person looking for a Security Operations Remote Jobs

Get Remote Security Operations Jobs in your mailbox.

100 exciting remote jobs on file from 2500+ top remote companies.

  • Hot new jobs of this week
  • 100 active jobs from past weeks to consult
  • Segmented for USA, Europe or Worldwide.
  • Personally selected for you by our experienced remote hiring managers.


A selection of jobs from the previous newsleterrs.

BlueVoyant is hiring a Remote SOC Security Analyst

SOC Security Analyst - BlueVoyant - Career PageSee more jobs at BlueVoyant

Apply for this job

Brilliant Earth is hiring a Remote Senior Information Security Engineer

Senior Information Security Engineer - Brilliant Earth - Career PageBonus Experienc

See more jobs at Brilliant Earth

Apply for this job

8d

Security Engineer

BugcrowdRemote - United States
golangBachelor's degreekotlinjiragitrubyc++pythonAWSjavascript

Bugcrowd is hiring a Remote Security Engineer

We are Bugcrowd. Since 2012, we’ve been empowering organizations to take back control and stay ahead of threat actors by uniting the collective ingenuity and expertise of our customers and trusted alliance of elite hackers, with our patented data and AI-powered Security Knowledge Platform™. Our network of hackers brings diverse expertise to uncover hidden weaknesses, adapting swiftly to evolving threats, even against zero-day exploits. With unmatched scalability and adaptability, our data and AI-driven CrowdMatch™ technology in our platform finds the perfect talent for your unique fight. We aim to create a new era of modern crowdsourced security that outpaces threat actors. Unleash the ingenuity of the hacker community with Bugcrowd, visit www.bugcrowd.com. Based in San Francisco and New Hampshire, Bugcrowd is supported by General Catalyst, Rally Ventures, Costanoa Ventures, and others.

Job Summary 

The Security Engineer’s role is to aid the security efforts of Bugcrowd, while proactively making changes to further improve our security posture. 

To achieve this goal, we require a motivated team member who is willing to push their own boundaries and step out of their comfort zone.You will be challenged on a regular basis, especially because you are the last line of defense for one of the largest crowdsourced security platforms! The Security Engineer will provide mentoring to multiple junior security engineers and will work closely with other team members on a daily basis. 

**Please note this role will be working PST business hours

Essential Duties and Responsibilities

  • Aiding within the Incident Response process
  • Threat hunting
  • Developing patches and security controls within a Ruby on Rails application, Golang application, and Kotlin application
  • Communicating across multiple teams converting technical knowledge into palatable words for multiple audiences. 
  • Significant familiarity with AWS and network security controls
  • Identifying vulnerability root causes
  • Performing basic risk assessments and triaging
  • Educating developers on security best practices
  • Architecting solutions with developers to remediate any security concerns
  • Performing basic red team assessments (including but not limited to phishing, vishing, spoofing technologies, etc.)
  • Testing new features within the platform and services
  • Automating security tasks to increase workflow efficiency
  • Mentoring other team members

Education

  • Bachelor's Degree in a relevant field or commensurate experience
  • 3 - 5+ years of professional experience in a similar role or its equivalent.

Knowledge, Skills, and Abilities

  •  Experience with writing IR plans and operating within an IR practice (experience responding to incidents)
  • Working knowledge of Threat Intelligence and how it can be used to proactively create security controls (automation)
  • Familiarity with Pentesting techniques and OWASP Top 10
  • Ability to understand a vulnerability and work with developers to patch it
  • Scripting knowledge in at least one of: Bash, Python, JavaScript, Ruby
  • Self motivated and organized - must be able to operate from a calendar and be punctual
  • Cloud security experience or holds cloud certifications (AWS strongly preferred)
  • Experience with Identity and Access Management (IAM) controls
  • Ability to work autonomously within a global company, and critically think without intervention
  • Familiarity with git
  • Familiarity with a ticketing system / issue tracking system is a must (e.g: Jira)

Working Conditions & Physical Requirements

Sitting and / or standing - Must be able to remain in a stationary position 50% of the time

Carrying and / or lifting - Must be able to carry / move laptop as needed throughout the work day.

Environment - remote, work-from-home 100% of the time.

ADA Statement: Bugcrowd is committed to the full inclusion of all qualified individuals. In keeping with our commitment, Bugcrowd will take the steps to assure that people with disabilities are provided reasonable accommodations. Accordingly, if reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please contact HR at ada@bugcrowd.com.

Pay Range Disclosure:The base pay range for this role takes into account the wide range of factors that are considered in making compensation decisions, including but not limited to Qualifications, Geographical Location, Education/certifications, Experience, Skill Sets, Training, and other business and organizational needs. 

A reasonable estimate of the current range for the position of Security Engineer base is: $97,000- $106,000.

This position may also be eligible to participate in a discretionary bonus program or commission plan, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Culture

  • At Bugcrowd, we understand that diversity in the workplace is vital to a company’s success and growth. We strive to make sure that people are included and have a sense of being part of making Bugcrowd not only a great product but a great place to work.
  • We regularly hear from both customers and researchers that Bugcrowd feels like a family, and we strive to maintain that internally as well.
  • Our team consists of a broad range of people: musicians, adventure sports junkies, nature lovers, parents, cereal enthusiasts, night owls, cyclists, artists—you get the point.

At Bugcrowd, we are solving security threats and vulnerabilities that are relevant to everyone, therefore we believe solving these problems takes all kinds of backgrounds. We value the perspectives and experiences people from underrepresented backgrounds bring.

 

Disclaimer

This position has access to highly confidential, sensitive information relating to the technologies of Bugcrowd. It is essential that the applicant possess the requisite integrity to maintain the information in the strictest confidence.

The company is authorized to obtain background checks for employment purposes under state and federal law. Background checks will be conducted for positions that involve access to confidential or proprietary information (including trade secrets).

Background checks may include Social Security verification, prior employment verification, personal and professional references, educational verification, and criminal history. Applicants with conviction histories will not be excluded from consideration to the extent required bylaw.


Equal Employment Opportunity:

Bugcrowd is EOE, Disability/Age Employer. 


Individuals seeking employment at Bugcrowd are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. 


Apply at: https://www.bugcrowd.com/about/careers/

 

See more jobs at Bugcrowd

Apply for this job

BlueVoyant is hiring a Remote Splunk Security Engineer

Splunk Security Engineer - BlueVoyant - Career Page

Paramo Technologies is hiring a Remote Security Engineer (Penetration Tester) - Remote

To apply for this position, you must be located in the Americas (United States of America is not applicable). Applications from other locations will be disqualified from this selection process.

We are...

a cutting-edge e-commerce company developing products for our technological platform. Our creative, smart, dedicated teams pool their knowledge and experience to find the best solutions to meet project needs while maintaining sustainable and long-lasting results. How? By making sure that our teams thrive and develop professionally. Strong advocates of hiring top talent and letting them do what they do best, we strive to create a workplace that allows for an open, collaborative, and respectful culture.

What you will be doing...

You will protect our infrastructure by searching for and helping address vulnerabilities. The right person must have excellent engagement and communication skills and a solid customer-focused and team-oriented approach that balances security needs and user experience to provide best-in-class security for the organization.

Must also be bilingual: English/Spanish.

Key Responsibilities:

  • Perform thorough penetration testing on various components of the organization's IT infrastructure, including networks, web applications, API, mobile applications, and cloud environments.
  • Use various tools and techniques to identify security weaknesses, such as SQL injection, cross-site scripting (XSS), privilege escalation, and other vulnerabilities.
  • Develop and execute attack scenarios to assess the effectiveness of security controls and defences.
  • Conduct vulnerability assessments to identify and evaluate security flaws and weaknesses within systems and applications.
  • Analyze and prioritize vulnerabilities based on risk assessment and potential impact on the organization.
  • Create detailed reports documenting findings from penetration tests and vulnerability assessments, including descriptions of vulnerabilities, exploitation methods, and recommended remediation actions.
  • Triage vulnerabilities reported in a bug bounty program.
  • Prepare and present technical and executive-level reports that clearly communicate security issues, risks, and mitigation strategies.
  • Ensure that documentation is accurate, comprehensive, and delivered on time.
  • Work closely with IT, development, and security teams to address identified vulnerabilities and guide remediation efforts.
  • Advise on best practices for securing systems and applications based on penetration testing findings and industry standards.
  • Participate in developing and improving security policies, procedures, and practices.
  • Stay updated with the latest penetration testing tools, techniques, and threat vectors.
  • Develop custom scripts and tools to aid penetration testing and automate repetitive tasks.
  • Contribute to the refinement and enhancement of testing methodologies and frameworks.
  • Engage in ongoing training and professional development to enhance skills and stay current with emerging threats and technologies.
  • Share knowledge and expertise with the team to foster a culture of security awareness and continuous improvement.
  • Participate in internal and external security assessments, including red team exercises and vulnerability management programs.
  • Ensure penetration testing activities comply with industry standards, regulatory requirements, and organizational policies.
  • Maintain an open-source way of thinking when performing penetration testing.
  • Adhere to different policies set out by the organization.
  • Follow and improve existing procedures.
  • Keep your work organized based on tickets (Jira).
  • Prepare and provide different reports (weekly/monthly/ad-hoc) to the Top Management as necessary.
  • Maintain appropriate knowledge required for successful and efficient delivery of the responsibilities.
  • Keeping abreast of new threats and vulnerabilities and providing analysis as per applicability.
  • Help the organization understand advanced cyber threats.

Knowledge and skills you need to have

  • Five years of a university degree or four-year college diploma, preferably in computer science, telecommunications, or other related academic fields, or equivalent work experience, are required.
  • At least 5 years of work experience in similar roles.
  • Fundamental technical understanding and experience assessing vulnerabilities and identifying weaknesses in web applications, APIs, operating systems (Windows and Linux), networks, databases, and application servers.
  • Ability to prioritize remediation and handle mitigation planning.
  • Experience in working collaboratively with cross-functional/transverse IT teams.
  • Ability to apply a risk-based approach while working on assigned responsibilities.
  • Good understanding of reporting needs at various organizational levels and ability to design, create, and present them.
  • Experience in working with any BI tools to prepare dashboards.
  • Troubleshooting and problem-solving capabilities.
  • Excellent analytical, communication, and documentation skills.
  • Ability to organize work and prioritize work as per the operation's needs.
  • Ability to work independently and as part of the Information Security Team, and can work under minimal supervision.
  • Should have time management skills and manage work in a fast-moving environment.

Competencies:

  • Reading comprehension: You must be able to read and understand the existing procedures and the tasks assigned to tickets. This is crucial for you to work under minimal supervision and excel. If you are a technical guru but don't understand the assigned tasks in writing or don't clarify doubts, this is not your job.
  • Organization: This position has 50% recurring tasks (e.g. reviewing weekly vulnerability scans), 30% research tasks (e.g. identifying why a vulnerability scan isn't working as expected and solving it together with other teams), 10% chasing other teams (e.g. ensuring that a vulnerability is remedied), and 10% procedures (e.g. improving existing procedures).
  • Prioritization: You must attend to the priorities of the assigned tasks and assign the right priority to the discovered vulnerabilities.
  • Strong interpersonal, written, and oral communication skills.
  • Able to conduct research into security issues and products as required.
  • Ability to prioritize and execute tasks during a high-pressure moment and make sound decisions in emergencies.
  • Ability to present ideas in a user-friendly language.
  • Keen attention to detail.
  • Proven analytical and problem-solving abilities.
  • Strong customer service orientation.
  • Ability to manage multiple projects, activities, and tasks simultaneously.
  • Facilitation and change management skills.

Bonus points for the following

Additional requirements, not essential but "nice to have":

  • Any Penetration Testing certification (i.e. CEH, OSCP, GPEN, Pentest+).
  • Any Vulnerability Management certification.
  • Knowledge of Splunk SIEM.
  • Knowledge of CDN and WAF usage and configuration (i.e. Cloudflare, Imperva).
  • Any other Cybersecurity certification.

Why choose us?

We provide the opportunity to be the best version of yourself, develop professionally, and create strong working relationships, whether working remotely or on-site. While offering a competitive salary, we also invest in our people's professional development and want to see you grow and love what you do. We are dedicated to listening to our team's needs and are constantly working on creating an environment in which you can feel at home.

We offer a range of benefits to support your personal and professional development:

Benefits:

  • 22 days of annual leave
  • 10 days of public/national holidays
  • Health insurance options
  • Access to online learning platforms
  • On-site English classes in some countries, and more.

Join our team and enjoy an environment that values and supports your well-being. If this sounds like the place for you, contact us now!

See more jobs at Paramo Technologies

Apply for this job

Paramo Technologies is hiring a Remote Security Engineer (SIEM) - Remote

To apply for this position, you must be located in the Americas (United States of America is not applicable). Applications from other locations will be disqualified from this selection process.

We are...

a cutting-edge e-commerce company developing products for our technological platform. Our creative, smart, dedicated teams pool their knowledge and experience to find the best solutions to meet project needs while maintaining sustainable and long-lasting results. How? By making sure that our teams thrive and develop professionally. Strong advocates of hiring top talent and letting them do what they do best, we strive to create a workplace that allows for an open, collaborative, and respectful culture.

What you will be doing...

You will protect our infrastructure by grabbing, analyzing and monitoring logs and events. The right person must have excellent engagement and communication skills and a solid customer-focused and team-oriented approach that balances security needs and user experience to provide best-in-class security for the organization.

Must also be bilingual: English/Spanish.

Key responsibilities of this Role

  • Monitor security alerts and notifications from various sources, including applications, network devices, operating systems, EDR, etc.
  • Investigate and analyze security incidents, including potential breaches, malware infections, and policy violations.
  • Coordinate with other teams to contain and remediate security incidents, minimizing impact and recovery time.
  • Document and report on incident details, responses, and resolutions.
  • Perform continuous monitoring of network traffic, system logs, and security events to identify anomalies and potential threats.
  • Analyze security alerts and perform detailed forensic investigations to determine the root cause of incidents.
  • Maintain and optimize security tools and technologies, including SIEM platforms, IDS/IPS, endpoint protection, EDR, and threat intelligence feeds.
  • Configure and tune security systems to reduce false positives and improve detection capabilities.
  • Create and maintain detailed documentation for security incidents, including incident reports, post-mortem analysis, and lessons learned.
  • Prepare and present regular reports on security incidents, trends, and metrics to senior management.
  • Ensure compliance with relevant regulatory requirements and internal policies.
  • Work closely with IT to enhance our security posture and respond to emerging threats.
  • Collaborate with external partners, vendors, and law enforcement when necessary for incident resolution and information sharing.
  • Provide guidance and support to junior security staff and other teams on security best practices and incident handling.
  • Stay up-to-date with the latest cybersecurity trends, threats, and technologies.
  • Creation of dashboards and KPIs.
  • Participate in ongoing training and professional development to enhance skills and knowledge.
  • Contribute to developing and refining SIEM procedures, playbooks, and response strategies.
  • Assist in creating and updating security policies, procedures, and incident response plans.
  • Ensure that security controls are consistently applied and followed across the organization.
  • Adhere to different policies set out by the organization.
  • Follow and improve existing procedures.
  • Keep your work organized based on tickets (Jira).
  • Prepare and provide different reports (weekly/monthly/ad-hoc) to the Top Management as necessary.
  • Maintain appropriate knowledge required for successful and efficient delivery of the responsibilities.
  • Keeping abreast of new threats and vulnerabilities and providing analysis as per applicability.
  • Help the organization understand advanced cyber threats.
  • Possibility to perform on-call after working hours and weekends.

Knowledge and skills you need to have

  • Five years of a university degree or four-year college diploma, preferably in computer science, telecommunications, or other related academic fields, or equivalent work experience, are required.
  • At least 5 years of work experience in similar roles.
  • Working and hands-on experience in running and handling SIEM on Splunk.
  • Data analysis experience.
  • Experience in working collaboratively with cross-functional/transverse IT teams.
  • Ability to apply a risk-based approach while working on assigned responsibilities.
  • Good understanding of reporting needs at various organizational levels and ability to design, create, and present them.
  • Experience in working with any BI tools to prepare dashboards.
  • Troubleshooting and problem-solving capabilities.
  • Excellent analytical, communication, and documentation skills.
  • Ability to organize work and prioritize work as per the operation’s needs.
  • Ability to work independently and as part of the Information Security Team, and can work under minimal supervision.
  • Should have time management skills and manage work in a fast-moving environment.

Competencies:

  • Reading comprehension: You must be able to read and understand the existing procedures and the tasks assigned to tickets. This is crucial for you to work under minimal supervision and excel. If you are a technical guru but don't understand the assigned tasks in writing or don't clarify doubts, this is not your job.
  • Organization: This position has 50% recurring tasks (e.g. reviewing abnormal logs every day), 30% research tasks (e.g. understand why certain logs are received and identify the root cause), 10% chasing other teams (e.g. ensuring that we receive logs from every single application and device), and 10% procedures (e.g. creating new procedures).
  • Prioritization: You must attend to the priorities of the assigned tasks and assign the right priority to the SIEM alerts.
  • Strong interpersonal, written, and oral communication skills.
  • Ability to prioritize and execute tasks during a high-pressure moment and make sound decisions in emergencies.
  • Ability to present ideas in a user-friendly language.
  • Keen attention to detail.
  • Proven analytical and problem-solving abilities.
  • Strong customer service orientation.
  • Ability to manage multiple projects, activities, and tasks simultaneously.
  • Facilitation and change management skills.

Bonus points for the following

Additional requirements, not essential but "nice to have":

  • Knowledge of other SIEM (Graylog, Google Chronicle, etc.).
  • Knowledge of data analysis.
  • Any Cybersecurity certification.

Why choose us?

We provide the opportunity to be the best version of yourself, develop professionally, and create strong working relationships, whether working remotely or on-site. While offering a competitive salary, we also invest in our people's professional development and want to see you grow and love what you do. We are dedicated to listening to our team's needs and are constantly working on creating an environment in which you can feel at home.

We offer a range of benefits to support your personal and professional development:

Benefits:

  • 22 days of annual leave
  • 10 days of public/national holidays
  • Health insurance options
  • Access to online learning platforms
  • On-site English classes in some countries, and more.

Join our team and enjoy an environment that values and supports your well-being. If this sounds like the place for you, contact us now!

See more jobs at Paramo Technologies

Apply for this job

NielsenIQ is hiring a Remote Senior Cyber Security Network Engineer

Job Description

As a Senior Cyber Security Network Engineer, you will be responsible for ongoing maintenance and operations of current tools so that their abilities are actualized.  Additionally, there will be significant uplift to modernize a variety of tools and implement new means of visualizing egress and ingress traffic.  The ability to implement novel solutions and platforms is critical. The primary focus will be on NielsenIQ-hosted solutions but will also incorporate various tools across a diverse array of cloud platforms with a strong focus on Azure solutions. 

This position will involve working closely with Enterprise IT, network infrastructure teams and the Governance Risk and Controls team to deploy and operate various tools.  

What you will do 

  • Proactively identify opportunities to improve our security controls, enhance threat detection and reduce attack surfaces 

  • Develop and deploy innovative network-based security solutions 

  • Spearhead POC (Proof of Concept) activities and participate in decision making for new product analysis and selection  

  • Review network security requests and modifications; advise and consult with requestors as necessary  

  • Work with Enterprise IT to drive best practices across global networks 

  • Write, create, and update documentation for internal teams, technical users, and end users 

  • Provide secondary support for endpoint software (EDR, AV, content filtering, etc.) issues, as and when required 

  • Interface with vendors to drive product enhancements as well as issue resolution in a timely manner 

  • Create and present training materials for non-technical users  

  • Provides mentorship and guidance to junior members of the team 

  • Act as an escalation point for high severity issues for timely resolution 

  • Drive, as well as support, organization-wide campaigns to drive security foundations into all technology  

Qualifications

  • Bachelor’s degree in a technical field including Computer Science, Information Systems, Math, Physics, Science or similar desired - experience in government, military or in other capacities with similar focus can be substituted  

  • Hands-on experience with network analysis and security tools such as packet capture and analysis, firewalls, web application firewalls, web proxy/SWG, routing/switching, DNS, application layer networking, transport layer security (encryption/decryption), certificate handling and wireless technologies  

  • Hands-on experience with tools such as F5 WAF, Azure WAF, Defender Network Protection and ZScaler

  • Expert level understanding of the OSI model 

  • Fundamental knowledge of endpoint security tools (EDR, AV, etc.), how they operate and what their role is in defense-in-depth 

  • Ability to directly support incident response teams and participate in ongoing IR as required 

  • Knowledge of sophisticated hacking techniques, malicious actors, IOCs, TTPs and the ability to translate intelligence into action is desirable 

  • Demonstrated experience with change management in enterprise production environments 

  • Knowledge of scripting languages such as PowerShell, Python 

  • Ability to manipulate large datasets using tools such as Excel, PowerBI, SQL  

  • Knowledge of MITRE ATT&CK and NIST CSF frameworks 

  • Self-starter, technology and security hobbyist, enthusiast 

See more jobs at NielsenIQ

Apply for this job

Cloudflare is hiring a Remote Network Security Engineer

About Us

At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s Most Innovative Companies by Fast Company. 

We realize people do not fit into neat boxes. We are looking for curious and empathetic individuals who are committed to developing themselves and learning new skills, and we are ready to help you do that. We cannot complete our mission without building a diverse and inclusive team. We hire the best people based on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us! 

About the Department

The Customer Support Team solves complicated problems and answers technical inquiries via phone, email, chat, and social media. Whether it is a Wordpress blogger using our services for free or a global Enterprise business with petabytes of web traffic, our team is always eager to assist. We are the eyes and ears of Cloudflare, acting as the real-time voice of the customer to help communicate their needs and real-world use cases back to the rest of the company - to help build a better service and future product development.

What You’ll do

Do you love solving complex technical problems and interacting with people? Are you passionate about helping customers and are a standout colleague? Cloudflare is seeking an experienced Network Security Engineer to join our team and support our largest and most technically sophisticated customers in resolving technical problems, threats or attacks on their infrastructure at OSI Layers 3, 4, and 7. This will span the range of Cloudflare products from Magic Transit Infrastructure Protection, Argo Smart Routing, DDoS mitigation and Network Firewall, to using the Web Application firewall (WAF), Spectrum and Rate Limiting to help customers.

Skills, Knowledge, and Experience

  • Fluent English speaker is a requirement
  • Minimum 3 years working within a Technical Support team solving various technical issues 
  • Self-driven and capable of learning new technologies / systems / features with little guidance
  • Fundamental understanding how the Internet works (OSI Model)
  • Advanced understanding of internet protocols like TCP and UDP
  • Computer Networking fundamentals, experience with iptables and looking glass
  • Experience troubleshooting network connectivity issues, BGP routing, and GRE tunnels
  • Packet capture analysis
  • Experience in command line and tools, including curl, dig, traceroute, openssl, git
  • Experience troubleshooting DNS, SSL / TLS, HTTP
  • Experience in a web development and / or hosting environment such as installing and configuring web servers like Apache, Nginx, Caddy and IIS
  • Experience writing scripts in Bash, Python, JavaScript or other scripting language
  • Experience in working as part of a team in a customer-facing role

 

Responsibilities

  • Communicate with customers via chat, email, and phone 
  • Compare traffic signatures and attributes including IP addresses, cookie variations, HTTP headers, and JavaScript footprints to determine what is good traffic and what is malicious
  • DDoS mitigation for OSI layers 3,4, & 7: advise customers on how to filter malicious traffic using Cloudflare tools like Magic Transit, Network Firewall, WAF, IP reputation lists, packet inspection, blocklisting, allowlisting, and rate limiting
  • Work with Engineering and Operations teams to mitigate attacks, suggest steps to mitigate, and apply the appropriate mitigation when applicable
  • Work with Engineering and Product teams to improve products and tools

Availability and Schedule Requirements

  • Flexibility to work varying work schedules including; Tuesday through Saturday, Sunday through Thursday, holidays, weekends, more than 5 days in a row, or additional hours on occasion.

 

Bonus Points

  • You are familiar with Cloudflare and are actively using our platform
  • You have worked with PostgreSQL, MySQL, MS SQL, and other database servers
  • You are fluent and can troubleshoot in other languages beyond English and Spanish

What Makes Cloudflare Special?

We’re not just a highly ambitious, large-scale technology company. We’re a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.

Project Galileo: We equip politically and artistically important organizations and journalists with powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by Cloudflare’s enterprise customers--at no cost.

Athenian Project: We created Athenian Project to ensure that state and local governments have the highest level of protection and reliability for free, so that their constituents have access to election information and voter registration.

1.1.1.1: We released 1.1.1.1to help fix the foundation of the Internet by building a faster, more secure and privacy-centric public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever released. Here’s the deal - we don’t store client IP addresses never, ever. We will continue to abide by our privacy commitmentand ensure that no user data is sold to advertisers or used to target consumers.

Sound like something you’d like to be a part of? We’d love to hear from you!

This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology controlled under these U.S. export laws without sponsorship for an export license.

Cloudflare is proud to be an equal opportunity employer.  We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness.  All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law.We are an AA/Veterans/Disabled Employer.

Cloudflare provides reasonable accommodations to qualified individuals with disabilities.  Please tell us if you require a reasonable accommodation to apply for a job. Examples of reasonable accommodations include, but are not limited to, changing the application process, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.  If you require a reasonable accommodation to apply for a job, please contact us via e-mail athr@cloudflare.comor via mail at 101 Townsend St. San Francisco, CA 94107.

See more jobs at Cloudflare

Apply for this job

14d

Security Engineer (Remote)

TidepoolPalo Alto, CA, Remote
terraformDesignmobilegitdockerkuberneteslinuxAWS

Tidepool is hiring a Remote Security Engineer (Remote)

Job Description

Candidates must be geographically located within the United States, and eligible to work. 

Are you interested in working to secure apps and data that are already improving the lives of people with diabetes and want to help bring it to many more? As a Security Engineer, you will be responsible for helping Tidepool customers (internal and external) maintain the security of our platform and help drive innovation and performance within the company around DevSecOps practices. This role reports to Tapani Otala, VP of Engineering. 

Essential Duties and Responsibilities:

  • Collaborate with the Tidepool Security Lead and other Tidepool Engineers to establish, focus, and triage priorities and operational security needs.
  • Work across all areas of Tidepool to support and deliver a secure platform and end-user experience.
  • Design and implement new security controls and augment existing ones in multiple environments.
  • Maintain day-to-day security operations, including access requests, security reviews, and internal product implementation.
  • Ensure a HIPAA-compliant security environment.
  • Assess and implement new services and architectures.
  • Participate in SOC-2 Type II maintenance and audit processes.
  • Identify and remediate vulnerabilities through automation, manual assessment, tools, and Tidepool's security disclosure program.
  • Respond to RFIs and questionnaires from clinics and external organizations regarding Tidepool's Security Program.
  • Maintain defenses and implement defense-in-depth security across Tidepool's applications and supporting services, including git repositories, email, dns, and critical collaboration tools.

Qualifications

Required:

  • 2+ years of experience in executing or supporting security functions.
  • Strong experience with cloud service providers (AWS preferred).
  • Familiarity with security frameworks such as NIST, OWASP, CSA, ISO.
  • Knowledge of network ports and services, TLS/SSL infrastructure and protocols.
  • Experience with scripting and configuration languages, including YAML.
  • Familiarity with logging services, assessment, and alerting.
  • Strong understanding of operating system security (Linux and MacOS preferred).
     

Preferred:

  • CISSP, CCSP, or similar certification.
  • SANS certification (GCIH, GCIA, etc.).
  • Experience with cloud-native services (Docker, Kubernetes, Go).
  • Experience with IDP's, SSO/SAML, and OAuth.
  • Experience with automated testing and continuous integration tools.
  • Experience with IaC (Terraform)
  • Experience with security testing tools (Snyk, Dependabot, Burp Suite).
  • Experience with data pipelines, data lakehouse.
  • Experience with MDM.
  • Experience with Mobile Security and Mobile App Sec tools.

See more jobs at Tidepool

Apply for this job

Signifyd is hiring a Remote Senior Security Engineer II

The Security Engineer at Signifyd assists cybersecurity operations and vulnerability management across the organization. This role works with other security engineers and analysts on the team by contributing integrations, implementations and reviews with our security systems. They setup, configure, and use these solutions to identify threats and vulnerabilities within our networks and applications then cross coordinate with other departments to ensure timely remediation. The Security Engineer reports to the Director, Head of Information Security and Compliance while supporting the Security Risk Manager with auditable evidence of control effectiveness.

Responsibilities

You will perform the following responsibilities alongside other members of the information security team:

  • Engineer data feeds, rules, and tuning for the system information and event manager (SIEM);

  • Triage security operations center (SOC) alerts as the Level II/III escalation support;

  • Triage secrets scanning, static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA) tools;

  • Triage cloud security posture management (CSPM), infrastructure as code (IaC) security scanning, and attack surface violations;

  • Identify patch management gaps using our vulnerability management software and collaborate with IT and Engineering teams on resolutions;

  • Perform internal security testing, assessments, and triaging of alerts from security tooling;

  • Conduct secure code reviews, secure design reviews, and threat modeling activities;

  • Support GRC activities through control evidence collection;

  • Contribute to operational support activities for all security capabilities. This includes preparing self service operational support documentation for developers and project teams, responding to internal support chat groups;

  • Contribute to design and development of observability metrics and monitoring capabilities for all security capabilities utilizing DevOps or SRE principles;

  • Support the creation and publication of metrics on security functions usage and remediation status for consumption by developers and project teams.

Requirements

  • Ability to automate or develop basic tasks in at least one programming language such as: Java, JavaScript, Python

  • Professional certifications such as WAPT, PPT, OSCP, etc and/or computer science degree;

  • 1+ years security engineer experience or 2+ years as a Security Analyst or equivalent;

  • Experience working with cloud technologies such as: AWS, GCP, Azure, Docker/Kubernetes.

#LI-Remote

Benefits in our US offices:

  • Discretionary Time Off Policy (Unlimited!)
  • 401K Match
  • Stock Options
  • Annual Performance Bonus or Commissions
  • Paid Parental Leave (12 weeks)
  • On-Demand Therapy for all employees & their dependents
  • Dedicated learning budget through Learnerbly
  • Health Insurance
  • Dental Insurance
  • Vision Insurance
  • Flexible Spending Account (FSA)
  • Short Term and Long Term Disability Insurance
  • Life Insurance
  • Company Social Events
  • Signifyd Swag

We want to provide an inclusive interview experience for all, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process.

Signifyd provides a base salary, bonus, equity and benefits to all its employees. Our posted job may span more than one career level, and offered level and salary will be determined by the applicant’s specific experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data.

USA Base Salary Pay Range
$90,000$135,000 USD

See more jobs at Signifyd

Apply for this job

TripActions is hiring a Remote Product Security Engineer

Job Application for Product Security Engineer at Navan{"@context":"schema.org","@type":"JobPosting","hiringOrganization":{"@type":"Organization","name":"Navan"},"title":"Product Security Engineer","datePosted":"2024-09-10","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Palo Alto, California, United States","addressRegion":"CA","addressCountry":null,"postalCode":null}},"description":"\u003cp\u003eThe \u003cstrong\u003eProduct Security Engineer\u003c/strong\u003e will be responsible for securing Navan products, by identifying risks early in the SDLC and developing application security tooling \u0026amp; processes to promote a ‘shift left’ security culture. You will be responsible for integrating security in the application development process, conducting security-related research and assessments, performing feature penetration testing, and providing security analysis/design/training to the organization.\u003c/p\u003e\n\u003cp\u003eReporting to the \u003cstrong\u003eDirector of Product Security and Research\u003c/strong\u003e, you will contribute significantly to building and scaling an application security program. This position requires both advanced technical skills, strong communication skills, and the ability to influence people. You will be responsible for ensuring the continuous security of Navan customer-facing products and internal tools. You will focus on proactively discovering security vulnerabilities, driving and advising risk remediation based on research, and developing strong partnerships with engineering and product teams to accelerate the release of the software with security by design.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eWhat You’ll Do:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentifying security issues within the product.\u003c/li\u003e\n\u003cli\u003eDesign and develop security tools and processes to be leveraged by development teams.\u003c/li\u003e\n\u003cli\u003eWork closely with engineering to sustain processes and/or convert manual integrations to automated pipeline activities.\u003c/li\u003e\n\u003cli\u003eAssist in developing custom Security as Code solutions.\u003c/li\u003e\n\u003cli\u003eParticipate in expanding/maturing the Navan S-SDLC program.\u003c/li\u003e\n\u003cli\u003eReview product designs for security defects, perform threat modeling and recommend remediations.\u0026nbsp;\u003c/li\u003e\n\u003cli\u003eProvide training, guidance, and assistance to development teams early in the SSDLC.\u003c/li\u003e\n\u003cli\u003eCultivate security ownership in the product teams.\u003c/li\u003e\n\u003cli\u003eBring visibility to product/application vulnerabilities in a consistent manner to enable appropriate prioritization and remediation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eWhat We’re Looking For:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eExperience performing threat modeling and architecture reviews for complex applications.\u003c/li\u003e\n\u003cli\u003eProven experience performing application, cloud and mobile penetration testing in high risk environments like financial or healthcare companies.\u003c/li\u003e\n\u003cli\u003e2-4 years of Technical Product Security related experience around SSDLC tooling, automation, remediation advisory, security testing, threat modeling/attack surface analysis.\u003c/li\u003e\n\u003cli\u003eAbility to execute in multifaceted and highly technical organizations.\u003c/li\u003e\n\u003cli\u003eAbility to provide pragmatic security advice for web applications, mobile applications, and cloud software.\u003c/li\u003e\n\u003cli\u003eExperience working in Agile development with experience in technologies such as:\u003c/li\u003e\n\u003cul\u003e\n\u003cli\u003eApplication security testing tools (SAST, DAST, IAST, SCA, or similar.)\u003c/li\u003e\n\u003cli\u003eInfrastructure as code (Terraform, or similar)\u003c/li\u003e\n\u003cli\u003eJava Spring Framework (3+ years),\u0026nbsp; Hibernate or similar ORM technologies, JavaScript/CSS, and Angular\u003c/li\u003e\n\u003cli\u003eContainers (Docker, Kubernetes, or similar)\u003c/li\u003e\n\u003cli\u003eContinuous integration (Jenkins, Github Actions or similar)\u003c/li\u003e\n\u003cli\u003eIntegration of Security testing tools into CI pipelines\u003c/li\u003e\n\u003cli\u003eDefect tracking (Jira,or similar.)\u003c/li\u003e\n\u003cli\u003eSource code management (GitHub, or similar.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cli\u003eIn-depth knowledge of common application \u0026amp; network protocols, cryptographic primitives, authentication \u0026amp; authorization protocols, and common securit

See more jobs at TripActions

Apply for this job

18d

Security Consultant

ProArchAtlanta,Georgia,United States, Remote

ProArch is hiring a Remote Security Consultant

A Security Consultant is a client-focused position that works with ProArch customers to maintain a comprehensive security program. Security Consultants will leverage ProArch’s security tools to detect and prevent cyber threats to ProArch’s customers.  Additionally, responsibilities include implementation, monitoring security controls, and incident response.  The Security Consultant will be part of a select group of industry recognized experts who work on unique security solutions associated with next generation technologies and emerging security threats. Ongoing training and professional certifications are part of the job requirements.

Your skills are:

  • Experience in analyzing and creating remediation strategies for vulnerability management programs, security architecture reviews, cloud security reviews in a Managed Security Services Model.
  • Experience in Advanced Microsoft Cloud Security Implementation and Consulting.
  • Implement and maintain security solutions, tools, and IT Policies and standards.
  • Experience in deploying and troubleshooting Microsoft Sentinel, Azure Lighthouse.
  • Experience in Deploying and managing SIEM, SOAR and Threat Intelligence platforms.
  • Experience in EDR solutions like Microsoft Defender for Endpoint, CrowdStrike Falcon, CarbonBlack, SentinelOne, etc.
  • Experience in all Microsoft 365 security solutions, such as Microsoft Defender for Office 365, Defender for Identity, Defender for Endpoint, Defender for Cloud, Defender for IoT, Defender for XDR, etc.
  • Experience with major Identity Provider and related security solutions, such as Microsoft Entra ID, Identity Protection, Active Directory, Defender for Identity.
  • Demonstratable knowledge in Microsoft and other vendor-based licensing.
  • Experience in deploying and troubleshooting vulnerability scanning tools like Qualys, Rapid7, Nessus, etc.
  • Experience in System and Network Security Hardening and best practices.
  • Experience in Policy and Device Management solution like MEM, Intune, Azure Arc, GPO.
  • Experience with Azure DevOps.
  • Advanced knowledge of Kusto Query Language (KQL). Splunk Processing Language (SPL) knowledge is a good to have.
  • Experience in Scripting languages like AZCLI, PowerShell and Python.
  • Experience in Power Automate and Logic Apps.
  • Good to have non-Microsoft Cloud Security knowledge like GCP, AWS, etc.
  • Experience conducting Security Awareness Campaigns using tools like Knowbe4.
  • Experience in public speaking, building client relationships, security report analysis and delivery.
  • Experience in handling highly technical, project based, and process driven questions from customers.
  • Experience in data analysis, logging, fine-tuning and cost reduction solutions.
  • Experience developing and improving security tools onboarding and validation process.
  • Experience analyzing network topologies, security architectures, security solutions, tools, and IT Policies and standards to find gaps between in-place programs and industry best practices.
  • Knowledge of Authentication and Authorization mechanisms, Identity Access Management, user provisioning best practices.
  • Familiarity with industry standards such as PCI DSS, NY DFS, HIPAA\HiTech\HiTrust, DFARS, NIST SP-800 series, CIS Critical Security Controls, OWASP.
  • Takes ownership of the project, tasks, and client deliverables.
  • Proven collaborator.
  • Ability to prioritize effectively and handle shifting priorities professionally.
  • Exemplary written and verbal communication skills.
  • Produce and review reports to support project deliverables.
  • Working in Agile environment.
  • Ongoing training and professional certifications are part of the job requirements.
  • Create clearly stated remediation recommendations based on industry best practice.
  • Successfully interface with clients, both internally and externally.
  • Document and explain technical details in concise and clear manner.
  • Manage personal schedule and project tasks.
  • Provide weekly time accounting and monthly expense reports.
  • Be a member of the ProArch Global Cybersecurity Consulting Team.
  • Travel within upstate NY and occasionally out of state, as required.
  • Your Education: 5-7 years of experience in Cybersecurity Consulting. BS or MS in Computer Science / Engineering or significant demonstratable experience in Microsoft Cloud Security. Certifications such as CISSP, CISM, and CISA are desirable but not required.

See more jobs at ProArch

Apply for this job

VISTRADA is hiring a Remote Chief Information Security Officer (CISO)

Chief Information Security Officer (CISO) - VISTRADA - Career PageSee more jobs at VISTRADA

Apply for this job

Fortanix is hiring a Remote System Security Engineer (EMEA)

About Fortanix:  

In today's world, where data spreads across various clouds and devices, traditional security measures aren't enough. Businesses need a dynamic approach to defend against constant cyber threats and ensure agile data security. Fortanix leads the way in data-centric cybersecurity for hybrid multicloud environments, using advanced cryptography, encryption, and confidential AI solutions.  

As data breaches become more frequent and traditional defenses fall short, we focus on data exposure management to keep your information safe. Our unified data security platform addresses vulnerabilities in hybrid multicloud environments, defends against threats, and makes it easier to discover, assess, and fix data exposure risks. Whether implementing a Zero Trust model or preparing for the post-quantum computing era, we help businesses worldwide protect their most sensitive data, wherever it is. 

Our commitment to solving the world’s toughest data security challenges has earned Fortanix multiple Cybersecurity Excellence and Innovation Awards, as well as recognition from industry giants such as Microsoft, Intel, ServiceNow, and Snowflake. 

Our team includes industry leaders and cryptography experts, creating a culture of trust, innovation and collaboration where every voice is valued. Recognized as a Great Place to Work, we're looking for passionate individuals to help us shape the future of data security and work towards a safer digital future. 

We are looking for a Systems Security Engineerto join our team.

The ideal candidate will be a technical leader who can provide strategic direction and hands-on expertise in developing tools and SDKs for our confidential computing platforms. This role requires a deep understanding of security, software development, computer architecture & operating systems. 

 

What you’ll do (Duties and Responsibilities):  

  • Work on computer architecture & organization & computer systems
  • Support software development on Confidential Computing platforms
  • Enable remote attestation using low-level platform primitives
  • Develop tools and SDKs for confidential computing platforms. 
  • Develop, and implement high-quality software solutions that meet security and performance standards. 
  • Stay current with emerging technologies and industry trends in security. 
  • Participate in code reviews to ensure best practices in software development, and maintain high standards of code quality.

 

What you’ll need (Basic Qualifications) 

  • Experience in computer architecture & operating systems 
  • 1+ years of hands-on experience with C/C++, Rust, and x86 or ARM assembly, and some other high level language 
  • Degree in Computer Security or Computer Systems, or equivalent experience  
  • Problem-solving skills and the ability to think critically and creatively. 

 

Preferred Technical And Professional Expertise  

  • Professional experience in secure enclave technology (e.g., Intel SGX, AMD SEV-SNP, Intel TDX, etc.) 
  • Knowledge of software development tools and methodologies, including CI/CD, Agile, and DevOps.  
  • Understanding of computer architecture & organization (CPU context, virtual memory, VT-x, SVM, etc.) & computer systems (VirtIO, synchronization, filesystems, etc.)
  • Experience with the following technologies:
    • Rust
    • Linux container images
    • Cloud offerings
    • Platform security enhancements
  • We offer a competitive salary and equity package
  • Quarterly recharge days 
  • 40 hours of Volunteer Time Off/year
  • The opportunity to redefine cloud computing in a friendly, collaborative work environment.  

Fortanix is an equal opportunity employer that celebrates diversity and is committed to creating an inclusive workplace with equal opportunity for all applicants and teammates. Our goal is to recruit the most talented people from a diverse candidate pool regardless of race, color, religion, age, gender, gender identity, sexual orientation or any other status. If you’re interested in working in a fast growing, exciting working environment – we encourage you to apply! 

See more jobs at Fortanix

Apply for this job

20d

Senior Security Consultant

Zone ITMelbourne,Victoria,Australia, Remote Hybrid

Zone IT is hiring a Remote Senior Security Consultant

We are seeking a highly experienced Senior Security Consultant. In this role, you will lead security assessments, develop strategies to enhance our clients' security postures, and provide expert advice on best practices in information security.

  • Bachelor's degree in Information Security, Computer Science, or a related field.
  • Strong knowledge of security frameworks such as NIST, ISO 27001, or CIS.
  • Experience with security assessments, risk management, and compliance requirements.
  • Excellent analytical, problem-solving, and communication skills.
  • Relevant certifications (CISSP, CISM, CEH) are highly preferred.
  • Confer with systems users to develop areas of change in requirements, which permit greater efficiency, systems integration or cost reduction
  • Undertake research into new hardware or operating system technology and maintain an authoritative understanding of technology changes and developments
  • Develop specialised proposals and detailed technical evaluations of products and techniques to meet business needs
  • Provide technical input to design of major technology solutions and oversee their execution
  • Investigate longer-term strategic and high-complexity software or hardware problems and coordinate resolution with software vendors, hardware manufacturers as required
  • Technical design, coordinating the work on systems and integrating new applications with existing systems and files
  • Provide effective and efficient infrastructure support to customers • Undertake application development diagnostic work, where required, to troubleshoot issues
  • Contribute to the creation of technical strategies
  • Support specific project goals by providing expertise and technical assurance for key system components to support costing efforts and to ensure the integrity of design.

About Us

Zone IT Solutions is Australia-based Recruitment Company. We specialize in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organization that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. Our delivery Offices are in Melbourne, Sydney and India. If you are looking for new opportunities your profile at Careers@zoneitsolutions.com or contact us at 0434189909

Also follow our LinkedIn page for new job opportunities and more.

Zone IT Solutions is an equal opportunity employer and our recruitment process focuses on essential skills and abilities. We welcome applicants from a diverse range of backgrounds, including Aboriginal and Torres Strait Islander peoples, people from culturally and linguistically diverse (CALD) backgrounds and people with disabilities.

See more jobs at Zone IT

Apply for this job

Cloudflare is hiring a Remote Application Security Engineer

About Us

At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s Most Innovative Companies by Fast Company. 

We realize people do not fit into neat boxes. We are looking for curious and empathetic individuals who are committed to developing themselves and learning new skills, and we are ready to help you do that. We cannot complete our mission without building a diverse and inclusive team. We hire the best people based on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us! 

Available Locations: Lisbon, Portugal

About the Department

The Security team at Cloudflare is focused and committed to helping secure both Cloudflare and our customers. The Application and Product Security team at Cloudflare is focused on and committed to securing both Cloudflare and our customers. The Application & Product Security team is responsible for keeping our products, and platforms secure.

What you’ll do

We are looking for a Security Engineer to help us in our mission to build a better internet. Part engineer, part hacker, you will work with our engineering and security teams to build solutions for .

  • Work with engineering teams to help secure Cloudflare products and platforms
  • Assess products and new feature releases through threat modeling, code review and security testing. Also provide guidance on effective countermeasures
  • Contribute to security architecture/design and assist in building and rolling out processes for secure code development and deployment
  • Build secure frameworks & libraries that engineering teams can use at scale
  • Build internal security tools and automate processes that help fix security problems at a massive scale. 
  • Managing and prioritizing multiple tasks in accordance with high level objectives

Key skill sets and Knowledge

Security engineers take part in a wide variety of tasks and projects on the team. One individual is not expected to know everything, but a working knowledge in several of the following areas is required: 

  • Experience in securing large scale distributed systems
  • Experience in designing, building and implementing systems
  • Experience in assessing the security posture of systems/services
  • Experience in penetration testing and providing mitigating controls
  • Strong engineering background and programming experience (Python, Golang, Rust, Bash, etc.)
  • Strong communication skills and ability to work with remote teams
  • Results and goal-oriented

What Makes Cloudflare Special?

We’re not just a highly ambitious, large-scale technology company. We’re a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.

Project Galileo: We equip politically and artistically important organizations and journalists with powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by Cloudflare’s enterprise customers--at no cost.

Athenian Project: We created Athenian Project to ensure that state and local governments have the highest level of protection and reliability for free, so that their constituents have access to election information and voter registration.

1.1.1.1: We released 1.1.1.1to help fix the foundation of the Internet by building a faster, more secure and privacy-centric public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever released. Here’s the deal - we don’t store client IP addresses never, ever. We will continue to abide by our privacy commitmentand ensure that no user data is sold to advertisers or used to target consumers.

Sound like something you’d like to be a part of? We’d love to hear from you!

This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology controlled under these U.S. export laws without sponsorship for an export license.

Cloudflare is proud to be an equal opportunity employer.  We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness.  All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law.We are an AA/Veterans/Disabled Employer.

Cloudflare provides reasonable accommodations to qualified individuals with disabilities.  Please tell us if you require a reasonable accommodation to apply for a job. Examples of reasonable accommodations include, but are not limited to, changing the application process, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.  If you require a reasonable accommodation to apply for a job, please contact us via e-mail athr@cloudflare.comor via mail at 101 Townsend St. San Francisco, CA 94107.

See more jobs at Cloudflare

Apply for this job

Cloudflare is hiring a Remote Senior Application Security Engineer

About Us

At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s Most Innovative Companies by Fast Company. 

We realize people do not fit into neat boxes. We are looking for curious and empathetic individuals who are committed to developing themselves and learning new skills, and we are ready to help you do that. We cannot complete our mission without building a diverse and inclusive team. We hire the best people based on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us! 

Available Locations: Austin, New York, San Francisco, and Washington DC.

About the Department

The Security team at Cloudflare is focused and committed to helping secure both Cloudflare and our customers. The Application and Product Security team at Cloudflare is focused on and committed to securing both Cloudflare and our customers. The Application & Product Security team is responsible for keeping our products, and platforms secure.

What you’ll do

We are looking for a Security Engineer to help us in our mission to build a better internet. Part engineer, part hacker, you will work with our engineering and security teams to build solutions for .

  • Work with engineering teams to help secure Cloudflare products and platforms
  • Assess products and new feature releases through threat modeling, code review and security testing. Also provide guidance on effective countermeasures
  • Contribute to security architecture/design and assist in building and rolling out processes for secure code development and deployment
  • Build secure frameworks & libraries that engineering teams can use at scale
  • Build internal security tools and automate processes that help fix security problems at a massive scale. 
  • Managing and prioritizing multiple tasks in accordance with high level objectives

Key skill sets and Knowledge

Security engineers take part in a wide variety of tasks and projects on the team. One individual is not expected to know everything, but a working knowledge in several of the following areas is required: 

  • Experience in securing large scale distributed systems
  • Experience in designing, building and implementing systems
  • Experience in assessing the security posture of systems/services
  • Experience in penetration testing and providing mitigating controls
  • Strong engineering background and programming experience (Python, Golang, Rust, Bash, etc.)
  • Strong communication skills and ability to work with remote teams
  • Results and goal-oriented

Compensation

Compensation may be adjusted depending on work location and level.

  • Estimated annual salary for Texas based hires $168,000 - $187,000 USD

Equity

This role is eligible to participate in Cloudflare’s equity plan.

Benefits

Cloudflare offers a complete package of benefits and programs to support you and your family.  Our benefits programs can help you pay health care expenses, support caregiving, build capital for the future and make life a little easier and fun!  The below is a description of our benefits for employees in the United States, and benefits may vary for employees based outside the U.S.

Health & Welfare Benefits

  • Medical/Rx Insurance
  • Dental Insurance
  • Vision Insurance
  • Flexible Spending Accounts
  • Commuter Spending Accounts
  • Fertility & Family Forming Benefits
  • On-demand mental health support and Employee Assistance Program
  • Global Travel Medical Insurance

Financial Benefits

  • Short and Long Term Disability Insurance
  • Life & Accident Insurance
  • 401(k) Retirement Savings Plan
  • Employee Stock Participation Plan

Time Off

  • Flexible paid time off covering vacation and sick leave
  • Leave programs, including parental, pregnancy health, medical, and bereavement leave

What Makes Cloudflare Special?

We’re not just a highly ambitious, large-scale technology company. We’re a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.

Project Galileo: We equip politically and artistically important organizations and journalists with powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by Cloudflare’s enterprise customers--at no cost.

Athenian Project: We created Athenian Project to ensure that state and local governments have the highest level of protection and reliability for free, so that their constituents have access to election information and voter registration.

1.1.1.1: We released 1.1.1.1to help fix the foundation of the Internet by building a faster, more secure and privacy-centric public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever released. Here’s the deal - we don’t store client IP addresses never, ever. We will continue to abide by our privacy commitmentand ensure that no user data is sold to advertisers or used to target consumers.

Sound like something you’d like to be a part of? We’d love to hear from you!

This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology controlled under these U.S. export laws without sponsorship for an export license.

Cloudflare is proud to be an equal opportunity employer.  We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness.  All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law.We are an AA/Veterans/Disabled Employer.

Cloudflare provides reasonable accommodations to qualified individuals with disabilities.  Please tell us if you require a reasonable accommodation to apply for a job. Examples of reasonable accommodations include, but are not limited to, changing the application process, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.  If you require a reasonable accommodation to apply for a job, please contact us via e-mail athr@cloudflare.comor via mail at 101 Townsend St. San Francisco, CA 94107.

See more jobs at Cloudflare

Apply for this job

DAS Health is hiring a Remote Cybersecurity Engineer - Remote

Cybersecurity Engineer - Remote - DAS Health - Career PageDevelop and maintain security dashboards and reports for healthcare execu

See more jobs at DAS Health

Apply for this job

+30d

Lead Security Engineer

RoktSydney,New South Wales,Australia, Remote Hybrid

Rokt is hiring a Remote Lead Security Engineer

We are Rokt, a hyper-growth ecommerce leader. We enable companies to unlock value by making each transaction relevant at the moment that matters most, when customers are buying. Together, Rokt's AI-based relevance Platform and scaled ecommerce Network powers billions of transactions. In December 2022, Rokt’s valuation increased to $2.4 billion USD, allowing us to expand rapidly across 15 countries. 


The Rokt engineering team builds best-in-class ecommerce technology that provides personalized and relevant experiences for customers globally and empowers marketers with sophisticated, AI-driven tooling to better understand consumers. Our bespoke platform handles millions of transactions per day and considers billions of data points which give engineers the opportunity to build technology at scale, collaborate across teams and gain exposure to a wide range of technology.

At Rokt, we practice transparency in career paths and compensation.

At Rokt, we believe in transparency, which is why we have a well-defined career ladder with transparent compensation and clear career paths based on competency and ability. Rokt’stars constantly strive to raise the bar, pushing the envelope of what is possible.

We are looking for a Senior Machine Learning Engineer

Compensation:$190,000-$235,000 including superannuation, plus employee equity plan grant & world class benefits.

As a Lead Security Engineer, you are someone has some experience leading a team at a fast-past startup or in a recognised cybersecurity consulting firm, leading delivery of Cloud-first products or have been involved in the re-architecture of existing Cloud infrastructure towards Cloud-native design patterns that are horizontally scalable with always-up guarantees.

You'll be able to drive design decisions to establish a ‘paved road’ for the business to be able to deliver software and services using secure-by-default and secure-by-design patterns where security is automatically baked in, with a vision for what a highly secure Kubernetes environment and modern SSDLC process should like and are excited to get an opportunity to have the autonomy and remit to take charge and help drive change at Rokt to deliver on that vision.

About the Role:

  • Lead the existing Security Engineering team in Sydney, whom are focused on Cloud, Data, Network, and Application security
  • Assist in the design and delivery of a secure-by-default and secure-by-design core operating environment based on ‘Zero Trust’ principles
  • Assist in the design and delivery of a standardized SDLC process with automated CI/CD pipelines to provide security assurance and address supply chain risks throughout the development lifecycle
  • Develop security standards, guidelines and architectural patterns that facilitate rapid deployment of new applications and services while maintaining security best practices.
  • Define a comprehensive Cloud security strategy and change management process, ensuring all infrastructure, configuration, applications and policies are managed ‘as code’ and pass necessary security gates.
  • Ensure all data stored in the Cloud is discovered and appropriately governed and protected in accordance with compliance requirements and business goals..

About You:

  • 8+ years in security engineering, and 3+ years as a hands on team lead or manager.
  • Navigated large scale and multi-Cloud environments, in active-active configurations with an expectation of zero downtime, using either or both AWS & GCP, with strong expertise in Kubernetes and familiarity with CNCF projects (Istio/Envoy, Cillium, OPA, Tetragon, …)
  • Good understanding of security technologies, including network security, cryptography, workload identity and authorization, secure coding practices, cloud security, and more. Stay updated on the latest security threats and mitigation techniques.
  • Some software engineering background including coding patterns and foundational algorithms
  • Experience maturing a software delivery pipeline using modern supply chain best practices and technologies, including immutable builds, hermetic builds, SLSA, OpenSSF, SBOM, CBOM, code signing, etc.

About Rokt’stars:

As a mission-driven, hyper-growth community of curious explorers, our ambition is to unlock the full potential in ecommerce and beyond. Our bias for action means we are not afraid to quickly venture into uncharted territories, take risks or challenge the status quo; in doing so we either win or learn. We work together as one aligned team never letting egos get in the way of brilliant ideas. We value diversity, transparency and smart humble people who enjoy building a disruptive business together. We pride ourselves on being a force for good as we make the world better. 

About The Benefits:

We leverage best-in-class technology and market-leading innovation in AI and ML, with all of that being underlined by building and maintaining a fantastic and inclusive culture where people can be their authentic selves, and offering a great list of perks and benefits to go with it:

  • Accelerate your career. We offer roadmaps to leadership and an annual $5000 training allowance
  • Become a shareholder. Every Rokt’star gets equity in the company
  • Enjoy catered lunch every day and healthy snacks in the office. Plus join the gym on us! 
  • Extra leave (bonus annual leave, sabbatical leave etc.) 
  • Work with the greatest talent in town
  • See the world! We have offices in New York, Seattle, Sydney, Tokyo and London

We believe we’re better together. We love spending time together and are in the office most days (teams are in the office 4 days per week). We also get that you need to balance your life and your commitments so you have the flexibility to manage your own hours and can spend up to a week of every quarter working from anywhere.

If this sounds like a role you’d enjoy, apply here and you’ll hear from our recruiting team.

See more jobs at Rokt

Apply for this job

+30d

Security Analyst

Cohere HealthRemote

Cohere Health is hiring a Remote Security Analyst

Company Overview:

Cohere Health is a fast-growing clinical intelligence company that’s improving lives at scale by promoting the best patient-specific care options, using leading edge AI combined with deep clinical expertise. In only four years our solutions have been adopted by health insurance plans covering over 15 million people, while our revenues and company size have quadrupled.  That growth combined with capital raises totaling $106M positions us extremely well for continued success. Our awards include: 2023 and 2024 BuiltIn Best Place to Work, Top 5 LinkedIn™ Startup, TripleTree iAward, multiple KLAS Research Points of Light, along with recognition on Fierce Healthcare's Fierce 15 and CB Insights' Digital Health 150 lists.

Opportunity Overview:

We are seeking a skilled and experienced Security Analyst to join our cybersecurity team. The successful candidate will play a pivotal role in safeguarding our organization's digital assets by actively participating in incident response, leveraging managed detection and response (MDR) tools, and enhancing log management practices. The Security Analyst will work closely with our Managed Security Service Provider (MSSP) and internal teams to ensure robust security monitoring, efficient incident escalation, and proactive threat hunting.

Last but not least: People who succeed here are empathetic teammates who are candid, kind, caring, and embody our core values and principles. We believe that diverse, inclusive teams make the most impactful work. Cohere is deeply invested in ensuring that we have a supportive, growth-oriented environment that works for everyone.

What you will do:

  • Cloud Security Expertise:
    • Demonstrate advanced proficiency in cloud security, particularly within AWS environments.
    • Stay abreast of the latest AWS security services, tools, and best practices.
  • Incident Response:
    • Lead and manage the incident response process, including detection, analysis, containment, eradication, and recovery of security incidents.
    • Develop and maintain incident response playbooks, ensuring timely and effective handling of security incidents.
    • Conduct post-incident analysis and create detailed incident reports with recommendations for improving security posture.
  • Managed Detection and Response (MDR):
    • Utilize MDR tools to monitor security alerts, identify potential threats, and coordinate response efforts.
    • Analyze alerts generated by MDR tools, determine their severity, and take appropriate actions to mitigate threats.
    • Collaborate with MDR service providers to ensure optimal configuration and performance of security monitoring systems.
  • Log Enhancement and Management:
    • Enhance log management practices, including log collection, normalization, and correlation.
    • Develop and implement log retention and rotation policies to comply with industry standards and regulations.
    • Analyze logs to identify suspicious activities, anomalies, and potential security breaches.
  • Incident Escalation:
    • Act as the primary point of contact for Level 2 incident escalation and triage.
    • Assess and prioritize security incidents based on their impact and severity.
    • Coordinate with relevant teams and stakeholders to escalate incidents to higher levels of response when necessary.
  • Level 2 Alert Triage:
    • Perform in-depth analysis of security alerts and incidents, determining false positives and true positives.
    • Investigate and respond to Level 2 alerts, ensuring timely resolution and documentation.
    • Develop and maintain detailed records of all triaged alerts and actions taken.
  • Collaboration with Managed Security Service Provider (MSSP):
    • Collaborate closely with the MSSP to ensure seamless communication and coordination during security incidents.
    • Review and validate the quality of services provided by the MSSP, including threat detection and response capabilities.
    • Participate in regular meetings with the MSSP to discuss security trends, incident reports, and service improvements.
  • Alert Tuning and Optimization:
    • Continuously tune and optimize security alerts to reduce false positives and enhance detection accuracy.
    • Work with the security operations team to refine alert thresholds and improve the overall effectiveness of security monitoring.
  • Threat Hunting Exercises:
    • Proactively hunt for threats and vulnerabilities within the organization's environment.
    • Conduct threat intelligence research and analysis to identify emerging threats and attack vectors.
    • Develop and execute threat hunting exercises to identify and mitigate potential security risks.

Your background & requirements:

  • Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent work experience.
  • 3+ years of experience in a security analyst role, with a focus on incident response, log management, and threat detection.
  • Strong knowledge of MDR tools, SIEM platforms, and security monitoring technologies.
  • Experience with incident response frameworks and best practices (e.g., MITRE - ATT&CK, MITRE D3FEND, NIST CSF, SANS).
  • Proficiency in analyzing security logs, alerts, and incidents.
  • Excellent problem-solving and analytical skills, with the ability to work under pressure.
  • Strong communication and collaboration skills, with the ability to work effectively with cross-functional teams and external partners.
  • Relevant certifications such as Security +, CEH, GCIH, or similar are preferred.

We can’t wait to learn more about you and meet you at Cohere Health!

Equal Opportunity Statement: 

Cohere Health is an Equal Opportunity Employer. We are committed to fostering an environment of mutual respect where equal employment opportunities are available to all.  To us, it’s personal.

The salary range for this position is $80,000 to $105,000; as part of a total benefits package which includes health insurance, 401k and bonus. In accordance with state applicable laws, Cohere is required to provide a reasonable estimate of the compensation range for this role. Individual pay decisions are ultimately based on a number of factors, including but not limited to qualifications for the role, experience level, skillset, and internal alignment.

 

#LI-Remote

#BI-Remote

Apply for this job


Other Job subscriptions you might be insterested in