Basic Function

Lumin Digital is standing up a dedicated Network Security function within its Risk Engineering group to protect a growing product suite that handles sensitive financial data across multiple product lines. This role exists because the landscape has shifted: in a cloud-native, infrastructure-as-code environment, network security is no longer about managing router ACLs—it is about designing identity-aware policy enforcement, automating end-to-end change management, and building real-time visibility into network activity across both workforce and hosted contexts.

As the Network Security Software Engineer, you will be a domain authority who breaks network security out of the existing Security Engineering and SOC functions, building the specialization from the ground up. You will architect and deliver automated, lights-off pipelines—using agentic development practices and tools like Claude Code—that turn around security changes faster, go deeper than port and protocol in our defense-in-depth story, and extend coverage to the agents our teams create, not just the people who create them.

We are looking for a senior practitioner who will teach us what great network security looks like in a modern, highly-automated fintech environment—not someone who needs to be taught.

Essential Functions and Responsibilities:

• Own the architecture, implementation, and continuous improvement of Lumin’s network security program across cloud, SD-WAN, and ZTNA layers—designing identity-aware, policy-driven controls that secure both human and machine (agent) identities.

• Design and deliver fully automated, end-to-end network security change management pipelines that eliminate manual toil, accelerate change velocity, and maintain audit-ready evidence at every step.

• Build and operate real-time network telemetry, monitoring, and alerting systems that provide deep visibility into network activity — integrating threat intelligence feeds, cloud connectivity data, and asset inventories into a unified, automated network defense posture.

• Engineer production-grade tooling and services—including firewall rule lifecycle management, policy drift detection, configuration compliance validation, and telemetry enrichment—using modern backend languages (Python strongly preferred) and infrastructure-as-code.

• Manage and tune network-layer detection capabilities — including IDS/IPS signatures, firewall rules, and WAF configuration — to ensure high-fidelity signals for SOC consumption.

• Operate at the leading edge of AI-assisted development: write precise engineering specifications, direct AI coding agents (e.g., Claude Code, Cursor), and review/validate generated output to build secure, lights-off agentic pipelines that the broader team can learn from.

• Build and maintain API integrations across the network security technology stack (e.g., Cloudflare, Zscaler, cloud-native controls) with reliability, observability, and audit-readiness designed in from day one.

• Support compliance audit and assessment activities — including evidence collection, control testing, and auditor walkthroughs for network security domains; maintain an accurate network diagram inventory documenting topology, segmentation boundaries, and data flows.

• Partner with the Security Operations Center, SRE, and IT to ensure network security controls integrate cleanly with existing infrastructure pipelines, CI/CD workflows, and incident response processes; participate in security architecture reviews and contribute to runbook development and operational documentation—raising the network security bar across the engineering organization.

• Perform other duties as assigned.

Physical Demands:

• While performing the duties of this job, the employee is regularly required to sit; use hands to type, handle, or feel and talk or hear.

• Specific vision abilities required by this job include close vision.

• Ability to occasionally lift/move up to 25 pounds.

• Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through the Human Resources department.

Supervisory Responsibility:

None.

Position Specifications

Education:

• Bachelor’s degree in Computer Science, Information Security, Network Engineering, or a related technical field, or equivalent combination of education and experience.

• Preferred certifications: CCNP Security, PCNSE (Palo Alto), AWS Solutions Architect, Cloudflare certifications, or equivalent. Relevant certifications are valued but not required if depth of hands-on experience is demonstrated.

Experience:

• 5+ years of progressive experience in network security engineering, with a demonstrated track record of designing, automating, and operating network security controls in cloud-native or hybrid environments.

• Substantive hands-on engineering experience: you write production code, build integrations, and ship tooling—not just policies and diagrams.

• Direct experience with network security platforms such as Cloudflare (WAF, Workers, Rulesets, Terraform provider), Zscaler (ZIA, ZPA), Palo Alto, or equivalent tier-one solutions.

• Experience in fintech, banking, payments, or other regulated financial services environments (PCI-DSS, SOC 2, ISO 27001) strongly preferred.

• Experience with infrastructure-as-code (Terraform, CloudFormation) and CI/CD-driven infrastructure provisioning.

Knowledge, Skills, & Abilities:

Required:

• Deep expertise in network security fundamentals: firewall policy design, micro-segmentation, ZTNA, SD-WAN, DDoS mitigation, traffic analysis, DNS security, and certificate/PKI management.

• Hands-on experience with agentic coding tools and workflows (Claude Code, Cursor, or equivalent)—or demonstrated eagerness and aptitude to adopt them as a primary development methodology.

• Strong proficiency in at least one backend language (Python strongly preferred; Go or similar considered) with the ability to design and build production-grade APIs, automation frameworks, and integration platforms.

• Thorough understanding of identity-aware network security—designing controls that authenticate and authorize not just users but services, workloads, and autonomous agents.

• Demonstrated ability to write clear, precise engineering specifications and technical documentation; comfortable operating on a distributed, async-first team where written clarity drives outcomes.

• Sound engineering judgment: able to evaluate AI-generated code for correctness, security implications, and maintainability; able to architect systems for reliability and observability.

• Strong cross-functional communication skills: able to translate network security requirements into actionable engineering work and influence peers across Security, SRE, and Platform teams.

Preferred:

• Experience building real-time telemetry, monitoring, and threat detection pipelines for network traffic.

• Familiarity with agent-to-agent authentication, service mesh architectures, and securing AI/ML workload communications.

• Experience integrating threat intelligence feeds and automating indicator-of-compromise enrichment into network defense workflows.

Travel:

• Minimal, generally 12 days or less per year (~2 team get-togethers per year).

$145,000 - $175,000 a year

LIFE AT LUMIN DIGITAL

Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. We empower credit unions and banks by creating cutting-edge digital experiences that continuously serve, engage, and grow their membership base — and as a 100% cloud-native company, we’re purpose-built to unlock the full advantages of the cloud for financial institutions and their users.

At Lumin, we thrive on curiosity and innovation. Our culture is built on trust in our expertise and decisions, respect for diverse perspectives and talents, and boldness in pursuing new ideas. These values shape a workplace where collaboration thrives, ideas flourish, and new possibilities are discovered every day. We encourage our team to explore, experiment, and challenge the status quo — because continuous improvement isn’t just a goal, it’s how we operate.

Benefits Include We take care of our people with medical, dental, and vision insurance, a 401(k) with company match, flexible PTO plus 12 paid holidays, paid sick leave, and paid parental and family leave. We also offer a lifestyle spending account, tuition reimbursement, and a cell phone stipend. Additional details are provided during the interview process.

Lumin Digital is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender identity, or any other legally protected basis. For more information, visit lumindigital.com.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Reports to: Sr. Director of Adversary Tactics

Location: Remote US

Compensation Range: $190,000.00 to $210,000.00  base plus bonus and equity

What We Do:

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24⁄7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers’ protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

What You’ll Do:

The Huntress Adversary Tactics team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. We’re looking for someone who wants to pour their creativity into researching, hunting, and uncovering threats in our customer networks. Competitive candidates have experience leading a team of researchers across the threat intelligence cycle. Candidates should also have experience creating Threat Intelligence reports, advocating for product enhancements, and public speaking.

Threat Intelligence Analysts aggregate threat data from the previous month and build out reports for our customers. These reports may also be used for marketing and help illustrate the value of what Huntress provides to customers and the community. Threat Intelligence Analysts are also responsible for writing blog posts and marketing materials regarding emerging threat trends. They also work closely with Security Researchers and Analysts to obtain more context about threat data.

Familiarity with product management, scripting/development, incident response, malware analysis, configuration management, and antivirus technologies is an additional way to differentiate yourself.

As you can imagine, success doesn’t happen in a vacuum. An effective hunter fosters highly collaborative environments between the Product, Marketing, and Security Operations Center teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision, ultimately delivering our most impactful features and capabilities.

We defend over 5 million endpoints and 11 million identities, and that number continues to grow each month, across tens of thousands of mid-sized and small business customers. Given this market’s tighter budgets, it’s impossible to assign human analysts to each client. The Adversary Tactics team addresses this challenge head-on by providing input to build and scale highly automated efficiencies—often lightly augmented by our Security Operations Analysts—that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.

Responsibilities:

• Conducts research on emerging adversary tradecraft in the identity space (Microsoft 365, Google) to help scope and conduct hunt missions
• Responsible for aggregating threat data to build out reports for customers to show Huntress’ value, and inform them of various threats that have been seen and reported
• Responsible for creating reports for marketing to show Huntress’ value to the larger community
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Works with the Sr. Director of Adversary Tactics, the Security Operations Center, Product, and others to develop the Product and threat operations roadmap
• Provides technical leadership for some members of the Security teams
• Supports the professional development of researchers and others in the organization through coaching and mentorship
• Responsible for enhancing Huntress visibility by ingesting and utilizing IOCs from external threat intel sources
• Responsible for blog posts and other marketing materials regarding threat trends
• Excellent written and verbal communication skills
• Familiarity with utilizing AI in workflows

What You Bring To The Team:

• Minimum of 5 years of experience in the field of Threat Intelligence
• Experience with SIEM tools for scaled log analysis
• Familiarity with detection engineering, detection logic, i.e., Sigma Rules
• Experience researching and scoping threat hunt missions
• Understanding of cybersecurity, threat actors, and end-to-end threat life cycle, including one or more of the following: digital forensics, malware research, incident response, vulnerabilities, and exploits
• Experience with 3rd-party intelligence tools, feeds, and reputation services.
• Experience conducting OSINT gathering and analysis
• Foundational development experience across multiple platforms (e.g., Windows and/or macOS), C/C++, GoLang, and Python (nice to have)
• Proficient knowledge of Windows and/or macOS subsystems and how they interact both at the user and kernel level (nice to have)

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit businesses of all sizes.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com . Please note that non-accommodation requests to this inbox will not receive a response.

Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process, but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights.

#BI-Remote

Reports to: Sr. Director of Adversary Tactics

Location: Remote US

Compensation Range: $190,000.00 to $210,000.00  base plus bonus and equity

What We Do:

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24⁄7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers’ protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

What You’ll Do:

The Huntress Adversary Tactics team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. We’re looking for someone who wants to pour their creativity into researching, hunting, and uncovering threats in our customer networks. Competitive candidates have experience leading a team of researchers across the threat intelligence cycle. Candidates should also have experience creating Threat Intelligence reports, advocating for product enhancements, and public speaking.

Threat Intelligence Analysts aggregate threat data from the previous month and build out reports for our customers. These reports may also be used for marketing and help illustrate the value of what Huntress provides to customers and the community. Threat Intelligence Analysts are also responsible for writing blog posts and marketing materials regarding emerging threat trends. They also work closely with Security Researchers and Analysts to obtain more context about threat data.

Familiarity with product management, scripting/development, incident response, malware analysis, configuration management, and antivirus technologies is an additional way to differentiate yourself.

As you can imagine, success doesn’t happen in a vacuum. An effective hunter fosters highly collaborative environments between the Product, Marketing, and Security Operations Center teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision, ultimately delivering our most impactful features and capabilities.

We defend over 5 million endpoints and 11 million identities, and that number continues to grow each month, across tens of thousands of mid-sized and small business customers. Given this market’s tighter budgets, it’s impossible to assign human analysts to each client. The Adversary Tactics team addresses this challenge head-on by providing input to build and scale highly automated efficiencies—often lightly augmented by our Security Operations Analysts—that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.

Responsibilities:

• Conducts research on emerging adversary tradecraft in the identity space (Microsoft 365, Google) to help scope and conduct hunt missions
• Responsible for aggregating threat data to build out reports for customers to show Huntress’ value, and inform them of various threats that have been seen and reported
• Responsible for creating reports for marketing to show Huntress’ value to the larger community
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Works with the Sr. Director of Adversary Tactics, the Security Operations Center, Product, and others to develop the Product and threat operations roadmap
• Provides technical leadership for some members of the Security teams
• Supports the professional development of researchers and others in the organization through coaching and mentorship
• Responsible for enhancing Huntress visibility by ingesting and utilizing IOCs from external threat intel sources
• Responsible for blog posts and other marketing materials regarding threat trends
• Excellent written and verbal communication skills
• Familiarity with utilizing AI in workflows

What You Bring To The Team:

• Minimum of 5 years of experience in the field of Threat Intelligence
• Experience with SIEM tools for scaled log analysis
• Familiarity with detection engineering, detection logic, i.e., Sigma Rules
• Experience researching and scoping threat hunt missions
• Understanding of cybersecurity, threat actors, and end-to-end threat life cycle, including one or more of the following: digital forensics, malware research, incident response, vulnerabilities, and exploits
• Experience with 3rd-party intelligence tools, feeds, and reputation services.
• Experience conducting OSINT gathering and analysis
• Foundational development experience across multiple platforms (e.g., Windows and/or macOS), C/C++, GoLang, and Python (nice to have)
• Proficient knowledge of Windows and/or macOS subsystems and how they interact both at the user and kernel level (nice to have)

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit businesses of all sizes.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com . Please note that non-accommodation requests to this inbox will not receive a response.

Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process, but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights.

#BI-Remote

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and...

Basic Function

The Senior Application Security Engineer is a hands-on technical leader responsible for securing Lumin Digital’s B2B2C SaaS platform across the full software development lifecycle. This role exists at the intersection of application security and AI-augmented engineering: the ideal candidate actively uses AI-powered tools such as Claude Code and Claude Security in their daily workflow to find vulnerabilities faster, automate remediation, and scale security coverage beyond what traditional approaches allow. As AI rapidly transforms how code is written, reviewed, and deployed, this engineer will lead the effort to secure AI-integrated applications, harden CI/CD pipelines, and establish governance for responsible AI adoption across product and engineering teams. Success in this role requires deep technical fluency, a bias toward building and doing over advising, and the ability to operate independently in a fast-moving, remote-first environment.

Essential Functions and Responsibilities:

• Lead security architecture reviews for new and existing applications, ensuring secure-by-design principles are embedded from initial design through deployment and ongoing operation.

• Develop, enforce, and continuously refine secure coding standards across engineering teams through a combination of automated security scans (SAST, DAST, SCA), AI-assisted code review using tools such as Claude Code, periodic manual code audits, and targeted secure development training.

• Own the design, implementation, and evolution of Application Security Posture Management (ASPM) capabilities, integrating signals from static analysis, dynamic testing, software composition analysis, and runtime telemetry to build risk-scoring models that balance exploitability, data sensitivity, and business impact.

• Continuously improve threat modeling frameworks across application components, third-party integrations, cloud-native architectures, and AI/LLM-powered features, leveraging tools such as Claude Security for accelerated threat model generation and scenario analysis.

• Develop custom security automation tools and scripts to improve detection and response capabilities across cloud environments, including AI-assisted vulnerability auto-fix workflows and integration of AI-powered security tooling into CI/CD pipelines.

• Own and operate the company’s bug bounty program end-to-end: define program strategy and scope, triage and validate external researcher submissions, assess severity, and maintain productive engagement with the security research community.

• Manage vulnerability triage and prioritization processes, ensuring vulnerabilities are assessed based on exploitability, business impact, and compliance requirements, and that remediation timelines align with organizational risk tolerance.

• Influence product roadmaps by identifying and advocating for security enhancements aligned with evolving regulatory requirements, industry best practices, and the emerging threat landscape for AI-integrated applications.

• Mentor security engineers and developers through hands-on guidance in secure coding, vulnerability remediation, and effective use of AI-augmented security workflows.

• Present security findings, risk assessments, and program metrics to senior leadership, clients, auditors, and regulators in a clear, actionable manner.

• Perform other duties as assigned.

Physical Demands:

• While performing the duties of this job, the employee is regularly required to sit; use hands to type, handle, or feel and talk or hear.

• Specific vision abilities required by this job include close vision.

• Ability to occasionally lift/move up to 25 pounds.

• Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through the Human Resources department.

Supervisory Responsibility:

None

Position Specifications

Education:

• Bachelor’s in Computer Science, Cybersecurity, Information Assurance, Software Engineering, or a related field, or an equivalent combination of education and experience.

• Preferred certifications: CSSLP, OSCP, GWEB, or GWAPT.

Experience:

• Seven (7+) years of progressive experience in application security, software security engineering, or a closely related domain within production SaaS environments.

• Extensive hands-on experience in secure software development, DevSecOps pipeline design, and security testing methodologies (SAST, DAST, SCA, penetration testing).

• Demonstrated experience securing large-scale cloud-native applications, APIs, and microservices architectures.

• Experience leading application security initiatives, defining program strategy, and mentoring engineering teams on secure development practices.

• Demonstrated, regular hands-on use of AI-powered security and development tools (e.g., Claude Code, Claude Security, or comparable coding/security assistants) as part of daily security engineering workflows, not solely in an evaluative, advisory, or training capacity.

• Experience assessing AI-specific attack surfaces in LLM-integrated applications, including prompt injection, context leakage, insecure tool use, and model denial-of-service.

Knowledge, Skills, & Abilities:

Required:

• Deep expertise in AWS security, Kubernetes security, and cloud-native application security best practices.

• Strong programming proficiency with the ability to review and assess security risks in one or more of: Java, C#, JavaScript/TypeScript, Python, Swift, or Kotlin.

• Expertise in secure authentication and authorization mechanisms, including OAuth 2.0, OIDC, SAML, JWT, WebAuthn, and Zero Trust principles.

• Hands-on proficiency with AI-augmented security workflows, including daily use of AI tools (e.g., Claude Code, Claude Security) for vulnerability discovery, remediation assistance, threat modeling, and security automation across the SDLC.

• Strong understanding of OWASP Top 10, OWASP Top 10 for LLM Applications, SANS 25, CVSS/EPSS scoring, and MITRE ATT&CK framework.

• Ability to identify, assess, and mitigate prompt injection vulnerabilities (direct and indirect) in LLM-integrated applications through input validation, output sanitization, instruction hierarchy enforcement, and adversarial prompt testing.

• Experience with secure context window management in AI-powered products, including preventing sensitive data leakage, enforcing context isolation boundaries, and defining data classification policies for AI model inputs.

• Hands-on experience with security automation and scripting (Python, Bash, or equivalent).

• Proficiency in penetration testing methodologies, including automated and manual security testing of web applications, APIs, and mobile platforms.

• Strong knowledge of encryption standards, cryptographic best practices, and secrets management.

• Ability to communicate complex security concepts to both technical and non-technical audiences, and to present risk assessments to senior leadership and external stakeholders.

• Demonstrated ability to work independently in a remote setting while maintaining high performance and accountability.

Preferred:

• Experience evaluating the security posture of AI providers (API security reviews, data residency assessments, vendor risk questionnaires, and contractual security requirements).

• Familiarity with AI model access controls and secrets hygiene in AI pipelines, including least-privilege principles for LLM tool integrations and securing model inference endpoints.

• Experience with SIEM, WAF, and security monitoring tools.

• Familiarity with cloud security controls in AWS, including IAM, security groups, KMS, Lambda security, and cloud monitoring.

• Strong project management abilities and experience collaborating across product, engineering, and compliance teams.

Travel:

• Minimal, generally 12 days or less per year, ~2X team get-togethers a year.

$155,000 - $175,000 a year

LIFE AT LUMIN DIGITAL

Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. We empower credit unions and banks by creating cutting-edge digital experiences that continuously serve, engage, and grow their membership base — and as a 100% cloud-native company, we’re purpose-built to unlock the full advantages of the cloud for financial institutions and their users.

At Lumin, we thrive on curiosity and innovation. Our culture is built on trust in our expertise and decisions, respect for diverse perspectives and talents, and boldness in pursuing new ideas. These values shape a workplace where collaboration thrives, ideas flourish, and new possibilities are discovered every day. We encourage our team to explore, experiment, and challenge the status quo — because continuous improvement isn’t just a goal, it’s how we operate.

Benefits Include We take care of our people with medical, dental, and vision insurance, a 401(k) with company match, flexible PTO plus 12 paid holidays, paid sick leave, and paid parental and family leave. We also offer a lifestyle spending account, tuition reimbursement, and a cell phone stipend. Additional details are provided during the interview process.

Lumin Digital is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender identity, or any other legally protected basis.

For more information, visit lumindigital.com.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and...

Basic Function

The Senior Application Security Engineer is a hands-on technical leader responsible for securing Lumin Digital’s B2B2C SaaS platform across the full software development lifecycle. This role exists at the intersection of application security and AI-augmented engineering: the ideal candidate actively uses AI-powered tools such as Claude Code and Claude Security in their daily workflow to find vulnerabilities faster, automate remediation, and scale security coverage beyond what traditional approaches allow. As AI rapidly transforms how code is written, reviewed, and deployed, this engineer will lead the effort to secure AI-integrated applications, harden CI/CD pipelines, and establish governance for responsible AI adoption across product and engineering teams. Success in this role requires deep technical fluency, a bias toward building and doing over advising, and the ability to operate independently in a fast-moving, remote-first environment.

Essential Functions and Responsibilities:

• Lead security architecture reviews for new and existing applications, ensuring secure-by-design principles are embedded from initial design through deployment and ongoing operation.

• Develop, enforce, and continuously refine secure coding standards across engineering teams through a combination of automated security scans (SAST, DAST, SCA), AI-assisted code review using tools such as Claude Code, periodic manual code audits, and targeted secure development training.

• Own the design, implementation, and evolution of Application Security Posture Management (ASPM) capabilities, integrating signals from static analysis, dynamic testing, software composition analysis, and runtime telemetry to build risk-scoring models that balance exploitability, data sensitivity, and business impact.

• Continuously improve threat modeling frameworks across application components, third-party integrations, cloud-native architectures, and AI/LLM-powered features, leveraging tools such as Claude Security for accelerated threat model generation and scenario analysis.

• Develop custom security automation tools and scripts to improve detection and response capabilities across cloud environments, including AI-assisted vulnerability auto-fix workflows and integration of AI-powered security tooling into CI/CD pipelines.

• Own and operate the company’s bug bounty program end-to-end: define program strategy and scope, triage and validate external researcher submissions, assess severity, and maintain productive engagement with the security research community.

• Manage vulnerability triage and prioritization processes, ensuring vulnerabilities are assessed based on exploitability, business impact, and compliance requirements, and that remediation timelines align with organizational risk tolerance.

• Influence product roadmaps by identifying and advocating for security enhancements aligned with evolving regulatory requirements, industry best practices, and the emerging threat landscape for AI-integrated applications.

• Mentor security engineers and developers through hands-on guidance in secure coding, vulnerability remediation, and effective use of AI-augmented security workflows.

• Present security findings, risk assessments, and program metrics to senior leadership, clients, auditors, and regulators in a clear, actionable manner.

• Perform other duties as assigned.

Physical Demands:

• While performing the duties of this job, the employee is regularly required to sit; use hands to type, handle, or feel and talk or hear.

• Specific vision abilities required by this job include close vision.

• Ability to occasionally lift/move up to 25 pounds.

• Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through the Human Resources department.

Supervisory Responsibility:

None

Position Specifications

Education:

• Bachelor’s in Computer Science, Cybersecurity, Information Assurance, Software Engineering, or a related field, or an equivalent combination of education and experience.

• Preferred certifications: CSSLP, OSCP, GWEB, or GWAPT.

Experience:

• Seven (7+) years of progressive experience in application security, software security engineering, or a closely related domain within production SaaS environments.

• Extensive hands-on experience in secure software development, DevSecOps pipeline design, and security testing methodologies (SAST, DAST, SCA, penetration testing).

• Demonstrated experience securing large-scale cloud-native applications, APIs, and microservices architectures.

• Experience leading application security initiatives, defining program strategy, and mentoring engineering teams on secure development practices.

• Demonstrated, regular hands-on use of AI-powered security and development tools (e.g., Claude Code, Claude Security, or comparable coding/security assistants) as part of daily security engineering workflows, not solely in an evaluative, advisory, or training capacity.

• Experience assessing AI-specific attack surfaces in LLM-integrated applications, including prompt injection, context leakage, insecure tool use, and model denial-of-service.

Knowledge, Skills, & Abilities:

Required:

• Deep expertise in AWS security, Kubernetes security, and cloud-native application security best practices.

• Strong programming proficiency with the ability to review and assess security risks in one or more of: Java, C#, JavaScript/TypeScript, Python, Swift, or Kotlin.

• Expertise in secure authentication and authorization mechanisms, including OAuth 2.0, OIDC, SAML, JWT, WebAuthn, and Zero Trust principles.

• Hands-on proficiency with AI-augmented security workflows, including daily use of AI tools (e.g., Claude Code, Claude Security) for vulnerability discovery, remediation assistance, threat modeling, and security automation across the SDLC.

• Strong understanding of OWASP Top 10, OWASP Top 10 for LLM Applications, SANS 25, CVSS/EPSS scoring, and MITRE ATT&CK framework.

• Ability to identify, assess, and mitigate prompt injection vulnerabilities (direct and indirect) in LLM-integrated applications through input validation, output sanitization, instruction hierarchy enforcement, and adversarial prompt testing.

• Experience with secure context window management in AI-powered products, including preventing sensitive data leakage, enforcing context isolation boundaries, and defining data classification policies for AI model inputs.

• Hands-on experience with security automation and scripting (Python, Bash, or equivalent).

• Proficiency in penetration testing methodologies, including automated and manual security testing of web applications, APIs, and mobile platforms.

• Strong knowledge of encryption standards, cryptographic best practices, and secrets management.

• Ability to communicate complex security concepts to both technical and non-technical audiences, and to present risk assessments to senior leadership and external stakeholders.

• Demonstrated ability to work independently in a remote setting while maintaining high performance and accountability.

Preferred:

• Experience evaluating the security posture of AI providers (API security reviews, data residency assessments, vendor risk questionnaires, and contractual security requirements).

• Familiarity with AI model access controls and secrets hygiene in AI pipelines, including least-privilege principles for LLM tool integrations and securing model inference endpoints.

• Experience with SIEM, WAF, and security monitoring tools.

• Familiarity with cloud security controls in AWS, including IAM, security groups, KMS, Lambda security, and cloud monitoring.

• Strong project management abilities and experience collaborating across product, engineering, and compliance teams.

Travel:

• Minimal, generally 12 days or less per year, ~2X team get-togethers a year.

$155,000 - $175,000 a year

LIFE AT LUMIN DIGITAL

Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. We empower credit unions and banks by creating cutting-edge digital experiences that continuously serve, engage, and grow their membership base — and as a 100% cloud-native company, we’re purpose-built to unlock the full advantages of the cloud for financial institutions and their users.

At Lumin, we thrive on curiosity and innovation. Our culture is built on trust in our expertise and decisions, respect for diverse perspectives and talents, and boldness in pursuing new ideas. These values shape a workplace where collaboration thrives, ideas flourish, and new possibilities are discovered every day. We encourage our team to explore, experiment, and challenge the status quo — because continuous improvement isn’t just a goal, it’s how we operate.

Benefits Include We take care of our people with medical, dental, and vision insurance, a 401(k) with company match, flexible PTO plus 12 paid holidays, paid sick leave, and paid parental and family leave. We also offer a lifestyle spending account, tuition reimbursement, and a cell phone stipend. Additional details are provided during the interview process.

Lumin Digital is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender identity, or any other legally protected basis.

For more information, visit lumindigital.com.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

1Password is growing. We’ve surpassed $400M in ARR and we’re continuing to accelerate, earning a spot on the Forbes Cloud 100 for four years in a row and teaming up...

MissionSupport the client’s AI Security Governance Program by defining, operationalizing and continuously improving the cybersecurity control framework for AI, GenAI and agentic AI use cases. The role will work with...

ABOUT ARTERA

Our Mission: Make healthcare #1 in customer service.

What We Deliver: Artera, a SaaS leader in digital health, transforms patient experience with AI-powered virtual agents (voice and text) for every step of the patient journey. Trusted by 1,000+ provider organizations — including specialty groups, FQHCs, large IDNs and federal agencies — engaging 100 million patients annually. Artera’s virtual agents support front desk staff to improve patient access including self-scheduling, intake, forms, billing and more. Whether augmenting a team or unleashing a fully autonomous digital workforce, Artera offers multiple virtual agent options to meet healthcare organizations where they are in their AI journey. Artera helps support 2B communications in 109 languages across voice, text and web. A decade of healthcare expertise, powered by AI.

Our Impact: Trusted by 1,000+ provider organizations — including specialty groups, FQHCs, large IDNs and federal agencies — engaging 100 million patients annually. Hear from our CEO, Guillaume de Zwirek, about why we are standing at the edge of the biggest technological shift in healthcare’s history!

Our award-winning culture: Our award-winning culture: Since founding in 2015, Artera has consistently been recognized for its innovative technology, business growth, and named a top place to work. Examples of these accolades include: Inc. 5000 Fastest Growing Private Companies (2020, 2021, 2022, 2023, 2024); Deloitte Technology Fast 500 (2021, 2022, 2023, 2024, 2025); Built In Best Companies to Work For (2021, 2022, 2023, 2024, 2025, 2026). Artera has also been recognized by Forbes as one of “America’s Best Startup Employers,” Newsweek as one of the “World’s Best Digital Health Companies,” and named one of the top “44 Startups to Bet your Career on in 2024” by Business Insider.

Applicants must be currently authorized and have the ability to provide proof of full-time, long-term authorization to work in the United States. We are unable to provide visa sponsorship or support visa transfers now or in the future.

ABOUT THE OPPORTUNITY

Artera is seeking a hands-on Senior Application Security Engineer, AI & Product Security to work alongside our AI builders and Systems Engineers to threat-model agentic and LLM-powered features, harden PHI/PII-handling workflows, and ship the “paved road” tooling (secure SDLC guardrails, prompt/agent-identity patterns, SAST/DAST/SCA in CI/CD) that keeps innovation fast and safe.

This is a frontier role. You’ll be operating where AI security is still being defined — translating policy into code, building guardrails for agent identity and prompt/output filtering, and giving our team the logging, scanning, and safe tool-use patterns. Artera Security finds the secure path and ships it with our AI Builders and System Engineers.

This role is based in our Seattle, WA office. In-person collaboration is intentional – you’ll be working shoulder-to-shoulder with our AI builders, Systems Engineers, and security leadership as we build Artera’s Seattle tech hub.

This role supports federal-facing systems and contributes to enterprise security functions. Candidates must meet eligibility for a government background check and follow strict data protection, access control, and incident response protocols. Familiarity with regulatory frameworks is expected. Ongoing compliance training and evidence-based documentation may be required.

Responsibilities

• AI Threat Modeling: Threat-model agentic and LLM-powered features end-to-end: data ingress/egress, agent identity, tool-use boundaries, and the unique risks that come with frontier AI work
• Paved Road Tooling: Build the secure SDLC paved road — secure SDLC guardrails, prompt/agent identity patterns, secrets management, PHI/PII redaction patterns
• Security Gates: Embed SAST, DAST, SCA, and infrastructure scanning into CI/CD so security gates are part of the pipeline, not an afterthought
• AI Monitoring Strategy: Identify and pilot an AI monitoring tool to fill the gap our current tooling (Zscaler) doesn’t cover
• Policy -> Practice: Translate existing security policy into safe tool-use patterns for the Artera Primitives team, Systems Engineers, and other AI Builder squads
• Cross Functional Partnership: Partner cross-functionally with DevOps, Systems Engineering, and the AI builder teams — meeting AI Builders and engineers in the middle and finding the secure path forward, not the “no” path
• Security Ownership: Own AWS identity and access management patterns, secrets management, and security tooling decisions in our AWS environment. Collaborate with System Engineers / DevOps on implementation.
• Security Framework Application: Apply frameworks like MITRE ATT&CK, MITRE ATLAS, OWASP Top 10, and OWASP LLM Top 10 to architectural decisions.

Requirements

• AppSec Tenure: 6–10 years in Application Security, with a hands-on engineering orientation
• LLM & Agent Security: Demonstrable experience with LLM and agent security — OWASP LLM Top 10, MITRE ATLAS, prompt/output filtering, agent identity, and tool-use risk
• Threat Modeling Expertise: You’ve built end-to-end threat models for production platforms and translated them into corrective controls
• Pipeline Scanning Tools: SAST, DAST, and infrastructure scanning tools in production CI/CD environments
• Shift-Left Security Experience: Taking policy, codifying it as infrastructure-as-code (Terraform), and gating CI/CD pipelines on security findings
• Cloud Depth: Significant AWS experience (GCP or Azure background acceptable; AWS is learnable, but cloud depth is required)
• Regulated Environment Experience: Background in regulated environments — healthcare (HIPAA/HITRUST), federal (FedRAMP), or fintech (PCI)
• Collaborative Communicator: Strong cross-functional communicator;able to partner with engineers and AI builders, find the secure path together.

Bonus

• Agentic AI Modeling: Direct experience threat modeling agentic AI systems (rare — but if you have it, you’re the cherry on top)
• Agentic Platform Exposure: AWS Agent Core, MCP, or similar agent-platform exposure
• Growth Stage AI Experience: Experience at a growth-stage company (~50–500 people) that has already adopted agentic AI
• Fintech to Agentic Path: Background in fintech transitioning into agentic systems (a common path into this kind of work today)
• AI Monitoring Tool Ownership: Past ownership of an AI monitoring tool rollout or evaluation

$146,000 - $175,000 a year

The compensation for this role will be based on level of experience and the geographic tier in which you are located. This position also comes with equity and a variety of benefits.

OUR APPROACH TO WORK LOCATION

Artera has hybrid office locations in Santa Barbara, CA, and Philadelphia (Wayne), PA, where team members typically come in three days a week. Specific frequency can vary depending on your team’s needs, manager expectations and/or role responsibilities.

In addition to our U.S. office locations, we are intentionally building geographically concentrated teams in several key metropolitan areas, which we call our “Hiring Hubs.” We are currently hiring remote candidates located within the following hiring hubs:

- Boston Metro Area, MA

- Chicago Metro Area, IL

- Denver Metro Area, CO

- Kansas City Metro Area (KS/MO)

- Los Angeles Metro Area, CA

- San Francisco / Bay Area, CA

- Seattle Metro Area, WA

This hub-based model helps us cultivate strong local connections and team cohesion, even in a distributed environment.

To be eligible for employment at Artera, candidates must reside in one of our hybrid office cities or one of the designated hiring hubs. Specific roles may call out location preferences when relevant.

As our hubs grow, we may establish local offices to further enhance in-person connection and collaboration. While there are no current plans in place, should an office open in your area, we anticipate implementing a hybrid model. Any future attendance expectations would be developed thoughtfully, considering factors like typical commute times and access to public transit, to ensure they are fair and practical for the local team.

WORKING AT ARTERA

Company benefits - Full health benefits (medical, dental, and vision), flexible spending accounts, company paid life insurance, company paid short-term & long-term disability, company equity, voluntary benefits, 401(k) and more!

Career development - Manager development cohorts, employee development funds

Generous time off - Company holidays, Winter & Summer break, and flexible time off

Employee Resource Groups (ERGs) - We believe that everyone should belong at their workplace. Our ERGs are available for identifying employees or allies to join.

EQUAL EMPLOYMENT OPPORTUNITY (EEO) STATEMENT

Artera is an Equal Opportunity Employer and is committed to fair and equitable hiring practices. All hiring decisions at Artera are based on strategic business needs, job requirements, and individual qualifications. All candidates are considered without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetics, protected veteran status, or any other protected status.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

Artera is committed to providing employees with a work environment free of discrimination and harassment; Artera will not tolerate discrimination or harassment of any kind. Artera provides reasonable accommodations for applicants and employees in compliance with state and federal laws. If you need an accommodation, please reach out to [email protected].

DATA PRIVACY

Artera values your privacy. By submitting your application, you consent to the processing of your personal information provided in conjunction with your application. For more information please refer to our Privacy Policy.

SECURITY REQUIREMENTS

All employees are responsible for protecting the confidentiality, integrity, and availability of the organization’s systems and data, including safeguarding Artera’s sensitive information such as, Personal identifiable Information (PII) and Protected Health Information (PHI). Those with specific security or privacy responsibilities must ensure compliance with organizational policies, regulatory requirements, and applicable standards and frameworks by implementing safeguards, monitoring for threats, reporting incidents, and addressing data handling risks or breaches.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

At Nord Security, we’re creating a safer cyber future.

We help people and businesses take back control of their online security, privacy, and data. From VPNs to password managers, threat intelligence to eSIMs for travel—our teams turn complex problems into solutions trusted by millions worldwide.

Life is online. In this role, you’ll help people own it.

Main Responsibilities

• Ensure software design security and define secure implementation practices by syncing with teams responsible for the actual product development.
• Ensure that security-related communication between technical teams involved in releasing the product is smooth (act as a “glue” between all teams so everyone’s on the same page);
• Plan and manage development of security tools within the team;
• Create tasks for the product’s security reviews (SAST/DAST/SCA results, application security testing, etc.).
• Cooperate with product teams to learn about changes introduced into the product early to make educated security decisions.
• Ensure mobile/desktop applications and browser extensions are sufficiently tested.
• Support internal and external audits;
• Design and deliver training for security engineering awareness & adoption.
• Actively look for internal security gaps within the product or organization overall.
• Address security questions and give advice regarding the direction of the product’s security.

Core Requirements

• Proven experience in mobile/desktop applications security assessment: planning, testing, methodologies, and vulnerability reporting;
• Good understanding of how networks work (OSI and TCP/IP models) with a particular focus on VPNs;
• Experience working with stakeholders to define the scope of security tests and identify remediation actions to address any vulnerabilities identified;
• Knowledge of secure coding practices;
• Sense of ownership with strong problem-solving and investigation skills;
• Experience with different OS (Linux, Android, iOS, macOS, Windows) security topics;
• Ability to build and maintain relationships, influence key stakeholders across the business;
• Ability to make product-related business decisions based on threats and vulnerabilities affecting it;
• A healthy dose of assertiveness combined with an ability to compromise.

Salary range

17,200 - 30000 PLN gross/month

What We Offer

Innovate with industry leaders

Work alongside global experts to build world-leading cybersecurity tools, impacting millions of users around the world.

Learn & grow

Boost your skills via our extensive training programs (online and offline) & other resources. Benefit from mentorship and career-switch opportunities to grow within the company.

Hybrid work

Enjoy the flexibility with 3 office days and working from home for the remaining 2.

Work from anywhere

Recharge with a change of scenery – choose work from any location when you feel a need to power your creativity and drive.

Physical well-being

Fuel your active lifestyle with online workouts led by our Physical Well-Being experts. Unlock a variety of sports and wellness facilities, like gyms, swimming pools, and fitness classes, with the Multisport card.

Mental & emotional health

Nurture your mind with free psychologist consultations, dedicated mental health events, and premium access to top-rated wellness apps like Calm, Headspace, and Mindletic.

Premium healthcare

Receive private health insurance giving you peace of mind for your health needs.

Joyful moments – special treats

Celebrate life’s big moments with special gifts from us on your birthday, anniversary, and other major events, such as weddings or the arrival of a new family member.

Company events & team-building

Experience iconic Nord Security celebrations, team-buildings, and knowledge-sharing events, nurturing bonds that fuel our success.

Workation

Embark on a legendary company getaway abroad, filled with exciting activities, live concerts, engaging workshops, and epic time together.

Kindly refer to our Privacy Notice for Recruitment Candidates for comprehensive information regarding our data handling procedures throughout recruitment processes: https://bit.ly/40GWyjL

We expect all candidates to provide accurate and complete information during the recruitment process. While limited use of AI tools to refine application materials is acceptable, candidates remain fully responsible for ensuring that their submissions reflect their own qualifications, skills, and experience. Any failure to do so may negatively affect participation in the recruitment process. If broader AI assistance is allowed for a particular role or stage, we’ll let you know in advance.

By submitting your application, you acknowledge that it may be processed using automated tools for evaluation purposes. As part of our recruitment process, we may use an AI-based application review tool to help assess applications based on skills and experience relevant to the role. This technology is used to support - not replace - human decision-making, and every application is ultimately reviewed by a recruiter.

If you would like more information about how AI is used in this process or wish to exercise your rights under applicable data privacy laws, please contact us at [email protected]. Should you prefer to opt out of the automated evaluation, please submit your application directly to [email protected].

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

General information Requisition # R67740 Locations USA-Remote Work Posting Date 05/13/2026 Security Clearance Required Secret Remote Type Fully Remote Time Type Full time Description & Requirements Shape the future of...

We are hiring a Senior Security Engineer — Operations / Incident Response to own the day-to-day defense of Ondo.

Our Purpose

At SentinelOne, we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build, operate, and innovate, the responsibility to protect them becomes more critical than ever. When you join SentinelOne, your work helps protect global enterprises, critical infrastructure, and the technologies shaping tomorrow. If you are motivated by meaningful challenges and want your impact to be real, measurable, and global, you will find purpose here.

About Us

SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. Our AI-native platform unifies protection across endpoint, cloud, identity, data, and AI systems to deliver autonomous detection and response with clarity and speed. By combining real-time analytics, intelligent automation, and a unified data foundation, we reduce noise, simplify complexity, and empower security teams to focus on what truly matters.

Our teams are builders, problem-solvers, and innovators committed to shaping the future of security. If you are excited to solve hard problems alongside talented, mission-driven people, we invite you to help us build a safer future for humanity.

What Are We Looking For?

We’re looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes.

As a Senior Threat Intelligence Researcher, you’ll lead deep-dive investigations into both emerging & known threats, while maintaining a vigilant watch over malware developments to ensure defenses remain a step ahead of evolving attack methods. You’ll put into use your ability to synthesize complex data into actionable intelligence, and to provide senior management with the clear briefings necessary to understand and mitigate potential risks. Furthermore, you’ll be expected to develop refined hunting strategies (to adapt to and anticipate shifts in threat actor tactics & techniques), and to track adversary infrastructure, effectively counteracting shifts in threat actor tactics through detail-oriented investigation.

What Will You Do?

Primary responsibilities include:

• Drive External Threat Research: Triage and evaluate findings from OSINT andlead in-depth investigations into emerging threats. Systematically evaluate signals from the global OSINT community and dark web forums to determine their fidelity, relevance, and impact.
• Synthesize Actionable Intelligence: Transform raw data from dark web forums, leak sites, and research repositories into high-level threat briefings and risk assessments for senior stakeholders.
• Adversary Knowledge Management: Curate and expand our internal Knowledge Base and IOCs collections.
• Track Actor Tradecraft (TTPs): Monitor adversary behaviors across the open and deep web to identify shifts in recruitment, target selection and shifting of operations.
• Pivot Across Infrastructure: Identify and map threat actor footprints by pivoting through domain registrations, SSL certificates, passive DNS.
• Bridge Intelligence Gaps: Collaborate closely with Detection Engineering to translate validated OSINT findings into durable hunting logic.
• Develop OSINT Tooling: Build and automate scrapers, monitors, and data-visualization tools to identify anomalies and track threats in external telemetry.

What Skills and Knowledge Will You Bring?

Ideal candidates will have:

• Must haves

  • A Threat Intelligence / Threat hunting background.
  • Knowledge of the cyber threat landscape, including actors and TTPs.
  • Strong analytical skills, with the ability to identify patterns and trends in large datasets.
  • Programming skills in python and knowledge of databases (SQL, noSQL)
  • Strong knowledge of YARA to track new malware families and knowledge on validation best practices.
  • Knowledge of MITRE ATT&CK, CISA KEV, EPSS, AMITT, MISP Galaxy.

• Strongly preferred

  • Knowledge of malware analysis tools and techniques, including static and dynamic analysis, sandboxing, and debugging.
  • Technical writing & content development skills.

• Nice to have

  • Understanding software vulnerabilities, and ability to implement hunting strategies to track and discover them.
  • Knowledge about internal working of EDR products.
  • Relevant certifications, such as Certified Malware Analyst (CMA), Certified Reverse Engineering Analyst (CREA), or GIAC Certified Malware Reverse Engineer (GREM)

Why SentinelOne?

AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.

We invest in our Sentinels with comprehensive, competitive benefits designed to support you and your family:

• Enjoy flexible hybrid work in Prague (Karlin), Brno (Clubco), or remotely across CZ/SK. Only Prague-based employees are required to work from the office at least two days per week.
• Stock & Bonuses: Grant of Restricted Stock Units with a 4-year vesting plan, annual performance-based bonuses, and an employee stock purchase plan.
• Time Off & Well-being: Flexible Time Off, on top of the standard 5 weeks vacation, flexible paid sick days, fully paid Short Term Sick/Nursing Leave, 16-week parental leave, grandparent leave, and additional company holidays.
• Insurance & Health: Pension Insurance Contribution, Premium life insurance, Private medical care (for you and +1), and a Global Employee Assistance Program.
• Work Perks: Monthly meal and well-being allowance, high-end MacBook/Windows laptop, work-from-home support, and in-office refreshments.
• Growth & Community: LinkedIn Learning, internal mentoring, educational support, generous referral bonuses, and optional company events (sports, BBQs, charity).

Be part of an inclusive, innovative workplace that values belonging, flexibility, and growth!

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles.

Our Purpose

At SentinelOne, we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build, operate, and innovate, the responsibility to protect them becomes more critical than ever. When you join SentinelOne, your work helps protect global enterprises, critical infrastructure, and the technologies shaping tomorrow. If you are motivated by meaningful challenges and want your impact to be real, measurable, and global, you will find purpose here.

About Us

SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. Our AI-native platform unifies protection across endpoint, cloud, identity, data, and AI systems to deliver autonomous detection and response with clarity and speed. By combining real-time analytics, intelligent automation, and a unified data foundation, we reduce noise, simplify complexity, and empower security teams to focus on what truly matters.

Our teams are builders, problem-solvers, and innovators committed to shaping the future of security. If you are excited to solve hard problems alongside talented, mission-driven people, we invite you to help us build a safer future for humanity.

What Are We Looking For?

We’re looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes.

As a Senior Threat Intelligence Researcher, you’ll lead deep-dive investigations into both emerging & known threats, while maintaining a vigilant watch over malware developments to ensure defenses remain a step ahead of evolving attack methods. You’ll put into use your ability to synthesize complex data into actionable intelligence, and to provide senior management with the clear briefings necessary to understand and mitigate potential risks. Furthermore, you’ll be expected to develop refined hunting strategies (to adapt to and anticipate shifts in threat actor tactics & techniques), and to track adversary infrastructure, effectively counteracting shifts in threat actor tactics through detail-oriented investigation.

What Will You Do?

Primary responsibilities include:

• Drive External Threat Research: Triage and evaluate findings from OSINT andlead in-depth investigations into emerging threats. Systematically evaluate signals from the global OSINT community and dark web forums to determine their fidelity, relevance, and impact.
• Synthesize Actionable Intelligence: Transform raw data from dark web forums, leak sites, and research repositories into high-level threat briefings and risk assessments for senior stakeholders.
• Adversary Knowledge Management: Curate and expand our internal Knowledge Base and IOCs collections.
• Track Actor Tradecraft (TTPs): Monitor adversary behaviors across the open and deep web to identify shifts in recruitment, target selection and shifting of operations.
• Pivot Across Infrastructure: Identify and map threat actor footprints by pivoting through domain registrations, SSL certificates, passive DNS.
• Bridge Intelligence Gaps: Collaborate closely with Detection Engineering to translate validated OSINT findings into durable hunting logic.
• Develop OSINT Tooling: Build and automate scrapers, monitors, and data-visualization tools to identify anomalies and track threats in external telemetry.

What Skills and Knowledge Will You Bring?

Ideal candidates will have:

• Must haves

  • A Threat Intelligence / Threat hunting background.
  • Knowledge of the cyber threat landscape, including actors and TTPs.
  • Strong analytical skills, with the ability to identify patterns and trends in large datasets.
  • Programming skills in python and knowledge of databases (SQL, noSQL)
  • Strong knowledge of YARA to track new malware families and knowledge on validation best practices.
  • Knowledge of MITRE ATT&CK, CISA KEV, EPSS, AMITT, MISP Galaxy.

• Strongly preferred

  • Knowledge of malware analysis tools and techniques, including static and dynamic analysis, sandboxing, and debugging.
  • Technical writing & content development skills.

• Nice to have

  • Understanding software vulnerabilities, and ability to implement hunting strategies to track and discover them.
  • Knowledge about internal working of EDR products.
  • Relevant certifications, such as Certified Malware Analyst (CMA), Certified Reverse Engineering Analyst (CREA), or GIAC Certified Malware Reverse Engineer (GREM)

Why SentinelOne?

AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.

We invest in our Sentinels with comprehensive, competitive benefits designed to support you and your family:

• Enjoy flexible hybrid work in Prague (Karlin), Brno (Clubco), or remotely across CZ/SK. Only Prague-based employees are required to work from the office at least two days per week.
• Stock & Bonuses: Grant of Restricted Stock Units with a 4-year vesting plan, annual performance-based bonuses, and an employee stock purchase plan.
• Time Off & Well-being: Flexible Time Off, on top of the standard 5 weeks vacation, flexible paid sick days, fully paid Short Term Sick/Nursing Leave, 16-week parental leave, grandparent leave, and additional company holidays.
• Insurance & Health: Pension Insurance Contribution, Premium life insurance, Private medical care (for you and +1), and a Global Employee Assistance Program.
• Work Perks: Monthly meal and well-being allowance, high-end MacBook/Windows laptop, work-from-home support, and in-office refreshments.
• Growth & Community: LinkedIn Learning, internal mentoring, educational support, generous referral bonuses, and optional company events (sports, BBQs, charity).

Be part of an inclusive, innovative workplace that values belonging, flexibility, and growth!

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles.

ASRC Federal is a leading government contractor furthering missions in space, public health and defense.

Our Purpose

At SentinelOne, we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build, operate, and innovate, the responsibility to protect them becomes more critical than ever. When you join SentinelOne, your work helps protect global enterprises, critical infrastructure, and the technologies shaping tomorrow. If you are motivated by meaningful challenges and want your impact to be real, measurable, and global, you will find purpose here.

About Us

SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. Our AI-native platform unifies protection across endpoint, cloud, identity, data, and AI systems to deliver autonomous detection and response with clarity and speed. By combining real-time analytics, intelligent automation, and a unified data foundation, we reduce noise, simplify complexity, and empower security teams to focus on what truly matters.

Our teams are builders, problem-solvers, and innovators committed to shaping the future of security. If you are excited to solve hard problems alongside talented, mission-driven people, we invite you to help us build a safer future for humanity.

What Are We Looking For?

We’re looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes.

As a Senior Threat Intelligence Researcher, you’ll lead deep-dive investigations into both emerging & known threats, while maintaining a vigilant watch over malware developments to ensure defenses remain a step ahead of evolving attack methods. You’ll put into use your ability to synthesize complex data into actionable intelligence, and to provide senior management with the clear briefings necessary to understand and mitigate potential risks. Furthermore, you’ll be expected to develop refined hunting strategies (to adapt to and anticipate shifts in threat actor tactics & techniques), and to track adversary infrastructure, effectively counteracting shifts in threat actor tactics through detail-oriented investigation.

What Will You Do?

Primary responsibilities include:

• Drive External Threat Research: Triage and evaluate findings from OSINT andlead in-depth investigations into emerging threats. Systematically evaluate signals from the global OSINT community and dark web forums to determine their fidelity, relevance, and impact.
• Synthesize Actionable Intelligence: Transform raw data from dark web forums, leak sites, and research repositories into high-level threat briefings and risk assessments for senior stakeholders.
• Adversary Knowledge Management: Curate and expand our internal Knowledge Base and IOCs collections.
• Track Actor Tradecraft (TTPs): Monitor adversary behaviors across the open and deep web to identify shifts in recruitment, target selection and shifting of operations.
• Pivot Across Infrastructure: Identify and map threat actor footprints by pivoting through domain registrations, SSL certificates, passive DNS.
• Bridge Intelligence Gaps: Collaborate closely with Detection Engineering to translate validated OSINT findings into durable hunting logic.
• Develop OSINT Tooling: Build and automate scrapers, monitors, and data-visualization tools to identify anomalies and track threats in external telemetry.

What Skills and Knowledge Will You Bring?

Ideal candidates will have:

• Must haves

  • A Threat Intelligence / Threat hunting background.
  • Knowledge of the cyber threat landscape, including actors and TTPs.
  • Strong analytical skills, with the ability to identify patterns and trends in large datasets.
  • Programming skills in python and knowledge of databases (SQL, noSQL)
  • Strong knowledge of YARA to track new malware families and knowledge on validation best practices.
  • Knowledge of MITRE ATT&CK, CISA KEV, EPSS, AMITT, MISP Galaxy.

• Strongly preferred

  • Knowledge of malware analysis tools and techniques, including static and dynamic analysis, sandboxing, and debugging.
  • Technical writing & content development skills.

• Nice to have

  • Understanding software vulnerabilities, and ability to implement hunting strategies to track and discover them.
  • Knowledge about internal working of EDR products.
  • Relevant certifications, such as Certified Malware Analyst (CMA), Certified Reverse Engineering Analyst (CREA), or GIAC Certified Malware Reverse Engineer (GREM)

Why SentinelOne?

AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.

We invest in our Sentinels with comprehensive, competitive benefits designed to support you and your family:

• Salary starting from 5000 EUR/month. Annual bonus based on company performance, paid in two installments. The final base salary may be adjusted based on the individual skills and experience of the selected candidate.
• Enjoy flexible working hours and the option to work remotely from anywhere in Slovakia. We offer access to major co-working spaces for those who prefer an office environment. In Czechia, you can also work from our modern offices in Prague or Brno.
• Stock & Bonuses: Grant of Restricted Stock Units with a 4-year vesting plan, annual performance-based bonuses, and an employee stock purchase plan.
• Time Off & Well-being: Flexible Time Off, on top of the standard 5 weeks vacation, flexible paid sick days, fully paid Short Term Sick/Nursing Leave, 16-week parental leave, grandparent leave, and additional company holidays.
• Insurance & Wellbeing: Pension Insurance Contribution, Premium life insurance, Paid Multisport Benefit Card and a Global Employee Assistance Program.
• Work Perks: Monthly meal and well-being allowance, high-end MacBook/Windows laptop, work-from-home support, and Multisport card paid by SentinelOne.
• Growth & Community: LinkedIn Learning, internal mentoring, educational support, generous referral bonuses, and optional company events (sports, BBQs, charity).

Be part of an inclusive, innovative workplace that values belonging, flexibility, and growth!

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles.

Our Purpose

At SentinelOne, we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build, operate, and innovate, the responsibility to protect them becomes more critical than ever. When you join SentinelOne, your work helps protect global enterprises, critical infrastructure, and the technologies shaping tomorrow. If you are motivated by meaningful challenges and want your impact to be real, measurable, and global, you will find purpose here.

About Us

SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. Our AI-native platform unifies protection across endpoint, cloud, identity, data, and AI systems to deliver autonomous detection and response with clarity and speed. By combining real-time analytics, intelligent automation, and a unified data foundation, we reduce noise, simplify complexity, and empower security teams to focus on what truly matters.

Our teams are builders, problem-solvers, and innovators committed to shaping the future of security. If you are excited to solve hard problems alongside talented, mission-driven people, we invite you to help us build a safer future for humanity.

What Are We Looking For?

We’re looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes.

As a Senior Threat Intelligence Researcher, you’ll lead deep-dive investigations into both emerging & known threats, while maintaining a vigilant watch over malware developments to ensure defenses remain a step ahead of evolving attack methods. You’ll put into use your ability to synthesize complex data into actionable intelligence, and to provide senior management with the clear briefings necessary to understand and mitigate potential risks. Furthermore, you’ll be expected to develop refined hunting strategies (to adapt to and anticipate shifts in threat actor tactics & techniques), and to track adversary infrastructure, effectively counteracting shifts in threat actor tactics through detail-oriented investigation.

What Will You Do?

Primary responsibilities include:

• Drive External Threat Research: Triage and evaluate findings from OSINT andlead in-depth investigations into emerging threats. Systematically evaluate signals from the global OSINT community and dark web forums to determine their fidelity, relevance, and impact.
• Synthesize Actionable Intelligence: Transform raw data from dark web forums, leak sites, and research repositories into high-level threat briefings and risk assessments for senior stakeholders.
• Adversary Knowledge Management: Curate and expand our internal Knowledge Base and IOCs collections.
• Track Actor Tradecraft (TTPs): Monitor adversary behaviors across the open and deep web to identify shifts in recruitment, target selection and shifting of operations.
• Pivot Across Infrastructure: Identify and map threat actor footprints by pivoting through domain registrations, SSL certificates, passive DNS.
• Bridge Intelligence Gaps: Collaborate closely with Detection Engineering to translate validated OSINT findings into durable hunting logic.
• Develop OSINT Tooling: Build and automate scrapers, monitors, and data-visualization tools to identify anomalies and track threats in external telemetry.

What Skills and Knowledge Will You Bring?

Ideal candidates will have:

• Must haves

  • A Threat Intelligence / Threat hunting background.
  • Knowledge of the cyber threat landscape, including actors and TTPs.
  • Strong analytical skills, with the ability to identify patterns and trends in large datasets.
  • Programming skills in python and knowledge of databases (SQL, noSQL)
  • Strong knowledge of YARA to track new malware families and knowledge on validation best practices.
  • Knowledge of MITRE ATT&CK, CISA KEV, EPSS, AMITT, MISP Galaxy.

• Strongly preferred

  • Knowledge of malware analysis tools and techniques, including static and dynamic analysis, sandboxing, and debugging.
  • Technical writing & content development skills.

• Nice to have

  • Understanding software vulnerabilities, and ability to implement hunting strategies to track and discover them.
  • Knowledge about internal working of EDR products.
  • Relevant certifications, such as Certified Malware Analyst (CMA), Certified Reverse Engineering Analyst (CREA), or GIAC Certified Malware Reverse Engineer (GREM)

Why SentinelOne?

AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.

We invest in our Sentinels with comprehensive, competitive benefits designed to support you and your family:

• Enjoy flexible hybrid work in Prague (Karlin), Brno (Clubco), or remotely across CZ/SK. Only Prague-based employees are required to work from the office at least two days per week.
• Stock & Bonuses: Grant of Restricted Stock Units with a 4-year vesting plan, annual performance-based bonuses, and an employee stock purchase plan.
• Time Off & Well-being: Flexible Time Off, on top of the standard 5 weeks vacation, flexible paid sick days, fully paid Short Term Sick/Nursing Leave, 16-week parental leave, grandparent leave, and additional company holidays.
• Insurance & Health: Pension Insurance Contribution, Premium life insurance, Private medical care (for you and +1), and a Global Employee Assistance Program.
• Work Perks: Monthly meal and well-being allowance, high-end MacBook/Windows laptop, work-from-home support, and in-office refreshments.
• Growth & Community: LinkedIn Learning, internal mentoring, educational support, generous referral bonuses, and optional company events (sports, BBQs, charity).

Be part of an inclusive, innovative workplace that values belonging, flexibility, and growth!

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles.

Our Purpose

At SentinelOne, we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build, operate, and innovate, the responsibility to protect them becomes more critical than ever. When you join SentinelOne, your work helps protect global enterprises, critical infrastructure, and the technologies shaping tomorrow. If you are motivated by meaningful challenges and want your impact to be real, measurable, and global, you will find purpose here.

About Us

SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. Our AI-native platform unifies protection across endpoint, cloud, identity, data, and AI systems to deliver autonomous detection and response with clarity and speed. By combining real-time analytics, intelligent automation, and a unified data foundation, we reduce noise, simplify complexity, and empower security teams to focus on what truly matters.

Our teams are builders, problem-solvers, and innovators committed to shaping the future of security. If you are excited to solve hard problems alongside talented, mission-driven people, we invite you to help us build a safer future for humanity.

What Are We Looking For?

We’re looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes.

As a Senior Threat Intelligence Researcher, you’ll lead deep-dive investigations into both emerging & known threats, while maintaining a vigilant watch over malware developments to ensure defenses remain a step ahead of evolving attack methods. You’ll put into use your ability to synthesize complex data into actionable intelligence, and to provide senior management with the clear briefings necessary to understand and mitigate potential risks. Furthermore, you’ll be expected to develop refined hunting strategies (to adapt to and anticipate shifts in threat actor tactics & techniques), and to track adversary infrastructure, effectively counteracting shifts in threat actor tactics through detail-oriented investigation.

What Will You Do?

Primary responsibilities include:

• Drive External Threat Research: Triage and evaluate findings from OSINT andlead in-depth investigations into emerging threats. Systematically evaluate signals from the global OSINT community and dark web forums to determine their fidelity, relevance, and impact.
• Synthesize Actionable Intelligence: Transform raw data from dark web forums, leak sites, and research repositories into high-level threat briefings and risk assessments for senior stakeholders.
• Adversary Knowledge Management: Curate and expand our internal Knowledge Base and IOCs collections.
• Track Actor Tradecraft (TTPs): Monitor adversary behaviors across the open and deep web to identify shifts in recruitment, target selection and shifting of operations.
• Pivot Across Infrastructure: Identify and map threat actor footprints by pivoting through domain registrations, SSL certificates, passive DNS.
• Bridge Intelligence Gaps: Collaborate closely with Detection Engineering to translate validated OSINT findings into durable hunting logic.
• Develop OSINT Tooling: Build and automate scrapers, monitors, and data-visualization tools to identify anomalies and track threats in external telemetry.

What Skills and Knowledge Will You Bring?

Ideal candidates will have:

• Must haves

  • A Threat Intelligence / Threat hunting background.
  • Knowledge of the cyber threat landscape, including actors and TTPs.
  • Strong analytical skills, with the ability to identify patterns and trends in large datasets.
  • Programming skills in python and knowledge of databases (SQL, noSQL)
  • Strong knowledge of YARA to track new malware families and knowledge on validation best practices.
  • Knowledge of MITRE ATT&CK, CISA KEV, EPSS, AMITT, MISP Galaxy.

• Strongly preferred

  • Knowledge of malware analysis tools and techniques, including static and dynamic analysis, sandboxing, and debugging.
  • Technical writing & content development skills.

• Nice to have

  • Understanding software vulnerabilities, and ability to implement hunting strategies to track and discover them.
  • Knowledge about internal working of EDR products.
  • Relevant certifications, such as Certified Malware Analyst (CMA), Certified Reverse Engineering Analyst (CREA), or GIAC Certified Malware Reverse Engineer (GREM)

Why SentinelOne?

AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.

We invest in our Sentinels with comprehensive, competitive benefits designed to support you and your family:

• Flexible working hours, this is a 100% remote role based within Spain; we provide optional membership in major coworking chains

  • Currently for this role in Spain we are able to consider only candidates that are already eligible to work in the EU at the time of applying
  • Optionally for those willing to relocate to the Czech Republic relocation assistance is available for any candidates that are already eligible to work in the EU at the time of applying

• Generous employee stock plan in the form of grant of RSUs(restricted stock units), not options; 4 years vesting with 1 year cliff and then quarterly, stock refresh yearly

• Yearly bonus depending on the performance of the company, paid out in 2 installments

• 30 Days of Paid Annual Leave

• Flexible Paid Sick Days

• Pension insurance contribution

• Premium Life Insurance covered by S1

• Premium Medical & Dental Insurance covered by S1

• Meal, Transport & Homeoffice allowance of total 440 EUR/month

• Global gender-neutral Parental Leave (16 weeks, beyond the leave provided by the local laws) & Grandparent Leave

• Volunteering paid day off & Additional paid Company holidays off (e.g. 4 days in 2022)

• Global Employee Assistance Program (confidential counseling related to both personal and work life matters)

• LinkedIn Learning platform for Hard/Soft skills Training & Support for your further educational activities/trainings

• Above-standard referral bonus

& Additional country-specific benefits to Spain

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles.

Joining Collibra’s Product Security team

Collibra is seeking a Senior Product Security Engineer to join our high-impact team. You will be a key individual responsible for identifying vulnerabilities and providing expert remediation consulting for our global product development teams. This role provides critical technical leadership and oversight, ensuring Collibra continues to deliver secure, resilient products and services to our customers. You will act as an application security evangelist, partnering with engineers to accelerate secure time-to-value while leveraging cutting-edge AI and MCP to create context-aware security automation.

This is a remote role .

Product Security Engineers at Collibra are responsible for

• Application security for products and/or features supported by your assigned development teams.
• Performing security testing and triaging findings identified by SAST, SCA, IAST, DAST, and penetration tests.
• Leverage AI and MCP to create intelligent, context-aware security guidance and automation.
• Providing remediation consulting services to assigned development teams.
• Assist with vulnerability management reporting and tracking.
• Coordinating third-party penetration testing engagements, analyzing reports, and opening tickets for remediation.
• Contribute to the configuration and management of security tools.

You have

• 5+ years of application/product security experience.
• 2+ years of experience securing Java, Python, and/or JavaScript web applications.
• Knowledge of enterprise-level software architecture components and cloud infrastructure.
• Experience building trusted advisor relationships with engineers, product owners, and engineering management (up to director level).
• Experience with AI security tooling, context-aware automation for SSDLC.
• Understanding of AI privacy and governance in developer workflows.
• Experience using and building agentic AI systems that work collaboratively.
• Experience advocating for the remediation of application security risk and, simultaneously, the associated development/engineering team(s).
• Experience in identifying vulnerabilities in source code, providing detailed steps to reproduce exploitation, and providing recommendations to engineering teams on how to remediate issues.
• A bachelor’s degree or equivalent related working experience is required.
• This position is not eligible for visa sponsorship.
• Because this role supports the US government, it is required that this candidate be a US citizen who resides on US soil.

You are

• Knowledgeable of CI/CD concepts and experience with integrated SAST, SCA, and DAST tooling.
• Proficient at triaging application vulnerabilities associated with source code, open-source library dependencies, and 3rd party containers.
• Able to assess and communicate the impact of Common Vulnerability Weaknesses (CVEs) on custom application software and advise on risk acceptance/deferment for false positive scenarios, severity adjustments, and acceptable reasoning for operational requirements.
• Experienced in executing as a matrixed/embedded security resource (within a development team) responsible for product, application, or feature group vulnerability assessments, ensuring they are appropriately enumerated and executed.
• Possess a working knowledge of Python, Java, and/or JavaScript software development languages.
• Experienced in Linux and containerization in a cloud environment.
• Experienced in communicating the impact of security vulnerabilities to engineering teams and product leaders.
• Experienced in using SAST, DAST, and SCA tooling.
• Experienced in being a point of contact for outside/3rd party security assessments (pen tests, questionnaires, etc.).
• knowledgeable of vulnerability management concepts, challenges, and reporting.
• Possess a working knowledge of the OWASP Top 10 and can explain its concepts to a diverse audience of engineers and people leaders.
• Familiarity with AI standards and regulations, EU AI Act, SAIF and ISO 42001.

Measures of success

• Within your first month, you will absorb fundamental knowledge about Collibra processes/tools and SDLC.
• Within your third month, you will own application security engineering tasks for one or more development teams responsible for product features.
• Within your sixth month, you will be responsible for managing triaging efforts for 3rd party pen testing and be able to resolve customer product security inquiries independently.

Compensation for this role

The standard base salary range for this position is $168,000.00 - $210,000.00 per year. This position is not eligible for additional commission-based compensation. Salary offers are based on a combination of factors, including, but not limited to, experience, skills, and location. In addition to base salary, we offer a competitive total rewards package, including bonus potential, equity for eligible roles, a Flex Fund monthly stipend, pension/401k plans, and more.

Benefits at Collibra

Collibra recognizes and values that everyone has different needs, interests, and life goals. We built our benefits program with flexibility in mind to support you and your loved ones through a diverse range of circumstances and life events. These flexible offerings sit on a foundation of competitive compensation, health coverage, and time off. Learn more about Collibra’s benefits.

We create inclusion and belonging through how we onboard, meet, connect, engage, and communicate. Learn more about diversity, equity, and inclusion at Collibra.

At Collibra, we’re proud to be an equal opportunity employer. We realize the key to creating a company with a world-class culture and employee experience comes from who we hire and creating a workplace that celebrates everyone.

With this, we proudly consider qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sexual orientation, pregnancy, sex, gender identity, gender expression, genetic information, physical or mental disability, HIV status, registered domestic partner status, caregiver status, marital status, veteran or military status, citizenship status or any other legally protected category. If you have a need that requires accommodation, let us know by completing our Accommodations for Applicants form.