Writing.io Jobs

Find the best remote jobs. Answer a few questions and we'll deploy a powerful assistant to help you search, create alerts, and more.

1 What roles are you open to?

2 Experience level

3 Work style

Did you know? If memory is enabled, Writing.io can remember your job search preferences and help you to improve your resume, craft customized outreach and more.

Security Senior Risk Analyst at AlphaSense

Designs and builds a quantitative, AI-driven enterprise risk management program spanning information security, AI, and operational risk.

Senior Posted about 2 hours ago RemoteFirstJobs Product
What this role involves

About AlphaSense:

The world’s most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on proven AI, AlphaSense delivers insights that matter from content you can trust. Our universe of public and private content includes equity research, company filings, event transcripts, expert calls, news, trade journals, and clients’ own research content.

The acquisition of Tegus by AlphaSense in 2024 advances our shared mission to empower professionals to make smarter decisions through AI-driven market intelligence. Together, AlphaSense and Tegus will accelerate growth, innovation, and content expansion, with complementary product and content capabilities that enable users to unearth even more comprehensive insights from thousands of content sets. Our platform is trusted by over 6,000 enterprise customers, including a majority of the S&P 500. Founded in 2011, AlphaSense is headquartered in New York City with more than 2,000 employees across the globe and offices in the U.S., U.K., Finland, India, Singapore, Canada, and Ireland. Come join us!

About the Role

AlphaSense is maturing its security risk management program and needs a Senior Risk Analyst to be a core builder and operator of that function. You will design, implement, and mature a risk framework that spans information security, AI, and operational risk—building toward a program that is quantitative-leaning, connected to live data sources, and actionable at every altitude from service owner to executive leadership. You will establish risk identification and scoring methodologies, own the enterprise risk register, and produce risk intelligence that drives real decisions. You will also support the TPRM function led by a dedicated TPRM lead, contributing to assessments and risk tracking as needed. You approach this with an AI-native mindset: using AI to monitor threat landscapes, analyze risk data, draft risk narratives, and surface emerging risks faster than a traditional manual program could. The goal is a risk function, not a risk register—one that measures outcomes and reduced exposure, not just activity.This is not a role for someone looking to maintain a program that already exists. AlphaSense is building a risk management discipline that we believe can serve as the blueprint for how AI-era companies measure, communicate, and act on risk. Risk management across the industry is still largely qualitative, reactive, and disconnected from the systems that generate real signal. We intend to change that—and we want someone on this team who shares that ambition and wants to be part of building the model that others will eventually follow.

Key Responsibilities

Risk Program Design & Maturation

Design and implement a structured risk management program, including risk taxonomy, scoring methodology, risk appetite statements, and escalation thresholds. Align the program with ISO 27005, NIST RMF, or ISO 31000 as appropriate. This is largely greenfield work—you will help define the architecture and continuously mature the discipline as the company scales.

Risk Register Ownership

Build and maintain the enterprise risk register as a living operational tool, not a compliance artifact. Lead periodic risk identification workshops with business, engineering, and legal stakeholders to surface new and evolving risks. Ensure every risk has a documented owner, risk rating, treatment decision, and remediation timeline—and that the register reflects current reality, not last quarter’s snapshot.

AI-Augmented Risk Analysis

Leverage AI tools to monitor threat intelligence, identify patterns across risk data, accelerate risk narrative drafting, and keep the risk register current between formal review cycles. Build AI-assisted workflows that reduce manual risk review burden and surface emerging risks earlier. Apply judgment to validate AI output before it informs a risk decision.

Third-Party & Vendor Risk Support

Support the TPRM function in partnership with the dedicated TPRM lead. Contribute to vendor risk assessments, risk scoring, and finding documentation as needed. Provide risk framework input to ensure third-party risks are consistently rated and tracked in alignment with the broader risk register.

AI & Emerging Technology Risk

Identify and assess AI-related risks including data privacy, model bias, explainability, security misuse, agentic system behavior, and third-party AI dependencies. Support compliance with AI governance frameworks (ISO 42001, NIST AI RMF, EU AI Act). Maintain current knowledge of the evolving AI risk landscape and help AlphaSense stay ahead of regulatory and operational risks from AI deployment.

Risk Reporting & Executive Communication

Produce clear, executive-ready risk reports, dashboards, and periodic risk summaries. Translate technical risk findings into business impact language that drives informed decisions at the service owner, leadership, and board levels. Make risk actionable at every altitude—engineers understand their exposure, executives understand portfolio risk.

Cross-Functional Risk Advisory

Provide cross-functional risk and control guidance on process improvements, new technology adoption, post-implementation reviews, and remediation activities. Support stakeholders in interpreting risk requirements and embedding risk management practices into how they build and operate—not as a checkpoint, but as an enabling partner.

What Success Looks Like

  • Security and compliance controls are clearly documented, tested, and consistently implemented—with evidence generated by integrations, not collected by hand
  • Risks and compliance gaps are identified early, tracked with owners, and remediated in partnership with technical teams before auditors find them
  • GRC processes scale alongside platform growth and new customer or regulatory requirements without proportional headcount growth
  • Stakeholders across Engineering, Legal, and Product view the GRC function as a trusted, enabling partner—not a compliance checkpoint
  • AI tools are used deliberately and responsibly: output is validated, sensitive data is protected, and automation creates leverage without introducing new risk
  • The risk register is a live operational tool that reflects current exposure—engineers know their risk posture, executives can explain portfolio risk, and risk scores change when the environment changes
  • Risk reporting is driven by KRIs and live data sources, not manually assembled status updates—leadership has real-time visibility into risk posture

Who You Are

Basic Requirements

  • 6+ years of experience in GRC, information security, risk management, or IT audit, preferably in a SaaS or cloud-native environment
  • Strong understanding of security and compliance frameworks including SOC 2, ISO 27001, NIST CSF 2.0, and CIS Controls; working knowledge of ISO 42001 and NIST AI RMF
  • AI-native mindset: you use AI tools—LLMs, agents, automation—for real, substantive work including analysis, drafting, evidence gathering, and workflow automation. You apply judgment about where AI creates leverage and where a human must stay in the loop
  • Proficiency with GRC platforms for evidence management and control testing (Drata, Vanta, AuditBoard, ServiceNow GRC, or equivalent)
  • Familiarity with cloud environments (AWS, Azure, or GCP) and the security and compliance posture tooling that runs on them (CSPM, SIEM, identity platforms)
  • Experience supporting external audits across security or privacy domains, including evidence collection, control walkthroughs, and auditor interaction
  • Ability to interpret technical controls and translate findings into compliance, risk, and policy documentation that engineers and non-technical stakeholders both understand
  • Working knowledge of risk registers, control libraries, and policy governance lifecycles
  • Working knowledge of privacy and data protection requirements (GDPR, CCPA/CPRA) and how they intersect with security controls, in partnership with Legal and Product teams
  • Strong written communication, analytical thinking, and attention to detail; able to produce clear audit responses, risk narratives, and control documentation under deadline
  • 4+ years of hands-on experience in information security risk management or a combined GRC/risk role with responsibility for building or significantly maturing a risk register and scoring methodology
  • Demonstrated use of AI or data tools to surface risk insights, analyze trends, draft risk narratives, or automate risk register workflows—with clear judgment about validating AI output before it informs a decision
  • Proven experience maturing an organization’s risk program from qualitative to quantitative risk measurement—including introducing scoring models, KRI frameworks, and data-driven risk reporting that changed how leadership makes risk decisions
  • Experience with data warehousing concepts, KRI development and tracking, and risk reporting pipelines that connect live data sources to dashboards and executive reporting
  • Proficiency with GRC platforms for risk tracking, control testing, and evidence management (Drata, Vanta, AuditBoard, ServiceNow GRC, or equivalent)
  • Strong analytical skills: comfort with qualitative and quantitative risk scoring, heat maps, likelihood/impact matrices, and risk appetite articulation
  • Experience producing executive-ready risk reports and translating technical findings into business impact language for non-technical audiences
  • Experience supporting TPRM assessments and contributing to vendor risk documentation in partnership with a dedicated TPRM function

Nice to Have

  • Relevant certifications: CISA, CRISC, CISM, CISSP, CCSK, or ISO 27001 Lead Auditor/Implementer
  • Experience with AI governance frameworks including ISO 42001, NIST AI RMF, EU AI Act, or OECD AI Principles
  • Exposure to SOX ITGC cycles—managing evidence, walkthroughs, and findings with external auditors
  • Privacy program crossover: data mapping, DPIAs, GDPR/CCPA operational compliance
  • Scripting or automation experience (Python, JavaScript, or low-code tools) applied to GRC or compliance workflows
  • Quantitative risk experience: FAIR-style decomposition, Monte Carlo simulation, or loss exceedance analysis applied to real risk decisions—not just theoretical familiarity
  • Experience with AI risk domains: model risk, algorithmic bias, AI system failure modes, agentic system risks, and governance frameworks including NIST AI RMF or ISO 42001
  • Familiarity with risk aggregation and BI tooling (Tableau, Looker, Power BI) for risk dashboarding and executive reporting
  • Background in financial services regulatory risk environments (SOX, FFIEC, or equivalent).

AlphaSense is an equal-opportunity employer. We are committed to a work environment that supports, inspires, and respects all individuals. All employees share in the responsibility for fulfilling AlphaSense’s commitment to equal employment opportunity. AlphaSense does not discriminate against any employee or applicant on the basis of race, color, sex (including pregnancy), national origin, age, religion, marital status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any other non-merit factor. This policy applies to every aspect of employment at AlphaSense, including recruitment, hiring, training, advancement, and termination.

In addition, it is the policy of AlphaSense to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations, and ordinances where a particular employee works.

Recruiting Scams and Fraud

We at AlphaSense have been made aware of fraudulent job postings and individuals impersonating AlphaSense recruiters. These scams may involve fake job offers, requests for sensitive personal information, or demands for payment. Please note:

  • AlphaSense never asks candidates to pay for job applications, equipment, or training.
  • All official communications will come from an @alpha-sense.com email address.
  • If you’re unsure about a job posting or recruiter, verify it on our Careers page.

If you believe you’ve been targeted by a scam or have any doubts regarding the authenticity of any job listing purportedly from or on behalf of AlphaSense please contact us. Your security and trust matter to us.

Read the full description
Security Senior Security Engineer at Samsara

Monitors and responds to security events, leads incident response investigations, and maintains automated security workflows for a publicly traded IoT operations platform.

Senior Remote Posted about 4 hours ago RemoteFirstJobs Product
What this role involves

Who we are

Samsara (NYSE: IOT) is the pioneer of the Connected Operations™ Cloud, which is a platform that enables organizations that depend on physical operations to harness Internet of Things (IoT) data to develop actionable insights and improve their operations. At Samsara, we are helping improve the safety, efficiency and sustainability of the physical operations that power our global economy. Representing more than 40% of global GDP, these industries are the infrastructure of our planet, including agriculture, construction, field services, transportation, and manufacturing — and we are excited to help digitally transform their operations at scale.

Working at Samsara means you’ll help define the future of physical operations and be on a team that’s shaping an exciting array of product solutions, including Video-Based Safety, Vehicle Telematics, Apps and Driver Workflows, and Equipment Monitoring. As part of a recently public company, you’ll have the autonomy and support to make an impact as we build for the long term.

About the role:

As a member of our Security Operations Team, you will collaborate with a global team of engineers to monitor and respond to security events, lead security incidents as Incident Commander, and lead digital forensic investigations in support of Employee Relations, Legal, Compliance, or Information Security cases.

Although you will be focused on security incident response, you will also have the opportunity to create and maintain runbooks, and automated workflows, and assist in process refinement and implementation. You will collaborate with a diverse team of engineers, and key stakeholders on security initiatives across the company. Above all, your focus is bringing Security expertise to the table in a collaborative, humble, and practical manner.

Location: This role is open to candidates residing in the UK

You should apply if:

  • You want to impact the industries that run our world: Every phone call you answer and every email you send can affect whether truck drivers deliver goods on time and without accidents, whether students get dropped off safely from school, or whether power gets restored quickly after a natural disaster.
  • You thrive the most when solving problems: Our constantly expanding technology and the complexities faced by our customers provide an exciting range of challenges for our Customer Success teams. With a growth mindset and a desire to learn, you will strategically partner with our customers to find unique solutions to help keep their operations safe, efficient, and sustainable.
  • You are a natural relationship builder: Whether the relationship is with our customers or with cross-functional teams in Samsara, you are in constant communication and collaboration with key stakeholders to win as a team.
  • You are the architect of your own career: If you put in the work, this role won’t be your last at Samsara. This Customer Success team is still shaping its future and you will have plenty of autonomy and opportunities to master your craft in a hyper growth environment.
  • You want to be with the best: At Samsara, we win together, celebrate together and support each other. You will be surrounded by the best and brightest professionals out there.

In this role, you will:

  • Monitor security events and provide technical analysis on alerts
  • Lead information security incidents and employee insider investigations by developing the incident response strategy, lead the execution through incident closure, while providing incident updates to key stakeholders throughout the incident
  • Deliver security guidance clearly and concisely for incident response and insider threat initiatives
  • Coordinate the building of services, capabilities, integrations, and implementations of technologies to support security operations, incident response, and insider threat
  • Champion, role model, and embed Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, Win as a Team) as we scale globally and across new offices
  • Participate in our on-call rota covering weekends

Minimum requirements for the role:

  • 5+ years of experience in Security Incident Response
  • Ability to communicate investigative findings and strategies to technical staff, executive leadership, and legal
  • Ability to build scripts or tools to support Samsara’s investigation processes, with proficiency in Python
  • Mentor and train security operation engineers on data collection, analysis, and reporting technical analysis
  • Practical experience acting as a lead during security incident response, including monitoring and triaging alerts, and coordinating across teams
  • Understanding of analysis and forensics techniques on macOS, Windows, and Linux
  • Experience utilizing SIEM tools to perform log reviews
  • Experience in cloud architecture and security (AWS, GCP) and cloud-based services
  • This role will be part of our EMEA so your hours will be aligned to the UK. As an operational time you may be expected to work flexible hours around this to support the load of the team

An ideal candidate also has:

  • 2+ years of experience working on insider threat initiatives or employee investigations
  • Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field - or relevant industry experience
  • GIAC Certified Incident Handler (GCIH) or similar Certification
  • Familiarity with common security frameworks and standards, including NIST Cybersecurity Framework, ISO 27001, FedRAMP

Total Rewards

At Samsara, we build for the people who keep the global economy moving. We want owners, not passengers, which is why our rewards are designed to fuel high-impact builders. Our compensation program delivers above-market total compensation through a combination of base salary, performance-based bonus/variable pay, and equity (for eligible roles) in a high-growth public company. We meaningfully differentiate pay for our top performers, who have the opportunity to earn above-market compensation that can outpace the broader market over time.

Beyond compensation, we provide the foundations that enable long-term success: a flexible, employee-led remote model, a professional development stipend, comprehensive health and parental leave plans, and more. If you’re ready to build for the long term and own the outcome, your journey starts here.

Flexible Working

At Samsara, we embrace a flexible working model that caters to the diverse needs of our teams. Our offices are open for those who prefer to work in-person and we also support remote work where it aligns with our operational requirements. For certain positions, being close to one of our offices or within a specific geographic area is important to facilitate collaboration, access to resources, or alignment with our service regions. In these cases, the job description will clearly indicate any working location requirements. Our goal is to ensure that all members of our team can contribute effectively, whether they are working on-site, in a hybrid model, or fully remotely. All offers of employment are contingent upon an individual’s ability to secure and maintain the legal right to work at the company and in the specified work location, if applicable.

Belonging at Samsara

At Samsara, we welcome everyone regardless of their background. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, gender, gender identity, sexual orientation, protected veteran status, disability, age, and other characteristics protected by law. We depend on the unique approaches of our team members to help us solve complex problems and want to ensure that Samsara is a place where people from all backgrounds can make an impact.

Accommodations

Samsara is an inclusive work environment, and we are committed to ensuring equal opportunity in employment for qualified persons with disabilities. Please email accessibleinterviewing@samsara.com or click here if you require any reasonable accommodations throughout the recruiting process.

Our Commitment to Authenticity

We use Tofu, a fraud detection tool, to validate the authenticity of applications and protect against identity fraud. This ensures we are connecting with real people and allows us to prioritize genuine candidates. Please see Samsara’s Candidate Privacy Notice for more information.

Fraudulent Employment Offers

Samsara is aware of scams involving fake job interviews and offers. Please know we do not charge fees to applicants at any stage of the hiring process. Official communication about your application will only come from emails ending in @samsara.com, @us-greenhouse-mail.io or @mail3.guide.co. For more information regarding fraudulent employment offers, please visit our blog post here.

Read the full description
Security Remote Securiti.ai SME at WaveStrong, Inc.

Configure and operationalize the Securiti.ai privacy-compliance platform across multi-cloud environments, automating DSAR, DPIA, and consent workflows for enterprise clients.

Senior Remote Posted 1 day ago RemoteFirstJobs Product
What this role involves

Exciting Remote Securiti.ai SME contract career opportunity.

Own the design, configuration and operationalization of the Securiti.ai platform for an enterprise privacy-compliance program — turning DSAR, DPIA, RoPA and consent requirements into a working, defensible capability the client can run after transition.

  • 2+ years hands-on Securiti.ai — discovery & classification, DSAR automation, DPIA, RoPA, consent modules
  • Multi-cloud connector configuration: AWS, Azure, GCP, Oracle Cloud, IBM Cloud; SaaS sources incl. M365 & Salesforce
  • Architect and configure the Securiti.ai Data Command Center — discovery, classification and data-mapping modules across the multi-cloud estate
  • Stand up DSAR intake and fulfillment automation, DPIA/PIA workflows, RoPA and Universal Consent Management
  • Map cross-border transfer obligations and EU AI Act touchpoints into the platform’s assessment framework
  • Integrate with the surrounding stack — DSPM, data catalog, CMDB and SaaS sources — and tune classification accuracy
  • Deliver runbooks, role-based training and knowledge transfer for client self-sufficiency.
  • Working fluency in GDPR, CCPA/CPRA and U.S. state privacy laws; EU AI Act awareness
  • Experience operationalizing DSAR SLAs, records of processing and consent at enterprise scale
  • Data mapping and lineage across structured/unstructured stores; Databricks & ServiceNow CMDB familiarity a plus
  • API-based integration experience; DSPM tooling exposure (e.g., Wiz, Microsoft Purview) valued
  • Preferred: Securiti.ai certification(s) — Privacy Ops / Data Command Center, IAPP CIPP/E, CIPM or CIPT; CISSP or equivalent security credential a plus
Read the full description
Security Security Architect (SecOps) - Northeast region (Remote) at GuidePoint Security

Lead technical discovery and design security architecture solutions for prospects and customers, translating requirements into SIEM/SOAR implementations and advising on emerging security platforms.

Senior Remote Posted 1 day ago RemoteFirstJobs Product
What this role involves

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

GuidePoint Security is seeking a Security Architect (SecOps) to join our Security Operations practice and serve as a trusted technical advisor to prospects and customers throughout the sales cycle.

Note: Applicants must live in our Northeast region to be considered (NJ to Maine). Up to 25% travel primarily in the region required.

Role Overview:

You will partner with account executives and practice leadership to build customer confidence, articulate technical solutions, and enable seamless handoffs to delivery teams. This is a customer-facing role focused on discovery, design, and positioning — not deep implementation. You will work across the SIEM, SOAR, detection-as-code, and emerging technologies like Snowflake for security data lakes.

What You’ll Do:

  • Lead technical discovery calls and translate customer requirements into high-level solution designs
  • Speak credibly about product capabilities, integrations, and architectural trade-offs (e.g., Splunk, Sentinel, CrowdStrike Next-Gen SIEM, Tines, Torque, Snowflake)
  • Draw integration diagrams, validate technical feasibility, and position GuidePoint’s differentiated capabilities
  • Support account executives in pre-sales engagements, ensuring technical alignment before formal scoping
  • Stay current on security operations trends, emerging platforms, and competitive positioning
  • Collaborate with delivery architects to ensure smooth transitions from sales to implementation
  • Embraces emerging technologies, including AI tools, to work smarter, solve problems, and drive better business outcomes

What We’re Looking For:

  • Technically credible — you understand how SIEM/SOAR/detection-as-code ecosystems work at a fundamental level
  • Approachable and articulate — you can explain complex topics in accessible terms without being condescending or overconfident
  • Customer-focused — you listen well, ask the right questions, and build trust quickly
  • Curious and adaptable — you’re comfortable learning new platforms (e.g., Snowflake) as customer demand evolves
  • Experience in security operations, consulting, or pre-sales engineering preferred
  • No deep implementation expertise required — we value breadth, communication, and judgment over hands-on keyboard skills

We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don’t miss updates on your application.

Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 6,200 customers.

Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.

This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.

Some added perks….

  • Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
  • Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
  • Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
  • 12 corporate holidays and a Flexible Time Off (FTO) program
  • Healthy mobile phone and home internet allowance
  • Eligibility for retirement plan after 2 months at open enrollment
  • Pet Benefit Option
Read the full description
Security Security Architect (SecOps) - Northeast region (Remote) at GuidePoint Security

Lead technical discovery and design security operations solutions (SIEM/SOAR) for prospects, translating requirements into architecture recommendations and supporting sales engagements.

Senior Hybrid Posted 1 day ago RemoteFirstJobs Product
What this role involves

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

GuidePoint Security is seeking a Security Architect (SecOps) to join our Security Operations practice and serve as a trusted technical advisor to prospects and customers throughout the sales cycle.

Note: Applicants must live in our Northeast region to be considered (NJ to Maine). Up to 25% travel primarily in the region required.

Role Overview:

You will partner with account executives and practice leadership to build customer confidence, articulate technical solutions, and enable seamless handoffs to delivery teams. This is a customer-facing role focused on discovery, design, and positioning — not deep implementation. You will work across the SIEM, SOAR, detection-as-code, and emerging technologies like Snowflake for security data lakes.

What You’ll Do:

  • Lead technical discovery calls and translate customer requirements into high-level solution designs
  • Speak credibly about product capabilities, integrations, and architectural trade-offs (e.g., Splunk, Sentinel, CrowdStrike Next-Gen SIEM, Tines, Torque, Snowflake)
  • Draw integration diagrams, validate technical feasibility, and position GuidePoint’s differentiated capabilities
  • Support account executives in pre-sales engagements, ensuring technical alignment before formal scoping
  • Stay current on security operations trends, emerging platforms, and competitive positioning
  • Collaborate with delivery architects to ensure smooth transitions from sales to implementation
  • Embraces emerging technologies, including AI tools, to work smarter, solve problems, and drive better business outcomes

What We’re Looking For:

  • Technically credible — you understand how SIEM/SOAR/detection-as-code ecosystems work at a fundamental level
  • Approachable and articulate — you can explain complex topics in accessible terms without being condescending or overconfident
  • Customer-focused — you listen well, ask the right questions, and build trust quickly
  • Curious and adaptable — you’re comfortable learning new platforms (e.g., Snowflake) as customer demand evolves
  • Experience in security operations, consulting, or pre-sales engineering preferred
  • No deep implementation expertise required — we value breadth, communication, and judgment over hands-on keyboard skills

We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don’t miss updates on your application.

Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 6,200 customers.

Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.

This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.

Some added perks….

  • Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
  • Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
  • Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
  • 12 corporate holidays and a Flexible Time Off (FTO) program
  • Healthy mobile phone and home internet allowance
  • Eligibility for retirement plan after 2 months at open enrollment
  • Pet Benefit Option
Read the full description
Security Senior IAM Engineer II (AI Native) at Life360

Designs and owns enterprise IAM infrastructure, setting security architecture and engineering standards while leveraging AI tools to automate access workflows and system management.

Senior Remote Posted 2 days ago RemoteFirstJobs Product
What this role involves

About Life360

Life360’s mission is to keep people close to the ones they love. Our category-leading mobile app,Tile tracking devices, and Pet GPS tracker empower members to protect the people, pets, and things they care about most with a range of services, including location sharing, safe driver reports, and crash detection with emergency dispatch. Life360 serves approximately 97.8 million monthly active users (MAU), as of March 31, 2026, across more than 180 countries.

Life360 delivers peace of mind and enhances everyday family life with seamless coordination for all the moments that matter, big and small. By continuing to innovate and deliver for our customers, we have become a household name and the must-have mobile-based membership for families (and those friends who are basically family).

Life360 has more than 500 (and growing!) remote-first employees. For more information, please visit life360.com.

Life360 is a Remote First company, which means a remote work environment will be the primary experience for all employees. All positions, unless otherwise specified, can be performed remotely (within the US and Canada) regardless of any specified location above.

We are AI Native

We are building an AI native company where AI is an integral part of how we build and operate. AI tool usage during interviews varies by role. You may be asked to demonstrate proficiency with AI tools, discuss how you leverage AI, or complete interview exercises without AI assistance. Your Recruiter will provide clear guidance as you move through the interview process.

Undisclosed use of AI not previously discussed with or approved by your Recruiter may impact your candidacy.

About The Team

Security and IT at Life360 operate as a single integrated function — and we’re building it like one. That means treating identity infrastructure the way engineering teams treat product infrastructure: owned in code, measured with data, and continuously improved. You’ll own Enterprise IAM at Life360 — setting the architecture, engineering standards, and program direction for how every employee accesses every system, at a company that handles sensitive location data for nearly 100 million users. AI is core to how this team operates day to day — from drafting and validating IaC changes to automating access-review workflows — so identity engineering here means designing systems that pair automation with human judgment, not replacing one with the other.

About the Job

We’re looking for a Sr. IAM Engineer who thinks in systems, writes code to solve operational problems, and treats identity as a platform discipline. You’ll own the full enterprise identity stack: how it’s architected, how it’s measured, and how it scales as we grow. The foundation is in place now and we need someone to drive the design, automation, and governance layers forward. We’re building toward a metrics-first operating model, and you’ll build the instrumentation that makes that real. You’ll partner with HR, Security, and Engineering, and you’ll be expected to replace manual processes with durable, testable code wherever it exists. In your first year, success looks like a consolidated Okta footprint with orphaned accounts and stale SSO integrations cleaned up, access reviews running on a measurable cadence, and identity provisioning largely codified in Terraform rather than handled manually.

For candidates based in the US, the salary range for this position is $91,000 to $169,000 USD. For candidates based out of Canada, the salary range for this position is 132,000 to 157,000 CAD. Note: Please be aware that the job title for positions in Canada will be “Developer” in lieu of “Engineer.” We take into consideration an individual’s background and experience in determining final salary; therefore, base pay offered may vary considerably depending on geographic location, job-related knowledge, skills, and experience. The compensation package includes a wide range of medical, dental, vision, financial, and other benefits, as well as equity.

What You’ll Do

  • Own the enterprise identity platform as an engineering system — architect SSO integrations, lifecycle workflows, MFA policy, and group provisioning in Okta using IaC as the source of truth; configuration drift is a bug, not a ticket
  • Engineer the identity lifecycle management layer — design access control models and codify provisioning/deprovisioning workflows in IaC, partnering with HR systems to eliminate manual access operations and return clean provisioning capability to the helpdesk tier
  • Engineer access governance across the cloud and SaaS portfolio — own role assignments, group structures, and access controls across cloud infrastructure and collaboration platforms; design and automate periodic access reviews so auditability is structural, not procedural
  • Harden the device-to-identity trust boundary — own device trust integrations between our identity provider and MDM platforms, ensuring device compliance signals are correctly evaluated in access policy and that the control surface is fully codified
  • Rationalize and consolidate legacy identity surface — lead the technical cleanup of orphaned accounts, stale SSO integrations, and guest access sprawl across the SaaS portfolio; treat this as technical debt reduction with measurable outcomes
  • Build the IAM measurement layer — define, instrument, and track KPIs (access review completion rates, provisioning latency, orphaned account age, ticket volume trends) that justify investment decisions and demonstrate program maturity to Security leadership
  • Define the identity layer of our access request platform — architect the entitlement structures and access controls exposed through our self-service access tooling; codify the configuration in IaC and own the integration contract between identity infrastructure and the employee-facing access experience
  • Contribute to a unified service catalog — ensure identity workflows are clearly surfaced through a single employee-facing entry point and that the handoff between self-service and engineer-owned provisioning is unambiguous
  • Use AI coding agents as a first-class part of the identity engineering workflow — draft and validate Terraform modules, provisioning logic, and access-policy changes with AI assistance, and own review of anything AI-generated before it reaches production identity infrastructure

What We’re Looking For

  • Production experience in engineering and operating an enterprise identity platform at scale; SSO, lifecycle management, MFA, application integrations, and group-based access, with a strong bias toward configuration-as-code over manual administration
  • Strong IaC skills are required (Terraform or equivalent) applied to identity infrastructure — you write modules, manage state, and treat IaC plans as the change control mechanism
  • Deep working knowledge of SAML 2.0, OAuth 2.0, OIDC, and SCIM — you can debug a broken SAML assertion, reason through an OAuth flow, and design a SCIM provisioning schema without looking things up— including hands-on experience with custom authorization servers
  • Experience designing access control models in SaaS-heavy, remote-first environments. You understand the difference between a pragmatic access model and one that will collapse under growth
  • Experience governing access across cloud and SaaS platforms via SSO and SCIM — including group structures, permission boundaries, and collaboration platform controls
  • Comfort writing code to automate identity operations — Python, Go, or similar; you reach for a script before you reach for a ticket
  • Track record of defining measurable outcomes for security/identity programs and communicating them to non-technical stakeholders
  • Demonstrated fluency with AI coding/agent tools in a production engineering context — you can describe an end-to-end AI-assisted workflow you built (not just tool usage), and you know how to review AI-generated IaC or configuration before it ships

Nice to Have

  • Experience integrating device trust between an identity provider and MDM platforms to enforce compliance as a condition of access
  • Familiarity with self-service access request platforms
  • Experience operating in SOX, SOC 2, GDPR, CCPA, or COPPA compliance environments
  • Exposure to zero-trust architecture patterns and their application to workforce identity

AI-Native Expectations

  • Daily use: you use AI coding agents (e.g. Claude Code, Cursor, GitHub Copilot) daily to draft Terraform modules, provisioning scripts, and access-policy configuration — not just for autocomplete
  • Judgment and ownership: you review and are accountable for anything AI-generated before it touches production identity infrastructure; you can describe a time AI output was wrong and what you changed as a result
  • Velocity: AI fluency is expected to translate into measurable output leverage — faster IaC iteration, faster incident triage, fewer manual provisioning tickets
  • Team leadership: you share what you learn — reusable prompts, context docs, agent setups — and help raise the AI fluency of the broader Security/IT team
  • Continuous learning: you stay current on agentic tooling and bring recommendations back to the team rather than waiting for tooling decisions to be made for you

Our Benefits

  • Competitive pay and benefits.
  • Medical, dental, vision, life, and disability insurance plans (100% paid for US employees). We offer supplemental plans for medical and dental for Canadian employees.
  • 401(k) plan with company matching program in the US and RRSP with DPSP plan for Canadian employees.
  • Employee Assistance Program (EAP) for mental wellness.
  • Flexible PTO and 12 company-wide days off throughout the year.
  • Winter and Summer Weeklong Synchronized Company Shutdowns
  • Learning & Development programs.
  • Equipment, tools, and reimbursement support for a productive remote environment.
  • Free Life360 Platinum Membership for your preferred circle.
  • Free Tile Products

Life360 Values

Our company’s mission-driven culture is guided by our shared values to create a trusted work environment where you can bring your authentic self to work and make a positive difference

  • Be a Good Person - We have a team of high integrity people you can trust.
  • Be Direct With Respect - We communicate directly, even when it’s hard.
  • Members Before Metrics - We focus on building an exceptional experience for families.
  • High Intensity, High Impact - We do whatever it takes to get the job done.

Our Commitment to Diversity

We believe that different ideas, perspectives and backgrounds create a stronger and more creative work environment that delivers better results. Together, we continue to build an inclusive culture that encourages, supports, and celebrates the diverse voices of our employees. It fuels our innovation and connects us closer to our customers and the communities we serve. We strive to create a workplace that reflects the communities we serve and where everyone feels empowered to bring their authentic best selves to work.

We are an equal opportunity employer and value diversity at Life360. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status or any legally protected status.

We encourage people of all backgrounds to apply. We believe that a diversity of perspectives and experiences create a foundation for the best ideas. Come join us in building something meaningful. Even if you don’t meet 100% of the below qualifications, you should still seriously consider applying!

#LI-Remote

\_\_\__________________________________________________________________________

Read the full description
Security Akamai: Security Architect II

Detects and mitigates cyber attacks in real-time for enterprise clients, analyzing threats and deploying security solutions on Akamai platforms.

Senior Posted 2 days ago We Work Remotely — Programming
What this role involves

Headquarters: Costa Rica
URL: http://akamai.com

Description

Are you excited by the prospect of detecting and mitigating the latest cyber attacks?

Would you enjoy protecting the world's leading brands in a fast-paced environment?

Work with industry leading technology

Our Team strives to be the most trusted support services partner and to keep our customers online businesses up and running. We utilize tools, process and knowledge to diagnose and resolve product, platform, and customer issues. Our team delivers managed services for both media and security to proactively maintain quality and protect our customers' online presence.

Respond to cyber attacks in real time

As a Security Architect II in SOCC, advising on mitigating attacks for managed security clients. Protect critical web applications and APIs for enterprises, including banks and e-commerce. Identify cyber threats using data, strategize mitigations, and deploy solutions. Ensure minimal impact on end users while addressing real-time security concerns.

As a Security Architect II, you will be responsible for:

  • Devising and engaging mitigation strategies to prevent real-time attacks, using Akamai products & platform
  • Conducting advanced analysis to identify attacks and threats targeting digital properties, web applications, and APIs.
  • Providing consultation & attack mitigation strategies to customers or peer teams based on the analysis

Do what you love

To be successful in this role you will:

  • Have +5 years of experience and a High School / Bachelor's degree in Computer Science or its equivalent
  • Have familiarity with Jupyter Notebooks, Streamlit, or Dash for rapid prototyping
  • Understand REST APIs, parse JSON, fetch scan data, utilize Python, and apply SQL effectively.
  • Have experience with Git and collaboration tools (Jira, Confluence, GitHub) and clustering (esp. for anomaly detection
  • Demonstrate expertise in Python, SQL, and foundational statistics, including mean, median, mode, and correlation.
  • Understand protocols such as HTTP, TCP/IP, OWASP top 10, and their relation to internet security risks.
  • Understand common attack preventive security techniques on L7

About us

At Akamai, we make life better for billions of people, trillions of times a day.
Whether you're streaming live events, scrolling social media, watching your favorite series, or managing your savings, we're the engine behind the scenes. We provide the world's most distributed platform from Cloud to Edge to help the giants of the digital world work faster and stay more secure, making the internet a better experience for everyone.

Our focus is simple:
Cloud and Edge: Running apps closer to users for instant performance.
Security: Neutralizing threats before they ever reach your data.
Content Delivery: Scaling the world's biggest moments without a glitch.
AI: Enabling our customers to build, secure, and scale AI apps on the world's most distributed cloud platform.

At Akamai, we don't just support the internet; we power and protect it, because behind every great digital experience is a massive hidden challenge. And we're the ones who solve it. When millions of people hit play or pay, Akamai ensures it just works.

Benefits at Akamai: We support your health, well-being, finances, and life beyond work. See our benefits.

FlexBase adapts to your job's needs

Akamai's FlexBase program is yet another way we show our commitment to providing employees with an exceptional workplace experience. It's not about telling employees where to work; it's about supporting employees to do their best work.

We trust our incredible employees to work in ways that suit them best: at home, in an office, or a combination of both.

Connect with us on social and see what life at Akamai is like!



To apply: https://weworkremotely.com/remote-jobs/akamai-security-architect-ii

Read the full description
Security Senior Security Engineer at Prolific

Senior Security Engineer performs hands-on application security work including vulnerability discovery, security testing, threat modeling, and building security tooling across the platform.

Senior Posted 3 days ago RemoteFirstJobs Product
What this role involves

Senior Security Engineer

Engineering

Prolific

Prolific is not just another player in the AI space – we are the architects of the human data infrastructure that’s reshaping the landscape of AI development. In a world where foundational AI technologies are increasingly commoditized, it’s the quality and diversity of human-generated data that truly differentiates products and models.

The role

Security at Prolific isn’t an afterthought, it’s foundational to how we build. As a company trusted by world-leading research institutions and AI labs to handle sensitive data at scale, the security of our application layer is critical. We handle participant data, researcher credentials, payment flows, and API integrations that demand rigorous protection at the code level.

As a Senior Security Engineer, you’ll be the technical authority on application security at Prolific. You’ll work hands-on with our engineering teams to find and fix vulnerabilities in our codebase, perform security testing, build security tooling, and embed secure development practices into how we ship software. This isn’t a governance or policy role, you’ll be in the code, reviewing pull requests, threat modelling new features, and building the automation that keeps our platform secure as we scale.

You’ll report to the Head of Engineering/Platform and work cross-functionally with product engineering, platform, data, and TechOps teams.

What you’ll bring to the role

  • Several years in application/product security and a background in software engineering
  • Strong knowledge of OWASP Top 10 (Web & API) and modern attack paths (e.g. auth flaws, SSRF, injection, business logic abuse, supply chain)
  • Experience working with complex, large-scale systems and modern architectures
  • Hands-on security testing experience (especially Burp Suite) across web apps and APIs
  • Python for security tooling, automation, or custom detection (Django a plus)
  • Experience implementing and tuning SAST, SCA, DAST, and secret scanning in CI/CD
  • Practical threat modelling experience, including leading lightweight sessions
  • Strong collaboration skills, able to clearly explain issues and drive remediation
  • Builder mindset, you automate wherever possible

Nice to haves..

  • Experience with Django, Vue.js, MongoDB, GCP
  • Security champions or bug bounty programmes
  • Supply chain security (SCA, SBOMs, dependency review)
  • IaC security (e.g. Terraform, policy-as-code)
  • Hands-on certifications (OSCP, GWAPT, BSCP)
  • Experience in scaling environments building out security practices

What you’ll be doing in the role

You’ll help secure Prolific’s applications end-to-end, from hands-on testing and code review to threat modelling and CI/CD security. You’ll partner closely with engineers to identify and fix vulnerabilities, build and tune security tooling, and embed secure development practices across the SDLC. This includes running penetration tests, improving detection coverage, and staying ahead of emerging threats to continuously strengthen our security posture.

Why Prolific is a great place to work

We’ve built a unique platform that connects researchers and companies with a global pool of participants, enabling the collection of high-quality, ethically sourced human behavioral data and feedback. This data is the cornerstone of developing more accurate, nuanced, and aligned AI systems.

We believe that the next leap in AI capabilities won’t come solely from scaling existing models, but from integrating diverse human perspectives and behaviors into AI development. By providing this crucial human data infrastructure, Prolific is positioning itself at the forefront of the next wave of AI innovation – one that reflects the breath and the best of humanity.

Working for us will place you at the forefront of AI innovation, providing access to our unique human data platform and opportunities for groundbreaking research. Join us to enjoy a competitive salary, benefits, and remote working within our impactful, mission-driven culture.

Links to more information on Prolific

Benefits

External Handbook

Website

Youtube

Privacy Statement

By submitting your application, you agree that Prolific may collect your personal data for recruiting and global organisation planning. Prolific’s Candidate Privacy Notice explains what personal information Prolific may process, where Prolific may process your personal information, its purposes for processing your personal information, and the rights you can exercise over Prolific use of your personal information.

Read the full description
Security Senior Security Engineer at Prolific

Hands-on application security engineer who finds and fixes vulnerabilities in code, performs security testing, builds security tooling, and embeds secure development practices across engineering teams.

Senior Posted 3 days ago RemoteFirstJobs Product
What this role involves

Senior Security Engineer

Engineering

Prolific

Prolific is not just another player in the AI space – we are the architects of the human data infrastructure that’s reshaping the landscape of AI development. In a world where foundational AI technologies are increasingly commoditized, it’s the quality and diversity of human-generated data that truly differentiates products and models.

The role

Security at Prolific isn’t an afterthought, it’s foundational to how we build. As a company trusted by world-leading research institutions and AI labs to handle sensitive data at scale, the security of our application layer is critical. We handle participant data, researcher credentials, payment flows, and API integrations that demand rigorous protection at the code level.

As a Senior Security Engineer, you’ll be the technical authority on application security at Prolific. You’ll work hands-on with our engineering teams to find and fix vulnerabilities in our codebase, perform security testing, build security tooling, and embed secure development practices into how we ship software. This isn’t a governance or policy role, you’ll be in the code, reviewing pull requests, threat modelling new features, and building the automation that keeps our platform secure as we scale.

You’ll report to the Head of Engineering/Platform and work cross-functionally with product engineering, platform, data, and TechOps teams.

What you’ll bring to the role

  • Several years in application/product security and a background in software engineering
  • Strong knowledge of OWASP Top 10 (Web & API) and modern attack paths (e.g. auth flaws, SSRF, injection, business logic abuse, supply chain)
  • Experience working with complex, large-scale systems and modern architectures
  • Hands-on security testing experience (especially Burp Suite) across web apps and APIs
  • Python for security tooling, automation, or custom detection (Django a plus)
  • Experience implementing and tuning SAST, SCA, DAST, and secret scanning in CI/CD
  • Practical threat modelling experience, including leading lightweight sessions
  • Strong collaboration skills, able to clearly explain issues and drive remediation
  • Builder mindset, you automate wherever possible

Nice to haves..

  • Experience with Django, Vue.js, MongoDB, GCP
  • Security champions or bug bounty programmes
  • Supply chain security (SCA, SBOMs, dependency review)
  • IaC security (e.g. Terraform, policy-as-code)
  • Hands-on certifications (OSCP, GWAPT, BSCP)
  • Experience in scaling environments building out security practices

What you’ll be doing in the role

You’ll help secure Prolific’s applications end-to-end, from hands-on testing and code review to threat modelling and CI/CD security. You’ll partner closely with engineers to identify and fix vulnerabilities, build and tune security tooling, and embed secure development practices across the SDLC. This includes running penetration tests, improving detection coverage, and staying ahead of emerging threats to continuously strengthen our security posture.

Why Prolific is a great place to work

We’ve built a unique platform that connects researchers and companies with a global pool of participants, enabling the collection of high-quality, ethically sourced human behavioral data and feedback. This data is the cornerstone of developing more accurate, nuanced, and aligned AI systems.

We believe that the next leap in AI capabilities won’t come solely from scaling existing models, but from integrating diverse human perspectives and behaviors into AI development. By providing this crucial human data infrastructure, Prolific is positioning itself at the forefront of the next wave of AI innovation – one that reflects the breath and the best of humanity.

Working for us will place you at the forefront of AI innovation, providing access to our unique human data platform and opportunities for groundbreaking research. Join us to enjoy a competitive salary, benefits, and remote working within our impactful, mission-driven culture.

Links to more information on Prolific

Benefits

External Handbook

Website

Youtube

Privacy Statement

By submitting your application, you agree that Prolific may collect your personal data for recruiting and global organisation planning. Prolific’s Candidate Privacy Notice explains what personal information Prolific may process, where Prolific may process your personal information, its purposes for processing your personal information, and the rights you can exercise over Prolific use of your personal information.

Read the full description
Security Senior Cyber Threat Analyst

Analyzes cyber threats, identifies vulnerabilities, and develops security strategies to protect organizational systems and data.

Senior Posted 5 days ago Himalayas
What this role involves
Position DescriptionValiant Solutions is seeking a Senior Cyber Threat Analyst to join our rapidly growing and innovative cybersecurity team!
Read the full description
Security Principal Security Field Engineer at Databricks

Principal Security Field Engineer who meets with customers to solve security and compliance questions, creates technical content, and builds scalable enablement resources for Databricks' data platform.

Senior Remote Posted 6 days ago RemoteFirstJobs Product
What this role involves

RDQ327R177

While candidates in the listed location(s) are encouraged for this role, candidates in other US locations will be considered.

The Security Field Engineering team helps data teams solve the world’s toughest problems by empowering customers to understand the security of the Databricks platform and by helping account teams address questions that come up during security reviews. Reporting to the Head of Security Field Engineering, you will meet with customers to answer questions, train other Databricks team members, build customer-facing content such as slide decks, white papers, and maybe write code that customers can use. Our team prioritizes scale – we’d rather spend an hour building a doc than be in ten hours of meetings, rather deliver agent skills and knowledge base articles than be the rock star answering all the questions. If you want high growth, autonomy, and to touch all elements of security, look no further.

The impact you will have:

  • You will be viewed as a security expert as you work with field teams and customers to understand architectures, address concerns and handle compliance questions
  • Your contributions may come in multiple ways, including customer interactions, scalable slides or white paper creation, internal enablement, process improvement, automation, or technical leadership—no one excels in every area, but all are valuable
  • When you’re on the call, you will be directly appreciated. When you’re not, your impact will be felt across the company through the enablement, collateral, knowledge management, and systems you build
  • You might not come from an assurance team, but you’ll come up to speed with common security and compliance regimes to save customers hours of effort and months of uncertainty
  • You will identify customer pain points and work with product management and product marketing will improve our product and our messaging
  • You will contribute to internal-facing services and automation that make life easier for our field staff and our customers.
  • You are probably already great at AI productivity, but you’ll sit in a group focused on becoming legendary.

What we look for:

  • 5+ years of technical pre-sales or post-sales experience where you’re the person in the room explaining the hard concepts
  • Equal love of understanding complex security principles and architectures, and of communicating them simply
  • Real-world experience in multiple security domains such as IaaS+PaaS+SaaS, network and endpoint security, web applications, vulnerability management, identity management, and SIEM, though not all are needed
  • You’ve done some scripting or programming, and are excited to use AI relentlessly to scale our impact across many thousands of customers and employees.
  • Understanding of the Databricks platform is a strong plus.

Pay Range Transparency

Databricks is committed to fair and equitable compensation practices. The pay range(s) for this role is listed below and represents the expected base salary range for non-commissionable roles or on-target earnings for commissionable roles.  Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on the factors above, Databricks anticipated utilizing the full width of the range. The total compensation package for this position may also include eligibility for annual performance bonus, equity, and the benefits listed above. For more information regarding which range your location is in visit our page here.

Zone 1 Pay Range

$270,300—$371,700 USD

Zone 2 Pay Range

$243,300—$334,500 USD

Zone 3 Pay Range

$229,800—$315,900 USD

Zone 4 Pay Range

$216,200—$297,350 USD

About Databricks

Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow. To learn more, follow Databricks on Twitter, LinkedIn and Facebook.

BenefitsAt Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region click here.

Our Commitment to Diversity and Inclusion

At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.

Compliance

If access to export-controlled technology or source code is required for performance of job duties, it is within Employer’s discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.

Read the full description
Security Senior Security Automation Engineer at ClickHouse Japan

Design and build security automation infrastructure, provisioning engines, and compliance integrations to scale security operations and eliminate manual audit work.

Senior Posted 6 days ago RemoteFirstJobs Product
What this role involves

About ClickHouse

Recognized on the 2025 Forbes Cloud 100 list, ClickHouse is one of the most innovative and fast-growing private cloud companies. With more than 3,000 customers and ARR that has grown over 250 percent year over year, ClickHouse leads the market in real-time analytics, data warehousing, observability, and AI workloads.

The company’s sustained, accelerating momentum was recently validated by a $400M Series D financing round. Over the past three months, customers including Capital One, Lovable, Decagon, Polymarket, and Airwallex have adopted the platform or expanded existing deployments. These customers join an established base of AI innovators and global brands such as Meta, Cursor, Sony, and Tesla.

We’re on a mission to transform how companies use data. Come be a part of our journey!

The Security organization at ClickHouse is built around a single mission: build customer trust through resilient, pragmatic security. We are establishing a new, centralized Security Automation capability—a dedicated function responsible for delivering automation work across all product lines and engineering dimensions at ClickHouse, acting as a technical force multiplier for our Security, Identity, and GRC functions.

This capability exists to solve a real problem: as we scale and mature, we must move beyond manual evidence gathering, point-in-time audits, and disconnected identity workflows. We are creating a focused, empowered team that owns security and identity automation end-to-end—from architecture and design through to implementation and delivery.

About the role

We are looking for an experienced Senior Security Automation Engineer to build the underlying automation fabric that allows our Security teams to scale. You will build a Universal Provisioning Engine and custom integration layers that satisfy external auditors while keeping internal teams focused on shipping features.

You will eliminate the engineering “interruption tax,” provide leadership with a real-time, data-driven view of our risk posture, and ensure continuous compliance with zero audit surprises. By solving the “Last-Mile Gap” in identity provisioning and extending compliance tools into our proprietary applications, you will ensure our most critical controls are continuously validated with programmatic precision.

What you will do:

Build the Security Telemetry and Risk Fabric

  • Control Design: Translate control frameworks into layered control implementations that prevent risks from being exploited and detect possible weaknesses within control design. Shift from reactive monitoring to self-healing security, preventing compliance drift before it becomes an audit finding.
  • Security Telemetry: Engineer a centralized security telemetry system that programmatically captures control evidence and health in real-time, transitioning from manual snapshots to continuous data streams for an ‘always-on’ view of our security posture.
  • Custom Assurance Logic: Engineer specialized automation that acts as its own continuous audit function to minimize findings and provide real-time insights into our automated control performance. Extend visibility into our proprietary applications and complex internal workflows, ensuring our most critical controls are continuously validated.
  • Agentic Risk Engine: Partner with our risk management function to build a secure mechanism to generate agentic risk assessments workflows using the data and results from what is collected.

Architect Universal Identity and Access Automation

  • Universal Provisioning Connectors: Architect solutions for systems that lack native IGA support (proprietary databases, custom apps, and niche SaaS) to ensure instant account creation and de-provisioning—eliminating tickets, wait-times, and providing maximum observability into the state of Clickhouse identities.
  • Customer-Approved Access Workflows: Architect the complex, high-trust workflows required for support teams to access customer-specific instances, ensuring actions are customer-approved, strictly time-bound, and automatically revoked via a “Trust-by-Design” model.
  • Centralized Security Visibility: Transition “hidden” access managed by disparate business units into a single, observable permissions inventory, gaining 100% visibility into permissions at the authZ level across our full suite of applications.
  • Automated Secret Discovery & Inventory: Develop automation to continuously discover and inventory secrets, credentials, and API keys throughout the environment, providing aging and rotation intervals for long lived keys.
  • Eliminate “Ghost Accounts”: Mitigate audit risks by ensuring automated de-provisioning for local identities, API keys, and persistent permissions across all target systems.

Partner Across Security, Engineering and Product

  • Work in tandem with GRC, Finance, and Security to build custom, bulletproof automation for compliance with different audit frameworks.
  • Eliminate the “Productivity Anchor” by removing manual provisioning workflows that slow down projects and flood teams with low-value administrative tickets.

What you bring along:

Security & Automation Engineering Depth

  • Strong hands-on background in security automation and identity engineering (IAM/IGA).
  • Strong proficiency in at least one commonly used programming language to build scalable automation. Experience with Python, JavaScript (TypeScript highly preferred), or Go is required.
  • Experience building scalable and reliable automation ecosystems
  • Familiarity with compliance automation, continuous control monitoring, and extending GRC tools to meet the granular requirements of a variety of compliance frameworks.
  • Understanding of risks associated with change management, logical access, and data integrity.

Execution and Delivery

  • Demonstrated ability to translate complex security/GRC mandates into automated workflows and self-healing technical guardrails.
  • Strong instincts for eliminating operational friction and the engineering “interruption tax.”
  • Experience delivering continuous data streams for security posture and risk validation.

Bonus Points:

  • BS, MS, or PhD in Computer Science or related field.
  • Previous experience at a cloud infrastructure, database, or developer tools company.
  • Experience with AI/Agentic risk engines and non-deterministic risk assessments.

The typical starting salary for this role in the US is

$125,000—$174,000 USD

The typical starting salary for this role in US Premium Markets is

$157,000—$205,000 USD

Compensation

For roles based in the United States, the typical starting salary range for this position is listed above. In certain locations, such as the San Francisco Bay Area and the New York City Metro Area, a premium market range may apply, as listed.

These salary ranges reflect what we reasonably and in good faith believe to be the minimum and maximum pay for this role at the time of posting. The actual compensation may be higher or lower than the amounts listed, and the ranges may be subject to future adjustments.

An individual’s placement within the range will depend on various factors, including (but not limited to) education, qualifications, certifications, experience, skills, location, performance, and the needs of the business or organization.

If you have any questions or comments about compensation as a candidate, please get in touch with us at paytransparency@clickhouse.com.

Perks

  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in over 20 countries.
  • Healthcare - Employer contributions towards your healthcare.
  • Equity in the company - Every new team member who joins our company receives stock options.
  • Time off - Flexible time off in the US, generous entitlement in other countries.
  • A $500 Home office setup if you’re a remote employee.
  • Global Gatherings– We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites.

Culture - We All Shape It

As part of a rapidly scaling start up, you will be instrumental in shaping our culture.

Are you interested in finding out more about our culture?  Learn more about our values here.  Check out our blog posts or follow us on LinkedIn to find out more about what’s happening at ClickHouse.

Equal Opportunity & Privacy

ClickHouse provides equal employment opportunities to all employees and applicants and prohibits discrimination and harassment of any type based on factors such as race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

Please see here for our Privacy Statement.

Read the full description
Security Senior Security Automation Engineer at ClickHouse Japan

Designs and builds security automation infrastructure, provisioning engines, and compliance controls that enable security teams to scale operations and reduce manual audit work.

Senior Posted 6 days ago RemoteFirstJobs Product
What this role involves

About ClickHouse

Recognized on the 2025 Forbes Cloud 100 list, ClickHouse is one of the most innovative and fast-growing private cloud companies. With more than 3,000 customers and ARR that has grown over 250 percent year over year, ClickHouse leads the market in real-time analytics, data warehousing, observability, and AI workloads.

The company’s sustained, accelerating momentum was recently validated by a $400M Series D financing round. Over the past three months, customers including Capital One, Lovable, Decagon, Polymarket, and Airwallex have adopted the platform or expanded existing deployments. These customers join an established base of AI innovators and global brands such as Meta, Cursor, Sony, and Tesla.

We’re on a mission to transform how companies use data. Come be a part of our journey!

The Security organization at ClickHouse is built around a single mission: build customer trust through resilient, pragmatic security. We are establishing a new, centralized Security Automation capability—a dedicated function responsible for delivering automation work across all product lines and engineering dimensions at ClickHouse, acting as a technical force multiplier for our Security, Identity, and GRC functions.

This capability exists to solve a real problem: as we scale and mature, we must move beyond manual evidence gathering, point-in-time audits, and disconnected identity workflows. We are creating a focused, empowered team that owns security and identity automation end-to-end—from architecture and design through to implementation and delivery.

About the role

We are looking for an experienced Senior Security Automation Engineer to build the underlying automation fabric that allows our Security teams to scale. You will build a Universal Provisioning Engine and custom integration layers that satisfy external auditors while keeping internal teams focused on shipping features.

You will eliminate the engineering “interruption tax,” provide leadership with a real-time, data-driven view of our risk posture, and ensure continuous compliance with zero audit surprises. By solving the “Last-Mile Gap” in identity provisioning and extending compliance tools into our proprietary applications, you will ensure our most critical controls are continuously validated with programmatic precision.

What you will do:

Build the Security Telemetry and Risk Fabric

  • Control Design: Translate control frameworks into layered control implementations that prevent risks from being exploited and detect possible weaknesses within control design. Shift from reactive monitoring to self-healing security, preventing compliance drift before it becomes an audit finding.
  • Security Telemetry: Engineer a centralized security telemetry system that programmatically captures control evidence and health in real-time, transitioning from manual snapshots to continuous data streams for an ‘always-on’ view of our security posture.
  • Custom Assurance Logic: Engineer specialized automation that acts as its own continuous audit function to minimize findings and provide real-time insights into our automated control performance. Extend visibility into our proprietary applications and complex internal workflows, ensuring our most critical controls are continuously validated.
  • Agentic Risk Engine: Partner with our risk management function to build a secure mechanism to generate agentic risk assessments workflows using the data and results from what is collected.

Architect Universal Identity and Access Automation

  • Universal Provisioning Connectors: Architect solutions for systems that lack native IGA support (proprietary databases, custom apps, and niche SaaS) to ensure instant account creation and de-provisioning—eliminating tickets, wait-times, and providing maximum observability into the state of Clickhouse identities.
  • Customer-Approved Access Workflows: Architect the complex, high-trust workflows required for support teams to access customer-specific instances, ensuring actions are customer-approved, strictly time-bound, and automatically revoked via a “Trust-by-Design” model.
  • Centralized Security Visibility: Transition “hidden” access managed by disparate business units into a single, observable permissions inventory, gaining 100% visibility into permissions at the authZ level across our full suite of applications.
  • Automated Secret Discovery & Inventory: Develop automation to continuously discover and inventory secrets, credentials, and API keys throughout the environment, providing aging and rotation intervals for long lived keys.
  • Eliminate “Ghost Accounts”: Mitigate audit risks by ensuring automated de-provisioning for local identities, API keys, and persistent permissions across all target systems.

Partner Across Security, Engineering and Product

  • Work in tandem with GRC, Finance, and Security to build custom, bulletproof automation for compliance with different audit frameworks.
  • Eliminate the “Productivity Anchor” by removing manual provisioning workflows that slow down projects and flood teams with low-value administrative tickets.

What you bring along:

Security & Automation Engineering Depth

  • Strong hands-on background in security automation and identity engineering (IAM/IGA).
  • Strong proficiency in at least one commonly used programming language to build scalable automation. Experience with Python, JavaScript (TypeScript highly preferred), or Go is required.
  • Experience building scalable and reliable automation ecosystems
  • Familiarity with compliance automation, continuous control monitoring, and extending GRC tools to meet the granular requirements of a variety of compliance frameworks.
  • Understanding of risks associated with change management, logical access, and data integrity.

Execution and Delivery

  • Demonstrated ability to translate complex security/GRC mandates into automated workflows and self-healing technical guardrails.
  • Strong instincts for eliminating operational friction and the engineering “interruption tax.”
  • Experience delivering continuous data streams for security posture and risk validation.

Bonus Points:

  • BS, MS, or PhD in Computer Science or related field.
  • Previous experience at a cloud infrastructure, database, or developer tools company.
  • Experience with AI/Agentic risk engines and non-deterministic risk assessments.

The typical starting salary for this role in the US is

$125,000—$174,000 USD

The typical starting salary for this role in US Premium Markets is

$157,000—$205,000 USD

Compensation

For roles based in the United States, the typical starting salary range for this position is listed above. In certain locations, such as the San Francisco Bay Area and the New York City Metro Area, a premium market range may apply, as listed.

These salary ranges reflect what we reasonably and in good faith believe to be the minimum and maximum pay for this role at the time of posting. The actual compensation may be higher or lower than the amounts listed, and the ranges may be subject to future adjustments.

An individual’s placement within the range will depend on various factors, including (but not limited to) education, qualifications, certifications, experience, skills, location, performance, and the needs of the business or organization.

If you have any questions or comments about compensation as a candidate, please get in touch with us at paytransparency@clickhouse.com.

Perks

  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in over 20 countries.
  • Healthcare - Employer contributions towards your healthcare.
  • Equity in the company - Every new team member who joins our company receives stock options.
  • Time off - Flexible time off in the US, generous entitlement in other countries.
  • A $500 Home office setup if you’re a remote employee.
  • Global Gatherings– We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites.

Culture - We All Shape It

As part of a rapidly scaling start up, you will be instrumental in shaping our culture.

Are you interested in finding out more about our culture?  Learn more about our values here.  Check out our blog posts or follow us on LinkedIn to find out more about what’s happening at ClickHouse.

Equal Opportunity & Privacy

ClickHouse provides equal employment opportunities to all employees and applicants and prohibits discrimination and harassment of any type based on factors such as race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

Please see here for our Privacy Statement.

Read the full description
Security Principal Security Field Engineer at Databricks

Principal-level security expert who works with customers and field teams to address security architecture questions, build enablement content, and drive process improvements across the platform.

Senior Remote Posted 7 days ago RemoteFirstJobs Product
What this role involves

RDQ327R177

While candidates in the listed location(s) are encouraged for this role, candidates in other US locations will be considered.

The Security Field Engineering team helps data teams solve the world’s toughest problems by empowering customers to understand the security of the Databricks platform and by helping account teams address questions that come up during security reviews. Reporting to the Head of Security Field Engineering, you will meet with customers to answer questions, train other Databricks team members, build customer-facing content such as slide decks, white papers, and maybe write code that customers can use. Our team prioritizes scale – we’d rather spend an hour building a doc than be in ten hours of meetings, rather deliver agent skills and knowledge base articles than be the rock star answering all the questions. If you want high growth, autonomy, and to touch all elements of security, look no further.

The impact you will have:

  • You will be viewed as a security expert as you work with field teams and customers to understand architectures, address concerns and handle compliance questions
  • Your contributions may come in multiple ways, including customer interactions, scalable slides or white paper creation, internal enablement, process improvement, automation, or technical leadership—no one excels in every area, but all are valuable
  • When you’re on the call, you will be directly appreciated. When you’re not, your impact will be felt across the company through the enablement, collateral, knowledge management, and systems you build
  • You might not come from an assurance team, but you’ll come up to speed with common security and compliance regimes to save customers hours of effort and months of uncertainty
  • You will identify customer pain points and work with product management and product marketing will improve our product and our messaging
  • You will contribute to internal-facing services and automation that make life easier for our field staff and our customers.
  • You are probably already great at AI productivity, but you’ll sit in a group focused on becoming legendary.

What we look for:

  • 5+ years of technical pre-sales or post-sales experience where you’re the person in the room explaining the hard concepts
  • Equal love of understanding complex security principles and architectures, and of communicating them simply
  • Real-world experience in multiple security domains such as IaaS+PaaS+SaaS, network and endpoint security, web applications, vulnerability management, identity management, and SIEM, though not all are needed
  • You’ve done some scripting or programming, and are excited to use AI relentlessly to scale our impact across many thousands of customers and employees.
  • Understanding of the Databricks platform is a strong plus.

Pay Range Transparency

Databricks is committed to fair and equitable compensation practices. The pay range(s) for this role is listed below and represents the expected base salary range for non-commissionable roles or on-target earnings for commissionable roles.  Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on the factors above, Databricks anticipated utilizing the full width of the range. The total compensation package for this position may also include eligibility for annual performance bonus, equity, and the benefits listed above. For more information regarding which range your location is in visit our page here.

Zone 1 Pay Range

$270,300—$371,700 USD

Zone 2 Pay Range

$243,300—$334,500 USD

Zone 3 Pay Range

$229,800—$315,900 USD

Zone 4 Pay Range

$216,200—$297,350 USD

About Databricks

Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow. To learn more, follow Databricks on Twitter, LinkedIn and Facebook.

BenefitsAt Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region click here.

Our Commitment to Diversity and Inclusion

At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.

Compliance

If access to export-controlled technology or source code is required for performance of job duties, it is within Employer’s discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.

Read the full description
Security Senior Cyber Incident Response Engineer

Responds to and mitigates cybersecurity incidents, conducts forensic analysis, and implements remediation strategies to protect organizational assets.

Senior Posted 7 days ago Jobicy AI
What this role involves
Company DescriptionNBCUniversal is one of the world’s leading media and entertainment companies. We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to...
Read the full description
Security Sr Manager Cybersecurity

Leads cybersecurity strategy, manages security teams, and oversees risk mitigation across the organization.

Senior Posted 7 days ago Jobicy AI
What this role involves
Department:TechnologyOur Company PromiseWe are committed to provide our Employees a stable work environment with equal opportunity for learning and personal growth. Creativity and innovation are encouraged for improving the effectiveness...
Read the full description
Security Senior Cyber Incident Response Engineer

Responds to and manages cybersecurity incidents, investigating threats and coordinating remediation efforts across enterprise systems.

Senior Posted 7 days ago Jobicy AI
What this role involves
Company DescriptionNBCUniversal is one of the world’s leading media and entertainment companies. We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to...
Read the full description
Security Senior Cyber Incident Response Engineer

Responds to and manages cybersecurity incidents, investigates breaches, and coordinates remediation efforts to protect organizational assets.

Senior Posted 7 days ago Jobicy AI
What this role involves
Company DescriptionNBCUniversal is one of the world’s leading media and entertainment companies. We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to...
Read the full description
Security Senior Cyber Incident Response Engineer

Responds to and manages cybersecurity incidents, investigates breaches, and implements remediation strategies to protect organizational systems.

Senior Posted 7 days ago Jobicy AI
What this role involves
Company DescriptionNBCUniversal is one of the world’s leading media and entertainment companies. We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to...
Read the full description
Security Sr Manager Cybersecurity

Leads cybersecurity strategy, manages security initiatives, and oversees team operations to protect organizational assets.

Senior Posted 7 days ago Jobicy AI
What this role involves
Department:TechnologyOur Company PromiseWe are committed to provide our Employees a stable work environment with equal opportunity for learning and personal growth. Creativity and innovation are encouraged for improving the effectiveness...
Read the full description