Source Job

• Design and drive a security research program focused on identifying emerging threats and innovative defensive techniques.
• Drive original research into product, application, and ecosystem-level vulnerabilities, publishing findings responsibly.
• Partner with Product, Marketing, Engineering, and other teams by providing technical insights and evidence-based recommendations.

1Password is a cybersecurity company building the foundation for a safe, productive digital future. They have over 180,000 businesses trusting their products and boast a culture that prioritizes collaboration, transparent communication, and receptiveness to feedback.

This role will lead offensive security capabilities and vulnerability operations. You will direct and manage hardware, software, cloud, network and corporate system red team operations. You will manage vulnerabilities across the company.

Flock Safety is the leading safety technology platform, helping communities thrive by taking a proactive approach to crime prevention and security.

• Execute sophisticated red team engagements to identify vulnerabilities.
• Demonstrate viable attacker paths to breach defenses.
• Lead penetration tests against internal services and generative AI systems.

ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®.

• Simulate attacks to uncover and report security vulnerabilities.
• Proactively take charge and adapt to new challenges.
• Contribute to thought leadership through social media platforms and industry events.

Resillion is a global company with end-to-end capabilities in cyber security, testing of digital media content and quality assurance with offices in North America, Europe, and Asia.

• Define, implement, and document new security features.
• Analyze, fix, and test vulnerabilities in open source software.
• Audit and analyze source code for vulnerabilities.

Canonical is a pioneering tech firm at the forefront of the global move to open source and publishes Ubuntu.

• Partner with Product teams to ensure that products are designed, built, and operated securely.
• Conduct threat modeling activities with Product teams to ensure product threats are understood, documented, and mitigated.
• Review and analyze product source code to identify security vulnerabilities and providing recommendations for secure implementation.

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm is a remote-first company and offers competitive benefits anchored to their core value of people come first.

• Reproduce, assess, and document vulnerabilities, perform variant hunting, and contribute to exploitability research on security issues reported in GitLab’s products and services.
• Support and consult with product and development teams on effective vulnerability remediation and mitigation. Independently validate vulnerability fixes prior to release.
• Contribute to clear and actionable documentation that explains vulnerability impact, risk, and remediation guidance for technical and non-technical audiences, helping to scale PSIRT knowledge and practices across GitLab.

GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Their high-performance culture is driven by their values and continuous knowledge exchange, enabling their team members to reach their full potential while collaborating with industry leaders to solve complex problems.

• Engineer layered security solutions across complex systems.
• Protect digital assets and develop security tools.
• Mitigate security risks and safeguard infrastructure.

Asymmetric Research is a boutique security venture focused on deep partnerships with L1/L2 blockchains and DeFi protocols in an effort to keep them safe.

• Accelerate AI security and safety research.
• Research the frontier of AI security and safety.
• Work on an empirical project aligned with research priorities.

Anthropic’s mission is to create reliable, interpretable, and steerable AI systems, striving for AI to be safe and beneficial for users and society.

Leverage expertise in application security and security engineering. Implement and administer application security tooling. Integrate security tooling with CI/CD pipelines.

AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow.

• Partner with engineering and product teams to design and build secure systems.
• Lead threat modeling, code reviews, and vulnerability assessments to identify and mitigate risks.
• Define and evolve secure development practices, including tooling, automation, and developer education.

Uniswap Labs is committed to diversity in our workforce and is proud to be an Equal Opportunity Employer (EEO).

• Lead the design and implementation of secure architectures for Built’s applications, services, and AI/ML initiatives.
• Embed security throughout the development lifecycle by partnering with engineering teams on threat modeling, secure coding best practices, and design reviews.
• Perform internal penetration testing of applications, networks, and features to uncover weaknesses before attackers do.

Built is an AI-powered platform transforming how real estate is financed, developed, and managed. They started by fixing construction draw management for lenders and have grown into a comprehensive operating system. Built brings together passionate people who are driven in a variety of disciplines, each bringing their unique perspective to everything they do.

As an Application Security Engineer (ASE) you will curate and manage the incoming security vulnerability submissions to some of the world’s biggest companies’ bug bounty programs.You will be exposed to the Internet’s best security researchers and their cutting-edge security testing methodologies. ASEs need to have strong knowledge of OWASP Top Ten type vulnerabilities.

Bugcrowd empowers organizations to take back control and stay ahead of threat actors with their Security Knowledge Platform™.

• Implement and maintain security measures to protect the organization's information assets and infrastructure.
• Support product and development teams on application security challenges, including threat modeling and architecture reviews.
• Support security incident response, perform root cause analysis, and drive remediation strategies.

insightsoftware is a global provider of comprehensive solutions for the Office of the CFO, transforming how teams operate and empowering leaders.

• Design and implement scalable infrastructure supporting HIPAA, SOC 2, and ISO 27001 compliance.
• Create self-service security tools integrating with developer workflows (GitLab CI/CD, Terraform).
• Lead threat modeling and security architecture reviews for new products and services.

Maven is the world's largest virtual clinic for women and families on a mission to make healthcare work for all of us.

• Design, build, and automate new components of our secrets discovery program.
• Discover, analyze, validate, and escalate exposed secrets both internally and externally.
• Collaborate on multiple cyber intelligence initiatives, and partner with stakeholders across security and major technology teams.

AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow.

In this role, you’ll be at the intersection of security, automation, and distributed systems. You’ll take ownership of hardening complex hybrid environments from bare-metal validators to multi-cloud clusters ensuring our systems are both fast and fortress-strong. You’ll join a distributed, high-performing Blockchain DevOps team that values ownership, transparency, and innovation.

Figment powers the future of Web3 through industry-leading blockchain infrastructure as the leading provider of staking solutions.

• Strengthen the security posture of advanced, large-scale systems.
• Contribute to solutions that shape the future of networking, cloud, and telecommunications.
• Work alongside industry experts in an inspiring, multicultural environment.

Tietoevry Create designs, builds, and modernizes high-impact digital products for global customers with deep technical expertise and a strong culture.

• Protecting data, products, and infrastructure against security threats.
• Meeting security and compliance services such as vulnerability management, security updates and upgrades, and intrusion response.
• Staying current with the latest Information Security trends and news.

Bounteous is a premier end-to-end digital transformation consultancy dedicated to partnering with ambitious brands to create digital solutions.

Investigate and analyze sophisticated cyber threats targeting cloud environments. Identify and track state-backed and financially motivated threat actors. Communicate findings to internal teams, customers, and the public, ensuring clarity and actionable insights.

This position is posted by Jobgether on behalf of a partner company and uses an AI-powered matching process to ensure quick and fair application reviews.