving large-scale Kubernetes environments
• A high level of proficiency in Python and query languages such as SQL
• Analyzing attack behavior and prototyping high-quality detections
• Threat intelligence, malware analysis, infrastructure as code, detection engineering, or forensics
• Contributing to a high-growth startup environment

If you're interested in this role, please submit an application, even if you don't believe you meet every single qualification. We encourage diversity and inclusion in our hiring process.

XML job scraping automation by YubHub

XML job scraping automation by YubHub

The Insider Risk Team works cross-functionally to deter, identify, investigate and mitigate risks to Anthropic's most critical assets,our people, our data, and our infrastructure.

Responsibilities:

• Triage custom technical detection alerts
• Independently conduct end-to-end insider risk investigations while working closely with IT, Detection and Response, Legal, HR and other cross-functional teams
• Monitor and triage external threats targeting employees
• Conduct sensitive interviews of employees or other involved parties
• Perform technical analysis of logs from SIEM, DLP, UEBA systems
• Leverage AI tools (Claude, Claude Code) to accelerate investigation workflows and data analysis
• Build and maintain investigation documentation
• Assist in iterating and improving on processes, procedures and systems to detect, mitigate and investigate insider risks
• Work cross-functionally to develop, refine and operationalize insider risk indicators, scenarios and mitigation strategies
• Provide rapid-turnaround security assessments to support business operations
• Support education and awareness programs to promote a robust security culture
• Serve as the subject matter expert for insider risk and provide training to team members as needed

You may be a good fit if you have:

• Bachelor's degree and/or higher education in a related field
• 5-8 years of experience in insider risk, corporate investigations or a related domain
• 3-5 years experience in conducting investigative interviews
• Experience conducting OSINT for threat assessment, or counterintelligence
• Experience leveraging DLP, UEBA, SIEM, SOAR and other insider risk security tooling for detections and investigations
• Broad understanding of internal and external investigations, cybersecurity, interview techniques, risk assessment and managing strong cross-functional relationships
• Ability to communicate complex security findings clearly and concisely to non-technical stakeholders (written and verbal)
• Track record of rapid response to time-sensitive security requests
• Comfort operating across organizational boundaries (Security, People, Legal, IT)
• Exceptional communication, collaboration skills and the ability to lead projects with little guidance
• Demonstrated ability to operate independently with minimal oversight while managing sensitive cases

Strong candidates may also have:

• Experience working in the technology industry or at/with AI/ML companies
• Experience with counterintelligence investigations and nation-state threat actor TTPs
• Background in open-source intelligence collection and analysis
• Track record of AI/LLM adoption for productivity gains in investigative work
• Experience contributing to a high growth startup environment
• Specialized knowledge of risks unique to the AI sector
• Experience with data exfiltration investigations across multiple vectors (email, cloud, removable media)
• Experience working in government, defense, or high-security environments

What makes you successful here:

• Entrepreneurial mindset: You see gaps and fill them without being asked
• Technical + human balance: Equal comfort analyzing log data and conducting sensitive interviews
• AI-native approach: You leverage LLMs to work smarter, not just harder
• Mission alignment: You understand AI safety stakes and insider risk's role in protecting that mission
• Judgment under uncertainty: You make sound decisions with incomplete information
• Clear communicator: You distill complex findings into actionable insights for diverse audiences
• Cross-functional navigator: You build relationships and collaborate effectively across teams

Annual compensation range for this role is $245,000-$305,000 USD.

XML job scraping automation by YubHub

Key responsibilities include:

• Leading and growing the team: Manage the SOC team, shape the roadmap, delegate effectively, and mentor engineers.

• Driving operations: Define vulnerability management processes and coordinate stakeholders for timely remediation. Design, implement, and operate SIEM/SOAR infrastructure (ingestion, normalization, correlation, alerting, playbooks). Specify logging requirements across our main stacks and centralize telemetry in the SIEM. Develop and tune correlation rules and detections; manage CTI intake and operationalize intel. Run continuous improvement to reduce false positives and raise signal quality. Establish crisp procedures for alert triage, escalation, and incident handling & investigation. Lead incident communications with stakeholders and ensure thorough documentation.

• Engineering and enablement: Contribute to security tooling, automation, and integrations that speed up detection/response. Produce guidance and documentation for product/infra teams; contribute to compliance in the SOC perimeter.

• Exercises and assurance: Coordinate red/blue exercises, post-mortems, and targeted audits to validate coverage and resilience.

The ideal candidate will have 8+ years of experience leading SOC/CSIRT functions, with proven leadership. Hands-on experience with SIEM (e.g., Elastic Security, Sekoia, Splunk) and SOAR platforms is required. Strong experience in vulnerability management (e.g., DefectDojo, Dependency-Track) and remediation workflows is also necessary. Solid grasp of the cyber kill chain / attack lifecycle, detection engineering, and log source coverage is essential. Excellent problem-solving and communication skills are required, as well as the ability to operate in a fast-paced startup environment.

XML job scraping automation by YubHub

As a seasoned cybersecurity professional, you will architect and implement scalable, resilient automation frameworks that seamlessly integrate SIEM, SOAR, EDR/XDR, cloud security, identity, vulnerability management, and threat intelligence platforms.

You will design and deploy AI/LLM-enabled workflows to enhance alert triage, enrichment, investigation summarization, decision support, and response actions.

You will collaborate closely with internal stakeholders and external teams to align security outcomes with business priorities.

You will foster a culture of engineering excellence and continuous improvement within SecOps.

Key responsibilities include:

• Owning and defining the end-to-end automation and orchestration strategy for Security Operations
• Architecting and implementing scalable, resilient automation frameworks
• Designing and deploying AI/LLM-enabled workflows
• Collaborating with internal stakeholders and external teams
• Fostering a culture of engineering excellence and continuous improvement

Requirements include:

• 10+ years of experience in cybersecurity
• Expertise in designing and deploying large-scale security automation and orchestration in enterprise environments
• Hands-on experience with SOAR platforms, SIEMs, EDR/XDR, and security telemetry pipelines
• Proven ability to apply AI/ML, including LLM-based agentic technologies, to security workflows
• Advanced scripting and automation skills
• Strong data analytics skills
• Solid systems architecture skills
• Excellent written and verbal communication skills

As a member of the Synopsys Cybersecurity team, you will work alongside experts in SOC, IR, Threat Intelligence, Detection Engineering, and more, collaborating to build resilient, scalable, and innovative security solutions.

Synopsys offers a comprehensive range of health, wellness, and financial benefits to cater to your needs. Our total rewards include both monetary and non-monetary offerings.

XML job scraping automation by YubHub

We are looking for a SOC (Security Operations Center) Team Lead to build and lead our SOC function end-to-end. You will own vulnerability management, alerting and detection engineering, incident response, and the security tooling/infrastructure that enable these missions. You’ll define processes, collaborate closely with Product, Infra and IT, and continuously improve detection quality and response time.

Key responsibilities

• Lead & grow the team: Manage the SOC team, shape the roadmap, delegate effectively, and mentor engineers.

• Drive operations: - Define vulnerability management processes and coordinate stakeholders for timely remediation. - Design, implement, and operate SIEM/SOAR infrastructure (ingestion, normalization, correlation, alerting, playbooks). - Specify logging requirements across our main stacks and centralize telemetry in the SIEM. - Develop and tune correlation rules and detections; manage CTI intake and operationalize intel. - Run continuous improvement to reduce false positives and raise signal quality. - Establish crisp procedures for alert triage, escalation, and incident handling & investigation. - Lead incident communications with stakeholders and ensure thorough documentation.

• Engineering & enablement: - Contribute to security tooling, automation, and integrations that speed up detection/response. - Produce guidance and documentation for product/infra teams; contribute to compliance in the SOC perimeter.

• Exercises & assurance: - Coordinate red/blue exercises, post-mortems, and targeted audits to validate coverage and resilience.

Requirements

• 8+ years of experience leading SOC/CSIRT functions, with proven leadership.

• Hands-on with SIEM (e.g., Elastic Security, Sekoia, Splunk) and SOAR platforms.

• Strong experience in vulnerability management (e.g., DefectDojo, Dependency-Track) and remediation workflows.

• Solid grasp of the cyber kill chain / attack lifecycle, detection engineering, and log source coverage.

• Excellent problem-solving and communication skills; able to operate in a fast-paced startup environment.

• Builder mindset: pragmatic, automation-oriented, comfortable with ambiguity and ownership.

Nice to have

• Bring scripting/automation skills (e.g., Python, Bash) for data pipelines/playbooks.

• Know modern infra/app stacks (Linux, containers, Kubernetes, cloud), EDR/IDS/IPS.

• Have exposure to compliance frameworks (ISO 27001, SOC 2) and security audits/pen-tests.

• Have run purple team exercises and measurable detection-coverage programs.

• Are comfortable partnering with Product/Platform teams and influencing roadmaps.

XML job scraping automation by YubHub

At Anthropic, we are pioneering new frontiers in AI that have the potential to greatly benefit society. However, developing advanced AI also comes with risks if not properly safeguarded. That's why we are seeking an exceptional Detection and Response engineer that will be on the frontlines to build solutions to monitor for threats, rapidly investigate incidents, and coordinate response efforts with other teams. In this role, you will have the opportunity to shape our security capabilities from the ground up alongside our world-class research and security teams.

Responsibilities:

• Lead cybersecurity Incident Response efforts covering diverse domains from external attacks to insider threats involving all layers of Anthropic’s technology stack
• Develop and deploy novel tooling that may leverage Large Language Models to enhance detection, investigation, and response capabilities
• Create and optimise detections, playbooks, and workflows to quickly identify and respond to potential incidents
• Review Incident Response metrics and procedures and drive continuous improvement
• Work cross functionally with other security and engineering teams

You may be a good fit if you:

• 3+ years of software engineering experience, with security experience a plus and/or
• 5+ years of detection engineering, incident response, or threat hunting experience
• A solid understanding of cloud environments and operations
• Experience working with engineering teams in a SaaS environment
• Exceptional communication and collaboration skills
• An ability to lead projects with little guidance
• The ability to pick up new languages and technologies quickly
• Experience handling security incidents and investigating anomalies as part of a team
• Knowledge of EDR, SIEM, SOAR, or related security tools

Strong candidates may also have experience with:

• Experience performing security operations or investigations involving large-scale Kubernetes environments
• A high level of proficiency in Python and query languages such as SQL
• Experience analysing attack behaviour and prototyping high-quality detections
• Experience with threat intelligence, malware analysis, infrastructure as code, detection engineering, or forensics
• Experience contributing to a high growth startup environment

Deadline to apply:

None. Applications will be reviewed on a rolling basis.

Logistics

• Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience.
• Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.
• Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work.

Your safety matters to us. To protect yourself from potential scams, remember that Anthropic recruiters only contact you from @anthropic.com email addresses. In some cases, we may partner with vetted recruiting agencies who will identify themselves as working on behalf of Anthropic. Be cautious of emails from other domains. Legitimate Anthropic recruiters will never ask for money, fees, or banking information before your first day. If you're ever unsure about a communication, don't click any links—visit anthropic.com/careers directly for confirmed position openings.

How we're different

We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact — advancing our long-term goals of steerable, trustworthy AI — rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills.

XML job scraping automation by YubHub

We're seeking an exceptional engineer to join Anthropic's Detection Platform team to build and scale our next-generation security analytics infrastructure. In this role, you'll architect and implement data pipelines that process massive amounts of security telemetry, develop ML-powered detection systems, and create innovative solutions that leverage Claude to transform security operations.

Responsibilities:

• Build AI-powered platform responsible for all aspects of D&R capabilities from detection development to incident response
• Design and implement scalable data pipelines for ingesting and processing security telemetry across our rapidly growing infrastructure
• Architect solutions for storing and efficiently querying large volumes of security-relevant data
• Create rapid prototypes and proof-of-concepts for new security tooling and analytics capabilities
• Work closely with security and infrastructure teams to understand requirements and deliver solutions
• Mentor engineers and contribute to hiring and growth of the Security team
• Participate in on-call shifts

You may be a good fit if you:

• 7+ years of experience in software engineering with a focus on security, infrastructure and/or data pipelines
• Track record of building and maintaining internal developer tools or security platforms
• Strong understanding of data processing pipelines and experience working with large-scale logging systems

Strong candidates may also have experience with:

• Experience building security tooling from the ground up
• Background in implementing security monitoring solutions (SIEM, log aggregation, EDR)
• Background in detection engineering or security operations

Logistics

• Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience.
• Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.
• Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

XML job scraping automation by YubHub

We're seeking an exceptional engineer to join Anthropic's Detection Platform team to build and scale our next-generation security analytics infrastructure. In this role, you'll architect and implement data pipelines that process massive amounts of security telemetry, develop ML-powered detection systems, and create innovative solutions that leverage Claude to transform security operations.

Responsibilities

• Build an AI-powered platform responsible for all aspects of detection and response capabilities, from detection development to incident response
• Design and implement scalable data pipelines for ingesting and processing security telemetry across our rapidly growing infrastructure
• Architect solutions for storing and efficiently querying large volumes of security-relevant data
• Create rapid prototypes and proof-of-concepts for new security tooling and analytics capabilities
• Work closely with security and infrastructure teams to understand requirements and deliver solutions
• Mentor engineers and contribute to hiring and growth of the Security team
• Participate in on-call rotations

You may be a good fit if you

• 7+ years of experience in software engineering with a focus on security, infrastructure, or data pipelines
• Track record of building and maintaining internal developer tools or security platforms
• Strong understanding of data processing pipelines and experience working with large-scale logging systems
• Experience with test-driven software development or CI/CD (a plus for direct experience with detection-as-code workflows)
• Experience with infrastructure-as-code (Terraform, CloudFormation)
• Experience with query optimization for large datasets
• Experience building stable and scalable services on cloud infrastructure and serverless architectures
• Ability to write maintainable and secure code in Python
• Experience working with security teams and translating requirements into technical solutions
• Ability to lead technical projects with minimal guidance
• Track record of driving engineering excellence through high standards, constructive code reviews, and mentorship
• Ability to lead cross-functional security initiatives and navigate complex organizational dynamics
• Strong communication skills with the ability to translate technical concepts effectively across all organizational levels
• Demonstrated success in bringing clarity and ownership to ambiguous technical problems
• Strong systems thinking with ability to identify and mitigate risks in complex environments

Strong candidates may also have experience with

• Experience building security tooling from the ground up
• Background in implementing security monitoring solutions (SIEM, log aggregation, EDR)
• Background in detection engineering or security operations
• Experience with SOAR platform or automation development
• Experience with data lake or database architecture
• Experience with API design and internal platform creation
• Track record of applying ML/AI to security problems
• Experience scaling security operations in a high-growth environment

Logistics

Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work.

Your safety matters to us. To protect yourself from potential scams, remember that Anthropic recruiters only contact you from @anthropic.com email addresses. In some cases, we may partner with vetted recruiting agencies who will identify themselves as working on behalf of Anthropic. Be cautious of emails from other domains. Legitimate Anthropic recruiters will never ask for money, fees, or banking information before your first day. If you're ever unsure about a communication, don't click any links—visit anthropic.com/careers directly for confirmed position openings.

How we're different

We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact — advancing our long-term goals of steerable, trustworthy AI — rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions.

XML job scraping automation by YubHub

About the Team

Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity.

The Security team protects OpenAI’s technology, people, and products. We are technical in what we build but are operational in how we do our work, and are committed to supporting all products and research at OpenAI. Our Security team tenets include: prioritizing for impact, enabling researchers, preparing for future transformative technologies, and engaging a robust security culture.

About the Role

We are seeking a senior Global Security Investigator with a technical background to lead complex, long-running security investigations involving a full spectrum of threats – whether originating from internal employees, external threat actors, or supply chain partners. This role is about seeing the full chessboard and independently driving complex, multi-month cases across cyber, physical, and human domains.

In this role you will:

• Independently conduct comprehensive security investigations from initial detection to resolution, including cases involving insiders, external actors, and supply chain and third-party risks.

• Lead proactive, data-driven threat-hunting efforts that weave together disparate signals to surface undetected insider or external threats before they escalate into incidents.

• Perform comprehensive technical analysis of complex hardware, software, and supplier supply chains to identify, enumerate, and mitigate risks.

• Partner closely with cross-functional teams, including Human Resources, Legal, Security, and IT, and external stakeholders or law enforcement when necessary.

• Collaborate with technical counterparts to enhance detections, resolve telemetry gaps, and implement new capabilities to identify security issues involving cyber, physical, and human domains.

• Collect, preserve, and analyze evidence from a variety of sources, including log data, digital forensics, subject interviews, access records, threat intelligence, and open-source intelligence (OSINT), to support investigative findings.

• Continuously improve investigative procedures and security controls based on investigations and lessons learned.

You might thrive in this role if you have:

• Bachelor’s degree in Criminal Justice, Cybersecurity, or a related field (or equivalent experience) and 8+ years of investigative experience in counterintelligence, insider risk, forensic investigations, cybersecurity, supply chain security, or related domains.

• Unimpeachable integrity, sound judgment, and the ability to handle confidential matters with discretion.

• An active US security clearance, or willingness and eligibility to obtain one.

• Deep specialization in geopolitical threat domains, with hands-on experience identifying, assessing, and mitigating adversarial risks through tailored countermeasures.

• Expert knowledge of common security tooling, including EDR, DLP, UEBA, SIEM, SOAR and other related platforms.

• Demonstrated ability to independently write complex queries, automate data workflows, and analyze structured datasets.

• Excellent written and verbal communication skills, including the ability to distill complex findings into clear, actionable reports and explain technical issues to non-technical stakeholders.

• Exceptional collaboration skills with the ability to work across diverse teams (HR, Legal, IT, etc.) to lead projects and investigations with minimal guidance.

Compensation

• San Francisco, Seattle or New York: $288K – $500K • Offers Equity

• Zone B: $230.4K – $500K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus for eligible employees and benefits.

Benefits

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick and safe time (1 hour per 30 hours worked)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

More details about our benefits are available to candidates during the hiring process.

XML job scraping automation by YubHub

What you'll do

You will be responsible for the strategic development and operational management of SOC and CDC projects with a focus on SIEM, XDR, SOAR, and vulnerability management solutions. This includes responsibility for architecture, transition, and optimization of detection and response platforms (e.g. SIEM modernization, XDR introduction, tool rollouts, detection engineering).

• Strategische Weiterentwicklung und operative Steuerung von SOC- und CDC-Projekten mit Fokus auf SIEM-, XDR-, SOAR- und Vulnerability-Management-Lösungen
• Verantwortung für Architektur, Transition und Optimierung von Detection- und Response-Plattformen (z. B. SIEM-Modernisierung, XDR-Einführung, Tool-Rollouts, Detection Engineering)

What you need

To be successful in this role, you will need the following skills:

• Abgeschlossenes Studium im MINT-Bereich oder vergleichbare Qualifikation sowie mindestens 5–7 Jahre Berufserfahrung in der Cyber Security mit Schwerpunkt SOC, SIEM, XDR oder Detection Engineering
• Leidenschaft für Security-Architekturen, Incident Response, Detection Use Cases und idealerweise Vulnerability Management
• Expertise im Unternehmerischen Denken sowie Erfahrung in Projektleitung, Presales oder Business Development im Beratungsumfeld und idealer Weise Erfahrung mit Microsoft Sentinel, Microsoft Defender, Crowdstrike oder PaloAlto Cortex SOAR

XML job scraping automation by YubHub

What you'll do

You will work closely with Security Operations (SOC) to produce meaningful alerts that mitigate risk, and with Security Engineering to evolve the automation platforms and integrations that enable scalable content delivery, enrichment, correlation, and noise reduction across EA's security tooling.

• Responsibility 1: Design, build and continuously improve EA's detection and response capabilities across our global environment.
• Responsibility 2: Work closely with Security Operations (SOC) to produce meaningful alerts that mitigate risk.

What you need

• Demonstrated experience in security detection engineering in an enterprise environment.
• Proficiency in automation development (Python preferred) and building/consuming APIs (REST, auth patterns, secrets handling).

Why this matters

This role owns the end-to-end detection lifecycle-from threat-informed use case design through validation, tuning, and operational handoff, while also developing automation that reduces engineering toil and increases speed and consistency in mitigating risks as they are discovered.

XML job scraping automation by YubHub