Why is remote work so nice? Let's try to see!
Apply
Staff Security Engineer
Posted 29 days agoViewed
💎 Seniority level: Staff, 7+ years
💸 Salary: 175000.0 - 200000.0 USD per year
🔍 Industry: EdTech
🏢 Company: GoGuardian👥 101-250💰 $200,000,000 Private over 3 years agoInternetEducationEdTechE-LearningSoftware
🗣️ Languages: English
⏳ Experience: 7+ years
Requirements:
- 7+ years of experience in security engineering, cloud security, or application security.
- Deep expertise in securing cloud-native environments (AWS, and GCP).
- Strong knowledge of security principles, including encryption, identity management, and threat modeling.
- Experience with DevSecOps, Infrastructure as Code (Preferably Terraform), CI/CD pipelines, and automating security testing.
- Proficiency in at least one programming language (Python, Go, Java, etc.).
- Hands-on experience with security tooling such as SIEMs, IDS/IPS, WAFs,and vulnerability scanners.
- Incident response experience, including forensic analysis and malware detection.
- Strong communication skills with the ability to influence and educate engineering teams on security best practices.
Responsibilities:
- Lead Security Architecture & Strategy – Design and implement security strategies across our cloud-based infrastructure, applications, and internal systems.
- Threat Modeling & Risk Mitigation – Proactively identify vulnerabilities and partner with engineering teams to mitigate risks before they become incidents.
- Application & Cloud Security – Collaborate with development teams to build security into the software development lifecycle (SDLC), including secure coding practices, automated security testing, and CI/CD security.
- Incident Response & Threat Hunting – Investigate security incidents, lead response efforts, and continuously refine our detection and prevention capabilities.
- Identity & Access Management (IAM) – Develop robust authentication, authorization, and identity management controls to protect our data and infrastructure.
- Security Awareness & Best Practices – Mentor and educate teams on security best practices, providing guidance on security tooling, threat intelligence, and compliance frameworks.
- Compliance & Data Privacy – Support compliance with SOC 2, GDPR, COPPA, and other regulatory requirements by ensuring security controls are properly implemented.
- Automation & Tooling – Build security automation tools to enhance detection, response, and remediation capabilities.
Related Jobs
Apply
🔥 Staff Security Engineer for Threat Intel
Posted 12 days ago
📍 United States
💸 230000.0 - 275000.0 USD per year
🔍 Software Development
🏢 Company: CoreWeave💰 $642,000,000 Secondary Market over 1 year agoCloud ComputingMachine LearningInformation TechnologyCloud Infrastructure
- 15+ years of experience in cyber threat intelligence, threat hunting, or security operations, with a focus on cloud environments.
- Deep understanding of threat actor tactics, attack frameworks (MITRE ATT&CK), and malware analysis methodologies.
- Experience with cyber threat intelligence platforms (TIPs), SIEM, SOAR, and EDR solutions.
- Proficiency in scripting languages (Python, Bash, etc.) for automating threat intelligence workflows.
- Strong knowledge of cloud security best practices, particularly in containerized and GPU-accelerated cloud environments.
- Familiarity with dark web monitoring, intelligence collection techniques, and adversary tracking.
- Excellent written and verbal communication skills for conveying intelligence insights to technical and non-technical audiences.
- Experience in securing AI/ML workloads, high-performance computing (HPC), or GPU-accelerated environments.
- Hands-on experience with security tools like MISP, YARA, Suricata, Zeek, or Sigma rules.
- Prior experience working in fast-paced, cloud-native, or high-growth technology companies.
- Develop, maintain, and operationalize a comprehensive threat intelligence program to proactively detect, analyze, and respond to cyber threats.
- Collect, analyze, and disseminate threat intelligence from open sources (OSINT), dark web monitoring, and proprietary sources.
- Identify and track threat actors, tactics, techniques, and procedures (TTPs) relevant to CoreWeave’s industry and cloud infrastructure.
- Collaborate with incident response teams to investigate and contain security incidents using intelligence-driven insights.
- Conduct proactive threat hunting activities to detect potential compromises or anomalous behavior in CoreWeave’s cloud environments.
- Develop and maintain threat intelligence automation pipelines to ingest, normalize, and correlate data from multiple sources.
- Implement threat intelligence feeds, SIEM integrations, and enrichment processes to enhance real-time security monitoring.
- Work closely with security engineering, SOC, and DevOps teams to integrate threat intelligence into security workflows.
- Provide regular briefings, reports, and recommendations on emerging threats, vulnerabilities, and mitigations to executive leadership and security teams.
- Represent CoreWeave in threat intelligence sharing communities, industry forums, and external collaborations.
AWSDockerPythonBashCiscoCloud ComputingCybersecurityData AnalysisKubernetesMachine LearningAPI testingCommunication SkillsAnalytical SkillsCollaborationRESTful APIsLinuxReportingJSONScripting
Posted 12 days ago
ApplyApply
🔥 Staff Security Engineer
Posted 16 days ago
📍 USA, Canada, Japan, Hungary, Nigeria, Brazil, United Kingdom
🧭 Full-Time
🔍 Financial Services
🏢 Company: Alpaca
- Experience with implementing and maintaining SIEM/SOAR and automation solutions, and other security tools
- Experience with cloud-centric environments and cybersecurity capabilities, including a strong understanding of Kubernetes security concepts
- Strong analytical and problem-solving skills
- Excellent communication skills and committed to work collaboratively across the Firm
- Available for on-call rotations and after-hour responses as needed
- Lead and triage security events including potential security incidents, insider threats, malware infections, unauthorized access, fraud, and data exfiltration events
- Conduct thorough analyses of events, assess impact, and implement corrective actions by collaborating with cross-functional teams to prioritize and remediate issues as necessary
- Develop and maintain security incident response playbooks and automate security workflows to improve efficiency and effectiveness
- Conduct Threat Hunting activities to identify potential issues and implement strategies for proactive threat detection
- Manage and optimize security tools and technologies, such as SIEM, SOAR, Container Orchestration like Kubernetes, Docker / Docker Swarm and other relevant solutions
- Enhance the security of our CI/CD pipeline by integrating security measures into GitOps and focus on brainstorming, designing, building, deploying, and managing cloud-native security
- Collaborate with Product and Engineering to ensure secure design and implementation of systems and applications
- Lead and assist with vulnerability management, penetration testing, and red teaming activities, including managing our bug bounty program
- Foster strong cross-functional relationships with IT, Engineering, Compliance, and other stakeholders to ensure alignment and effective security practices
- Assist with compliance audits and assessments as necessary
- Conduct security research and contribute to the development of new security tools and techniques.
DockerPythonCloud ComputingCybersecurityGitKubernetesAPI testingCI/CDRESTful APIsDevOpsJSONScripting
Posted 16 days ago
ApplyApply
🔥 Staff Security Engineer
Posted 16 days ago
📍 US
🧭 Full-Time
🔍 Software Development
🏢 Company: Linear
- 5+ years of experience in application and infrastructure security
- Startup experience
- Strong communication skills and ability to interact with customers
- Deep understanding of threat modeling, risk management, and vulnerability assessment methodologies
- Strong AWS or GCP (preferred) experience
- Experience with secure API development, infrastructure security, and addressing emerging security challenges
- Background in Javascript/Typescript and Node.js, and familiarity with secure coding practices
- Hands-on experience with security tools and experience integrating automated security testing into CI/CD pipelines
- Own application and infra security (GCP, k8s), and drive improvements to our overall security posture and practices
- Define and drive the product security vision, strategies, and best practices across product and infrastructure teams
- Help build best-in-class security controls for Linear’s product
- Manage pentesting and other security and compliance related partners
- Work closely with go-to-market teams to communicate our security posture to customers
- Assess and improve the security posture of supporting infrastructure and third-party integrations
- Coordinate security incident response efforts, conduct root cause analyses, and coordinate remediation across teams
- Collaborate with operations on SOC2 compliance and vendor security audits
Node.jsCybersecurityGCPJavascriptKubernetesTypeScriptCI/CDComplianceRisk Management
Posted 16 days ago
ApplyApply
🔥 Staff Security Engineer
Posted 18 days ago
📍 India
🧭 Full-Time
🔍 Software Development
🏢 Company: Atlan👥 251-500💰 $105,000,000 Series C 11 months agoBig DataInformation TechnologyData GovernanceSoftware
- 10+ years of experience leading security initiatives for enterprises in an information security (InfoSec) consultant or architect role.
- Proven experience with implementing DevSecOps principles, including Shift Left and Policy as Code methodologies.Experience implementing application security architecture and cloud security architecture.
- In-depth knowledge and experience with Kubernetes (K8s) security is required.
- Experience integrating security practices into the Secure Development Lifecycle.Experience with SaaS security or platform security is a strong plus.
- Strong understanding of security threats, vulnerabilities, and risk mitigation strategies.
- Experience with security tools such as CIS Benchmarks and SIEM solutions is preferred.
- Excellent analytical and problem-solving skills.Strong communication, collaboration, and interpersonal skills.
- Ability to work independently and as part of a team.Passion for security and a commitment to continuous learning.
- CISSP, CISA and/or CKS Certifications strongly preferred.
- Conduct a thorough security assessment of our current infrastructure, applications, and cloud environments, identifying strengths and areas for improvement.
- Conduct detailed threat modelling and risk assessments to identify, prioritise, and mitigate potential security threats.
- Document the existing security architecture, policies, and procedures.
- Develop and implement a comprehensive security strategy aligned with Atlan's business goals and industry best practices.
- Establish security metrics and key performance indicators (KPIs) to measure the effectiveness of security controls.
- Design and implement robust security controls across the platform, including network, application, and infrastructure security.
- Integrate security best practices into the CI/CD pipeline to ensure seamless DevSecOps practices (Shift Left, Policy as Code).
- Develop and implement incident response plans, conduct regular drills, and continuously improve security operations through monitoring and ongoing assessments.
- Advocate for security best practices across the organisation, fostering a security-first mindset and a culture of security awareness.
- Lead and mentor other team members, promoting continuous learning and improvement in security practices.
- Ensure compliance with relevant security standards and regulations (e.g., PCI DSS, GDPR).Prepare for and assist in security audits and certifications.
AWSCloud ComputingCybersecurityData AnalysisKubernetesAzureCI/CDRESTful APIsLinuxDevOpsMicroservicesComplianceRisk ManagementData modelingScriptingSaaS
Posted 18 days ago
ApplyApply
🔥 Staff Security Engineer (IAM), Remote
Posted 28 days ago
In-depth knowledge of IAM principles, standards, and best practices
- Design, implement, and maintain robust IAM solutions
- Manage authentication, authorization, and provisioning across diverse platforms
- Collaborate with various teams to ensure alignment between IAM solutions and organizational security requirements
Posted 28 days ago
ApplyApply
🔥 Senior/ Staff Security Engineer, Detection and Response
Posted 29 days ago
📍 US
🧭 Full-Time
💸 168000.0 - 220000.0 USD per year
🔍 Mental Healthcare
🏢 Company: Grow Therapy👥 251-500💰 $88,000,000 Series C 12 months agoMental HealthTherapeuticsMedicalHealth Care
- 5+ years (Senior) or 8+ years (Staff) of full time experience as a Detection and Response Engineer, working on monitoring, threat detection and incident response
- Have led the development of company-wide detection and response strategies
- Have demonstrated experience designing detection strategies in complex, high-scale environments
- Are familiar with automated vulnerability identification tools and triage processes
- Detect, respond and defend against threats to Grow’s user base
- Define and drive our Threat Detection roadmap
- Mature our Incident Response and Remediation processes
- Respond to security events, triage, perform investigations, incident analysis, and communicate clearly and efficiently to stakeholders
- Collaborate with Grow engineering teams to drive remediations
- Build and optimize detection rules
- Develop runbooks and incident playbooks for new and existing detections
CybersecurityCI/CDLinuxDevOpsScripting
Posted 29 days ago
ApplyApply
🔥 Staff Security Engineer
Posted about 1 month ago
📍 United States
💸 184000.0 - 253000.0 USD per year
🔍 Healthcare
🏢 Company: Thirty Madison👥 251-500💰 $140,000,000 Series C almost 4 years ago🫂 Last layoff over 2 years agoPharmaceuticalPersonal HealthWellnessHealth Care
- Proven expertise in security incident response and detection engineering, with a strong focus on cloud environments.
- Ability to partner closely with the Head of Security to drive forward security initiatives and strategies.
- Experience adopting an automation- and development-driven approach to implement security controls.
- Strong skills in threat modeling and identifying security risks.
- Establish and track key KPIs to ensure the security program remains robust, enabling data-driven decision-making.
- Leadership experience in designing and executing security control strategies, driving iterative design, and taking ownership of security products.
- Exceptional collaboration skills, with the ability to work seamlessly with diverse teams, including engineers, medical professionals, and external partners.
- A proactive mindset with a strong drive to take ownership of issues and solve them independently in a fast-paced, evolving environment.
- A passion for educating and evangelizing security best practices, backed by excellent written and verbal communication skills.
- Several years of experience leading cross-functional initiatives, especially bridging security engineering with infrastructure teams, with a proven track record of delivering impactful projects that align with business objectives.
- Familiarity with Kubernetes and microservices architectures.
- Experience deploying and securing cloud services (e.g., AWS, Azure) with a deep understanding of cloud security principles.
- Strong proficiency in scripting and programming languages (e.g., Python, Bash) for data analysis, automation, and tool development.
- Hands-on experience with Terraform for infrastructure management and automation.
- Act as a hands-on subject matter expert (SME) for the Detection and Response program, while also taking ownership of broader security initiatives, including Enterprise Security and Product Security at Thirty Madison.
- Design and implement scalable solutions and processes to proactively identify, address, and mitigate security vulnerabilities and risks.
- Conduct research on emerging threats impacting Thirty Madison’s applications and infrastructure.
- Strengthen defense-in-depth strategies by developing secure-by-default frameworks, architectures, and processes.
- Provide mentorship and share security best practices across the organization.
- Collaborate with cross-functional teams to ensure security efforts align with business objectives and integrate smoothly into existing workflows.
- Lead investigations, containment, and remediation of security incidents, ensuring swift resolution.
- Demonstrate strong leadership under pressure, making informed decisions in uncertain situations while coordinating efforts across teams to resolve issues effectively
AWSLeadershipPythonSQLBashCloud ComputingCybersecurityData AnalysisKubernetesLDAPMicrosoft AzureMicrosoft ExchangeCross-functional Team LeadershipAPI testingAzureCommunication SkillsAnalytical SkillsCollaborationCI/CDProblem SolvingRESTful APIsMentoringLinuxDevOpsTerraformOrganizational skillsDocumentationMicroservicesComplianceExcellent communication skillsTeamworkJSONRisk ManagementScriptingDebugging
Posted about 1 month ago
ApplyApply
🔥 Staff Security Engineer
Posted about 1 month ago
📍 United States
🧭 Full-Time
💸 180000.0 - 220000.0 USD per year
🔍 Healthcare
- 5+ years of experience as a Staff Security Engineer on a high-growth startup team.
- Strong knowledge of cloud security (AWS, Azure), identity management, application security, modern security frameworks (ie OWASP, NIST) and HIPAA regulatory experience.
- Diverse experience with application security tooling and processes that include code review, SAST, penetration testing, and risk management.
- High proficiency with source code management tools and security features of each(e.g., Github, Bitbucket)
- Proficiency in at least one programming language (Python, Go, or similar) and experience integrating security into DevOps CI/CD pipelines.
- Ability to assess risk, anticipate attack vectors, and proactively mitigate threats through layered security.
- Ability to work cross-functionally with engineering, IT, compliance, and leadership to drive security initiatives forward.
- Architect and implement security solutions that scale with the company’s growth, focusing on automation, resilience, and developer & user-friendly security.
- Build tools with an emphasis on self-service, automation, and performance that identify and mitigate application security risks and flaws.
- Eliminate classes of security problems by shifting the detection and preventions left into the developer workflow.
- Provide architectural, design, and threat-based guidance to software development teams to improve security maturity before code is created.
- Work with SecOps to enhance our ability to detect threats early and respond effectively.
- Partner with our DevOps team to assess infrastructure security and propose improved security solutions.
- Partner with cross-functional teams to ensure security maturity work is being prioritized and addressed in ways both timely and durable.
- Ensure security controls align with HIPAA framework without impeding development and productivity velocity.
AWSPythonSQLCloud ComputingCybersecurityKubernetes*NixAPI testingAzureGoCI/CDProblem SolvingRESTful APIsLinuxDevOpsTerraformMicroservicesComplianceJSONRisk ManagementAnsibleScriptingSoftware Engineering
Posted about 1 month ago
ApplyApply
🔥 Staff Security Engineer - Data Protection (Data Security Architect), Remote
Posted about 2 months ago
📍 United States, Canada
🧭 Full-Time
🔍 Data Security
NOT STATED
- Design, implement, and maintain security services.
- Partner cross-functionally across various teams.
AWSCloud ComputingCybersecurityData engineeringMicroservicesComplianceData management
Posted about 2 months ago
ApplyApply
🔥 Staff Security Engineer - Data Protection (Data Security Architect), Remote
Posted about 2 months ago
📍 United States, Canada
🧭 Full-Time
🔍 Health-Tech
- BS/BTech in Computer Science, IT, Cybersecurity, or related field
- 8+ years securing Cloud Native applications
- 5+ years in a dedicated data security role
- Familiarity with DLP and DSPM tools
- Knowledge of health-tech systems preferred
- Lead development and maintenance of security strategies
- Design and deploy security controls
- Mentor new engineers
- Shape security services strategy
Cloud ComputingCybersecurity
Posted about 2 months ago
ApplyRelated Articles
Posted 7 months ago
Insights into the evolving landscape of remote work in 2024 reveal the importance of certifications and continuous learning. This article breaks down emerging trends, sought-after certifications, and provides practical solutions for enhancing your employability and expertise. What skills will be essential for remote job seekers, and how can you navigate this dynamic market to secure your dream role?
Posted 8 months ago
Explore the challenges and strategies of maintaining work-life balance while working remotely. Learn about unique aspects of remote work, associated challenges, historical context, and effective strategies to separate work and personal life.
Posted 8 months ago
Google is gearing up to expand its remote job listings, promising more opportunities across various departments and regions. Find out how this move can benefit job seekers and impact the market.
Posted 8 months ago
Learn about the importance of pre-onboarding preparation for remote employees, including checklist creation, documentation, tools and equipment setup, communication plans, and feedback strategies. Discover how proactive pre-onboarding can enhance job performance, increase retention rates, and foster a sense of belonging from day one.