Principal Vulnerability Researcher

Datadog is looking for a Security Engineer II to focus on the Vulnerability Lifecycle. This position centers on strengthening the security of Datadog’s systems and infrastructure. Role overview This role involves working closely with a skilled team to identify, assess, and address vulnerabilities. The goal is to maintain secure and resilient systems that protect customer data. What you will do Identify and evaluate vulnerabilities across Datadog’s infrastructure Collaborate with team members to mitigate security risks Develop and refine strategies for proactive vulnerability management Location This position is based in New York, New York, USA.

Datadog is on the lookout for a dedicated and skilled Security Engineering Manager to spearhead our Vulnerability Management initiatives within a dynamic multi-provider ecosystem.In this pivotal role, you will oversee the Vulnerability Management Engineering team, which is focused on identifying, assessing, and mitigating vulnerabilities in Datadog's public offerings, including the Datadog Agent and trace libraries. Your leadership will be critical as these products play a vital role in monitoring and ensuring observability in our clients' systems.As the Engineering Manager, you will mentor and develop your team, uphold high standards in vulnerability management practices, and collaborate with product and engineering teams to guarantee the security and integrity of our offerings. You will also be instrumental in defining and executing the security strategy for Datadog’s products.

CLEAR builds secure identity solutions used by over 38 million members worldwide. From airports to stadiums and beyond, CLEAR’s technology helps people move through daily life with added safety and convenience. Role Overview The Senior Vulnerability Management Security Engineer joins the Product Security team to strengthen and oversee CLEAR’s vulnerability management program. This role covers cloud, infrastructure, endpoints, and application environments. What You Will Do Manage and improve the vulnerability management program across multiple technical environments Use tools like Wiz, Tenable, and GitHub to identify and assess security risks Translate vulnerability findings into clear, actionable tasks Work closely with engineering teams to address and reduce real-world security risks Location This position is based in New York, New York, United States.

About the Role Sigma Computing is seeking a Senior Security Engineer II focused on Cloud & Data Security to help safeguard our large-scale, cloud-native SaaS platform. This position centers on engineering: building security solutions, not just operating existing tools. The role calls for a subject matter expert in cloud security architecture. Collaboration with Engineering, Security, and Product teams is key, as is designing scalable controls that support business growth. Responsibilities include creating secure architectures, integrating controls into infrastructure-as-code, and setting up automated guardrails so teams can move quickly without waiting for manual security sign-offs. This is a hands-on position for someone who thrives in complex cloud environments, values automation, and knows how to scale security for a growing SaaS company. What You Will Do Architectural Leadership: Work closely with infrastructure and engineering teams to embed security into development workflows. Lead technical discussions that shape security strategy and initiatives. Multi-Cloud Engineering: Design, implement, and refine Sigma’s cloud security across AWS, GCP, and Azure, using deep architectural expertise. Threat Modeling & Incident Response: Conduct threat modeling for cloud environments and handle incident response, including investigation and remediation of malicious activity. Identity & Access Management: Develop strategies for IAM and privileged access (RBAC/ABAC, federation, least privilege, cross-account access). Remove standing privileges and long-lived credentials, and promote zero-trust and privileged access controls across IaaS and SaaS. Cloud Data Security Controls: Implement data classification, encryption/KMS, masking/tokenization, access governance, retention and deletion policies, and reduce exfiltration risks across APIs and data pipelines. Automated Remediation Workflows: Build automated responses for recurring cloud misconfigurations, drift, and policy violations to improve operational efficiency and response times. Security Stack Management: Deploy and manage cloud-native services, including CSPM, CNAPP, DSPM, SIEM, DLP, WAF, Kubernetes, and container security tools. Network Defense: Evaluate and implement zero-trust network security measures. Location: New York City, NY

About the Role Sigma Computing is hiring a Senior Security Engineer II focused on Threat Detection and Response for our Security Engineering team in New York City. This position acts as the technical subject matter expert for threat intelligence, detection, and response. The role partners closely with Security, Platform, Product, and Engineering teams to reduce risk and strengthen our defenses at scale. Responsibilities include translating Cyber Threat Intelligence (CTI) into practical security strategies and reinforcing our architecture to guard against modern attack techniques before they can impact our systems. Beyond platform management, this engineer will write production-grade code, design scalable detection systems, automate security responses, and build proactive controls. A strong understanding of cloud, identity, application, and data attack vectors is essential. What You’ll Do Adversary Response Planning: Develop and maintain a comprehensive adversary response strategy that connects organizational risks to specific threat actor tactics, techniques, and procedures (TTPs). Cross-Functional Leadership: Act as a subject matter expert for Infrastructure, Engineering, and Security teams. Guide the adoption of proactive security measures and help integrate security best practices throughout the development lifecycle and company infrastructure. Proactive Threat Modeling: Lead collaborative threat modeling for new products and infrastructure. Support cloud platform, Engineering, and IT teams in identifying and mitigating architectural vulnerabilities before deployment. Continuous Detection Engineering: Build, refine, and continually improve a library of high-fidelity detections. Ensure alerting mechanisms adapt to new exploitation methods and evolving industry standards. Industry Alignment: Stay current with the latest security developments (such as CISA advisories and new MITRE techniques) to keep Sigma’s controls aligned with industry standards. Resilience Testing & Training: Design and run incident response simulations and tabletop exercises. Educate non-security teams on their crisis roles and identify any weaknesses in our layered defense approach. Advanced Incident Management: Lead advanced incident response efforts to ensure security incidents are managed quickly and effectively.

As a User Lifecycle Specialist at Gympass, you will play a pivotal role in enhancing user engagement and retention strategies. You will analyze user behavior, create personalized communication plans, and collaborate with cross-functional teams to optimize the user journey. Your insights will directly contribute to our mission of improving well-being through innovative solutions.

CoreWeave is seeking a Security Engineering Manager to lead the Platform Security team. This position is based in Livingston, NJ, New York, NY, Sunnyvale, CA, Bellevue, WA, or San Francisco, CA. The team’s mission is to embed security into CoreWeave’s Kubernetes-based platform and public cloud environments, supporting high-performance infrastructure for AI and machine learning workloads. Role overview This manager will oversee and expand the Platform Security engineering team, reporting to the Senior Director of Security Foundations. The focus is on hands-on leadership and technical execution, with an emphasis on building and implementing security controls rather than policy development. The role requires close collaboration with Infrastructure, Platform Engineering, Site Reliability Engineering, and other security teams to ensure security measures keep pace with business growth and evolving needs. What you will do Lead and grow the Platform Security engineering team. Integrate security into Kubernetes infrastructure and public cloud platforms such as AWS, GCP, and Azure. Define and execute strategies for cloud security posture, workload isolation, platform guardrails, image integrity, and multi-cloud security. Develop and implement security controls across CoreWeave’s infrastructure. Work closely with other technical teams to align platform security with business needs. The Platform Security team The Platform Security team at CoreWeave engineers systems that enforce security at the infrastructure layer. Their work spans both CoreWeave’s own Kubernetes-based platform and third-party public cloud environments. The team supports GPU-accelerated infrastructure for demanding AI and machine learning workloads, ensuring that both customer and internal services remain secure as CoreWeave’s global presence expands.

Role Overview Claylabs is hiring a Security Engineer in New York to help protect our digital infrastructure. This role focuses on finding vulnerabilities, putting security measures in place, and maintaining the integrity of our systems. What You Will Do Identify security vulnerabilities across systems and networks Implement technical safeguards to protect company assets Monitor and support the ongoing integrity of digital infrastructure Location This position is based in New York.

Mercury seeks a Lifecycle Marketer to guide how customers interact with the brand at every stage. This position centers on designing and managing marketing strategies that encourage customer loyalty and help drive business growth. Key responsibilities Create and deliver lifecycle marketing campaigns using several channels Blend creative thinking with data analysis to refine and optimize campaign results Focus on building stronger customer relationships and boosting ongoing engagement Location This role can be based in San Francisco, New York, or Portland. Remote work is also available from anywhere in Canada or the United States.

At January, we are on a mission to revolutionize consumer finance from the ground up. By personalizing interactions and optimizing decision-making throughout all stages of consumer credit, we empower both consumers and creditors, ensuring that credit is fair, accessible, and tailored to individual needs.As a Lead Security Engineer, you will redefine security standards in an industry where trust has been significantly compromised. This is a unique opportunity to join us at a pivotal moment: we have established the hard-earned trust of leading financial institutions, and now you will create the security framework that extends this trust to millions of consumers.You will design and implement a dual trust architecture, safeguarding both consumer-facing experiences and robust enterprise systems. You will tackle technical challenges that are unparalleled in the industry, such as privacy-preserving data systems, compliance automation across multiple jurisdictions, and AI-driven decision-making processes. Your influence will shape our security strategy and culture from the ground up, demonstrating that security is not merely an overhead cost, but a competitive advantage that drives enterprise partnerships and market growth.Your ImpactTransform security into a competitive edge: Position January's security as a key differentiator that attracts banks and enterprises, unlocking Tier 1 partnerships and deals that competitors cannot secure.Promote security-by-design in product and application development: Collaborate with product and engineering teams to identify critical risks early in the process, focusing on application security across frontend, Flask services, and databases. Integrate security into the discovery and design phases, ensuring secure development patterns are embedded in workflows.Design systems for bank-grade data protection: Create and enforce data classification, encryption, and access control mechanisms that comply with regulatory standards, ensuring sensitive data remains within authorized boundaries.Foster a security-first engineering culture: Advocate for security-centric thinking within engineering teams without hindering progress. Lead incident responses decisively, ensuring that January emerges stronger from security events through thorough post-incident analyses.Streamline compliance with minimal overhead: Maintain SOC 2, PCI-DSS, and financial compliance using automated systems and build infrastructure that generates audit evidence seamlessly, eliminating compliance bottlenecks.

CLEAR builds secure identity technology for both digital and physical spaces. With more than 38 million members and a growing global partner network, CLEAR’s platform helps people move through airports, stadiums, workplaces, and daily routines with greater safety and ease. Role Overview The Senior Security Engineer on the Infrastructure Security Engineering (ISE) team protects CLEAR’s core platforms. This position focuses on cloud security, identity management, and endpoint controls. The work centers on AWS and Kubernetes environments, using infrastructure-as-code to scale and automate security practices. What You Will Do Strengthen security across AWS and Kubernetes infrastructure Develop and implement security controls using infrastructure-as-code Work closely with Engineering, CorpIT, and Security teams to make security a default part of CLEAR’s systems Location This role is based in New York, New York, United States.

Wehrtyou seeks a Security Engineer based in New York, NY. This role centers on protecting information systems and supporting secure business operations. The position involves defending sensitive company data and helping maintain the integrity of daily processes. Key responsibilities Design and implement security measures for company information systems Monitor systems to detect and respond to security threats Safeguard sensitive data against both internal and external risks Support the security and reliability of company operations Role focus This position requires a proactive approach to identifying vulnerabilities and ensuring that the company’s data and systems remain secure.

We are seeking a dedicated and skilled Web Engineer / IIS Administrator to join our team in Melville, NY. In this role, you will be responsible for Windows and IIS administration, supporting web hosting environments, and ensuring the smooth operation of web applications.Key Responsibilities:Administer and manage Windows server environments.Oversee IIS configurations and performance.Support web application development using Microsoft technologies.Utilize network and application monitoring tools to ensure optimal performance.Communicate effectively with clients, team members, and management.Provide exceptional customer service and support.This position requires a strong understanding of the software development lifecycle and confidentiality sensitivity.

Cresilon® is a pioneering biotechnology firm located in Brooklyn, New York. We specialize in the development, manufacturing, and marketing of innovative hemostatic medical devices, leveraging our proprietary hydrogel technology. Our groundbreaking, plant-based solutions have transformed the way traumatic and surgical bleeds are managed, achieving swift hemostasis without the necessity for prolonged manual pressure. Our diverse product lines cater to veterinary, human trauma, and surgical applications, embodying our mission to save lives. Discover more about us at www.cresilon.com.Job Overview:We are seeking an experienced Senior Process Engineer or Process Engineer II to join our manufacturing team. This position is critical in spearheading the development and optimization of manufacturing processes for our medical device products. You will collaborate with cross-functional teams—Quality, R&D, Regulatory, and Production—to ensure that our manufacturing processes adhere to the highest standards of quality, compliance, and performance. Your role will involve hands-on engagement with the production team, training operators on new processes, troubleshooting equipment issues, and executing qualifications and validations.This is a full-time, on-site role based in Brooklyn, New York, in a dynamic and collaborative environment that demands creativity and focused execution to enhance production efficiency and establish robust manufacturing processes.Key Responsibilities:Design, develop, and optimize manufacturing processes for both new and existing medical devices.Lead process development for new product introductions (NPI), guiding projects from concept through validation and launch.Refine manufacturing processes to minimize variability, enhance yield, improve cycle times, and lower costs.Assess and implement automation technologies to boost process consistency and throughput.Collaborate with external vendors and suppliers to specify equipment and troubleshoot product issues.Analyze production data to uncover trends, root causes, and opportunities for increased efficiency.Maintain and update validation documentation as part of lifecycle management.Ensure compliance with regulatory requirements and internal quality standards.Lead investigations into root causes (CAPA, NCRs, SCARs) and implement corrective actions.Create process documentation, including standard operating procedures (SOPs), work instructions, pFMEAs, and equipment qualifications.Partner with R&D during the design transfer phase to ensure manufacturability.

Join Ramp as a Cloud Security Engineer and be part of a dynamic team dedicated to safeguarding our cloud infrastructure. In this role, you will leverage your expertise to design, implement, and maintain robust security measures that protect our clients' data and ensure compliance with industry standards.

Join Our Innovative Security TeamAt OpenAI, security is paramount to our mission of ensuring that artificial general intelligence serves the best interests of humanity. Our dedicated Security team safeguards OpenAI’s technology, personnel, and products. We are technical in our solutions and operational in our approach, committed to supporting all aspects of our products and research. Our guiding principles include prioritizing impactful initiatives, empowering our researchers, preparing for future technological advancements, and fostering a robust security culture.Your Role as an Application Security EngineerIn the role of Application Security Engineer, you will play a vital part in identifying and mitigating security vulnerabilities within our software applications. This involves creating security tools, conducting code reviews, performing penetration testing, and executing comprehensive security assessments.We seek individuals who will collaborate closely with development teams to embed secure coding practices throughout the software development lifecycle, preemptively addressing security risks. You will also offer security guidance to developers and stakeholders, promoting a culture of security awareness across the organization.This position is based in New York City, but we also consider candidates for remote work. Our hybrid work model requires three days in the office each week, and we offer relocation assistance for new employees.Key ResponsibilitiesConduct Security Assessments: Regularly perform security assessments, code reviews, and penetration tests to identify vulnerabilities in applications and software.Create and Implement Security Tools: Design and develop security tools, frameworks, and methodologies to defend applications against potential threats.Collaborate with Development Teams: Work hand-in-hand with development teams to ensure security best practices are integrated throughout the software development lifecycle, including secure coding standards.Threat Modeling and Risk Assessment: Carry out threat modeling and risk assessments to proactively identify potential risks and devise effective mitigation strategies.Manage Vulnerabilities: Track, analyze, and manage vulnerabilities within applications, providing guidance and support for remediation efforts.Incident Response Support: Assist in incident response efforts and contribute to the development of incident response protocols.

Join Scale AI as a highly skilled Security Engineer in our Product Security team, where you will play a pivotal role in safeguarding the security and integrity of our products and services. This position involves conducting comprehensive code reviews, implementing security best practices, and shaping our overarching security strategy. Your proficiency in TypeScript, Python, AWS, CI/CD, SAST, DAST, and Terraform orchestration will be vital in detecting and addressing potential security threats. You will have the opportunity to analyze complex issues, identify root causes independently, and articulate the complexities and implications of security vulnerabilities, including their potential for exploitation and impact. Your responsibilities will include:Utilizing extensive product security knowledge to design and maintain software tools that secure every layer of the modern AI/ML software ecosystem.Conducting thorough code reviews to identify and rectify security vulnerabilities.Assessing and improving the security of our product offerings through RFC and service evaluations.Establishing and sustaining CI/CD pipelines with a strong emphasis on security.Executing Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) to uncover vulnerabilities in production code.Employing Terraform orchestration to maintain secure and efficient infrastructure management.Advising engineering teams on developing robust, long-term solutions that prioritize security and privacy.Clearly communicating the mechanics and significance of security vulnerabilities, including their exploitability and potential consequences.Contributing to the security strategy and direction of the team, advocating for best practices and ongoing enhancements. Ideal candidates will possess:A proven track record of independently driving multi-month security initiatives, from problem identification to execution, with minimal oversight.Significant experience as a Security Engineer with an emphasis on product security.Proficiency in NodeJS, TypeScript, Python, and/or Kubernetes.A strong grasp of modern JavaScript application design.Practical experience in operating and securing AWS infrastructure at scale.Hands-on experience with SAST and DAST tools and methodologies.Familiarity with Terraform orchestration for managing infrastructure.Capability to analyze complex problems and identify root causes independently, providing actionable insights without managerial input.Exceptional communication skills, enabling clear presentation of technical concepts to diverse audiences.

Join Crosby as a Security Engineer, where you'll play a pivotal role in safeguarding our information systems and data integrity. As a vital member of our security team, you will implement robust security measures, conduct risk assessments, and collaborate with cross-functional teams to protect our infrastructure from potential threats.

Role overview Datadog is hiring an Engineering Manager II to lead source security efforts in New York. This position guides a team of engineers focused on strengthening security protocols and protecting Datadog’s systems. The manager’s leadership shapes how the team responds to emerging security threats and maintains product protection as risks change. What you will do Lead and mentor a team of engineers focused on source security projects Develop and improve protocols that safeguard company systems Collaborate with teams across the organization to design, implement, and monitor security measures Encourage security awareness and proactive risk management within engineering Support the integration of security best practices throughout the software development process Location This position is based in New York, New York, USA.