Reports to: Sr. Director of Adversary Tactics

Location: Remote US

Compensation Range: $190,000.00 to $210,000.00  base plus bonus and equity

What We Do:

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24⁄7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers’ protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

What You’ll Do:

The Huntress Adversary Tactics team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. We’re looking for someone who wants to pour their creativity into researching, hunting, and uncovering threats in our customer networks. Competitive candidates have experience leading a team of researchers across the threat intelligence cycle. Candidates should also have experience creating Threat Intelligence reports, advocating for product enhancements, and public speaking.

Threat Intelligence Analysts aggregate threat data from the previous month and build out reports for our customers. These reports may also be used for marketing and help illustrate the value of what Huntress provides to customers and the community. Threat Intelligence Analysts are also responsible for writing blog posts and marketing materials regarding emerging threat trends. They also work closely with Security Researchers and Analysts to obtain more context about threat data.

Familiarity with product management, scripting/development, incident response, malware analysis, configuration management, and antivirus technologies is an additional way to differentiate yourself.

As you can imagine, success doesn’t happen in a vacuum. An effective hunter fosters highly collaborative environments between the Product, Marketing, and Security Operations Center teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision, ultimately delivering our most impactful features and capabilities.

We defend over 5 million endpoints and 11 million identities, and that number continues to grow each month, across tens of thousands of mid-sized and small business customers. Given this market’s tighter budgets, it’s impossible to assign human analysts to each client. The Adversary Tactics team addresses this challenge head-on by providing input to build and scale highly automated efficiencies—often lightly augmented by our Security Operations Analysts—that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.

Responsibilities:

• Conducts research on emerging adversary tradecraft in the identity space (Microsoft 365, Google) to help scope and conduct hunt missions
• Responsible for aggregating threat data to build out reports for customers to show Huntress’ value, and inform them of various threats that have been seen and reported
• Responsible for creating reports for marketing to show Huntress’ value to the larger community
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Works with the Sr. Director of Adversary Tactics, the Security Operations Center, Product, and others to develop the Product and threat operations roadmap
• Provides technical leadership for some members of the Security teams
• Supports the professional development of researchers and others in the organization through coaching and mentorship
• Responsible for enhancing Huntress visibility by ingesting and utilizing IOCs from external threat intel sources
• Responsible for blog posts and other marketing materials regarding threat trends
• Excellent written and verbal communication skills
• Familiarity with utilizing AI in workflows

What You Bring To The Team:

• Minimum of 5 years of experience in the field of Threat Intelligence
• Experience with SIEM tools for scaled log analysis
• Familiarity with detection engineering, detection logic, i.e., Sigma Rules
• Experience researching and scoping threat hunt missions
• Understanding of cybersecurity, threat actors, and end-to-end threat life cycle, including one or more of the following: digital forensics, malware research, incident response, vulnerabilities, and exploits
• Experience with 3rd-party intelligence tools, feeds, and reputation services.
• Experience conducting OSINT gathering and analysis
• Foundational development experience across multiple platforms (e.g., Windows and/or macOS), C/C++, GoLang, and Python (nice to have)
• Proficient knowledge of Windows and/or macOS subsystems and how they interact both at the user and kernel level (nice to have)

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit businesses of all sizes.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com . Please note that non-accommodation requests to this inbox will not receive a response.

Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process, but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights.

#BI-Remote

Reports to: Sr. Director of Adversary Tactics

Location: Remote US

Compensation Range: $190,000.00 to $210,000.00  base plus bonus and equity

What We Do:

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24⁄7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers’ protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

What You’ll Do:

The Huntress Adversary Tactics team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. We’re looking for someone who wants to pour their creativity into researching, hunting, and uncovering threats in our customer networks. Competitive candidates have experience leading a team of researchers across the threat intelligence cycle. Candidates should also have experience creating Threat Intelligence reports, advocating for product enhancements, and public speaking.

Threat Intelligence Analysts aggregate threat data from the previous month and build out reports for our customers. These reports may also be used for marketing and help illustrate the value of what Huntress provides to customers and the community. Threat Intelligence Analysts are also responsible for writing blog posts and marketing materials regarding emerging threat trends. They also work closely with Security Researchers and Analysts to obtain more context about threat data.

Familiarity with product management, scripting/development, incident response, malware analysis, configuration management, and antivirus technologies is an additional way to differentiate yourself.

As you can imagine, success doesn’t happen in a vacuum. An effective hunter fosters highly collaborative environments between the Product, Marketing, and Security Operations Center teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision, ultimately delivering our most impactful features and capabilities.

We defend over 5 million endpoints and 11 million identities, and that number continues to grow each month, across tens of thousands of mid-sized and small business customers. Given this market’s tighter budgets, it’s impossible to assign human analysts to each client. The Adversary Tactics team addresses this challenge head-on by providing input to build and scale highly automated efficiencies—often lightly augmented by our Security Operations Analysts—that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.

Responsibilities:

• Conducts research on emerging adversary tradecraft in the identity space (Microsoft 365, Google) to help scope and conduct hunt missions
• Responsible for aggregating threat data to build out reports for customers to show Huntress’ value, and inform them of various threats that have been seen and reported
• Responsible for creating reports for marketing to show Huntress’ value to the larger community
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Works with the Sr. Director of Adversary Tactics, the Security Operations Center, Product, and others to develop the Product and threat operations roadmap
• Provides technical leadership for some members of the Security teams
• Supports the professional development of researchers and others in the organization through coaching and mentorship
• Responsible for enhancing Huntress visibility by ingesting and utilizing IOCs from external threat intel sources
• Responsible for blog posts and other marketing materials regarding threat trends
• Excellent written and verbal communication skills
• Familiarity with utilizing AI in workflows

What You Bring To The Team:

• Minimum of 5 years of experience in the field of Threat Intelligence
• Experience with SIEM tools for scaled log analysis
• Familiarity with detection engineering, detection logic, i.e., Sigma Rules
• Experience researching and scoping threat hunt missions
• Understanding of cybersecurity, threat actors, and end-to-end threat life cycle, including one or more of the following: digital forensics, malware research, incident response, vulnerabilities, and exploits
• Experience with 3rd-party intelligence tools, feeds, and reputation services.
• Experience conducting OSINT gathering and analysis
• Foundational development experience across multiple platforms (e.g., Windows and/or macOS), C/C++, GoLang, and Python (nice to have)
• Proficient knowledge of Windows and/or macOS subsystems and how they interact both at the user and kernel level (nice to have)

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit businesses of all sizes.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com . Please note that non-accommodation requests to this inbox will not receive a response.

Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process, but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights.

#BI-Remote

Reports to: Sr. Director of Adversary Tactics

Location: Remote US

Compensation Range: $190,000.00 to $210,000.00  base plus bonus and equity

What We Do:

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24⁄7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers’ protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

What You’ll Do:

The Huntress Adversary Tactics team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. We’re looking for someone who wants to pour their creativity into researching, hunting, and uncovering threats in our customer networks. Competitive candidates have experience leading a team of researchers across the threat intelligence cycle. Candidates should also have experience creating Threat Intelligence reports, advocating for product enhancements, and public speaking.

Threat Intelligence Analysts aggregate threat data from the previous month and build out reports for our customers. These reports may also be used for marketing and help illustrate the value of what Huntress provides to customers and the community. Threat Intelligence Analysts are also responsible for writing blog posts and marketing materials regarding emerging threat trends. They also work closely with Security Researchers and Analysts to obtain more context about threat data.

Familiarity with product management, scripting/development, incident response, malware analysis, configuration management, and antivirus technologies is an additional way to differentiate yourself.

As you can imagine, success doesn’t happen in a vacuum. An effective hunter fosters highly collaborative environments between the Product, Marketing, and Security Operations Center teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision, ultimately delivering our most impactful features and capabilities.

We defend over 5 million endpoints and 11 million identities, and that number continues to grow each month, across tens of thousands of mid-sized and small business customers. Given this market’s tighter budgets, it’s impossible to assign human analysts to each client. The Adversary Tactics team addresses this challenge head-on by providing input to build and scale highly automated efficiencies—often lightly augmented by our Security Operations Analysts—that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.

Responsibilities:

• Conducts research on emerging adversary tradecraft in the identity space (Microsoft 365, Google) to help scope and conduct hunt missions
• Responsible for aggregating threat data to build out reports for customers to show Huntress’ value, and inform them of various threats that have been seen and reported
• Responsible for creating reports for marketing to show Huntress’ value to the larger community
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Works with the Sr. Director of Adversary Tactics, the Security Operations Center, Product, and others to develop the Product and threat operations roadmap
• Provides technical leadership for some members of the Security teams
• Supports the professional development of researchers and others in the organization through coaching and mentorship
• Responsible for enhancing Huntress visibility by ingesting and utilizing IOCs from external threat intel sources
• Responsible for blog posts and other marketing materials regarding threat trends
• Excellent written and verbal communication skills
• Familiarity with utilizing AI in workflows

What You Bring To The Team:

• Minimum of 5 years of experience in the field of Threat Intelligence
• Experience with SIEM tools for scaled log analysis
• Familiarity with detection engineering, detection logic, i.e., Sigma Rules
• Experience researching and scoping threat hunt missions
• Understanding of cybersecurity, threat actors, and end-to-end threat life cycle, including one or more of the following: digital forensics, malware research, incident response, vulnerabilities, and exploits
• Experience with 3rd-party intelligence tools, feeds, and reputation services.
• Experience conducting OSINT gathering and analysis
• Foundational development experience across multiple platforms (e.g., Windows and/or macOS), C/C++, GoLang, and Python (nice to have)
• Proficient knowledge of Windows and/or macOS subsystems and how they interact both at the user and kernel level (nice to have)

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit businesses of all sizes.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com . Please note that non-accommodation requests to this inbox will not receive a response.

Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process, but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights.

#BI-Remote

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and...

All roles at JumpCloud® are Remote unless otherwise specified in the Job Description.

About JumpCloud®

JumpCloud® is the AI-powered unified IT management platform designed to secure the modern workforce. By consolidating identity, device, and access management, JumpCloud provides intelligent, secure IT that scales from human users to autonomous AI agents. We help organizations around the globe eliminate complexity and turn AI risk into an optimized advantage, ensuring the right people and agents have secure access to the right resources at all times.

JumpCloud is Intelligent, Secure IT.

About the team:

As a Security Engineer on the DevSecOps Team, you will be responsible for designing and developing software solutions for protecting data and infrastructure deployed into the cloud. The Security organization is composed of SecOps, GRC, and DevSecOps functions, but all functions work closely together so you will be exposed to many different security areas.

What you will be doing:

• Infrastructure & Automation: Build and maintain infrastructure, including custom software and vendor integrations, to support Engineering’s Security needs (Product Security and Infrastructure Security).

• Cloud Access Engineering: Design and implement secure, automated self-service workflows for cloud infrastructure access and privilege escalation (AWS/GCP).

• Detection & Logging: Manage security infrastructure and SIEM configurations via Infrastructure as Code (Terraform) to ensure a highly auditable detection environment. Build and manage high-volume security data pipelines to ensure forensic logs are retained efficiently and cost-effectively.

• Vulnerability & Posture Management: Help design, overhaul, and improve custom vulnerability aggregation systems to streamline remediation efforts. Manage and tune Cloud Security Posture Management (CSPM) and container security platforms to ensure optimal coverage and reduce alert fatigue.

• Software Supply Chain & AppSec: Integrate and manage Software Supply Chain Security tooling to protect our developer ecosystem. Partner with Engineering to scale our threat modeling program, including developing automated and AI-assisted threat modeling pipelines built directly into the developer workflow.

Necessary skills:

• 4 years of software engineering experience with a strong interest or background in security engineering

• Proficient in writing Golang or Python (more than simple scripts)

• Experience with either AWS or GCP

• Experience with Terraform

• Experience with GitHub Actions

• Excellent written and oral communication

Personal characteristics we are looking for:

• Views security as an enabler, not an inhibitor to innovation

• Results oriented and self driven

• High level of integrity

• Ownership and accountability

• Clear communication

• Creative problem solver

• Passionate about security

Role requirements:

• You must be available for on-call (after hours) duties for any internal tools/services this team owns

• Serve as a responder in the on-call rotation for security incidents and alert triage.

Where you’ll be working/Location:

JumpCloud is committed to being Remote First, meaning that you are able to work remotely within the country noted in the Job Description.

You must be located in and authorized to work in the country noted in the job description to be considered for this role.

Please note: There is an expectation that our engineers participate in on-call shifts. You will be expected commit to being ready and able to respond during your assigned shift, so that alerts don’t go unaddressed.

Language:

JumpCloud has teams in 15+ countries around the world and conducts our internal business in English. The interview and any additional screening process will take place primarily in English. To be considered for a role at JumpCloud, you will be required to speak and write in English fluently.  Any additional language requirements will be included in the details of the job description.

Why JumpCloud?

If you thrive working in a fast, SaaS-based environment and you are passionate about solving challenging technical problems, we look forward to hearing from you! JumpCloud is an incredible place to share and grow your expertise! You’ll work with amazing talent across each department who are passionate about our mission. We’re out of the box thinkers, so your unique ideas and approaches for conceiving a product and/or feature will be welcome. You’ll have a voice in the organization as you work with a seasoned executive team, a supportive board and in a proven market that our customers are excited about.

One of JumpCloud’s three core values is to “Build Connections.” To us that means creating “ human connection with each other regardless of our backgrounds, orientations, geographies, religions, languages, gender, race, etc. We care deeply about the people that we work with and want to see everyone succeed.” - Rajat Bhargava, CEO

Please submit your résumé and brief explanation about yourself and why you would be a good fit for JumpCloud.  Please note JumpCloud is not accepting third party resumes at this time.

JumpCloud is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

Scam Notice:

Please be aware that there are individuals and organizations that may attempt to scam job seekers by offering fraudulent employment opportunities in the name of JumpCloud. These scams may involve fake job postings, unsolicited emails, or messages claiming to be from our recruiters or hiring managers. Please note that JumpCloud will never ask for any personal account information, such as credit card details or bank account numbers, during the recruitment process. Additionally, JumpCloud will never send you a check for any equipment prior to employment.

All communication related to interviews and offers from our recruiters and hiring managers will come from official company email addresses (@jumpcloud.com) and will never ask for any payment, fee to be paid or purchases to be made by the job seeker. If you are contacted by anyone claiming to represent JumpCloud and you are unsure of their authenticity, please do not provide any personal/financial information and contact us immediately at [email protected] with the subject line “Scam Notice”

#LI-Remote #BI-Remote

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, transcribing or summarizing interviews, and assessing responses. These tools assist our recruitment team but do not replace human judgment in hiring decisions, which are ultimately made by humans. Please see our Privacy Policy (https://jumpcloud.com/privacy) for more information about our personal data practices.

Basic Function

The Senior Application Security Engineer is a hands-on technical leader responsible for securing Lumin Digital’s B2B2C SaaS platform across the full software development lifecycle. This role exists at the intersection of application security and AI-augmented engineering: the ideal candidate actively uses AI-powered tools such as Claude Code and Claude Security in their daily workflow to find vulnerabilities faster, automate remediation, and scale security coverage beyond what traditional approaches allow. As AI rapidly transforms how code is written, reviewed, and deployed, this engineer will lead the effort to secure AI-integrated applications, harden CI/CD pipelines, and establish governance for responsible AI adoption across product and engineering teams. Success in this role requires deep technical fluency, a bias toward building and doing over advising, and the ability to operate independently in a fast-moving, remote-first environment.

Essential Functions and Responsibilities:

• Lead security architecture reviews for new and existing applications, ensuring secure-by-design principles are embedded from initial design through deployment and ongoing operation.

• Develop, enforce, and continuously refine secure coding standards across engineering teams through a combination of automated security scans (SAST, DAST, SCA), AI-assisted code review using tools such as Claude Code, periodic manual code audits, and targeted secure development training.

• Own the design, implementation, and evolution of Application Security Posture Management (ASPM) capabilities, integrating signals from static analysis, dynamic testing, software composition analysis, and runtime telemetry to build risk-scoring models that balance exploitability, data sensitivity, and business impact.

• Continuously improve threat modeling frameworks across application components, third-party integrations, cloud-native architectures, and AI/LLM-powered features, leveraging tools such as Claude Security for accelerated threat model generation and scenario analysis.

• Develop custom security automation tools and scripts to improve detection and response capabilities across cloud environments, including AI-assisted vulnerability auto-fix workflows and integration of AI-powered security tooling into CI/CD pipelines.

• Own and operate the company’s bug bounty program end-to-end: define program strategy and scope, triage and validate external researcher submissions, assess severity, and maintain productive engagement with the security research community.

• Manage vulnerability triage and prioritization processes, ensuring vulnerabilities are assessed based on exploitability, business impact, and compliance requirements, and that remediation timelines align with organizational risk tolerance.

• Influence product roadmaps by identifying and advocating for security enhancements aligned with evolving regulatory requirements, industry best practices, and the emerging threat landscape for AI-integrated applications.

• Mentor security engineers and developers through hands-on guidance in secure coding, vulnerability remediation, and effective use of AI-augmented security workflows.

• Present security findings, risk assessments, and program metrics to senior leadership, clients, auditors, and regulators in a clear, actionable manner.

• Perform other duties as assigned.

Physical Demands:

• While performing the duties of this job, the employee is regularly required to sit; use hands to type, handle, or feel and talk or hear.

• Specific vision abilities required by this job include close vision.

• Ability to occasionally lift/move up to 25 pounds.

• Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through the Human Resources department.

Supervisory Responsibility:

None

Position Specifications

Education:

• Bachelor’s in Computer Science, Cybersecurity, Information Assurance, Software Engineering, or a related field, or an equivalent combination of education and experience.

• Preferred certifications: CSSLP, OSCP, GWEB, or GWAPT.

Experience:

• Seven (7+) years of progressive experience in application security, software security engineering, or a closely related domain within production SaaS environments.

• Extensive hands-on experience in secure software development, DevSecOps pipeline design, and security testing methodologies (SAST, DAST, SCA, penetration testing).

• Demonstrated experience securing large-scale cloud-native applications, APIs, and microservices architectures.

• Experience leading application security initiatives, defining program strategy, and mentoring engineering teams on secure development practices.

• Demonstrated, regular hands-on use of AI-powered security and development tools (e.g., Claude Code, Claude Security, or comparable coding/security assistants) as part of daily security engineering workflows, not solely in an evaluative, advisory, or training capacity.

• Experience assessing AI-specific attack surfaces in LLM-integrated applications, including prompt injection, context leakage, insecure tool use, and model denial-of-service.

Knowledge, Skills, & Abilities:

Required:

• Deep expertise in AWS security, Kubernetes security, and cloud-native application security best practices.

• Strong programming proficiency with the ability to review and assess security risks in one or more of: Java, C#, JavaScript/TypeScript, Python, Swift, or Kotlin.

• Expertise in secure authentication and authorization mechanisms, including OAuth 2.0, OIDC, SAML, JWT, WebAuthn, and Zero Trust principles.

• Hands-on proficiency with AI-augmented security workflows, including daily use of AI tools (e.g., Claude Code, Claude Security) for vulnerability discovery, remediation assistance, threat modeling, and security automation across the SDLC.

• Strong understanding of OWASP Top 10, OWASP Top 10 for LLM Applications, SANS 25, CVSS/EPSS scoring, and MITRE ATT&CK framework.

• Ability to identify, assess, and mitigate prompt injection vulnerabilities (direct and indirect) in LLM-integrated applications through input validation, output sanitization, instruction hierarchy enforcement, and adversarial prompt testing.

• Experience with secure context window management in AI-powered products, including preventing sensitive data leakage, enforcing context isolation boundaries, and defining data classification policies for AI model inputs.

• Hands-on experience with security automation and scripting (Python, Bash, or equivalent).

• Proficiency in penetration testing methodologies, including automated and manual security testing of web applications, APIs, and mobile platforms.

• Strong knowledge of encryption standards, cryptographic best practices, and secrets management.

• Ability to communicate complex security concepts to both technical and non-technical audiences, and to present risk assessments to senior leadership and external stakeholders.

• Demonstrated ability to work independently in a remote setting while maintaining high performance and accountability.

Preferred:

• Experience evaluating the security posture of AI providers (API security reviews, data residency assessments, vendor risk questionnaires, and contractual security requirements).

• Familiarity with AI model access controls and secrets hygiene in AI pipelines, including least-privilege principles for LLM tool integrations and securing model inference endpoints.

• Experience with SIEM, WAF, and security monitoring tools.

• Familiarity with cloud security controls in AWS, including IAM, security groups, KMS, Lambda security, and cloud monitoring.

• Strong project management abilities and experience collaborating across product, engineering, and compliance teams.

Travel:

• Minimal, generally 12 days or less per year, ~2X team get-togethers a year.

$155,000 - $175,000 a year

LIFE AT LUMIN DIGITAL

Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. We empower credit unions and banks by creating cutting-edge digital experiences that continuously serve, engage, and grow their membership base — and as a 100% cloud-native company, we’re purpose-built to unlock the full advantages of the cloud for financial institutions and their users.

At Lumin, we thrive on curiosity and innovation. Our culture is built on trust in our expertise and decisions, respect for diverse perspectives and talents, and boldness in pursuing new ideas. These values shape a workplace where collaboration thrives, ideas flourish, and new possibilities are discovered every day. We encourage our team to explore, experiment, and challenge the status quo — because continuous improvement isn’t just a goal, it’s how we operate.

Benefits Include We take care of our people with medical, dental, and vision insurance, a 401(k) with company match, flexible PTO plus 12 paid holidays, paid sick leave, and paid parental and family leave. We also offer a lifestyle spending account, tuition reimbursement, and a cell phone stipend. Additional details are provided during the interview process.

Lumin Digital is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender identity, or any other legally protected basis.

For more information, visit lumindigital.com.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

All roles at JumpCloud® are Remote unless otherwise specified in the Job Description.

About JumpCloud®

JumpCloud® is the AI-powered unified IT management platform designed to secure the modern workforce. By consolidating identity, device, and access management, JumpCloud provides intelligent, secure IT that scales from human users to autonomous AI agents. We help organizations around the globe eliminate complexity and turn AI risk into an optimized advantage, ensuring the right people and agents have secure access to the right resources at all times.

JumpCloud is Intelligent, Secure IT.

About the team:

As a Security Engineer on the DevSecOps Team, you will be responsible for designing and developing software solutions for protecting data and infrastructure deployed into the cloud. The Security organization is composed of SecOps, GRC, and DevSecOps functions, but all functions work closely together so you will be exposed to many different security areas.

What you will be doing:

• Infrastructure & Automation: Build and maintain infrastructure, including custom software and vendor integrations, to support Engineering’s Security needs (Product Security and Infrastructure Security).

• Cloud Access Engineering: Design and implement secure, automated self-service workflows for cloud infrastructure access and privilege escalation (AWS/GCP).

• Detection & Logging: Manage security infrastructure and SIEM configurations via Infrastructure as Code (Terraform) to ensure a highly auditable detection environment. Build and manage high-volume security data pipelines to ensure forensic logs are retained efficiently and cost-effectively.

• Vulnerability & Posture Management: Help design, overhaul, and improve custom vulnerability aggregation systems to streamline remediation efforts. Manage and tune Cloud Security Posture Management (CSPM) and container security platforms to ensure optimal coverage and reduce alert fatigue.

• Software Supply Chain & AppSec: Integrate and manage Software Supply Chain Security tooling to protect our developer ecosystem. Partner with Engineering to scale our threat modeling program, including developing automated and AI-assisted threat modeling pipelines built directly into the developer workflow.

Necessary skills:

• 4 years of software engineering experience with a strong interest or background in security engineering

• Proficient in writing Golang or Python (more than simple scripts)

• Experience with either AWS or GCP

• Experience with Terraform

• Experience with GitHub Actions

• Excellent written and oral communication

Personal characteristics we are looking for:

• Views security as an enabler, not an inhibitor to innovation

• Results oriented and self driven

• High level of integrity

• Ownership and accountability

• Clear communication

• Creative problem solver

• Passionate about security

Role requirements:

• You must be available for on-call (after hours) duties for any internal tools/services this team owns

• Serve as a responder in the on-call rotation for security incidents and alert triage.

Where you’ll be working/Location:

JumpCloud is committed to being Remote First, meaning that you are able to work remotely within the country noted in the Job Description.

You must be located in and authorized to work in the country noted in the job description to be considered for this role.

Please note: There is an expectation that our engineers participate in on-call shifts. You will be expected commit to being ready and able to respond during your assigned shift, so that alerts don’t go unaddressed.

Language:

JumpCloud has teams in 15+ countries around the world and conducts our internal business in English. The interview and any additional screening process will take place primarily in English. To be considered for a role at JumpCloud, you will be required to speak and write in English fluently.  Any additional language requirements will be included in the details of the job description.

Why JumpCloud?

If you thrive working in a fast, SaaS-based environment and you are passionate about solving challenging technical problems, we look forward to hearing from you! JumpCloud is an incredible place to share and grow your expertise! You’ll work with amazing talent across each department who are passionate about our mission. We’re out of the box thinkers, so your unique ideas and approaches for conceiving a product and/or feature will be welcome. You’ll have a voice in the organization as you work with a seasoned executive team, a supportive board and in a proven market that our customers are excited about.

One of JumpCloud’s three core values is to “Build Connections.” To us that means creating “ human connection with each other regardless of our backgrounds, orientations, geographies, religions, languages, gender, race, etc. We care deeply about the people that we work with and want to see everyone succeed.” - Rajat Bhargava, CEO

Please submit your résumé and brief explanation about yourself and why you would be a good fit for JumpCloud.  Please note JumpCloud is not accepting third party resumes at this time.

JumpCloud is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

Scam Notice:

Please be aware that there are individuals and organizations that may attempt to scam job seekers by offering fraudulent employment opportunities in the name of JumpCloud. These scams may involve fake job postings, unsolicited emails, or messages claiming to be from our recruiters or hiring managers. Please note that JumpCloud will never ask for any personal account information, such as credit card details or bank account numbers, during the recruitment process. Additionally, JumpCloud will never send you a check for any equipment prior to employment.

All communication related to interviews and offers from our recruiters and hiring managers will come from official company email addresses (@jumpcloud.com) and will never ask for any payment, fee to be paid or purchases to be made by the job seeker. If you are contacted by anyone claiming to represent JumpCloud and you are unsure of their authenticity, please do not provide any personal/financial information and contact us immediately at [email protected] with the subject line “Scam Notice”

#LI-Remote #BI-Remote

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, transcribing or summarizing interviews, and assessing responses. These tools assist our recruitment team but do not replace human judgment in hiring decisions, which are ultimately made by humans. Please see our Privacy Policy (https://jumpcloud.com/privacy) for more information about our personal data practices.

Basic Function

The Senior Application Security Engineer is a hands-on technical leader responsible for securing Lumin Digital’s B2B2C SaaS platform across the full software development lifecycle. This role exists at the intersection of application security and AI-augmented engineering: the ideal candidate actively uses AI-powered tools such as Claude Code and Claude Security in their daily workflow to find vulnerabilities faster, automate remediation, and scale security coverage beyond what traditional approaches allow. As AI rapidly transforms how code is written, reviewed, and deployed, this engineer will lead the effort to secure AI-integrated applications, harden CI/CD pipelines, and establish governance for responsible AI adoption across product and engineering teams. Success in this role requires deep technical fluency, a bias toward building and doing over advising, and the ability to operate independently in a fast-moving, remote-first environment.

Essential Functions and Responsibilities:

• Lead security architecture reviews for new and existing applications, ensuring secure-by-design principles are embedded from initial design through deployment and ongoing operation.

• Develop, enforce, and continuously refine secure coding standards across engineering teams through a combination of automated security scans (SAST, DAST, SCA), AI-assisted code review using tools such as Claude Code, periodic manual code audits, and targeted secure development training.

• Own the design, implementation, and evolution of Application Security Posture Management (ASPM) capabilities, integrating signals from static analysis, dynamic testing, software composition analysis, and runtime telemetry to build risk-scoring models that balance exploitability, data sensitivity, and business impact.

• Continuously improve threat modeling frameworks across application components, third-party integrations, cloud-native architectures, and AI/LLM-powered features, leveraging tools such as Claude Security for accelerated threat model generation and scenario analysis.

• Develop custom security automation tools and scripts to improve detection and response capabilities across cloud environments, including AI-assisted vulnerability auto-fix workflows and integration of AI-powered security tooling into CI/CD pipelines.

• Own and operate the company’s bug bounty program end-to-end: define program strategy and scope, triage and validate external researcher submissions, assess severity, and maintain productive engagement with the security research community.

• Manage vulnerability triage and prioritization processes, ensuring vulnerabilities are assessed based on exploitability, business impact, and compliance requirements, and that remediation timelines align with organizational risk tolerance.

• Influence product roadmaps by identifying and advocating for security enhancements aligned with evolving regulatory requirements, industry best practices, and the emerging threat landscape for AI-integrated applications.

• Mentor security engineers and developers through hands-on guidance in secure coding, vulnerability remediation, and effective use of AI-augmented security workflows.

• Present security findings, risk assessments, and program metrics to senior leadership, clients, auditors, and regulators in a clear, actionable manner.

• Perform other duties as assigned.

Physical Demands:

• While performing the duties of this job, the employee is regularly required to sit; use hands to type, handle, or feel and talk or hear.

• Specific vision abilities required by this job include close vision.

• Ability to occasionally lift/move up to 25 pounds.

• Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through the Human Resources department.

Supervisory Responsibility:

None

Position Specifications

Education:

• Bachelor’s in Computer Science, Cybersecurity, Information Assurance, Software Engineering, or a related field, or an equivalent combination of education and experience.

• Preferred certifications: CSSLP, OSCP, GWEB, or GWAPT.

Experience:

• Seven (7+) years of progressive experience in application security, software security engineering, or a closely related domain within production SaaS environments.

• Extensive hands-on experience in secure software development, DevSecOps pipeline design, and security testing methodologies (SAST, DAST, SCA, penetration testing).

• Demonstrated experience securing large-scale cloud-native applications, APIs, and microservices architectures.

• Experience leading application security initiatives, defining program strategy, and mentoring engineering teams on secure development practices.

• Demonstrated, regular hands-on use of AI-powered security and development tools (e.g., Claude Code, Claude Security, or comparable coding/security assistants) as part of daily security engineering workflows, not solely in an evaluative, advisory, or training capacity.

• Experience assessing AI-specific attack surfaces in LLM-integrated applications, including prompt injection, context leakage, insecure tool use, and model denial-of-service.

Knowledge, Skills, & Abilities:

Required:

• Deep expertise in AWS security, Kubernetes security, and cloud-native application security best practices.

• Strong programming proficiency with the ability to review and assess security risks in one or more of: Java, C#, JavaScript/TypeScript, Python, Swift, or Kotlin.

• Expertise in secure authentication and authorization mechanisms, including OAuth 2.0, OIDC, SAML, JWT, WebAuthn, and Zero Trust principles.

• Hands-on proficiency with AI-augmented security workflows, including daily use of AI tools (e.g., Claude Code, Claude Security) for vulnerability discovery, remediation assistance, threat modeling, and security automation across the SDLC.

• Strong understanding of OWASP Top 10, OWASP Top 10 for LLM Applications, SANS 25, CVSS/EPSS scoring, and MITRE ATT&CK framework.

• Ability to identify, assess, and mitigate prompt injection vulnerabilities (direct and indirect) in LLM-integrated applications through input validation, output sanitization, instruction hierarchy enforcement, and adversarial prompt testing.

• Experience with secure context window management in AI-powered products, including preventing sensitive data leakage, enforcing context isolation boundaries, and defining data classification policies for AI model inputs.

• Hands-on experience with security automation and scripting (Python, Bash, or equivalent).

• Proficiency in penetration testing methodologies, including automated and manual security testing of web applications, APIs, and mobile platforms.

• Strong knowledge of encryption standards, cryptographic best practices, and secrets management.

• Ability to communicate complex security concepts to both technical and non-technical audiences, and to present risk assessments to senior leadership and external stakeholders.

• Demonstrated ability to work independently in a remote setting while maintaining high performance and accountability.

Preferred:

• Experience evaluating the security posture of AI providers (API security reviews, data residency assessments, vendor risk questionnaires, and contractual security requirements).

• Familiarity with AI model access controls and secrets hygiene in AI pipelines, including least-privilege principles for LLM tool integrations and securing model inference endpoints.

• Experience with SIEM, WAF, and security monitoring tools.

• Familiarity with cloud security controls in AWS, including IAM, security groups, KMS, Lambda security, and cloud monitoring.

• Strong project management abilities and experience collaborating across product, engineering, and compliance teams.

Travel:

• Minimal, generally 12 days or less per year, ~2X team get-togethers a year.

$155,000 - $175,000 a year

LIFE AT LUMIN DIGITAL

Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. We empower credit unions and banks by creating cutting-edge digital experiences that continuously serve, engage, and grow their membership base — and as a 100% cloud-native company, we’re purpose-built to unlock the full advantages of the cloud for financial institutions and their users.

At Lumin, we thrive on curiosity and innovation. Our culture is built on trust in our expertise and decisions, respect for diverse perspectives and talents, and boldness in pursuing new ideas. These values shape a workplace where collaboration thrives, ideas flourish, and new possibilities are discovered every day. We encourage our team to explore, experiment, and challenge the status quo — because continuous improvement isn’t just a goal, it’s how we operate.

Benefits Include We take care of our people with medical, dental, and vision insurance, a 401(k) with company match, flexible PTO plus 12 paid holidays, paid sick leave, and paid parental and family leave. We also offer a lifestyle spending account, tuition reimbursement, and a cell phone stipend. Additional details are provided during the interview process.

Lumin Digital is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender identity, or any other legally protected basis.

For more information, visit lumindigital.com.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

General information Requisition # R67796 Locations USA-Remote Work Posting Date 05/15/2026 Security Clearance Required None Remote Type Fully Remote Time Type Full time Description & Requirements Elevate your career with...

General information Requisition # R67740 Locations USA-Remote Work Posting Date 05/13/2026 Security Clearance Required Secret Remote Type Fully Remote Time Type Full time Description & Requirements Shape the future of...

Joining Collibra’s Product Security team

Collibra is seeking a Senior Product Security Engineer to join our high-impact team. You will be a key individual responsible for identifying vulnerabilities and providing expert remediation consulting for our global product development teams. This role provides critical technical leadership and oversight, ensuring Collibra continues to deliver secure, resilient products and services to our customers. You will act as an application security evangelist, partnering with engineers to accelerate secure time-to-value while leveraging cutting-edge AI and MCP to create context-aware security automation.

This is a remote role .

Product Security Engineers at Collibra are responsible for

• Application security for products and/or features supported by your assigned development teams.
• Performing security testing and triaging findings identified by SAST, SCA, IAST, DAST, and penetration tests.
• Leverage AI and MCP to create intelligent, context-aware security guidance and automation.
• Providing remediation consulting services to assigned development teams.
• Assist with vulnerability management reporting and tracking.
• Coordinating third-party penetration testing engagements, analyzing reports, and opening tickets for remediation.
• Contribute to the configuration and management of security tools.

You have

• 5+ years of application/product security experience.
• 2+ years of experience securing Java, Python, and/or JavaScript web applications.
• Knowledge of enterprise-level software architecture components and cloud infrastructure.
• Experience building trusted advisor relationships with engineers, product owners, and engineering management (up to director level).
• Experience with AI security tooling, context-aware automation for SSDLC.
• Understanding of AI privacy and governance in developer workflows.
• Experience using and building agentic AI systems that work collaboratively.
• Experience advocating for the remediation of application security risk and, simultaneously, the associated development/engineering team(s).
• Experience in identifying vulnerabilities in source code, providing detailed steps to reproduce exploitation, and providing recommendations to engineering teams on how to remediate issues.
• A bachelor’s degree or equivalent related working experience is required.
• This position is not eligible for visa sponsorship.
• Because this role supports the US government, it is required that this candidate be a US citizen who resides on US soil.

You are

• Knowledgeable of CI/CD concepts and experience with integrated SAST, SCA, and DAST tooling.
• Proficient at triaging application vulnerabilities associated with source code, open-source library dependencies, and 3rd party containers.
• Able to assess and communicate the impact of Common Vulnerability Weaknesses (CVEs) on custom application software and advise on risk acceptance/deferment for false positive scenarios, severity adjustments, and acceptable reasoning for operational requirements.
• Experienced in executing as a matrixed/embedded security resource (within a development team) responsible for product, application, or feature group vulnerability assessments, ensuring they are appropriately enumerated and executed.
• Possess a working knowledge of Python, Java, and/or JavaScript software development languages.
• Experienced in Linux and containerization in a cloud environment.
• Experienced in communicating the impact of security vulnerabilities to engineering teams and product leaders.
• Experienced in using SAST, DAST, and SCA tooling.
• Experienced in being a point of contact for outside/3rd party security assessments (pen tests, questionnaires, etc.).
• knowledgeable of vulnerability management concepts, challenges, and reporting.
• Possess a working knowledge of the OWASP Top 10 and can explain its concepts to a diverse audience of engineers and people leaders.
• Familiarity with AI standards and regulations, EU AI Act, SAIF and ISO 42001.

Measures of success

• Within your first month, you will absorb fundamental knowledge about Collibra processes/tools and SDLC.
• Within your third month, you will own application security engineering tasks for one or more development teams responsible for product features.
• Within your sixth month, you will be responsible for managing triaging efforts for 3rd party pen testing and be able to resolve customer product security inquiries independently.

Compensation for this role

The standard base salary range for this position is $168,000.00 - $210,000.00 per year. This position is not eligible for additional commission-based compensation. Salary offers are based on a combination of factors, including, but not limited to, experience, skills, and location. In addition to base salary, we offer a competitive total rewards package, including bonus potential, equity for eligible roles, a Flex Fund monthly stipend, pension/401k plans, and more.

Benefits at Collibra

Collibra recognizes and values that everyone has different needs, interests, and life goals. We built our benefits program with flexibility in mind to support you and your loved ones through a diverse range of circumstances and life events. These flexible offerings sit on a foundation of competitive compensation, health coverage, and time off. Learn more about Collibra’s benefits.

We create inclusion and belonging through how we onboard, meet, connect, engage, and communicate. Learn more about diversity, equity, and inclusion at Collibra.

At Collibra, we’re proud to be an equal opportunity employer. We realize the key to creating a company with a world-class culture and employee experience comes from who we hire and creating a workplace that celebrates everyone.

With this, we proudly consider qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sexual orientation, pregnancy, sex, gender identity, gender expression, genetic information, physical or mental disability, HIV status, registered domestic partner status, caregiver status, marital status, veteran or military status, citizenship status or any other legally protected category. If you have a need that requires accommodation, let us know by completing our Accommodations for Applicants form.

Joining Collibra’s Product Security team

Collibra is seeking a Senior Product Security Engineer to join our high-impact team. You will be a key individual responsible for identifying vulnerabilities and providing expert remediation consulting for our global product development teams. This role provides critical technical leadership and oversight, ensuring Collibra continues to deliver secure, resilient products and services to our customers. You will act as an application security evangelist, partnering with engineers to accelerate secure time-to-value while leveraging cutting-edge AI and MCP to create context-aware security automation.

This is a remote role .

Product Security Engineers at Collibra are responsible for

• Application security for products and/or features supported by your assigned development teams.
• Performing security testing and triaging findings identified by SAST, SCA, IAST, DAST, and penetration tests.
• Leverage AI and MCP to create intelligent, context-aware security guidance and automation.
• Providing remediation consulting services to assigned development teams.
• Assist with vulnerability management reporting and tracking.
• Coordinating third-party penetration testing engagements, analyzing reports, and opening tickets for remediation.
• Contribute to the configuration and management of security tools.

You have

• 5+ years of application/product security experience.
• 2+ years of experience securing Java, Python, and/or JavaScript web applications.
• Knowledge of enterprise-level software architecture components and cloud infrastructure.
• Experience building trusted advisor relationships with engineers, product owners, and engineering management (up to director level).
• Experience with AI security tooling, context-aware automation for SSDLC.
• Understanding of AI privacy and governance in developer workflows.
• Experience using and building agentic AI systems that work collaboratively.
• Experience advocating for the remediation of application security risk and, simultaneously, the associated development/engineering team(s).
• Experience in identifying vulnerabilities in source code, providing detailed steps to reproduce exploitation, and providing recommendations to engineering teams on how to remediate issues.
• A bachelor’s degree or equivalent related working experience is required.
• This position is not eligible for visa sponsorship.
• Because this role supports the US government, it is required that this candidate be a US citizen who resides on US soil.

You are

• Knowledgeable of CI/CD concepts and experience with integrated SAST, SCA, and DAST tooling.
• Proficient at triaging application vulnerabilities associated with source code, open-source library dependencies, and 3rd party containers.
• Able to assess and communicate the impact of Common Vulnerability Weaknesses (CVEs) on custom application software and advise on risk acceptance/deferment for false positive scenarios, severity adjustments, and acceptable reasoning for operational requirements.
• Experienced in executing as a matrixed/embedded security resource (within a development team) responsible for product, application, or feature group vulnerability assessments, ensuring they are appropriately enumerated and executed.
• Possess a working knowledge of Python, Java, and/or JavaScript software development languages.
• Experienced in Linux and containerization in a cloud environment.
• Experienced in communicating the impact of security vulnerabilities to engineering teams and product leaders.
• Experienced in using SAST, DAST, and SCA tooling.
• Experienced in being a point of contact for outside/3rd party security assessments (pen tests, questionnaires, etc.).
• knowledgeable of vulnerability management concepts, challenges, and reporting.
• Possess a working knowledge of the OWASP Top 10 and can explain its concepts to a diverse audience of engineers and people leaders.
• Familiarity with AI standards and regulations, EU AI Act, SAIF and ISO 42001.

Measures of success

• Within your first month, you will absorb fundamental knowledge about Collibra processes/tools and SDLC.
• Within your third month, you will own application security engineering tasks for one or more development teams responsible for product features.
• Within your sixth month, you will be responsible for managing triaging efforts for 3rd party pen testing and be able to resolve customer product security inquiries independently.

Compensation for this role

The standard base salary range for this position is $168,000.00 - $210,000.00 per year. This position is not eligible for additional commission-based compensation. Salary offers are based on a combination of factors, including, but not limited to, experience, skills, and location. In addition to base salary, we offer a competitive total rewards package, including bonus potential, equity for eligible roles, a Flex Fund monthly stipend, pension/401k plans, and more.

Benefits at Collibra

Collibra recognizes and values that everyone has different needs, interests, and life goals. We built our benefits program with flexibility in mind to support you and your loved ones through a diverse range of circumstances and life events. These flexible offerings sit on a foundation of competitive compensation, health coverage, and time off. Learn more about Collibra’s benefits.

We create inclusion and belonging through how we onboard, meet, connect, engage, and communicate. Learn more about diversity, equity, and inclusion at Collibra.

At Collibra, we’re proud to be an equal opportunity employer. We realize the key to creating a company with a world-class culture and employee experience comes from who we hire and creating a workplace that celebrates everyone.

With this, we proudly consider qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sexual orientation, pregnancy, sex, gender identity, gender expression, genetic information, physical or mental disability, HIV status, registered domestic partner status, caregiver status, marital status, veteran or military status, citizenship status or any other legally protected category. If you have a need that requires accommodation, let us know by completing our Accommodations for Applicants form.

Who we are At Twilio, we’re shaping the future of communications, all from the comfort of our homes.

About Us:

YipitData is the leading market research and analytics firm for the disruptive economy and recently raised up to $475M from The Carlyle Group at a valuation over $1B.

We analyze billions of alternative data points every day to provide accurate, detailed insights on ridesharing, e-commerce marketplaces, payments and more. Our on-demand insights team uses proprietary technology to identify, license, clean and analyze the data many of the world’s largest investment funds and corporations depend on.

For three years and counting, we have been recognized as one of Inc’s Best Workplaces. We are a fast-growing technology company backed by The Carlyle Group and Norwest Venture Partners. Our offices are located in NYC, Austin, Miami, Los Angeles (CA), Cupertino (CA),Hong Kong, Shanghai, Beijing, Guangzhou, and Singapore. We cultivate a people-centric culture focused on mastery, ownership, and transparency. About the Role:

We are seeking an AI Security Engineer to lead the implementation, monitoring, and continuous improvement of security, governance, and trust controls for AI systems across the organization. This role will focus on operationalizing AI system security controls using the Agentic Trust Framework mapped to OWASP guidance and the NIST AI RMF, with particular emphasis on observability engineering, behavioral monitoring, policy enforcement, misuse detection, and risk-informed response.

This person will serve as a bridge between Security, Engineering, Data, Platform, Compliance, and AI product teams to ensure AI systems are not only functional and performant, but also trustworthy, auditable, resilient, and aligned with enterprise governance requirements.

The ideal candidate combines technical depth in AI/ML systems, strong security and monitoring instincts, and the ability to define practical controls for complex, fast-evolving agentic and generative AI environments.

We expect U.S. based working hours with the majority of the team working East and Central Time Zones.

In this role, you will:

• Own AI behavior monitoring: Define what trustworthy and untrustworthy AI behavior looks like, and ensure it is measurable in production.
• Own AI observability standards: Establish telemetry, tracing, logging, and alerting requirements for AI systems and agentic workflows.
• Own control validation for agentic systems: Verify that guardrails, policy checks, access boundaries, and execution constraints are functioning as intended.
• Own AI security event analysis: Detect, investigate, and document suspicious, unsafe, or non-compliant AI behaviors and coordinate response.
• Own implementation support for governance frameworks: Translate governance principles into technical and operational requirements that product and platform teams can adopt.
• Own AI trust metrics and reporting: Define KPIs, KRIs, and dashboards that show leadership whether AI systems are operating within approved trust and security boundaries.
• Own continuous improvement of AI controls: Use incidents, testing, behavioral findings, and stakeholder feedback to strengthen control design and reduce residual risk over time.

You Are Likely To Succeed If:

• 5+ years of experience in one or more of the following: security engineering, detection engineering, observability engineering, site reliability engineering, application security, ML platform engineering, or AI governance implementation.
• Experience designing monitoring, logging, telemetry, or detection strategies for distributed systems, cloud services, or data-intensive applications.
• Familiarity with AI/ML system architecture, including large language models, retrieval-augmented generation, inference pipelines, model APIs, and agentic workflows.
• Experience translating governance, risk, or policy requirements into operational controls and measurable technical requirements.
• Strong understanding of security concepts such as identity and access management, least privilege, data protection, abuse prevention, auditability, and incident response.
• Experience investigating system behavior, identifying anomalies, and working cross-functionally to drive remediation.
• Hold industry certifications (or equivalent experience): CISSP, CCSP, GIAC Machine Learning Engineer (GMLE)
• Strong written communication skills, including ability to write standards, control definitions, runbooks, and leadership-facing summaries.

Preferred Qualifications:

• Experience with AI observability tooling, tracing frameworks, or telemetry pipelines for LLM or agent-based systems.
• Experience implementing controls for AI safety, AI red teaming, prompt security, model misuse detection, or secure tool execution.
• Familiarity with Microsoft security, compliance, and AI governance ecosystems.
• Familiarity with trust and safety concepts for generative AI and autonomous systems.
• Experience supporting internal governance, risk, privacy, or compliance review processes for AI-enabled products.
• Experience building dashboards, alerts, and behavioral analytics for security or operational monitoring.
• Experience working in highly regulated or audit-sensitive environments.

What We Offer:

• Our compensation package includes comprehensive benefits, perks, and a competitive salary:

  • We care about your personal life, and we mean it. We offer flexible work hours, flexible vacation, a generous 401K match, parental leave, team events, wellness budget, learning reimbursement, and more!
  • Your growth at YipitData is determined by the impact that you are making, not by tenure, unnecessary facetime, or office politics. Everyone at YipitData is empowered to learn, self-improve, and master their skills in an environment focused on ownership, respect, and trust. See more on our high-impact, high-opportunity work environment above!
  • The annual on-target earnings for this position is anticipated to be up to $230 ~ $280K . The final offer may be determined by a number of factors, including, but not limited to, the applicant’s experience, knowledge, skills, abilities, as well as internal team benchmarks.

The compensation package also includes equity.

This role may be performed fully remotely within the United States. Please note that our US headquarters are located in NYC. We also have have US offices in Austin, Miami, Los Angeles (CA), and Cupertino (CA). If the remote work is performed outside of these offices, income may be subject to New York State tax withholding.

Please note that for this position, we are not able to consider candidates who currently or in the future will require visa sponsorship.

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal-opportunity employer.

Job Applicant Privacy Notice

About Life360

Life360’s mission is to keep people close to the ones they love. Our category-leading mobile app, Tile tracking devices, and Pet GPS tracker empower members to protect the people, pets, and things they care about most with a range of services, including location sharing, safe driver reports, and crash detection with emergency dispatch. Life360 serves approximately 95.8 million monthly active users (MAU), as of December 31, 2025, across more than 180 countries.

Life360 delivers peace of mind and enhances everyday family life with seamless coordination for all the moments that matter, big and small. By continuing to innovate and deliver for our customers, we have become a household name and the must-have mobile-based membership for families (and those friends who are basically family).

Life360 has more than 500 (and growing!) remote-first employees. For more information, please visit life360.com.

Life360 is a Remote-First company, which means a remote work environment will be the primary experience for all employees. All positions, unless otherwise specified, can be performed remotely (within the US) regardless of any specified location above.

We Are AI Native

We are building an AI native company where AI is an integral part of how we build and operate. AI tool usage during interviews varies by role. You may be asked to demonstrate proficiency with AI tools, discuss how you leverage AI, or complete interview exercises without AI assistance. Your Recruiter will provide clear guidance as you move through the interview process.

Undisclosed use of AI not previously discussed with or approved by your Recruiter may impact your candidacy.

About the Team

The AI Native Platform team is a cross-functional engineering organization built to lay the infrastructure foundations for Life360’s AI-native transformation. We are not exploring what might be possible, we are building the platform that makes it operational.

The team works across four interconnected areas: how Life360 safely accesses and governs the use of frontier AI models and external integrations; the agent deployment and workflow infrastructure that lets teams build, test, version, and operate autonomous agents with the same rigor applied to any production software; how we safely democratize data, information, and knowledge across the organization, making it queryable and usable by AI systems and humans reliably; and a multiplayer AI workbench that gives every employee a purpose-built environment tuned to their role, with relevant tools, knowledge, and workflows rather than a general-purpose chat interface.

The work is deliberate, high-velocity, and built to last. The bar is high: real use cases, production deployments, measurable outcomes.

Security is not a checkpoint on this team. It is part of how we build. We are looking for engineers who want to be in the room where the architecture is designed and in the codebase where it’s being built.

About the Job

We are hiring a Principal AI Security Engineer to secure Life360’s AI infrastructure as it takes shape. You will sit within the AI Native Platform team, reporting directly to the CISO, working alongside the engineers designing and building each layer of the platform.

This role requires both architectural depth and hands-on execution, often in the same week. You will define the security architecture other engineers build within; the trust model, authorization framework, data boundary topology, and threat model. Guide the coherence of these patterns across the teams building model access, agent infrastructure, the knowledge layer, and the end-user platform to interoperate securely and drift doesn’t introduce systemic risk. The patterns we are securing are still being defined. Part of the work is figuring out which approaches hold up under real conditions, which ones don’t, and scaling what works.You won’t be doing this alone, you’ll work alongside additional security engineers and the broader team building the platform, with the expectation that this function grows as the platform does.

The data at stake has real weight. Life360’s systems carry real-time location data and family relationship graphs for tens of millions of people. These are crown jewels in the truest sense — irreplaceable to the families who trust us with them. Securing the AI systems that interact with this data is not a compliance exercise. It is a core obligation of the product.

The US-based salary range for this position is $239,500 to $351,500. We take into consideration an individual’s background and experience in determining final salary — therefore, base pay offered may vary considerably depending on geographic location, job-related knowledge, skills, and experience. The compensation package includes a wide range of medical, dental, vision, financial, and other benefits, as well as equity.

What You’ll Do

• Own the security strategy for frontier model access and MCP governance. Define how we securely connect to frontier models and external tool integrations: the risk framework, the authorization architecture, and the escalation model before those patterns harden at scale. Set the direction that builders implement within
• Architect the identity and trust model for non-human agents. Define how agents authenticate, how trust is established and revoked across orchestration chains, and how the model evolves as agent capabilities expand, covering service identities, scoped credentials, and least-privilege access patterns across the platform.
• Set the adversarial defense posture for AI systems in production. Define our approach to prompt injection defense, adversarial input handling, and behavioral monitoring patterns and establish the detection philosophy, telemetry requirements, and response framework the team builds and operates within.
• Shape security architecture for the common AI end-user platform. Lead design reviews and build the access controls, data boundary enforcement, and abuse detection that keep a shared AI environment safe across an employee population with varying privilege levels.
• Secure the shared knowledge layer. Define access control and data governance for retrieval and reasoning, ensuring AI-powered tools don’t inadvertently surface sensitive data to the wrong systems or users.
• Build AI supply chain integrity into the platform. Develop model provenance practices, service vetting, and dependency controls that keep the AI stack trustworthy as it grows.
• Partner with Privacy, Legal, and Data Platform to ensure the right controls are built into pipelines handling real-time location, family relationship data, and data involving minors.

What We’re Looking For

• 15+ years in security engineering with depth in application security, cloud security, IAM, or detection. A track record of building controls that earn adoption, not just approval.
• Security architecture ownership you’ve defined at the platform level in terms of trust models, data boundary topologies, and long-term viability that produces security outcomes without grinding velocity.
• Hands-on fluency with LLM and agentic systems. You’ve built with these tools, broken them, and shipped fixes for prompt pipelines , RAG architectures, and multi-agent orchestration from the inside.
• Deep grounding in IAM for non-human systems: service identities, OAuth, secrets management, RBAC/ABAC, and least-privilege architecture at scale. You’ve designed and built identity systems, not just consumed them
• Experience with production telemetry and detection at an architectural level. You’ve defined security observability strategies, not just individual detections
• Comfort with ambiguity and in-flight builds. You’re energized by figuring things out, writing first-draft standards, testing approaches, and scaling what works.
• Strategic judgement on when to build v. buy and ability to lead the organization to wise investments.
• Strong cross-functional communication across engineering, product, legal, privacy, and senior leadership. You carry risk, tradeoffs, and technical decisions without losing precision..
• You’ve contributed or ready to contribute to the security industry. We’re shaping these patterns together and you’re willing to represent Life360 in these conversations.
• Familiarity with NIST AI RMF, OWASP LLM Top 10, and adjacent compliance environments for consumer data at scale.
• Bachelor’s degree or equivalent experience in Computer Science, Information Security, or a related field.

Bonus points if you have:

• Experience with frontier model API security, tool-use authorization patterns, or access governance for AI systems at scale.
• Hands-on experience with multi-agent orchestration frameworks (LangGraph, AutoGen, CrewAI, or similar) and their trust, identity, and authorization challenges.
• Familiarity with knowledge graph architectures, vector stores, or RAG systems — and the access control and data boundary problems they introduce.
• Red teaming or adversarial testing against AI systems: prompt injection, jailbreaks, data extraction, model inversion, or supply chain attacks.
• Background in consumer technology or another domain where personal data sensitivity is a core product obligation — not just a legal requirement.
• Experience designing or reviewing security for internal enterprise AI platforms serving non-technical users.

Our Benefits

• Competitive pay and benefits
• Medical, dental, vision, life and disability insurance plans (100% paid for employees)
• 401(k) plan with company matching program
• Mental Wellness Program & Employee Assistance Program (EAP) for mental well-being
• Flexible PTO, 13 company-wide days off throughout the year
• Winter and Summer Weeklong Synchronized Company Shutdowns
• Learning & Development programs
• Equipment, tools, and reimbursement support for a productive remote environment
• Free Life360 Platinum Membership for your preferred circle
• Free Tile Products

Life360 Values

Our company’s mission-driven culture is guided by our shared values to create a trusted work environment where you can bring your authentic self to work and make a positive difference.

• Be a Good Person — We have a team of high integrity people you can trust.
• Be Direct With Respect — We communicate directly, even when it’s hard.
• Members Before Metrics — We focus on building an exceptional experience for families.
• High Intensity, High Impact — We do whatever it takes to get the job done.

Our Commitment to Diversity

We believe that different ideas, perspectives and backgrounds create a stronger and more creative work environment that delivers better results. Together, we continue to build an inclusive culture that encourages, supports, and celebrates the diverse voices of our employees. It fuels our innovation and connects us closer to our customers and the communities we serve. We strive to create a workplace that reflects the communities we serve and where everyone feels empowered to bring their authentic best selves to work.

We are an equal opportunity employer and value diversity at Life360. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status or any legally protected status.

We encourage people of all backgrounds to apply. We believe that a diversity of perspectives and experiences create a foundation for the best ideas. Come join us in building something meaningful. Even if you don’t meet 100% of the below qualifications, you should still seriously consider applying!

#LI-Remote

About Life360

Life360’s mission is to keep people close to the ones they love. Our category-leading mobile app, Tile tracking devices, and Pet GPS tracker empower members to protect the people, pets, and things they care about most with a range of services, including location sharing, safe driver reports, and crash detection with emergency dispatch. Life360 serves approximately 95.8 million monthly active users (MAU), as of December 31, 2025, across more than 180 countries.

Life360 delivers peace of mind and enhances everyday family life with seamless coordination for all the moments that matter, big and small. By continuing to innovate and deliver for our customers, we have become a household name and the must-have mobile-based membership for families (and those friends who are basically family).

Life360 has more than 500 (and growing!) remote-first employees. For more information, please visit life360.com.

Life360 is a Remote-First company, which means a remote work environment will be the primary experience for all employees. All positions, unless otherwise specified, can be performed remotely (within the US) regardless of any specified location above.

We Are AI Native

We are building an AI native company where AI is an integral part of how we build and operate. AI tool usage during interviews varies by role. You may be asked to demonstrate proficiency with AI tools, discuss how you leverage AI, or complete interview exercises without AI assistance. Your Recruiter will provide clear guidance as you move through the interview process.

Undisclosed use of AI not previously discussed with or approved by your Recruiter may impact your candidacy.

About the Team

The AI Native Platform team is a cross-functional engineering organization built to lay the infrastructure foundations for Life360’s AI-native transformation. We are not exploring what might be possible, we are building the platform that makes it operational.

The team works across four interconnected areas: how Life360 safely accesses and governs the use of frontier AI models and external integrations; the agent deployment and workflow infrastructure that lets teams build, test, version, and operate autonomous agents with the same rigor applied to any production software; how we safely democratize data, information, and knowledge across the organization, making it queryable and usable by AI systems and humans reliably; and a multiplayer AI workbench that gives every employee a purpose-built environment tuned to their role, with relevant tools, knowledge, and workflows rather than a general-purpose chat interface.

The work is deliberate, high-velocity, and built to last. The bar is high: real use cases, production deployments, measurable outcomes.

Security is not a checkpoint on this team. It is part of how we build. We are looking for engineers who want to be in the room where the architecture is designed and in the codebase where it’s being built.

About the Job

We are hiring a Sr. Staff AI Security Engineer to secure Life360’s AI infrastructure as it takes shape. You will sit within the AI Native Platform team, reporting directly to the CISO, working alongside the engineers designing and building each layer of the platform.

This role is grounded in execution with real architectural reach. You’ll drive delivery across key security domains while contributing to design decisions that shape how the platform is built. The patterns we are securing are still being defined, and part of the work is building and validating those patterns under real conditions. You’ll be active in architecture reviews, own security implementation across your domains, and build the controls that make it safe to move fast with AI. In a domain where the playbooks are still being written, part of the role is writing them. You won’t be doing this alone, you’ll work alongside additional security engineers and the broader team building the platform, with the expectation that this function grows as the platform does.

The data at stake has real weight. Life360’s systems carry real-time location data and family relationship graphs for tens of millions of people, including children. These are crown jewels in the truest sense — irreplaceable to the families who trust us with them. Securing the AI systems that interact with this data is not a compliance exercise. It is a core obligation of the product.

The US-based salary range for this position is $209,000 to $309,000. We take into consideration an individual’s background and experience in determining final salary — therefore, base pay offered may vary considerably depending on geographic location, job-related knowledge, skills, and experience. The compensation package includes a wide range of medical, dental, vision, financial, and other benefits, as well as equity.

What You’ll Do

• Secure how Life360 accesses frontier models. Design, build, and iterate the access controls, policy enforcement, and authorization patterns that govern how systems interact with the frontier models they rely on.
• Build secure patterns for MCP access and tool use authorization. Build and own the controls that vets, risk-tier, and govern how we integrate with external tools and services via MCP as adoption expands across engineering teams.
• Design and build the identity and authorization model for autonomous agents: service identities, scoped credentials, and least-privilege access patterns. Define and enforce the trust boundaries that govern how agents interact across orchestration chains.
• Design and build agentic observability and adversarial defenses. Build the telemetry pipelines and behavioral monitoring that provide visibility into AI system behavior. Implement architecture-level defenses against prompt injection and related adversarial attack classes.
• Shape security for the common AI end-user platform. Lead design reviews, build access controls, data boundary enforcement, and abuse detection that keep a shared AI environment safe across users with different privilege levels.
• Secure the shared knowledge layer. Define access control and data governance for retrieval augmented and reasoning systems, ensuring AI-powered tools don’t surface sensitive data to the wrong systems or users.
• Build AI supply chain integrity into the platform. Develop model provenance practices, service vetting, and dependency controls that keep the AI stack trustworthy as it grows.
• Partner with Privacy, Legal, and Data Platform to ensure the right controls are built into pipelines handling real-time location, family relationship data, and data involving minors.

What We’re Looking For

• 12+ years in security engineering with depth in application security, cloud security, IAM, or detection — and a track record of building controls that earn adoption, not just approval.
• Hands on builder shipping security controls that hold up in production. You’re not an advisor but a practitioner that can define patterns that last
• Hands-on fluency with LLM and agentic systems. You’ve built with these tools, broken them, and shipped fixes for prompt pipelines , RAG architectures, and multi-agent orchestration from the inside.
• Solid grounding in IAM for non-human systems: service identities, OAuth, secrets management, RBAC/ABAC, and least-privilege architecture at scale.
• Experience with production telemetry and detection — defining detections and building response paths for threat surfaces without established playbooks.
• Comfort with ambiguity and in-flight builds. You’re energized by figuring things out — writing first-draft standards, testing approaches, and scaling what works.
• Strong cross-functional communication and the ability to push back when it matters. You carry risk, tradeoffs, and technical decisions across engineering, product, and security leadership without losing precision — and can reshape a risky decision clearly and constructively.
• Familiarity with NIST AI RMF, OWASP LLM Top 10, and adjacent compliance environments for consumer data at scale.
• Bachelor’s degree or equivalent experience in Computer Science, Information Security, or a related field.

Bonus points if you have:

• Experience with frontier model API security, tool-use authorization patterns, or access governance for AI systems at scale.
• Hands-on experience with multi-agent orchestration frameworks (LangGraph, AutoGen, CrewAI, or similar) and their trust, identity, and authorization challenges.
• Familiarity with knowledge graph architectures, vector stores, or RAG systems — and the access control and data boundary problems they introduce.
• Red teaming or adversarial testing against AI systems: prompt injection, jailbreaks, data extraction, model inversion, or supply chain attacks.
• Background in consumer technology or another domain where personal data sensitivity is a core product obligation — not just a legal requirement.
• Experience designing or reviewing security for internal enterprise AI platforms serving non-technical users.

Our Benefits

• Competitive pay and benefits
• Medical, dental, vision, life and disability insurance plans (100% paid for employees)
• 401(k) plan with company matching program
• Mental Wellness Program & Employee Assistance Program (EAP) for mental well-being
• Flexible PTO, 13 company-wide days off throughout the year
• Winter and Summer Weeklong Synchronized Company Shutdowns
• Learning & Development programs
• Equipment, tools, and reimbursement support for a productive remote environment
• Free Life360 Platinum Membership for your preferred circle
• Free Tile Products

Life360 Values

Our company’s mission-driven culture is guided by our shared values to create a trusted work environment where you can bring your authentic self to work and make a positive difference.

• Be a Good Person — We have a team of high integrity people you can trust.
• Be Direct With Respect — We communicate directly, even when it’s hard.
• Members Before Metrics — We focus on building an exceptional experience for families.
• High Intensity, High Impact — We do whatever it takes to get the job done.

Our Commitment to Diversity

We believe that different ideas, perspectives and backgrounds create a stronger and more creative work environment that delivers better results. Together, we continue to build an inclusive culture that encourages, supports, and celebrates the diverse voices of our employees. It fuels our innovation and connects us closer to our customers and the communities we serve. We strive to create a workplace that reflects the communities we serve and where everyone feels empowered to bring their authentic best selves to work.

We are an equal opportunity employer and value diversity at Life360. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status or any legally protected status.

We encourage people of all backgrounds to apply. We believe that a diversity of perspectives and experiences create a foundation for the best ideas. Come join us in building something meaningful. Even if you don’t meet 100% of the below qualifications, you should still seriously consider applying!

#LI-Remote

About Us:

YipitData is the leading market research and analytics firm for the disruptive economy and recently raised up to $475M from The Carlyle Group at a valuation over $1B.

We analyze billions of alternative data points every day to provide accurate, detailed insights on ridesharing, e-commerce marketplaces, payments and more. Our on-demand insights team uses proprietary technology to identify, license, clean and analyze the data many of the world’s largest investment funds and corporations depend on.

For three years and counting, we have been recognized as one of Inc’s Best Workplaces. We are a fast-growing technology company backed by The Carlyle Group and Norwest Venture Partners. Our offices are located in NYC, Austin, Miami, Los Angeles (CA), Cupertino (CA),Hong Kong, Shanghai, Beijing, Guangzhou, and Singapore. We cultivate a people-centric culture focused on mastery, ownership, and transparency. About the Role:

We are seeking an AI Security Engineer to lead the implementation, monitoring, and continuous improvement of security, governance, and trust controls for AI systems across the organization. This role will focus on operationalizing AI system security controls using the Agentic Trust Framework mapped to OWASP guidance and the NIST AI RMF, with particular emphasis on observability engineering, behavioral monitoring, policy enforcement, misuse detection, and risk-informed response.

This person will serve as a bridge between Security, Engineering, Data, Platform, Compliance, and AI product teams to ensure AI systems are not only functional and performant, but also trustworthy, auditable, resilient, and aligned with enterprise governance requirements.

The ideal candidate combines technical depth in AI/ML systems, strong security and monitoring instincts, and the ability to define practical controls for complex, fast-evolving agentic and generative AI environments.

We expect U.S. based working hours with the majority of the team working East and Central Time Zones.

In this role, you will:

• Own AI behavior monitoring: Define what trustworthy and untrustworthy AI behavior looks like, and ensure it is measurable in production.
• Own AI observability standards: Establish telemetry, tracing, logging, and alerting requirements for AI systems and agentic workflows.
• Own control validation for agentic systems: Verify that guardrails, policy checks, access boundaries, and execution constraints are functioning as intended.
• Own AI security event analysis: Detect, investigate, and document suspicious, unsafe, or non-compliant AI behaviors and coordinate response.
• Own implementation support for governance frameworks: Translate governance principles into technical and operational requirements that product and platform teams can adopt.
• Own AI trust metrics and reporting: Define KPIs, KRIs, and dashboards that show leadership whether AI systems are operating within approved trust and security boundaries.
• Own continuous improvement of AI controls: Use incidents, testing, behavioral findings, and stakeholder feedback to strengthen control design and reduce residual risk over time.

You Are Likely To Succeed If:

• 5+ years of experience in one or more of the following: security engineering, detection engineering, observability engineering, site reliability engineering, application security, ML platform engineering, or AI governance implementation.
• Experience designing monitoring, logging, telemetry, or detection strategies for distributed systems, cloud services, or data-intensive applications.
• Familiarity with AI/ML system architecture, including large language models, retrieval-augmented generation, inference pipelines, model APIs, and agentic workflows.
• Experience translating governance, risk, or policy requirements into operational controls and measurable technical requirements.
• Strong understanding of security concepts such as identity and access management, least privilege, data protection, abuse prevention, auditability, and incident response.
• Experience investigating system behavior, identifying anomalies, and working cross-functionally to drive remediation.
• Hold industry certifications (or equivalent experience): CISSP, CCSP, GIAC Machine Learning Engineer (GMLE)
• Strong written communication skills, including ability to write standards, control definitions, runbooks, and leadership-facing summaries.

Preferred Qualifications:

• Experience with AI observability tooling, tracing frameworks, or telemetry pipelines for LLM or agent-based systems.
• Experience implementing controls for AI safety, AI red teaming, prompt security, model misuse detection, or secure tool execution.
• Familiarity with Microsoft security, compliance, and AI governance ecosystems.
• Familiarity with trust and safety concepts for generative AI and autonomous systems.
• Experience supporting internal governance, risk, privacy, or compliance review processes for AI-enabled products.
• Experience building dashboards, alerts, and behavioral analytics for security or operational monitoring.
• Experience working in highly regulated or audit-sensitive environments.

What We Offer:

• Our compensation package includes comprehensive benefits, perks, and a competitive salary:

  • We care about your personal life, and we mean it. We offer flexible work hours, flexible vacation, a generous 401K match, parental leave, team events, wellness budget, learning reimbursement, and more!
  • Your growth at YipitData is determined by the impact that you are making, not by tenure, unnecessary facetime, or office politics. Everyone at YipitData is empowered to learn, self-improve, and master their skills in an environment focused on ownership, respect, and trust. See more on our high-impact, high-opportunity work environment above!
  • The annual on-target earnings for this position is anticipated to be up to $230 ~ $280K . The final offer may be determined by a number of factors, including, but not limited to, the applicant’s experience, knowledge, skills, abilities, as well as internal team benchmarks.

The compensation package also includes equity.

This role may be performed fully remotely within the United States. Please note that our US headquarters are located in NYC. We also have have US offices in Austin, Miami, Los Angeles (CA), and Cupertino (CA). If the remote work is performed outside of these offices, income may be subject to New York State tax withholding.

Please note that for this position, we are not able to consider candidates who currently or in the future will require visa sponsorship.

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal-opportunity employer.

Job Applicant Privacy Notice

About Life360

Life360’s mission is to keep people close to the ones they love. Our category-leading mobile app, Tile tracking devices, and Pet GPS tracker empower members to protect the people, pets, and things they care about most with a range of services, including location sharing, safe driver reports, and crash detection with emergency dispatch. Life360 serves approximately 95.8 million monthly active users (MAU), as of December 31, 2025, across more than 180 countries.

Life360 delivers peace of mind and enhances everyday family life with seamless coordination for all the moments that matter, big and small. By continuing to innovate and deliver for our customers, we have become a household name and the must-have mobile-based membership for families (and those friends who are basically family).

Life360 has more than 500 (and growing!) remote-first employees. For more information, please visit life360.com.

Life360 is a Remote-First company, which means a remote work environment will be the primary experience for all employees. All positions, unless otherwise specified, can be performed remotely (within the US) regardless of any specified location above.

We Are AI Native

We are building an AI native company where AI is an integral part of how we build and operate. AI tool usage during interviews varies by role. You may be asked to demonstrate proficiency with AI tools, discuss how you leverage AI, or complete interview exercises without AI assistance. Your Recruiter will provide clear guidance as you move through the interview process.

Undisclosed use of AI not previously discussed with or approved by your Recruiter may impact your candidacy.

About the Team

The AI Native Platform team is a cross-functional engineering organization built to lay the infrastructure foundations for Life360’s AI-native transformation. We are not exploring what might be possible, we are building the platform that makes it operational.

The team works across four interconnected areas: how Life360 safely accesses and governs the use of frontier AI models and external integrations; the agent deployment and workflow infrastructure that lets teams build, test, version, and operate autonomous agents with the same rigor applied to any production software; how we safely democratize data, information, and knowledge across the organization, making it queryable and usable by AI systems and humans reliably; and a multiplayer AI workbench that gives every employee a purpose-built environment tuned to their role, with relevant tools, knowledge, and workflows rather than a general-purpose chat interface.

The work is deliberate, high-velocity, and built to last. The bar is high: real use cases, production deployments, measurable outcomes.

Security is not a checkpoint on this team. It is part of how we build. We are looking for engineers who want to be in the room where the architecture is designed and in the codebase where it’s being built.

About the Job

We are hiring a Principal AI Security Engineer to secure Life360’s AI infrastructure as it takes shape. You will sit within the AI Native Platform team, reporting directly to the CISO, working alongside the engineers designing and building each layer of the platform.

This role requires both architectural depth and hands-on execution, often in the same week. You will define the security architecture other engineers build within; the trust model, authorization framework, data boundary topology, and threat model. Guide the coherence of these patterns across the teams building model access, agent infrastructure, the knowledge layer, and the end-user platform to interoperate securely and drift doesn’t introduce systemic risk. The patterns we are securing are still being defined. Part of the work is figuring out which approaches hold up under real conditions, which ones don’t, and scaling what works.You won’t be doing this alone, you’ll work alongside additional security engineers and the broader team building the platform, with the expectation that this function grows as the platform does.

The data at stake has real weight. Life360’s systems carry real-time location data and family relationship graphs for tens of millions of people. These are crown jewels in the truest sense — irreplaceable to the families who trust us with them. Securing the AI systems that interact with this data is not a compliance exercise. It is a core obligation of the product.

The US-based salary range for this position is $239,500 to $351,500. We take into consideration an individual’s background and experience in determining final salary — therefore, base pay offered may vary considerably depending on geographic location, job-related knowledge, skills, and experience. The compensation package includes a wide range of medical, dental, vision, financial, and other benefits, as well as equity.

What You’ll Do

• Own the security strategy for frontier model access and MCP governance. Define how we securely connect to frontier models and external tool integrations: the risk framework, the authorization architecture, and the escalation model before those patterns harden at scale. Set the direction that builders implement within
• Architect the identity and trust model for non-human agents. Define how agents authenticate, how trust is established and revoked across orchestration chains, and how the model evolves as agent capabilities expand, covering service identities, scoped credentials, and least-privilege access patterns across the platform.
• Set the adversarial defense posture for AI systems in production. Define our approach to prompt injection defense, adversarial input handling, and behavioral monitoring patterns and establish the detection philosophy, telemetry requirements, and response framework the team builds and operates within.
• Shape security architecture for the common AI end-user platform. Lead design reviews and build the access controls, data boundary enforcement, and abuse detection that keep a shared AI environment safe across an employee population with varying privilege levels.
• Secure the shared knowledge layer. Define access control and data governance for retrieval and reasoning, ensuring AI-powered tools don’t inadvertently surface sensitive data to the wrong systems or users.
• Build AI supply chain integrity into the platform. Develop model provenance practices, service vetting, and dependency controls that keep the AI stack trustworthy as it grows.
• Partner with Privacy, Legal, and Data Platform to ensure the right controls are built into pipelines handling real-time location, family relationship data, and data involving minors.

What We’re Looking For

• 15+ years in security engineering with depth in application security, cloud security, IAM, or detection. A track record of building controls that earn adoption, not just approval.
• Security architecture ownership you’ve defined at the platform level in terms of trust models, data boundary topologies, and long-term viability that produces security outcomes without grinding velocity.
• Hands-on fluency with LLM and agentic systems. You’ve built with these tools, broken them, and shipped fixes for prompt pipelines , RAG architectures, and multi-agent orchestration from the inside.
• Deep grounding in IAM for non-human systems: service identities, OAuth, secrets management, RBAC/ABAC, and least-privilege architecture at scale. You’ve designed and built identity systems, not just consumed them
• Experience with production telemetry and detection at an architectural level. You’ve defined security observability strategies, not just individual detections
• Comfort with ambiguity and in-flight builds. You’re energized by figuring things out, writing first-draft standards, testing approaches, and scaling what works.
• Strategic judgement on when to build v. buy and ability to lead the organization to wise investments.
• Strong cross-functional communication across engineering, product, legal, privacy, and senior leadership. You carry risk, tradeoffs, and technical decisions without losing precision..
• You’ve contributed or ready to contribute to the security industry. We’re shaping these patterns together and you’re willing to represent Life360 in these conversations.
• Familiarity with NIST AI RMF, OWASP LLM Top 10, and adjacent compliance environments for consumer data at scale.
• Bachelor’s degree or equivalent experience in Computer Science, Information Security, or a related field.

Bonus points if you have:

• Experience with frontier model API security, tool-use authorization patterns, or access governance for AI systems at scale.
• Hands-on experience with multi-agent orchestration frameworks (LangGraph, AutoGen, CrewAI, or similar) and their trust, identity, and authorization challenges.
• Familiarity with knowledge graph architectures, vector stores, or RAG systems — and the access control and data boundary problems they introduce.
• Red teaming or adversarial testing against AI systems: prompt injection, jailbreaks, data extraction, model inversion, or supply chain attacks.
• Background in consumer technology or another domain where personal data sensitivity is a core product obligation — not just a legal requirement.
• Experience designing or reviewing security for internal enterprise AI platforms serving non-technical users.

Our Benefits

• Competitive pay and benefits
• Medical, dental, vision, life and disability insurance plans (100% paid for employees)
• 401(k) plan with company matching program
• Mental Wellness Program & Employee Assistance Program (EAP) for mental well-being
• Flexible PTO, 13 company-wide days off throughout the year
• Winter and Summer Weeklong Synchronized Company Shutdowns
• Learning & Development programs
• Equipment, tools, and reimbursement support for a productive remote environment
• Free Life360 Platinum Membership for your preferred circle
• Free Tile Products

Life360 Values

Our company’s mission-driven culture is guided by our shared values to create a trusted work environment where you can bring your authentic self to work and make a positive difference.

• Be a Good Person — We have a team of high integrity people you can trust.
• Be Direct With Respect — We communicate directly, even when it’s hard.
• Members Before Metrics — We focus on building an exceptional experience for families.
• High Intensity, High Impact — We do whatever it takes to get the job done.

Our Commitment to Diversity

We believe that different ideas, perspectives and backgrounds create a stronger and more creative work environment that delivers better results. Together, we continue to build an inclusive culture that encourages, supports, and celebrates the diverse voices of our employees. It fuels our innovation and connects us closer to our customers and the communities we serve. We strive to create a workplace that reflects the communities we serve and where everyone feels empowered to bring their authentic best selves to work.

We are an equal opportunity employer and value diversity at Life360. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status or any legally protected status.

We encourage people of all backgrounds to apply. We believe that a diversity of perspectives and experiences create a foundation for the best ideas. Come join us in building something meaningful. Even if you don’t meet 100% of the below qualifications, you should still seriously consider applying!

#LI-Remote

About Life360

Life360’s mission is to keep people close to the ones they love. Our category-leading mobile app, Tile tracking devices, and Pet GPS tracker empower members to protect the people, pets, and things they care about most with a range of services, including location sharing, safe driver reports, and crash detection with emergency dispatch. Life360 serves approximately 95.8 million monthly active users (MAU), as of December 31, 2025, across more than 180 countries.

Life360 delivers peace of mind and enhances everyday family life with seamless coordination for all the moments that matter, big and small. By continuing to innovate and deliver for our customers, we have become a household name and the must-have mobile-based membership for families (and those friends who are basically family).

Life360 has more than 500 (and growing!) remote-first employees. For more information, please visit life360.com.

Life360 is a Remote-First company, which means a remote work environment will be the primary experience for all employees. All positions, unless otherwise specified, can be performed remotely (within the US) regardless of any specified location above.

We Are AI Native

We are building an AI native company where AI is an integral part of how we build and operate. AI tool usage during interviews varies by role. You may be asked to demonstrate proficiency with AI tools, discuss how you leverage AI, or complete interview exercises without AI assistance. Your Recruiter will provide clear guidance as you move through the interview process.

Undisclosed use of AI not previously discussed with or approved by your Recruiter may impact your candidacy.

About the Team

The AI Native Platform team is a cross-functional engineering organization built to lay the infrastructure foundations for Life360’s AI-native transformation. We are not exploring what might be possible, we are building the platform that makes it operational.

The team works across four interconnected areas: how Life360 safely accesses and governs the use of frontier AI models and external integrations; the agent deployment and workflow infrastructure that lets teams build, test, version, and operate autonomous agents with the same rigor applied to any production software; how we safely democratize data, information, and knowledge across the organization, making it queryable and usable by AI systems and humans reliably; and a multiplayer AI workbench that gives every employee a purpose-built environment tuned to their role, with relevant tools, knowledge, and workflows rather than a general-purpose chat interface.

The work is deliberate, high-velocity, and built to last. The bar is high: real use cases, production deployments, measurable outcomes.

Security is not a checkpoint on this team. It is part of how we build. We are looking for engineers who want to be in the room where the architecture is designed and in the codebase where it’s being built.

About the Job

We are hiring a Sr. Staff AI Security Engineer to secure Life360’s AI infrastructure as it takes shape. You will sit within the AI Native Platform team, reporting directly to the CISO, working alongside the engineers designing and building each layer of the platform.

This role is grounded in execution with real architectural reach. You’ll drive delivery across key security domains while contributing to design decisions that shape how the platform is built. The patterns we are securing are still being defined, and part of the work is building and validating those patterns under real conditions. You’ll be active in architecture reviews, own security implementation across your domains, and build the controls that make it safe to move fast with AI. In a domain where the playbooks are still being written, part of the role is writing them. You won’t be doing this alone, you’ll work alongside additional security engineers and the broader team building the platform, with the expectation that this function grows as the platform does.

The data at stake has real weight. Life360’s systems carry real-time location data and family relationship graphs for tens of millions of people, including children. These are crown jewels in the truest sense — irreplaceable to the families who trust us with them. Securing the AI systems that interact with this data is not a compliance exercise. It is a core obligation of the product.

The US-based salary range for this position is $209,000 to $309,000. We take into consideration an individual’s background and experience in determining final salary — therefore, base pay offered may vary considerably depending on geographic location, job-related knowledge, skills, and experience. The compensation package includes a wide range of medical, dental, vision, financial, and other benefits, as well as equity.

What You’ll Do

• Secure how Life360 accesses frontier models. Design, build, and iterate the access controls, policy enforcement, and authorization patterns that govern how systems interact with the frontier models they rely on.
• Build secure patterns for MCP access and tool use authorization. Build and own the controls that vets, risk-tier, and govern how we integrate with external tools and services via MCP as adoption expands across engineering teams.
• Design and build the identity and authorization model for autonomous agents: service identities, scoped credentials, and least-privilege access patterns. Define and enforce the trust boundaries that govern how agents interact across orchestration chains.
• Design and build agentic observability and adversarial defenses. Build the telemetry pipelines and behavioral monitoring that provide visibility into AI system behavior. Implement architecture-level defenses against prompt injection and related adversarial attack classes.
• Shape security for the common AI end-user platform. Lead design reviews, build access controls, data boundary enforcement, and abuse detection that keep a shared AI environment safe across users with different privilege levels.
• Secure the shared knowledge layer. Define access control and data governance for retrieval augmented and reasoning systems, ensuring AI-powered tools don’t surface sensitive data to the wrong systems or users.
• Build AI supply chain integrity into the platform. Develop model provenance practices, service vetting, and dependency controls that keep the AI stack trustworthy as it grows.
• Partner with Privacy, Legal, and Data Platform to ensure the right controls are built into pipelines handling real-time location, family relationship data, and data involving minors.

What We’re Looking For

• 12+ years in security engineering with depth in application security, cloud security, IAM, or detection — and a track record of building controls that earn adoption, not just approval.
• Hands on builder shipping security controls that hold up in production. You’re not an advisor but a practitioner that can define patterns that last
• Hands-on fluency with LLM and agentic systems. You’ve built with these tools, broken them, and shipped fixes for prompt pipelines , RAG architectures, and multi-agent orchestration from the inside.
• Solid grounding in IAM for non-human systems: service identities, OAuth, secrets management, RBAC/ABAC, and least-privilege architecture at scale.
• Experience with production telemetry and detection — defining detections and building response paths for threat surfaces without established playbooks.
• Comfort with ambiguity and in-flight builds. You’re energized by figuring things out — writing first-draft standards, testing approaches, and scaling what works.
• Strong cross-functional communication and the ability to push back when it matters. You carry risk, tradeoffs, and technical decisions across engineering, product, and security leadership without losing precision — and can reshape a risky decision clearly and constructively.
• Familiarity with NIST AI RMF, OWASP LLM Top 10, and adjacent compliance environments for consumer data at scale.
• Bachelor’s degree or equivalent experience in Computer Science, Information Security, or a related field.

Bonus points if you have:

• Experience with frontier model API security, tool-use authorization patterns, or access governance for AI systems at scale.
• Hands-on experience with multi-agent orchestration frameworks (LangGraph, AutoGen, CrewAI, or similar) and their trust, identity, and authorization challenges.
• Familiarity with knowledge graph architectures, vector stores, or RAG systems — and the access control and data boundary problems they introduce.
• Red teaming or adversarial testing against AI systems: prompt injection, jailbreaks, data extraction, model inversion, or supply chain attacks.
• Background in consumer technology or another domain where personal data sensitivity is a core product obligation — not just a legal requirement.
• Experience designing or reviewing security for internal enterprise AI platforms serving non-technical users.

Our Benefits

• Competitive pay and benefits
• Medical, dental, vision, life and disability insurance plans (100% paid for employees)
• 401(k) plan with company matching program
• Mental Wellness Program & Employee Assistance Program (EAP) for mental well-being
• Flexible PTO, 13 company-wide days off throughout the year
• Winter and Summer Weeklong Synchronized Company Shutdowns
• Learning & Development programs
• Equipment, tools, and reimbursement support for a productive remote environment
• Free Life360 Platinum Membership for your preferred circle
• Free Tile Products

Life360 Values

Our company’s mission-driven culture is guided by our shared values to create a trusted work environment where you can bring your authentic self to work and make a positive difference.

• Be a Good Person — We have a team of high integrity people you can trust.
• Be Direct With Respect — We communicate directly, even when it’s hard.
• Members Before Metrics — We focus on building an exceptional experience for families.
• High Intensity, High Impact — We do whatever it takes to get the job done.

Our Commitment to Diversity

We believe that different ideas, perspectives and backgrounds create a stronger and more creative work environment that delivers better results. Together, we continue to build an inclusive culture that encourages, supports, and celebrates the diverse voices of our employees. It fuels our innovation and connects us closer to our customers and the communities we serve. We strive to create a workplace that reflects the communities we serve and where everyone feels empowered to bring their authentic best selves to work.

We are an equal opportunity employer and value diversity at Life360. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status or any legally protected status.

We encourage people of all backgrounds to apply. We believe that a diversity of perspectives and experiences create a foundation for the best ideas. Come join us in building something meaningful. Even if you don’t meet 100% of the below qualifications, you should still seriously consider applying!

#LI-Remote

About Us:

YipitData is the leading market research and analytics firm for the disruptive economy and recently raised up to $475M from The Carlyle Group at a valuation over $1B.

We analyze billions of alternative data points every day to provide accurate, detailed insights on ridesharing, e-commerce marketplaces, payments and more. Our on-demand insights team uses proprietary technology to identify, license, clean and analyze the data many of the world’s largest investment funds and corporations depend on.

For three years and counting, we have been recognized as one of Inc’s Best Workplaces. We are a fast-growing technology company backed by The Carlyle Group and Norwest Venture Partners. Our offices are located in NYC, Austin, Miami, Los Angeles (CA), Cupertino (CA),Hong Kong, Shanghai, Beijing, Guangzhou, and Singapore. We cultivate a people-centric culture focused on mastery, ownership, and transparency. About the Role:

We are seeking an AI Security Engineer to lead the implementation, monitoring, and continuous improvement of security, governance, and trust controls for AI systems across the organization. This role will focus on operationalizing AI system security controls using the Agentic Trust Framework mapped to OWASP guidance and the NIST AI RMF, with particular emphasis on observability engineering, behavioral monitoring, policy enforcement, misuse detection, and risk-informed response.

This person will serve as a bridge between Security, Engineering, Data, Platform, Compliance, and AI product teams to ensure AI systems are not only functional and performant, but also trustworthy, auditable, resilient, and aligned with enterprise governance requirements.

The ideal candidate combines technical depth in AI/ML systems, strong security and monitoring instincts, and the ability to define practical controls for complex, fast-evolving agentic and generative AI environments.

We expect U.S. based working hours with the majority of the team working East and Central Time Zones.

In this role, you will:

• Own AI behavior monitoring: Define what trustworthy and untrustworthy AI behavior looks like, and ensure it is measurable in production.
• Own AI observability standards: Establish telemetry, tracing, logging, and alerting requirements for AI systems and agentic workflows.
• Own control validation for agentic systems: Verify that guardrails, policy checks, access boundaries, and execution constraints are functioning as intended.
• Own AI security event analysis: Detect, investigate, and document suspicious, unsafe, or non-compliant AI behaviors and coordinate response.
• Own implementation support for governance frameworks: Translate governance principles into technical and operational requirements that product and platform teams can adopt.
• Own AI trust metrics and reporting: Define KPIs, KRIs, and dashboards that show leadership whether AI systems are operating within approved trust and security boundaries.
• Own continuous improvement of AI controls: Use incidents, testing, behavioral findings, and stakeholder feedback to strengthen control design and reduce residual risk over time.

You Are Likely To Succeed If:

• 5+ years of experience in one or more of the following: security engineering, detection engineering, observability engineering, site reliability engineering, application security, ML platform engineering, or AI governance implementation.
• Experience designing monitoring, logging, telemetry, or detection strategies for distributed systems, cloud services, or data-intensive applications.
• Familiarity with AI/ML system architecture, including large language models, retrieval-augmented generation, inference pipelines, model APIs, and agentic workflows.
• Experience translating governance, risk, or policy requirements into operational controls and measurable technical requirements.
• Strong understanding of security concepts such as identity and access management, least privilege, data protection, abuse prevention, auditability, and incident response.
• Experience investigating system behavior, identifying anomalies, and working cross-functionally to drive remediation.
• Hold industry certifications (or equivalent experience): CISSP, CCSP, GIAC Machine Learning Engineer (GMLE)
• Strong written communication skills, including ability to write standards, control definitions, runbooks, and leadership-facing summaries.

Preferred Qualifications:

• Experience with AI observability tooling, tracing frameworks, or telemetry pipelines for LLM or agent-based systems.
• Experience implementing controls for AI safety, AI red teaming, prompt security, model misuse detection, or secure tool execution.
• Familiarity with Microsoft security, compliance, and AI governance ecosystems.
• Familiarity with trust and safety concepts for generative AI and autonomous systems.
• Experience supporting internal governance, risk, privacy, or compliance review processes for AI-enabled products.
• Experience building dashboards, alerts, and behavioral analytics for security or operational monitoring.
• Experience working in highly regulated or audit-sensitive environments.

What We Offer:

• Our compensation package includes comprehensive benefits, perks, and a competitive salary:

  • We care about your personal life, and we mean it. We offer flexible work hours, flexible vacation, a generous 401K match, parental leave, team events, wellness budget, learning reimbursement, and more!
  • Your growth at YipitData is determined by the impact that you are making, not by tenure, unnecessary facetime, or office politics. Everyone at YipitData is empowered to learn, self-improve, and master their skills in an environment focused on ownership, respect, and trust. See more on our high-impact, high-opportunity work environment above!
  • The annual on-target earnings for this position is anticipated to be up to $230 ~ $280K . The final offer may be determined by a number of factors, including, but not limited to, the applicant’s experience, knowledge, skills, abilities, as well as internal team benchmarks.

The compensation package also includes equity.

This role may be performed fully remotely within the United States. Please note that our US headquarters are located in NYC. We also have have US offices in Austin, Miami, Los Angeles (CA), and Cupertino (CA). If the remote work is performed outside of these offices, income may be subject to New York State tax withholding.

Please note that for this position, we are not able to consider candidates who currently or in the future will require visa sponsorship.

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal-opportunity employer.

Job Applicant Privacy Notice