Enterprise Security Engineer

About the Opportunity At Contentful, we are dedicated to creating a secure and reliable service. Our commitment to security encompasses significant investment in resources and efforts. Our Security team plays a pivotal role in managing information security across the organization and collaborates closely with various internal teams. We believe in embedding security within our DevOps principles, ensuring robust and repeatable processes. We are seeking an enthusiastic and dedicated Manager of Security Engineering, someone who is eager to tackle complex security challenges with innovative and scalable solutions. In this role, you will oversee security engineering initiatives for Contentful's corporate systems, including the tools and platforms that empower our internal security team. Although this position is not responsible for customer-facing product security, you will work in tandem with product security teams within our security organization on overlapping responsibilities. Your role will involve a blend of leadership and hands-on technical execution, focusing on designing, implementing, and managing security controls and tools at scale. Key areas of focus will include identity and access management, data security, and SaaS platforms. You will provide strategic direction and spearhead initiatives while remaining actively involved in their execution. While you may work independently at times, you will frequently collaborate with security leadership, IT, and cross-functional partners to align strategies, implement shared initiatives, and effectively mitigate risks while minimizing impacts on end users across the organization. What to Expect? Develop a high-performing team through coaching, mentorship, goal setting, and performance feedback. Define roles and make hiring decisions to expand the team in alignment with departmental needs. Maintain a hands-on approach, balancing technical leadership with direct implementation work. Own execution and prioritization across projects and operations, utilizing agile delivery practices. Enhance effectiveness and efficiency by refining processes and tools. Champion continuous improvement across all facets of the security program. Communicate risks and technical concepts clearly to leadership and stakeholders. Collaborate with security leadership to execute business-aligned, risk-reduction roadmaps. Shape work scope, sequencing, and success criteria in line with departmental and company objectives. Drive security processes, standards, and best practices across information technology assets.

JOIN OUR TEAMAt FanDuel, we have an exciting opportunity for a Security Operations Engineering Manager to spearhead our Security Operations team. This pivotal role involves leading a talented group of security engineers dedicated to enhancing our security operations and response capabilities. You will thrive in a collaborative environment, guiding your team to excel while leveraging your diplomatic skills to foster trust and build strong relationships across functions. A hands-on approach is essential, as you'll be directly contributing alongside your team. In addition to the responsibilities outlined, you may be required to undertake other duties as assigned, ensuring operational flexibility to meet the dynamic needs of the business. YOUR MISSIONEvery team member plays a vital role. Lead a group of security operations engineers focused on building, automating, and managing security response capabilities. Enhance the speed of triaging and responding to security events and alerts by developing and utilizing automation tools, thereby improving operational metrics such as MTTR and MTTD. Oversee the entire lifecycle of cross-functional security incidents, including readiness, response, and post-incident evaluations to strengthen resilience against future incidents. Collaborate with the Detection Engineering team to advance detection, telemetry, and logging processes. Ensure Security's preparedness and response for significant sporting events. Nurture the next generation of security engineering talent within the organization. Act as a player-coach, mentoring engineers while also providing your own technical expertise. WHAT WE'RE LOOKING FOROur ideal candidate possesses: Experience leading engineering-focused teams with a diverse range of backgrounds and skill levels. A background in operational engineering (SecOps, DevOps, SRE, etc.). The ability to manage relationships with stakeholders and collaborate with various teams to address security events and challenges. Proficiency in at least one modern programming language (e.g., Python, Go). Confidence in navigating novel security incidents. Strong analytical and problem-solving skills, with the capacity to assess security risks and prioritize remediation efforts swiftly. ...

Role Overview FanDuel is looking for an Enterprise Security Engineering Manager in New York City. This leader will direct efforts to strengthen security architecture and processes across the company's enterprise systems. The role centers on protecting sensitive data and supporting compliance with industry standards. What You Will Do Oversee the design and rollout of security measures for enterprise systems Lead and mentor a team of security engineers Work with teams across the company to identify and address security risks Ensure ongoing compliance with relevant industry requirements Who We're Looking For Experience managing security engineering teams Strong background in enterprise security architecture and process improvement Ability to collaborate with cross-functional groups Commitment to protecting sensitive information and upholding compliance This position is based in New York City.

At January, we are on a mission to revolutionize consumer finance from the ground up. By personalizing interactions and optimizing decision-making throughout all stages of consumer credit, we empower both consumers and creditors, ensuring that credit is fair, accessible, and tailored to individual needs.As a Lead Security Engineer, you will redefine security standards in an industry where trust has been significantly compromised. This is a unique opportunity to join us at a pivotal moment: we have established the hard-earned trust of leading financial institutions, and now you will create the security framework that extends this trust to millions of consumers.You will design and implement a dual trust architecture, safeguarding both consumer-facing experiences and robust enterprise systems. You will tackle technical challenges that are unparalleled in the industry, such as privacy-preserving data systems, compliance automation across multiple jurisdictions, and AI-driven decision-making processes. Your influence will shape our security strategy and culture from the ground up, demonstrating that security is not merely an overhead cost, but a competitive advantage that drives enterprise partnerships and market growth.Your ImpactTransform security into a competitive edge: Position January's security as a key differentiator that attracts banks and enterprises, unlocking Tier 1 partnerships and deals that competitors cannot secure.Promote security-by-design in product and application development: Collaborate with product and engineering teams to identify critical risks early in the process, focusing on application security across frontend, Flask services, and databases. Integrate security into the discovery and design phases, ensuring secure development patterns are embedded in workflows.Design systems for bank-grade data protection: Create and enforce data classification, encryption, and access control mechanisms that comply with regulatory standards, ensuring sensitive data remains within authorized boundaries.Foster a security-first engineering culture: Advocate for security-centric thinking within engineering teams without hindering progress. Lead incident responses decisively, ensuring that January emerges stronger from security events through thorough post-incident analyses.Streamline compliance with minimal overhead: Maintain SOC 2, PCI-DSS, and financial compliance using automated systems and build infrastructure that generates audit evidence seamlessly, eliminating compliance bottlenecks.

Join Our Innovative Security TeamAt OpenAI, security is paramount to our mission of ensuring that artificial general intelligence serves the best interests of humanity. Our dedicated Security team safeguards OpenAI’s technology, personnel, and products. We are technical in our solutions and operational in our approach, committed to supporting all aspects of our products and research. Our guiding principles include prioritizing impactful initiatives, empowering our researchers, preparing for future technological advancements, and fostering a robust security culture.Your Role as an Application Security EngineerIn the role of Application Security Engineer, you will play a vital part in identifying and mitigating security vulnerabilities within our software applications. This involves creating security tools, conducting code reviews, performing penetration testing, and executing comprehensive security assessments.We seek individuals who will collaborate closely with development teams to embed secure coding practices throughout the software development lifecycle, preemptively addressing security risks. You will also offer security guidance to developers and stakeholders, promoting a culture of security awareness across the organization.This position is based in New York City, but we also consider candidates for remote work. Our hybrid work model requires three days in the office each week, and we offer relocation assistance for new employees.Key ResponsibilitiesConduct Security Assessments: Regularly perform security assessments, code reviews, and penetration tests to identify vulnerabilities in applications and software.Create and Implement Security Tools: Design and develop security tools, frameworks, and methodologies to defend applications against potential threats.Collaborate with Development Teams: Work hand-in-hand with development teams to ensure security best practices are integrated throughout the software development lifecycle, including secure coding standards.Threat Modeling and Risk Assessment: Carry out threat modeling and risk assessments to proactively identify potential risks and devise effective mitigation strategies.Manage Vulnerabilities: Track, analyze, and manage vulnerabilities within applications, providing guidance and support for remediation efforts.Incident Response Support: Assist in incident response efforts and contribute to the development of incident response protocols.

Join Crosby as a Security Engineer, where you'll play a pivotal role in safeguarding our information systems and data integrity. As a vital member of our security team, you will implement robust security measures, conduct risk assessments, and collaborate with cross-functional teams to protect our infrastructure from potential threats.

Join Hudson River Trading (HRT), a leading quantitative trading firm renowned for its commitment to technological advancement. We develop and deploy state-of-the-art systems in one of the most sophisticated computing environments globally, driving our expansive trading operations.We are on the lookout for a seasoned Security Operations Engineer to become a vital part of our expanding Security Operations team. In this pivotal role, you will design, build, and maintain strategic security solutions that safeguard HRT’s global cyber security infrastructure.The ideal candidate will possess a deep understanding of SIEM, SOAR, UEBA, and DLP technologies. Proficiency in programming languages, particularly Python, along with experience in log management and observability platforms such as the Elastic stack, is essential. This role demands strong technical troubleshooting abilities, along with exceptional organizational, automation, project management, and communication skills across various functions.

About the Role Sigma Computing is seeking a Senior Security Engineer II focused on Cloud & Data Security to help safeguard our large-scale, cloud-native SaaS platform. This position centers on engineering: building security solutions, not just operating existing tools. The role calls for a subject matter expert in cloud security architecture. Collaboration with Engineering, Security, and Product teams is key, as is designing scalable controls that support business growth. Responsibilities include creating secure architectures, integrating controls into infrastructure-as-code, and setting up automated guardrails so teams can move quickly without waiting for manual security sign-offs. This is a hands-on position for someone who thrives in complex cloud environments, values automation, and knows how to scale security for a growing SaaS company. What You Will Do Architectural Leadership: Work closely with infrastructure and engineering teams to embed security into development workflows. Lead technical discussions that shape security strategy and initiatives. Multi-Cloud Engineering: Design, implement, and refine Sigma’s cloud security across AWS, GCP, and Azure, using deep architectural expertise. Threat Modeling & Incident Response: Conduct threat modeling for cloud environments and handle incident response, including investigation and remediation of malicious activity. Identity & Access Management: Develop strategies for IAM and privileged access (RBAC/ABAC, federation, least privilege, cross-account access). Remove standing privileges and long-lived credentials, and promote zero-trust and privileged access controls across IaaS and SaaS. Cloud Data Security Controls: Implement data classification, encryption/KMS, masking/tokenization, access governance, retention and deletion policies, and reduce exfiltration risks across APIs and data pipelines. Automated Remediation Workflows: Build automated responses for recurring cloud misconfigurations, drift, and policy violations to improve operational efficiency and response times. Security Stack Management: Deploy and manage cloud-native services, including CSPM, CNAPP, DSPM, SIEM, DLP, WAF, Kubernetes, and container security tools. Network Defense: Evaluate and implement zero-trust network security measures. Location: New York City, NY

About the RoleJoin our dynamic team at FanDuel as we seek a skilled Senior Enterprise Security Engineer. This pivotal role requires a professional who is dedicated to crafting and implementing enterprise security control strategies, while also shaping our security posture. You will play a key role in balancing risk reduction with user experience and operational enablement at scale.Reporting directly to the Senior Manager of Enterprise Security Engineering, you will tackle diverse security challenges and lead initiatives that foster a secure environment for our operations.Your ResponsibilitiesImplement cutting-edge models such as “secure by default” and “zero trust” to maintain a robust security posture.Act as a security subject matter expert, collaborating with internal teams to meet business objectives and overcome security challenges.Develop and manage team roadmaps while staying informed of the latest threats and identifying security risks independently.Utilize automation and development approaches to enhance enterprise-wide security controls.Employ AI technologies to amplify the effectiveness of Security Engineering and FanDuel's operations.Support the security organization as needed, fostering a collaborative team environment.What We’re Looking ForProven expertise in security engineering across multiple domains, including Zero Trust, Endpoint Security, Data Protection, and more.Intermediate proficiency in scripting languages such as Python, Go, or Ruby; experience with Python and PowerShell is a plus.Familiarity with identity access management frameworks and protocols like SAML, SCIM, OAuth, and WebAuthN.Ability to model threats to corporate infrastructure and implement preventative architectures and controls.Strong communication skills to work effectively with a diverse range of partners, from engineering to legal teams.Adeptness in navigating rapidly evolving environments with a focus on solving ambiguous challenges.

Join Olo, a premier SaaS provider revolutionizing the restaurant sector by enhancing digital transformation. Our platform empowers businesses to offer highly personalized and lucrative guest experiences, ensuring that every interaction feels special and tailored.As a Staff Security Engineer, you will serve as the technical anchor for the Olo Security Blue Team, spearheading initiatives that fortify our systems while safeguarding sensitive client and customer information. Reporting directly to the Security Engineering Director, you will play a pivotal role in establishing robust security measures that maintain operational integrity.Your responsibilities will encompass identifying and prioritizing future projects based on risk assessments, executing cross-departmental initiatives with both ownership and excellence, and mentoring fellow team members to enhance their skill sets. If you are driven by the desire to mitigate risks while fostering innovation, we invite you to become part of our dynamic team!This position offers the flexibility to work remotely from anywhere within the U.S. or from Olo's vibrant headquarters located in NYC.

About UsAt Gecko Robotics, we empower critical infrastructure by ensuring its availability, reliability, and sustainability through our innovative solutions. Our cutting-edge technology integrates wall-climbing robots, top-of-the-line sensors, and an AI-driven data platform, offering clients unprecedented insights into the current and future state of their physical assets. This enables real-time decision-making that enhances operational efficiency and safety, promotes mission readiness, and safeguards the environment from potential infrastructure failures.Position OverviewWe are seeking our inaugural dedicated Product Security Engineer to enhance and expand our application security measures at Gecko. In this pivotal role, you will have a significant impact on the security framework of our product as we continue to evolve.This is a hands-on position that requires direct collaboration with engineering teams to establish secure software practices as the default standard. While we have existing tools in place, we need someone who can refine them, automate processes, and minimize manual security tasks.If you thrive on building systems from scratch, addressing tangible challenges, and working closely with product and engineering teams, this role is tailored for you.Key ResponsibilitiesEnhance application security across our products and cloud systems, partnering with engineers to ensure secure software is the norm without hindering productivity.Integrate security checks into CI/CD pipelines to catch potential issues early, while refining existing tools to minimize distractions for engineers.Conduct code and infrastructure reviews to identify and mitigate security vulnerabilities, guiding teams in implementing secure, repeatable patterns.Automate currently manual security tasks, establishing scalable guardrails as the company expands.Collaborate with platform teams to bolster cloud security in AWS or Google Cloud, avoiding common pitfalls.Support the implementation of security controls necessary for SOC 2, ISO, and similar standards as we grow.Technologies We UtilizePython, JavaScript, ReactAmazon Web Services and Google CloudGitHub, GitLab, JenkinsContainers and Infrastructure as Code

At Artemis, we are revolutionizing the realm of AI-driven cybersecurity, empowering organizations to proactively detect and defend against threats in a rapidly evolving digital landscape where AI technologies are engaged in cyber warfare.Supported by esteemed investors such as First Round Capital and Brightmind, alongside a cadre of renowned cybersecurity professionals, we are committed to delivering cutting-edge solutions.Our leadership team, including Shachar (former Palo Alto Networks, AWS, Demisto) and Dan (former Abnormal Security, Twitter), has successfully launched and scaled trusted cybersecurity products for thousands of clients, bringing unparalleled expertise in customer relations, technology, and security.Our diverse and talented team consists of software engineers, AI researchers, security engineers, and product designers from leading companies including Google, Abnormal AI, Wiz, Meta, AWS, and CERN.As we expand our team, we seek enthusiastic builders eager to contribute to our growing customer community.Position SummaryAs a Security Research Engineer at Artemis, you will spearhead detection research, threat hunting, and the automation of security processes powered by AI. This role presents a unique opportunity to engage with both security expertise and advanced AI technology, where you will research data sources, develop detection mechanisms, investigate real incidents, and collaborate directly with clients to enhance security outcomes. Your contributions will significantly influence the threats we identify and the methods we employ to tackle them.Key ResponsibilitiesAI-Driven Detection Development - Create automation tools that utilize AI to expedite the development, fine-tuning, and validation of detection strategies on a large scale.Security Research - Conduct thorough analyses of cloud, identity, and SaaS data sources, including AWS CloudTrail, Okta, and more.

About the Role Adaptive Security is looking for a Lead Application Security Engineer in NYC. This position shapes how we defend our software against threats, guiding security strategy and execution across our applications. What You Will Do Lead the design and rollout of security measures for software applications Develop and refine security strategies to address emerging risks Work closely with teams to uphold strong security standards Ensure our practices align with industry regulations and compliance requirements What Matters Here Deep experience in application security Ability to guide teams and set technical direction Commitment to both proactive defense and regulatory compliance

Are you passionate about safeguarding applications in a dynamic environment? Join us as an Application Security Engineer at Contentful. In this pivotal role, you will leverage your expertise to enhance the security posture of our applications, ensuring that our customers' data remains secure and protected against emerging threats.Your responsibilities will include conducting security assessments, implementing security best practices, and collaborating with development teams to integrate security into the software development lifecycle. We are looking for someone who is not only knowledgeable in application security but also eager to learn and adapt in a fast-paced setting.

HHAeXchange is at the forefront of technology solutions for home and community-based care. Established in 2008, our mission is to create a comprehensive, end-to-end homecare ecosystem that empowers aging individuals and those with disabilities to thrive within their communities. Our dedicated team is passionate about revolutionizing healthcare by seamlessly connecting patients, personal care providers, managed care organizations, and state agencies. We are currently on the lookout for a Principal Cloud Security Engineer to join our expanding Cybersecurity team. In this pivotal role, you will lead initiatives to validate our security posture, manage and implement cutting-edge technical solutions, enhance existing security protocols, and establish robust security standards and policies. As a subject matter expert, you will develop reusable and secure solutions while cultivating strong relationships across HHAeXchange, technical teams, and customers. Your expertise will ensure alignment between our overall security strategy, HHAeXchange’s strategic objectives, and compliance requirements. You will maintain senior-level proficiency across various technical domains, particularly in Cloud and Incident Response, engage in proof-of-concept projects, adopt innovative and business-aligned technology platforms, and expand your areas of expertise as our business evolves. To excel in this role, you must be capable of fulfilling each essential duty satisfactorily. We are committed to providing reasonable accommodations to enable individuals with disabilities to perform essential functions.

About AnthropicAt Anthropic, we are dedicated to developing AI systems that are reliable, interpretable, and steerable, ensuring they are safe and beneficial for both users and society at large. Our rapidly expanding team comprises passionate researchers, engineers, policy experts, and business leaders working together towards this vital mission.About the Role: We are seeking a skilled Campus Security Manager to join our Global Safety, Intelligence, and Security (GSIS) team in New York City. This pivotal role involves leading security operations across our NYC campuses, safeguarding our innovative AI research while nurturing a culture of trust and security among Anthropic personnel. As a collaborative security partner, you will encourage open communication, oversee vendor performance, manage incident response protocols, and coordinate cross-functional security initiatives that enhance productivity. You will balance hands-on leadership with strategic contributions to security planning, ensuring a strong security posture across all locations and maintaining compliance with AI Safety Level (ASL) requirements.

About UsAt PhysicsX, we are revolutionizing the landscape of hardware innovation by leveraging our expertise in numerical physics and our experience in Formula One. Our mission is to expedite the pace of hardware advancements akin to the rapid developments seen in software.We are developing an AI-enhanced simulation software suite aimed at transforming engineering and manufacturing across cutting-edge industries. By facilitating high-fidelity, multi-physics simulations through AI inference throughout the engineering lifecycle, PhysicsX empowers engineers to achieve unprecedented levels of optimization and automation in design, manufacturing, and operational processes. Our clientele includes top-tier innovators in Aerospace & Defense, Materials, Energy, Semiconductors, and Automotive sectors.The RoleAs our Principal Security Engineer, you will collaborate closely with engineering teams to design and implement robust secure development practices, embed security measures within our CI/CD pipeline, and guide security and design reviews.You will leverage your extensive expertise in DevSecOps, application security, and practical experience in securing web applications and APIs, all while possessing a deep understanding of contemporary development workflows. This role presents an exceptional opportunity to influence the direction of our security initiatives within a high-ownership, impactful environment.Your ResponsibilitiesDesign and integrate security tools directly into CI/CD pipelines to automate vulnerability detection and prevention, ensuring scalable 'shift-left' security.Lead threat modeling and secure design reviews for web applications, APIs, and cloud services.Manage the entire product vulnerability lifecycle, from issue triage and prioritization to remediation support, ensuring clear risk communication.Establish secure coding standards, create comprehensive playbooks, and deliver hands-on training and mentorship to foster a security-first culture across the organization.Collaborate cross-functionally with engineering teams to design and scale secure development practices throughout the software lifecycle.Engage with customers during security assessments.Your QualificationsOver 10 years of experience in security, focusing on DevSecOps and security design reviews.Hands-on expertise in secure coding, comprehensive understanding of OWASP Top 10, threat modeling, and SDLC integration.Proficiency with GitHub/GitLab, CI/CD, Infrastructure as Code (IaC), and containerized environments.Experience with deploying and utilizing SAST tools (e.g., Semgrep, Snyk).Strong development skills in Python and Go.A proven track record of balancing pragmatic security solutions with business needs.

About Method SecurityAt Method Security, we are on a mission to redefine the landscape of cybersecurity in response to the rapid evolution of AI-driven threats. Our commitment lies in protecting essential institutions—ranging from government and defense to critical commercial sectors—against these advanced threats through the development of state-of-the-art, autonomous defense solutions. By integrating our expertise in AI, cybersecurity, and software engineering, we aim to shift the balance of power in security from the attackers to the defenders.Our Team and ValuesWhen you join Method, you become part of a distinguished, mission-oriented team that champions innovation, transparency, and excellence. We operate with intention, embracing a myriad of perspectives and experiences while upholding rigorous quality standards. Our culture is founded on trust, efficiency, and respect, fostering an environment where everyone can make significant contributions. We believe in the power of small, agile teams that can tackle complex challenges and yield remarkable results. At Method, you will have the freedom to lead projects, receive the support to overcome obstacles, and play a pivotal role in shaping the future of cybersecurity.Role OverviewAs a Security Engineer at Method Security, you will play a vital role in enhancing our product's capabilities by crafting tools and workflows that bolster the AI-driven defenses of our platform. This position demands a unique combination of security engineering expertise and software development skills to transform intricate security workflows into solutions that our product can autonomously utilize. You will collaborate closely with developers and product teams to ensure that the tools and security primitives within our offering empower users to address a variety of dynamic cybersecurity challenges.Key ResponsibilitiesDevelop and fortify both defensive and offensive security tools and workflows that augment the efficacy of our AI-driven platform.Create automated solutions within our product to optimize security workflows and facilitate intelligent responses to identified vulnerabilities and misconfigurations, utilizing Python and Go.Construct and maintain infrastructure utilizing Terraform and virtualization software for continuous testing and simulation.Engage with cross-functional teams to integrate security capabilities that align with user requirements and uphold high operational standards.Explore and implement diverse security tools and develop integration points within our product to support comprehensive security strategies.

About UsAt Candid Health, we are on a mission to revolutionize the broken medical billing system that burdens the US healthcare landscape. With healthcare providers spending over $250 billion annually on administrative costs to receive payments from insurance companies, we are developing innovative software solutions supported by cutting-edge data science and machine learning to simplify and automate these complex processes.Having participated in the Y Combinator W20 batch, we are backed by esteemed investors such as 8VC, First Round Capital, and BoxGroup. Our efforts are currently aiding clients in diverse areas, including opioid addiction treatment, women's health, weight management, and mental health care access. Join us in making a meaningful impact in healthcare!To learn more about our journey, check out this blog post by our founders.Your RoleWe are seeking a dedicated Senior Security Engineer to fortify the security of our systems and networks. As a key player in our team, you will ensure our platforms are resilient against various threats while adhering to compliance mandates. We appreciate a proactive approach and are looking for someone well-versed in security frameworks and actively involved in both strategic and operational security initiatives.Key ResponsibilitiesEstablish Security Protocols: Integrate security measures into our systems to maintain a secure-by-default environment.Engage with Engineering Teams: Take part in design reviews and threat modeling sessions to detect potential security vulnerabilities early in the development phase, ensuring that security remains a priority throughout all projects.Manage Compliance Obligations: Understand and oversee the processes related to HIPAA, SOC2, SOC1, PCI, and HITRUST to maintain compliance and provide guidance to teams.