We are seeking an experienced Application Security Engineer to join our team. As a subject matter expert, you will have direct experience in a wide range of security technologies, tools, and methodologies. The role is suited for an experienced Application Security engineer with proven understanding in enterprise security and AI security and will focus on building toolsets and processes to drive adoption of secure practices across the enterprise.
\nThe team fosters a collaborative environment and is building a best-in-class program to partner with the business to protect the Firm’s information and computer systems. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority.
\nResponsibilities
\nQualifications
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_f77c41bb-0ad","directApply":true,"hiringOrganization":{"@type":"Organization","name":"IT Infrastructure","sameAs":"https://mlp.eightfold.ai","logo":"https://logos.yubhub.co/mlp.eightfold.ai.png"},"x-apply-url":"https://mlp.eightfold.ai/careers/job/755955629927","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["AI-specific risks","Generative AI","LLMs","Agentic frameworks","Security guardrails","Threat modeling","Red teaming","Risk assessments","Application risk assessments","Design reviews","Mitigation strategies","Secure coding standards","Automated security testing","CI/CD pipelines","Security architectures","Secure configuration principles","Cryptography fundamentals","Encryption protocols","SCM & CI/CD technologies","Security scanning","Vulnerability management","Static and dynamic security analysis tools","SCA/SBOM solutions","Secrets management","Password vault technologies","Secure programming","Infrastructure as Code tools","Web application security testing tools","Methodologies","Security frameworks","Standards","Linux","OS internals","Containers"],"x-skills-preferred":[],"datePosted":"2026-04-18T22:14:17.280Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Dublin, Ireland"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"AI-specific risks, Generative AI, LLMs, Agentic frameworks, Security guardrails, Threat modeling, Red teaming, Risk assessments, Application risk assessments, Design reviews, Mitigation strategies, Secure coding standards, Automated security testing, CI/CD pipelines, Security architectures, Secure configuration principles, Cryptography fundamentals, Encryption protocols, SCM & CI/CD technologies, Security scanning, Vulnerability management, Static and dynamic security analysis tools, SCA/SBOM solutions, Secrets management, Password vault technologies, Secure programming, Infrastructure as Code tools, Web application security testing tools, Methodologies, Security frameworks, Standards, Linux, OS internals, Containers"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_6a75ea8b-5b4"},"title":"Application Security Engineer","description":"We are seeking an experienced Application Security Engineer to join our team. As a subject matter expert with direct experience in a wide range of security technologies, tools, and methodologies, you will play a key role in building toolsets and processes to drive adoption of secure practices across the enterprise.
\nThe successful candidate will have a proven understanding in enterprise security and AI security and will focus on defining and implementing security guardrails for Generative AI, LLMs, and Agentic frameworks, ensuring safe enterprise adoption.
\nKey responsibilities include:
\nQualifications include:
\nPreferred qualifications include:
\nWe offer a competitive salary and benefits package, as well as opportunities for professional growth and development.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_6a75ea8b-5b4","directApply":true,"hiringOrganization":{"@type":"Organization","name":"IT Infrastructure","sameAs":"https://mlp.eightfold.ai","logo":"https://logos.yubhub.co/mlp.eightfold.ai.png"},"x-apply-url":"https://mlp.eightfold.ai/careers/job/755955629908","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["AI-specific risks","Generative AI","LLMs","Agentic frameworks","Security guardrails","Threat modeling","Red teaming","Risk assessments","Application risk assessments","Design reviews","Mitigation strategies","Secure coding standards","Developer education","Training materials","Outreach","Common SCM & CI/CD technologies","GitHub","Jenkins","Artifactory","Security Scanning","Vulnerability Management","Static and dynamic security analysis tools","SCA/SBOM solutions","Secrets Management & Password Vault technologies","Delinea Secret Server","Hashicorp Vault","Secure programming","Python","Java","C++","C#","Infrastructure as Code tools","CloudFormation","Terraform","Ansible","Web application security testing tools","Methodologies","Security frameworks","Standards","ISO 27001","NIST","OWASP","Linux","OS internals","Containers"],"x-skills-preferred":[],"datePosted":"2026-04-18T22:14:06.620Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"London, United Kingdom"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"AI-specific risks, Generative AI, LLMs, Agentic frameworks, Security guardrails, Threat modeling, Red teaming, Risk assessments, Application risk assessments, Design reviews, Mitigation strategies, Secure coding standards, Developer education, Training materials, Outreach, Common SCM & CI/CD technologies, GitHub, Jenkins, Artifactory, Security Scanning, Vulnerability Management, Static and dynamic security analysis tools, SCA/SBOM solutions, Secrets Management & Password Vault technologies, Delinea Secret Server, Hashicorp Vault, Secure programming, Python, Java, C++, C#, Infrastructure as Code tools, CloudFormation, Terraform, Ansible, Web application security testing tools, Methodologies, Security frameworks, Standards, ISO 27001, NIST, OWASP, Linux, OS internals, Containers"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_611720bf-294"},"title":"Senior Application Security Engineer","description":"Why join us
\nBrex is a financial platform that enables companies to spend smarter and move faster in over 200 markets. It combines global corporate cards and banking with intuitive spend management, bill pay, and travel software.
\nAs a Senior Application Security Engineer, you will focus on finding and responding to security vulnerabilities across the Brex platform. In this role, you will perform code reviews, design reviews, penetration testing, and vulnerability management. You will develop and maintain tooling to perform static and dynamic testing of the Brex platform and tooling which supports secure developer workflows.
\nApplication Security is part of our wider Financial Scale organization, which means you will work closely with Security Operations, GRC, Product Security, Front End Platform, IT Infrastructure teams.
\nWe’re looking for individuals with a strong background and interest in penetration testing. You should have a demonstrated ability to find vulnerabilities in complex systems and craft exploits to demonstrate business impact.
\nThis role is highly cross-functional and collaborative, you will have the opportunity to work with every engineering team across Brex.
\nBuilding a world-class financial service requires world-class security. Brex is pioneering the next wave of AI-driven financial services for dynamic, high-impact companies like Coinbase, Robinhood, and Anthropic.
\nResponsibilities
\nRequirements
\nBonus points
\nExperience submitting to bug bounty programs or responsible disclosure programs
\nCompensation
\nThe expected salary range for this role is $192,000 - $240,000. However, the starting base pay will depend on a number of factors including the candidate’s location, skills, experience, market demands, and internal pay parity.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_611720bf-294","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Brex","sameAs":"https://brex.com/","logo":"https://logos.yubhub.co/brex.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/brex/jobs/8249884002","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$192,000 - $240,000","x-skills-required":["Python","Secure development activities","Threat modeling","Developer education","Incident response","AI/agentic workflows","Collaborative mindset","Strong written and verbal communication skills"],"x-skills-preferred":["Kotlin","gRPC","GraphQL","Kubernetes","Software engineering","Web application security reviews","Distributed systems in AWS and cloud environments","Pentesting and securing agentic features and systems","Contributions to the wider technical community"],"datePosted":"2026-04-18T15:55:36.756Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Seattle, Washington, United States"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Finance","skills":"Python, Secure development activities, Threat modeling, Developer education, Incident response, AI/agentic workflows, Collaborative mindset, Strong written and verbal communication skills, Kotlin, gRPC, GraphQL, Kubernetes, Software engineering, Web application security reviews, Distributed systems in AWS and cloud environments, Pentesting and securing agentic features and systems, Contributions to the wider technical community","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":192000,"maxValue":240000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_62900fcd-562"},"title":"Security Engineer - Offensive Security","description":"As an Offensive Security Engineer on the Proactive Threat team at Stripe, you will simulate the tactics, techniques, and procedures (TTPs) of real-world adversaries to uncover security risks across Stripe's products and infrastructure.
\nYou'll conduct hands-on penetration testing, lead red team engagements, and collaborate with blue team counterparts to validate and improve detection and response capabilities. Your work will directly influence how Stripe builds, ships, and secures financial infrastructure used by millions of businesses worldwide.
\nResponsibilities:
\nConduct comprehensive penetration tests across web applications, APIs, cloud environments (AWS/GCP/Azure), mobile applications, and internal infrastructure.
\nPlan and execute red team engagements that emulate the TTPs of cyber and criminal threat actors targeting financial services, including initial access, lateral movement, persistence, and data exfiltration scenarios.
\nPerform assumed-breach and objective-based assessments to test detection and response capabilities in coordination with defensive teams.
\nPartner with detection engineering, threat intelligence, and incident response teams to validate security controls, identify coverage gaps, and improve detection fidelity.
\nContribute adversary tradecraft insights to inform detection rule development, threat hunting hypotheses, and incident response playbooks.
\nSupport incident investigations by providing offensive expertise, log analysis, and root cause analysis when required.
\nDesign, develop, and maintain custom offensive tools, scripts, and automation frameworks to enhance assessment efficiency and coverage.
\nBuild internal platforms and workflows that enable scalable, repeatable offensive operations.
\nContribute to internal security tooling repositories and champion engineering best practices within the team.
\nAutomate repetitive testing tasks, payload generation, and reporting workflows using modern development practices.
\nProduce clear, actionable reports that communicate technical findings, business risk, and remediation guidance to both technical and non-technical stakeholders.
\nAct as a subject-matter expert and primary point of contact for stakeholder teams engaged in offensive security programs and Stripe-wide security initiatives.
\nLead offensive security projects end-to-end, mentor junior team members, and foster a culture of continuous learning and knowledge sharing.
\nStay current with emerging threats, vulnerabilities, and attack techniques; share research internally and contribute to the broader security community.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_62900fcd-562","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Stripe","sameAs":"https://stripe.com/","logo":"https://logos.yubhub.co/stripe.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/stripe/jobs/7820898","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Python","Go","Web application security","Cloud platforms (AWS, Azure, or GCP)","Offensive tooling (Burp Suite, Cobalt Strike, Mythic, Sliver, BloodHound)","Adversary tradecraft and frameworks (MITRE ATT&CK)","Excellent written and verbal communication skills"],"x-skills-preferred":["Experience conducting offensive security in fintech, financial services, or other highly regulated environments","Background in vulnerability research, exploit development, or CVE discovery","Experience collaborating with threat intelligence, detection engineering, or incident response teams (purple team operations)","Familiarity with big data and log analysis tools (Splunk, Databricks, PySpark, osquery, etc.) for threat hunting or investigative support","Proficiency with AI/LLM-assisted development tools (e.g., Claude Code, Cursor, GitHub Copilot) and experience applying them to offensive security workflows"],"datePosted":"2026-04-18T15:51:01.913Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Ireland"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Python, Go, Web application security, Cloud platforms (AWS, Azure, or GCP), Offensive tooling (Burp Suite, Cobalt Strike, Mythic, Sliver, BloodHound), Adversary tradecraft and frameworks (MITRE ATT&CK), Excellent written and verbal communication skills, Experience conducting offensive security in fintech, financial services, or other highly regulated environments, Background in vulnerability research, exploit development, or CVE discovery, Experience collaborating with threat intelligence, detection engineering, or incident response teams (purple team operations), Familiarity with big data and log analysis tools (Splunk, Databricks, PySpark, osquery, etc.) for threat hunting or investigative support, Proficiency with AI/LLM-assisted development tools (e.g., Claude Code, Cursor, GitHub Copilot) and experience applying them to offensive security workflows"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_bdf949b3-c66"},"title":"Databricks Enterprise Lead Security Architect - Principal IT Software Engineer","description":"We are seeking a highly skilled Lead Security Architect to join our team within Databricks IT. As a Lead Security Architect, you will be responsible for designing and implementing a secure and scalable architecture to protect our corporate assets. You will focus on key areas of IT security, including Identity and Access Management, Zero Trust architecture, and endpoint security, while also working to secure critical business applications and sensitive data.
\nYour expertise will be crucial in building proactive security strategies that align with our business goals and protect the company from an ever-evolving threat landscape. This position demands deep expertise in security principles and a comprehensive understanding of the entire infrastructure stack and IAM systems to design robust, future-ready security solutions.
\nYou will be instrumental in safeguarding our systems' resilience and integrity against ever-evolving cyber threats. You will play a critical role in shaping our security strategy for modern platforms across AWS, Azure, GCP, network infrastructure, storage, and SaaS solutions, help establish a strong least privilege (PoLP) model, providing specialized IAM expertise, and securely supporting SaaS with sensitive information (NHI).
\nYou will also be a key contributor in building our internal strategy for secure AI development. Additionally, you will support the secure integration of SaaS platforms such as Google Workspace, collaboration tools, and GTM systems, maintaining alignment with enterprise security standards.
\nClose collaboration with cross-functional teams is essential to embed security throughout the technology stack.
\nThe impact you will have:
\nWhat we look for:
\nPay Range Transparency
\nDatabricks is committed to fair and equitable compensation practices. The pay range(s) for this role is listed below and represents the expected salary range for non-commissionable roles or on-target earnings for commissionable roles. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on the factors above, Databricks anticipates utilizing the full width of the range. The total compensation package for this position may also include eligibility for annual performance bonus, equity, and the benefits listed above.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_bdf949b3-c66","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Databricks","sameAs":"https://databricks.com","logo":"https://logos.yubhub.co/databricks.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/databricks/jobs/8207910002","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Security Architecture","Identity and Access Management","Zero Trust","Endpoint Security","Data Encryption","Data Exfiltration Prevention","Cluster Security","Offensive Security","Non-human Identity Management","IAM Best Practices","Data Loss Prevention","SaaS Proxy Design and Implementation","Cloud Infrastructure Best Practices","Least Privilege Access for Data Security","Guide internal IT on Databricks’ security and compliance certifications","Support incident response, vulnerability management, threat modeling, and red teaming","Stay current on industry trends and emerging threats in GenAI, AI Agentic flow, MCPs","Advise executive leadership on security architecture, risks, and mitigation","Mentor security engineers and developers on secure design and best practices"],"x-skills-preferred":["Terraform","Python","Cursor","Lambda","AWS cloud security","Network security","Data Protection","Appsec","SIEM platforms","XDR","cloud-native threat detection tools","Web application security","OWASP","API security","Secure design and testing","AI-assisted development","Security automation","Scripting/IaC tools","CISSP","CCSP","CEH","AWS Certified Security – Specialty","AWS Certified Solutions Architect – Professional","AWS Certified Advanced Networking – Specialty"],"datePosted":"2026-04-18T15:45:19.828Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Mountain View, California; San Francisco, California"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Security Architecture, Identity and Access Management, Zero Trust, Endpoint Security, Data Encryption, Data Exfiltration Prevention, Cluster Security, Offensive Security, Non-human Identity Management, IAM Best Practices, Data Loss Prevention, SaaS Proxy Design and Implementation, Cloud Infrastructure Best Practices, Least Privilege Access for Data Security, Guide internal IT on Databricks’ security and compliance certifications, Support incident response, vulnerability management, threat modeling, and red teaming, Stay current on industry trends and emerging threats in GenAI, AI Agentic flow, MCPs, Advise executive leadership on security architecture, risks, and mitigation, Mentor security engineers and developers on secure design and best practices, Terraform, Python, Cursor, Lambda, AWS cloud security, Network security, Data Protection, Appsec, SIEM platforms, XDR, cloud-native threat detection tools, Web application security, OWASP, API security, Secure design and testing, AI-assisted development, Security automation, Scripting/IaC tools, CISSP, CCSP, CEH, AWS Certified Security – Specialty, AWS Certified Solutions Architect – Professional, AWS Certified Advanced Networking – Specialty"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_a6a63728-1cf"},"title":"Senior Penetration Tester","description":"We're seeking a Senior Penetration Tester to join our established team, working with talented cyber security professionals to ensure our services are designed, developed, and operated securely. As an internal tester, you'll gain a strong understanding of how technology works at Starling to enable in-depth testing. You'll also support remediation processes, seeing your findings lead to tangible security improvements.
\nResponsibilities:\nScoping and performing mobile, web application, cloud, and infrastructure penetration tests.\nCollaborating with engineering teams to facilitate secure development, including reviewing and analysing proposed technical solutions to identify appropriate security controls, conducting code reviews of features and critical security components, and performing in-depth practical security testing.\nAdvising on the remediation of security issues and identifying solutions to address root causes.\nAutomating security testing and developing internal tooling to achieve continuous assurance.\nIdentifying and implementing improvements to the team's internal processes and procedures.\nMentoring less-experienced team members, leading by example in technical assessments, and promoting a collaborative approach to security across Starling.
\nRequirements:\n5+ years technical information security experience.\nExperience in mobile, web application, cloud, and infrastructure penetration testing.\nTechnical knowledge in mobile security (iOS and Android), web application security, networking and associated protocols, cloud security (AWS and GCP), containers and Kubernetes.\nPenetration testing qualifications (e.g. CREST Certified Tester, OSCP) or equivalent industry experience.\nExcellent verbal and written communication skills.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_a6a63728-1cf","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Starling","sameAs":"https://www.starlingbank.com/","logo":"https://logos.yubhub.co/starlingbank.com.png"},"x-apply-url":"https://apply.workable.com/j/4F1A58C8DC","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["penetration testing","mobile security","web application security","cloud security","networking","containers and Kubernetes","security testing","code review","automation"],"x-skills-preferred":["Java","Go","Python","CREST Certified Tester","OSCP"],"datePosted":"2026-03-31T18:14:45.834Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Southampton"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"penetration testing, mobile security, web application security, cloud security, networking, containers and Kubernetes, security testing, code review, automation, Java, Go, Python, CREST Certified Tester, OSCP"}]}