Anduril Industries is a defence technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the expertise, technology and business model of the 21st century's most innovative companies to the defence industry, Anduril is changing how military systems are designed, built and sold.
\nThe company's family of systems is powered by Lattice OS, an AI-powered operating system that turns thousands of data streams into a real-time, 3D command and control centre.
\nAs the world enters an era of strategic competition, Anduril is committed to bringing cutting-edge autonomy, AI, computer vision, sensor fusion and networking technology to the military in months, not years.
\nWe are seeking a mission-driven Cloud Infrastructure Engineer to take a leading role in designing and implementing world-class defensive controls. This is a high-impact role with the autonomy to shape security architecture and protect the technology that is changing the future of defence.
\nKey Responsibilities:
\nRequirements:
\nPreferred Qualifications:
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_b5ce114e-dac","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Anduril Industries","sameAs":"https://www.anduril.com/","logo":"https://logos.yubhub.co/anduril.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/andurilindustries/jobs/5087348007","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$129,000-$193,000 USD","x-skills-required":["Cloud Security","DevOps","SRE","Infrastructure as Code","Terraform","CloudFormation","Bicep","Python","Go","Rust","Public Cloud Networking","VPCs","Subnets","Routing","Security Groups"],"x-skills-preferred":["Kubernetes","Cloud Security Posture Management","Threat Detection Tooling","CI/CD Pipelines","Software Supply Chain Security","Compliance Frameworks","FedRAMP","MRL","SOC 2","CMMC","On-Premises Network Engineering"],"datePosted":"2026-04-18T15:49:59.253Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Costa Mesa, California, United States"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Cloud Security, DevOps, SRE, Infrastructure as Code, Terraform, CloudFormation, Bicep, Python, Go, Rust, Public Cloud Networking, VPCs, Subnets, Routing, Security Groups, Kubernetes, Cloud Security Posture Management, Threat Detection Tooling, CI/CD Pipelines, Software Supply Chain Security, Compliance Frameworks, FedRAMP, MRL, SOC 2, CMMC, On-Premises Network Engineering","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":129000,"maxValue":193000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_5003c49e-cf6"},"title":"Engineering Manager, SSCS: Supply Chain","description":"As an Engineering Manager, you'll guide GitLab's dedicated Software Supply Chain Security (SSCS) Add-On engineering team as it develops core capabilities including Dependency Firewall, Build Provenance, Malicious Packages detection, and Artifact Signing.
\nThis is a founding management role where you'll help shape how the team works, partner closely with the Staff Backend Engineer, Product Manager, and SSCS stage management, and turn a defined roadmap into steady, high-quality delivery for enterprise customers with strict security and compliance needs.
\nYou'll focus on developing the team, creating a healthy operating rhythm, and establishing predictable execution for the SSCS SKU.
\nYou'll join a product area where customers in regulated industries are already validating the need, and your work will help GitLab deliver software supply chain security features that customers can rely on.
\nWhile technical credibility matters, your main focus will be growing a strong backend engineering team, enabling team members in their development, and creating the conditions for long-term delivery and quality.
\nResponsibilities:
\nRequirements:
\nAbout the team: The SSCS Add-On team is a product engineering team within GitLab's Software Supply Chain Security stage. We work on key capabilities in the SSCS Add-On SKU and collaborate closely with product and engineering partners to deliver security features for customers operating in regulated environments.
\nYou'll report to the SSCS Senior Engineering Manager and partner directly with the Staff Backend Engineer and Product Manager.
\nAs a distributed team working asynchronously across regions, we are focused on strong delivery practices, team health, and scaling the product area with clarity and accountability.
\nFor more on how related teams work, see Team Handbook Page.
\nHow GitLab Supports Full-Time Employees:
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_5003c49e-cf6","directApply":true,"hiringOrganization":{"@type":"Organization","name":"GitLab","sameAs":"https://about.gitlab.com/","logo":"https://logos.yubhub.co/about.gitlab.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/gitlab/jobs/8478405002","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["GitLab","Software Supply Chain Security","Dependency Firewall","Build Provenance","Malicious Packages detection","Artifact Signing","Backend engineering","Security","DevOps","Platform engineering","Package registries","CI/CD pipeline security","Signing infrastructure","Supply chain security","Artifact management","Compliance-focused product areas","Frameworks and ecosystems","SLSA","Sigstore"],"x-skills-preferred":[],"datePosted":"2026-04-18T15:49:15.915Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Remote, India"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"GitLab, Software Supply Chain Security, Dependency Firewall, Build Provenance, Malicious Packages detection, Artifact Signing, Backend engineering, Security, DevOps, Platform engineering, Package registries, CI/CD pipeline security, Signing infrastructure, Supply chain security, Artifact management, Compliance-focused product areas, Frameworks and ecosystems, SLSA, Sigstore"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_44ff0179-993"},"title":"Senior Backend Engineer (RoR), SSCS: Pipeline Security","description":"As a Senior Backend Engineer on the Pipeline Security team, you'll take technical ownership of GitLab's native Secrets Manager, a production system built on OpenBao that helps secure sensitive credentials across GitLab CI/CD pipelines.
\nYou'll work at the intersection of backend engineering and infrastructure, shaping architecture in Ruby on Rails and Go, guiding decisions around role-based access control (RBAC), GraphQL APIs, and Kubernetes deployment configuration.
\nIn your first year, you'll help move Secrets Manager toward general availability, establish technical patterns the team can build on, and represent the team's point of view in cross-functional discussions.
\nYou'll have end-to-end ownership, from design through production operations, with room to identify what should be built next and improve how the team delivers secure, reliable features.
\nResponsibilities
\nRequirements
\nAbout the Team
\nThe Pipeline Security team builds features that make GitLab CI pipelines more secure and trustworthy for teams running sensitive workloads. We own key parts of pipeline security within GitLab's CI/CD experience, with our current focus on native secrets management for CI pipelines and Supply-chain Levels for Software Artifacts (SLSA) Level 3 capabilities to strengthen software supply chain security.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_44ff0179-993","directApply":true,"hiringOrganization":{"@type":"Organization","name":"GitLab","sameAs":"https://about.gitlab.com/","logo":"https://logos.yubhub.co/about.gitlab.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/gitlab/jobs/8432221002","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$117,600-$252,000 USD","x-skills-required":["Ruby on Rails","Go","OpenBao","Role-Based Access Control (RBAC)","GraphQL APIs","Kubernetes deployment configuration","Helm charts","CI/CD concepts","Secrets management approaches","Security practices for handling credentials in CI environments"],"x-skills-preferred":["Container security","Software supply chain security"],"datePosted":"2026-04-18T15:45:33.847Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Remote, Canada; Remote, Ireland; Remote, Israel; Remote, Netherlands; Remote, United Kingdom; Remote, US"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Ruby on Rails, Go, OpenBao, Role-Based Access Control (RBAC), GraphQL APIs, Kubernetes deployment configuration, Helm charts, CI/CD concepts, Secrets management approaches, Security practices for handling credentials in CI environments, Container security, Software supply chain security","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":117600,"maxValue":252000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_a3a1df2f-184"},"title":"Principal Engineer, Software Supply Chain Security","description":"As the Principal Engineer, Software Supply Chain Security, you'll own the technical strategy that secures how software is built and delivered on GitLab's DevSecOps platform. You'll provide architectural leadership across multiple engineering teams.
\nYour work will shape GitLab's enterprise security posture in the rapidly growing software supply chain security market. You'll focus on SLSA Level 3 compliance, secrets management, CI/CD security hardening, and the foundations of GitLab's global zero trust architecture.
\nSome examples of our projects:
\nYou'll lead the end-to-end software supply chain security architecture for GitLab's CI/CD platform, including SLSA Level 3 implementation and CI infrastructure hardening. You'll drive cross-team technical strategy and decisions across our Software Supply Chain Security (SSCS) stage teams, aligning engineering work to SSCS strategic plans.
\nYou'll collaborate with infrastructure and CI/CD teams to design and land long-term initiatives for secure, scalable runner architecture, container isolation, and pipeline security at scale. You'll propose and validate technical implementations that support architectural changes to improve CI/CD scaling and performance on critical paths.
\nYou'll teach, mentor, and coach Staff Engineers and individual contributors, raising the bar on supply chain threat modeling, secrets management, artifact signing, and SBOM lifecycle practices.
\nYou'll partner with Engineering Managers and senior leadership to define roadmaps, break down complex initiatives, and enable Staff Engineers to lead sub-department-wide efforts.
\nYou'll engage with customers and external stakeholders as a technical consultant and spokesperson for GitLab's software supply chain security capabilities and roadmap.
\nYou'll collaborate with product, security, and compliance stakeholders to ensure features meet enterprise security, governance, and regulatory expectations in the software supply chain security market.
\nKey responsibilities include:
\nKey requirements include:
\nPreferred qualifications include:
\nOur Software Supply Chain Security stage engineering teams are responsible for authentication and access within GitLab. We also build features that help customers manage vulnerabilities, dependencies, security policies, and compliance frameworks across their organizations.
\nThe base salary range for this role's listed level is currently for residents of the United States only. This range is intended to reflect the role's base salary rate in locations throughout the US. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, alignment with market data, and geographic location. The base salary range does not include any bonuses, equity, or benefits.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_a3a1df2f-184","directApply":true,"hiringOrganization":{"@type":"Organization","name":"GitLab","sameAs":"https://about.gitlab.com/","logo":"https://logos.yubhub.co/about.gitlab.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/gitlab/jobs/8373553002","x-work-arrangement":"remote","x-experience-level":"staff","x-job-type":"full-time","x-salary-range":"$157,900-$338,400 USD","x-skills-required":["software supply chain security","threat modeling","SLSA implementation","attestation systems","SBOM generation","lifecycle management","artifact signing","verification","Sigstore ecosystem","Cosign","Fulcio","Rekor","in-toto attestations","CI/CD security","runner isolation","pipeline security controls","secrets management","distributed systems","infrastructure","container security","Kubernetes security","admission controllers","policy controllers","workload isolation","registry hardening","Go","Rust","CI/CD workflows","DevSecOps best practices"],"x-skills-preferred":["background in distributed systems and infrastructure","practical experience with container security and Kubernetes security","proficiency in Go or Rust in a production environment","expert-level understanding of CI/CD workflows and DevSecOps best practices","experience operating as a Principal or Staff Engineer across multiple development teams"],"datePosted":"2026-04-18T15:45:22.426Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Remote, Canada; Remote, Israel; Remote, Netherlands; Remote, United Kingdom; Remote, US"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"software supply chain security, threat modeling, SLSA implementation, attestation systems, SBOM generation, lifecycle management, artifact signing, verification, Sigstore ecosystem, Cosign, Fulcio, Rekor, in-toto attestations, CI/CD security, runner isolation, pipeline security controls, secrets management, distributed systems, infrastructure, container security, Kubernetes security, admission controllers, policy controllers, workload isolation, registry hardening, Go, Rust, CI/CD workflows, DevSecOps best practices, background in distributed systems and infrastructure, practical experience with container security and Kubernetes security, proficiency in Go or Rust in a production environment, expert-level understanding of CI/CD workflows and DevSecOps best practices, experience operating as a Principal or Staff Engineer across multiple development teams","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":157900,"maxValue":338400,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_8fc80897-0ec"},"title":"Intermediate Backend Engineer, SSCS: Supply Chain","description":"As an Intermediate Backend Engineer on the SSCS Add-On team at GitLab, you'll help build a dedicated software supply chain security feature for regulated enterprise organisations.
\nIn this role, you'll contribute to capabilities that help customers control software dependencies, verify artifact integrity, and identify malicious packages before they reach production.
\nYour work will sit at the intersection of backend engineering, product integration, and security-focused development.
\nYou'll build in Ruby on Rails, work alongside Go services as needed, and help connect Add-On functionality with GitLab's existing security scanning experience so findings are surfaced consistently for users.
\nBecause the team is small, you'll have meaningful influence on implementation details, team practices, and the product experience.
\nThis role is part of GitLab's all-remote, async-first, values-driven environment, where clear written communication and thoughtful coordination across time zones are essential.
\nResponsibilities
\nRequirements
\nAbout the Team
\nThe SSCS Add-On team is part of GitLab's Software Supply Chain Security stage and is focused on building a commercial offering that addresses real supply chain security challenges for enterprise customers.
\nThe team works on capabilities that combine multiple parts of the GitLab product into a more complete security solution for organisations with strong compliance and risk management needs.
\nThe work is both technically interesting and strategically important.
\nThe team is building in a space shaped by fast-moving threats, evolving customer requirements, and close coordination with nearby teams across the broader security area.
\nThat combination creates an environment where engineers can contribute to product direction while solving practical backend challenges in a visible part of GitLab's platform.
\nFor more on how related teams work, see Team Handbook Page.
\nHow GitLab Supports Full-Time Employees
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_8fc80897-0ec","directApply":true,"hiringOrganization":{"@type":"Organization","name":"GitLab","sameAs":"https://about.gitlab.com/","logo":"https://logos.yubhub.co/about.gitlab.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/gitlab/jobs/8480565002","x-work-arrangement":"remote","x-experience-level":"mid","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Ruby on Rails","Golang","PostgreSQL","RSpec","testing discipline"],"x-skills-preferred":["package ecosystems","software supply chain security","dependency management","DevSecOps","security-adjacent product development"],"datePosted":"2026-04-18T15:43:56.533Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Remote, India"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Ruby on Rails, Golang, PostgreSQL, RSpec, testing discipline, package ecosystems, software supply chain security, dependency management, DevSecOps, security-adjacent product development"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_cbaf9906-291"},"title":"Platform Hardware Security","description":"We're seeking a Platform Hardware Security Engineer to design and implement security architectures for bare-metal infrastructure. You'll work with teams across Anthropic to build firmware, bootloaders, operating systems, and attestation systems to ensure the integrity of our infrastructure from the ground up.
\nThis role requires expertise in low-level systems security and the ability to architect solutions that balance security requirements with the performance demands of training AI models across our massive fleet.
\nResponsibilities:
\nWho you are:
\nStrong candidates may also have:
\nAnnual Salary: $405,000-$485,000 USD
\nLogistics:
\nWhy work with us?
\nGuidance on Candidates' AI Usage: Learn about our policy for using AI in our application process
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_cbaf9906-291","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Anthropic","sameAs":"https://www.anthropic.com/","logo":"https://logos.yubhub.co/anthropic.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/anthropic/jobs/4929689008","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$405,000-$485,000 USD","x-skills-required":["Secure boot","Measured boot","Attestation technologies","Cryptographic protocols","Hardware security modules","UEFI/BIOS or embedded firmware security","Bootloader hardening","Chain of trust implementation","Low-level programming","Systems programming","Firmware vulnerability assessment","Threat modeling","Supply chain security","NIST firmware security guidelines","Hardware security frameworks"],"x-skills-preferred":["Confidential computing technologies","Hardware-based TEEs","SLSA framework","Software supply chain security standards","Large-scale HPC or cloud infrastructure","Open-source security projects","Formal verification","Security proof techniques","Silicon root of trust implementations","Vendor collaboration","AI/ML infrastructure security"],"datePosted":"2026-04-18T15:43:00.394Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"New York City, NY | Seattle, WA; San Francisco, CA | New York City, NY | Seattle, WA; Washington, DC"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Secure boot, Measured boot, Attestation technologies, Cryptographic protocols, Hardware security modules, UEFI/BIOS or embedded firmware security, Bootloader hardening, Chain of trust implementation, Low-level programming, Systems programming, Firmware vulnerability assessment, Threat modeling, Supply chain security, NIST firmware security guidelines, Hardware security frameworks, Confidential computing technologies, Hardware-based TEEs, SLSA framework, Software supply chain security standards, Large-scale HPC or cloud infrastructure, Open-source security projects, Formal verification, Security proof techniques, Silicon root of trust implementations, Vendor collaboration, AI/ML infrastructure security","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":405000,"maxValue":485000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_05b1c668-59d"},"title":"Director, Product Security Architecture","description":"We are seeking a Director, Product Security Architecture to lead our Security Architecture function within the Security Platforms & Architecture (SPA) sub-department and to serve as a strategic security partner to key product and engineering leadership groups across GitLab.\\n\\nIn this role, you will manage and grow a team of Product Security Architects and our closely-aligned risk and metrics engineer who are each dedicated to major product areas of Security, AI, and Core DevOps. Your team will focus on turning product security risks, requirements, and insights into clear architectural guidance, "paved roads," and multi-quarter risk reduction programs that align with how Product and Engineering actually plan and deliver.\\n\\nYou will operate in an environment where feature delivery and platform capabilities are accelerating, architectures and technologies are evolving, and teams are continually balancing ambitious product goals with a strong security posture. In this context, you will help Product Security:\\n\\n- Maximize risk reduction by identifying strategic opportunities that fit naturally into existing R&D work\\n- Ensure that material product security risks and tradeoffs are surfaced, acknowledged, and decided at the right leadership levels\\n- Lead SPA/AppSec scaling strategies that increase coverage and support non-linear developer gains, with a clear focus on enabling developer velocity with minimal friction\\n\\nWhile many strong candidates will come from a deep product security background, this role is also an excellent fit for experienced software or architecture leaders who have consistently delivered secure, resilient systems in complex R&D environments and are excited to lead security outcomes in close partnership with engineering.\\n\\nKey Responsibilities:\\n\\n- Lead, develop, and mentor a team of Product Security Architects and closely-aligned specialists who are dedicated to major product functional areas (e.g., Sec Section, AI, Core DevOps)\\n- Own and continuously evolve the Product Security Architecture strategy and partnership model, shifting architects from embedded consultants to accelerators of secure architecture delivery, and serve as a strategic partner to Product and Engineering Directors/VPs\\n- Oversee and mature the Product Security Risk Register, ensuring systemic product security risks are clearly articulated, prioritized with Product and Engineering, and paired with multi-quarter risk reduction plans that reduce long-term product security debt.\\n- Operate Product Security Architecture in a risk-aligned, business-enabling way that focuses Security Architects on the highest-impact, hardest-to-change architectural decisions, helping teams make clear, informed tradeoffs without slowing delivery.\\n- Define and drive security visions, standards, "paved roads," and secure-by-default platform behaviors and configurations that enable product teams to make sound security decisions with minimal overhead, including evolving existing behaviors over time to strengthen the baseline security posture.\\n- Lead the Product Security AI strategy for scaling, including adoption of AI-assisted and platform-level investments that expand security review coverage, reduce toil, and support non-linear developer gains while enabling developer velocity.\\n- Partner with Application Security, Infrastructure Security, Security Research, Security Operations, Security Risk, and Security Compliance on end-to-end risk reduction, including security-related controls, quality standards, and integration of research and operational learnings into architectures.\\n- Define and track meaningful architecture-related metrics and Key Risk Indicators, and represent Product Security in cross-functional forums, clearly articulating risk, tradeoffs, and recommended paths forward.\\n\\nRequirements:\\n\\n- Significant experience (typically 10+ years) leading software, architecture, or application security initiatives in high-velocity R&D organizations, with a strong grounding in building and evolving complex software systems\\n- Strong application security and secure design literacy, whether from direct AppSec roles or from owning secure delivery of large-scale systems, including familiarity with common vulnerability classes, modern software architectures, and practical mitigation patterns\\n- Deep understanding of systemic product security risks in large-scale platforms, with expertise in at least some of: CI/CD and pipeline security, software supply chain security, identity and access management (AuthN/Z), AI/ML security, or multi-tenant SaaS architectures\\n- Proven ability to operate effectively in constrained environments: balancing business goals and risk reduction, focusing attention on the highest-impact, hardest-to-reverse decisions, and framing options in terms of risk, cost, and customer impact rather than absolutes.\\n- Demonstrated success building trust with Product and Engineering Directors/VPs, influencing multi-quarter roadmaps, and co-owning outcomes rather than acting solely as a gate.\\n- Experience designing and rolling out scalable security patterns,standards, "paved roads," and secure-by-default configurations,that reduce risk while minimizing additional toil for product and engineering teams.\\n- Experience collaborating with Compliance, Audit, and Security Operations on the definition, implementation, and demonstration of security controls and security-related quality standards, and translating technical designs into clear language for auditors, engineers, and senior leaders.\\n- Experience supporting organizations through significant technology and architectural change (e.g., adoption of new languages and frameworks, or evolution from monoliths toward microservices or domain-oriented architectures) while maintaining or improving security posture.\\n- Ability to operate at multiple altitudes,from executive-level strategy and stakeholder alignment down to detailed technical design discussions when necessary,with excellent written and verbal communication in an all-remote, asynchronous environment.\\n- Comfort with AI-augmented workflows and enthusiasm for leveraging tools like GitLab Duo to scale the Product Security Architecture function, along with strong alignment to GitLab’s values and a track record of thriving in a highly collaborative, remote-first culture.\\n- Nice to have: Experience with security requirements and frameworks relevant to GitLab’s customers (e.g., FedRAMP, ISO 27001, SOC 2, PCI-DSS);
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_05b1c668-59d","directApply":true,"hiringOrganization":{"@type":"Organization","name":"GitLab","sameAs":"https://about.gitlab.com/","logo":"https://logos.yubhub.co/about.gitlab.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/gitlab/jobs/8461323002","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Application Security","Secure Design","CI/CD and Pipeline Security","Software Supply Chain Security","Identity and Access Management","AI/ML Security","Multi-Tenant SaaS Architectures"],"x-skills-preferred":[],"datePosted":"2026-04-18T15:42:42.048Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Remote, Canada; Remote, EMEA; Remote, US"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Application Security, Secure Design, CI/CD and Pipeline Security, Software Supply Chain Security, Identity and Access Management, AI/ML Security, Multi-Tenant SaaS Architectures"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_9bf55fe3-b2b"},"title":"Detection & Response Engineer","description":"We are seeking a skilled and proactive Detection & Response Engineer to join our security team. In this critical role, you will be responsible for detecting, investigating, and responding to security incidents across our cloud-native and AI-focused infrastructure.
\nResponsibilities
\nBasic Qualifications
\nPreferred Skills and Experience
\nCompensation and Benefits
\n$200,000 - $340,000 USD
\nBase salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_9bf55fe3-b2b","directApply":true,"hiringOrganization":{"@type":"Organization","name":"xAI","sameAs":"https://www.xai.com/","logo":"https://logos.yubhub.co/xai.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/xai/jobs/4559148007","x-work-arrangement":"onsite","x-experience-level":"mid","x-job-type":"full-time","x-salary-range":"$200,000 - $340,000 USD","x-skills-required":["cybersecurity principles","attack techniques","defensive strategies","scripting language","SIEM platforms","log analysis tools","cloud environments","network protocols","system administration","common attack vectors"],"x-skills-preferred":["relevant security certifications","threat intelligence platforms","AI/ML security implications","software supply chain security","containerized environments","Kubernetes security","custom security tools","digital forensics","malware analysis"],"datePosted":"2026-04-18T15:23:47.430Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Palo Alto, CA"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"cybersecurity principles, attack techniques, defensive strategies, scripting language, SIEM platforms, log analysis tools, cloud environments, network protocols, system administration, common attack vectors, relevant security certifications, threat intelligence platforms, AI/ML security implications, software supply chain security, containerized environments, Kubernetes security, custom security tools, digital forensics, malware analysis","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":200000,"maxValue":340000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_6d2bed6a-1bd"},"title":"Application Security Engineer","description":"We are seeking a skilled and innovative Application Security Engineer to join our technology-driven company. In this role, you will be responsible for ensuring the security and integrity of our cloud-native applications and systems throughout the software development lifecycle, with a particular focus on code security, CI/CD pipelines, and emerging AI technologies.
\nResponsibilities: Conduct in-depth code reviews and static analysis to identify and mitigate security vulnerabilities in our applications Design and implement secure coding guidelines and best practices for development teams Collaborate closely with development teams to integrate security practices throughout the CI/CD pipeline Perform threat modeling and risk assessments for applications, developing mitigation strategies for potential risks Manage vulnerability tracking and remediation efforts, providing guidance to development teams Support incident response activities related to application security Stay current on emerging security threats and trends in cloud-native technologies and AI, continuously enhancing our security measures Evaluate and secure software supply chains, including producing and maintaining Software Bills of Materials (SBOMs) Address security concerns specific to AI and machine learning models, with a focus on the OWASP LLM Top 10
\nBasic Qualifications: Bachelor's degree in Computer Science, Cybersecurity, or a related field 3-5 years of experience in application security, with a strong focus on code security practices Deep understanding of secure coding practices, application security frameworks, and common vulnerabilities (e.g., OWASP Top 10) Proficiency in Python or Rust programming languages and experience with secure coding practices in these languages Experience securing CI/CD pipelines and implementing DevSecOps practices Familiarity with software supply chain security and SBOM generation tools Experience with security testing tools (e.g., Burp Suite, OWASP ZAP) and static/dynamic code analysis Understanding of AI/ML security implications, particularly those outlined in the OWASP LLM Top 10 Excellent communication skills, able to explain complex security issues to both technical and non-technical audiences
\nPreferred Skills and Experience: Experience with cloud platforms (e.g., GCP, AWS, Azure) and their security features Relevant security certifications (e.g., CSSLP, OSWE) Background in data privacy and compliance regulations relevant to cloud-native applications and AI systems Experience with GitOps and infrastructure-as-code security Familiarity with federated learning and privacy-preserving machine learning techniques Experience in building custom security tooling to enhance and automate security processes Interest in leveraging AI to automate security tasks and improve efficiency Contributions to open-source security projects or tools Experience in securing AI/ML models and data pipelines
\nCompensation and Benefits: $200,000 - $340,000 USD Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_6d2bed6a-1bd","directApply":true,"hiringOrganization":{"@type":"Organization","name":"xAI","sameAs":"https://www.xai.com/","logo":"https://logos.yubhub.co/xai.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/xai/jobs/4559147007","x-work-arrangement":"onsite","x-experience-level":"mid","x-job-type":"full-time","x-salary-range":"$200,000 - $340,000 USD","x-skills-required":["Python","Rust","Secure coding practices","Application security frameworks","Common vulnerabilities","OWASP Top 10","CI/CD pipelines","DevSecOps practices","Software supply chain security","SBOM generation tools","Security testing tools","Static/dynamic code analysis","AI/ML security implications","OWASP LLM Top 10"],"x-skills-preferred":["Cloud platforms","Security certifications","Data privacy and compliance regulations","GitOps","Infrastructure-as-code security","Federated learning","Privacy-preserving machine learning techniques","Custom security tooling","AI automation","Open-source security projects","AI/ML model security"],"datePosted":"2026-04-18T15:23:13.995Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Palo Alto, CA"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Python, Rust, Secure coding practices, Application security frameworks, Common vulnerabilities, OWASP Top 10, CI/CD pipelines, DevSecOps practices, Software supply chain security, SBOM generation tools, Security testing tools, Static/dynamic code analysis, AI/ML security implications, OWASP LLM Top 10, Cloud platforms, Security certifications, Data privacy and compliance regulations, GitOps, Infrastructure-as-code security, Federated learning, Privacy-preserving machine learning techniques, Custom security tooling, AI automation, Open-source security projects, AI/ML model security","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":200000,"maxValue":340000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_f2ee807d-528"},"title":"Security Engineer","description":"We're seeking a Security Engineer at the senior-level or above focused on software and systems security to own the security of Saronic's software platforms, build systems, and deployment infrastructure from development through production.
\nAs a Security Engineer, you will be the technical authority on how Saronic builds, ships, and runs secure software. You will lead secure code review, SAST, DAST, and fuzzing efforts, and define secure coding standards for Rust development including memory safety practices, safe FFI boundaries, and secure error handling.
\nYou will conduct threat modeling for software systems and translate findings into actionable security requirements integrated into design reviews and sprint planning. You will drive vulnerability management for software dependencies, including tracking, prioritization, and remediation of vulnerabilities in third-party crates and libraries.
\nYou will secure and harden NixOS configurations for vessel platforms and development infrastructure, leveraging Nix's reproducibility and declarative model for security enforcement. You will design system hardening profiles in NixOS including kernel hardening, service isolation, mandatory access controls, and minimal attack surface configurations.
\nYou will define and enforce package management and dependency policies within the Nix ecosystem, ensuring build closures are auditable, reproducible, and free from unauthorized or vulnerable packages. You will architect secure system update and rollback mechanisms using NixOS capabilities, ensuring fleet-wide consistency and integrity.
\nYou will design and implement security controls across the CI/CD pipeline including source integrity, build isolation, artifact signing, and deployment verification with build environments that are ephemeral, isolated, and hardened.
\nYou will build and maintain software supply chain security practices aligned to SLSA framework principles, including provenance tracking, hermetic builds, signed attestations, and SBOM generation.
\nYou will integrate security scanning (SAST, SCA, container scanning, secrets detection) into CI/CD pipelines as automated guardrails, and create self-service pipeline templates that enable teams to ship without bottlenecks.
\nYou will design secure deployment patterns for vessel software updates, including secure delivery, integrity verification, and rollback capabilities.
\nYou will implement runtime application security controls including logging, monitoring, and anomaly detection for deployed services.
\nYou will define software and systems security standards, patterns, and reference architectures that engineering teams adopt as the default secure path.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_f2ee807d-528","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Saronic Technologies","sameAs":"https://www.saronictechnologies.com/","logo":"https://logos.yubhub.co/saronictechnologies.com.png"},"x-apply-url":"https://jobs.lever.co/saronic/70738ef6-22be-464f-a451-09882093482d","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Rust","NixOS","CI/CD pipeline security","software supply chain security","SLSA framework principles","provenance tracking","hermetic builds","signed attestations","SBOM generation","security scanning","SAST","SCA","container scanning","secrets detection"],"x-skills-preferred":["NixOS experience","hands-on NixOS experience","experience securing software for embedded or resource-constrained Linux environments"],"datePosted":"2026-04-17T12:58:06.790Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"San Francisco"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Rust, NixOS, CI/CD pipeline security, software supply chain security, SLSA framework principles, provenance tracking, hermetic builds, signed attestations, SBOM generation, security scanning, SAST, SCA, container scanning, secrets detection, NixOS experience, hands-on NixOS experience, experience securing software for embedded or resource-constrained Linux environments"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_fb4fa003-a73"},"title":"Platform Hardware Security Engineer","description":"About the Role
\nWe're seeking a Platform Hardware Security Engineer to design and implement security architectures for bare-metal infrastructure. You'll work with teams across Anthropic to build firmware, bootloaders, operating systems, and attestation systems to ensure the integrity of our infrastructure from the ground up.
\nThis role requires expertise in low-level systems security and the ability to architect solutions that balance security requirements with the performance demands of training AI models across our massive fleet.
\nWhat you'll do:
\nWho you are:
\nStrong candidates may also have:
\nLogistics
\nWe encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work.
\nYour safety matters to us. To protect yourself from potential scams, remember that Anthropic recruiters only contact you from @anthropic.com email addresses. In some cases, we may partner with vetted recruiting agencies who will identify themselves as working on behalf of Anthropic. Be cautious of emails from other domains. Legitimate Anthropic recruiters will never ask for money, fees, or banking information before your first day. If you're ever unsure about a communication, don't click any links—visit anthropic.com/careers directly for confirmed position openings.
\nHow we're different
\nWe believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_fb4fa003-a73","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Anthropic","sameAs":"https://job-boards.greenhouse.io","logo":"https://logos.yubhub.co/anthropic.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/anthropic/jobs/4929689008","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$405,000 - $485,000 USD","x-skills-required":["firmware security","hardware security","secure boot","measured boot","attestation technologies","cryptographic protocols","hardware security modules","UEFI/BIOS","embedded firmware security","bootloader hardening","chain of trust implementation","low-level programming","systems programming","firmware vulnerability assessment","threat modeling","supply chain security","NIST firmware security guidelines","hardware security frameworks"],"x-skills-preferred":["confidential computing technologies","hardware-based TEEs","SLSA framework","software supply chain security standards","large-scale HPC or cloud infrastructure","open-source security projects","formal verification","security proof techniques","silicon root of trust implementations","AI/ML infrastructure security"],"datePosted":"2026-03-08T13:47:08.377Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"New York City, NY; Seattle, WA; San Francisco, CA; Washington, DC"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"firmware security, hardware security, secure boot, measured boot, attestation technologies, cryptographic protocols, hardware security modules, UEFI/BIOS, embedded firmware security, bootloader hardening, chain of trust implementation, low-level programming, systems programming, firmware vulnerability assessment, threat modeling, supply chain security, NIST firmware security guidelines, hardware security frameworks, confidential computing technologies, hardware-based TEEs, SLSA framework, software supply chain security standards, large-scale HPC or cloud infrastructure, open-source security projects, formal verification, security proof techniques, silicon root of trust implementations, AI/ML infrastructure security","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":405000,"maxValue":485000,"unitText":"YEAR"}}}]}