Senior Application Security Engineer at Turnkey | Remote

Canonical is at the forefront of open source software innovation, delivering cutting-edge operating systems to enterprise and technology industries globally. Our flagship platform, Ubuntu, is instrumental in transformative initiatives spanning public cloud, data science, artificial intelligence, engineering advancements, and the Internet of Things. We serve a diverse clientele, including top-tier public cloud and silicon providers, as well as industry leaders across various sectors. With a strong commitment to global distributed collaboration, our team comprises over 1200 professionals across more than 75 countries, where office-based roles are minimal. We convene in-person two to four times a year in unique locations worldwide to strategize and execute effectively. As a profitable and founder-led company, Canonical is experiencing significant growth. We are on the lookout for talented security-focused software engineers to join our product teams. These engineers will not only contribute to product development but will also elevate the team’s security mindset through advanced practices such as threat modeling, tabletop exercises, architectural and design assessments, static analysis, and fuzz testing, among others. In this role, you will engage in all facets of product security, including feature development, vulnerability management, proactive security measures, and active involvement in the open source community. You will collaborate closely with various Canonical teams, customers, and partners within the open source ecosystem. Each product engineering team has dedicated openings for security-oriented software engineers, and we are also developing products driven entirely by security considerations, such as our AppArmor kernel investments and the Ubuntu Security Guide (USG). As the publisher of Ubuntu, we take on long-term security responsibilities for the entire operating system and the broader open source community. This role requires proficiency across major programming languages and the ability to design, build, and implement sophisticated tools that enable us to operate at scale and with confidence. If you are a passionate security-focused software engineer excited about open source and aligned with Canonical's mission, we encourage you to apply. This position necessitates strong self-discipline and motivation to thrive in a globally distributed team setting, along with a requirement for international travel at least twice a year, typically for one week.

Join Binance as a Software Engineer specializing in Blockchain Security, where you will play a pivotal role in safeguarding blockchain projects across the BNB Smart Chain and beyond. Collaborate with a talented team at the forefront of the cryptocurrency industry, ensuring the integrity and security of our diverse projects and systems. This role offers a unique opportunity to deepen your knowledge of the crypto landscape while making a significant impact in the blockchain community.

As a Senior Security Engineer, you will play a pivotal role in fortifying our technical landscape by architecting, implementing, and automating comprehensive security measures throughout our application stack and cloud environments, with a primary focus on AWS and considerations for GCP.Your expertise will enhance our security framework by actively identifying and addressing vulnerabilities, developing sophisticated security solutions throughout the Software Development Life Cycle (SDLC), and creating scalable automation using languages and tools such as Python, Go, Terraform, and Tines. Your contributions will be essential in preventing unauthorized access and exfiltration of Protected Health Information (PHI), enabling our transition towards a proactive defense strategy.This fully remote position reports to the Senior Manager of Security Engineering and is crucial to advancing our organization's security maturity and overall resilience.

The Canonical Security Operations team is on the lookout for a dynamic Senior or Staff Engineer to join our ranks. As a pivotal member of our team, you will play a crucial role in designing, building, and operating a state-of-the-art Security Operations Center (SOC). Your leadership, mentorship, and technical expertise will guide our efforts to maintain the highest security standards.This multifaceted role encompasses:Core SOC responsibilities, including security monitoring, threat hunting, and incident response.Security engineering focused on evaluating and fortifying Canonical's platforms and products.Software engineering to create tailored tools and platforms.Site Reliability Engineering (SRE) to deploy, maintain, and automate security solutions.We seek candidates with robust engineering and security backgrounds, complemented by a track record of significant achievements. Whether you are a seasoned security operations professional with engineering expertise or a senior developer with a strong security focus, you will find this role rewarding.In addition to safeguarding Canonical’s digital assets, this position offers a unique opportunity to engage with the open-source community. Team members will have the chance to present at industry conferences, share threat intelligence, and contribute to open-source security software.We also have openings for junior positions for candidates with a strong academic or professional foundation.

We are excited to announce multiple openings for Senior and Staff Security Operations Engineers (SOC) as we establish a dedicated team reporting directly to our Chief Information Security Officer (CISO). We seek candidates with a diverse range of expertise. At the senior level, we are looking for individuals with extensive experience defending critical assets and high-value cyber targets against sophisticated threats from advanced persistent threats and state-sponsored actors. For more junior roles, we welcome exceptional candidates with a demonstrated passion for cybersecurity, engagement in cyber defense, and notable academic and professional achievements, even if their experience is limited.Our mission is to enhance the security and reliability of the open-source supply chain. While we monitor our own infrastructure, our broader objective is to strengthen the overall security of the global Ubuntu ecosystem through the efforts of this team.The Security Operations (SecOps) team is pivotal in designing, implementing, and evolving Canonical's security practices, techniques, tools, systems, and policies. This team leads strategies that dictate how Canonical secures its data, internal infrastructure, and build processes, ensuring the integrity and security of our infrastructure and product deployments. They are responsible for developing and implementing technical security controls that automatically detect, contain, and remediate security threats. Additionally, the team will contribute to Canonical's product security, reinforcing the resilience of all Ubuntu customers and users against cyber threats.The SecOps team is committed not only to securing Canonical but also to enhancing the security of the broader open-source community. They will have opportunities to share knowledge through public presentations, participate in industry events, and engage in threat intelligence sharing within the community.

Join Binance, the pioneering global blockchain ecosystem that powers the world’s largest cryptocurrency exchange by trading volume and user base. Trusted by over 300 million individuals across 100+ countries, we are renowned for our top-tier security measures, transparency in user funds, rapid trading engine capabilities, profound liquidity, and an unmatched array of digital asset products. From trading and finance to education, research, payments, institutional services, and Web3 innovations, our offerings are designed to leverage the power of digital assets and blockchain technology, fostering an inclusive financial ecosystem that enhances financial freedom and accessibility for people worldwide.We are seeking a dynamic SOC Security Development Engineer to become an integral part of our Security Operations team. This position emphasizes the development of security platforms, automation, and the seamless integration of internal tools, while also playing a key role in incident response and SOC on-call operations.The ideal candidate will possess robust programming skills, a comprehensive understanding of SOC workflows, and hands-on experience with integrating and enhancing security platforms such as SIEM, EDR, and cloud-based security solutions through APIs and bespoke development efforts.

At GitLab, we pride ourselves on being an open-core software innovator, delivering the most comprehensive AI-powered DevSecOps Platform utilized by over 100,000 organizations globally. Our mission is to empower everyone to contribute to and co-create the software that shapes our future. By transforming consumers into contributors, we significantly accelerate human advancement. Our platform fosters collaboration, dismantles barriers, and redefines the possibilities within software development. Through pioneering products like Duo Enterprise and Duo Agent Platform, our customers experience AI advantages throughout the Software Development Life Cycle (SDLC).We reflect the same principles in our team dynamics: AI is a core productivity enhancer that all team members are encouraged to integrate into their daily operations to drive efficiency, innovation, and impact. At GitLab, careers thrive, innovation flourishes, and every voice is heard. Our high-performance culture, guided by our values and continuous exchange of knowledge, enables our team to reach their full potential while collaborating with industry leaders to tackle complex challenges. Join us in co-creating the future as we revolutionize the way the world develops software.Role OverviewAs a Senior Backend Engineer on the Auth Infrastructure team at GitLab, you'll play a pivotal role in constructing the essential infrastructure that facilitates authentication and authorization for millions of users across GitLab.com, self-managed, Dedicated, and air-gapped environments. Your focus will be on developing secure, efficient, and reliable identity services while guiding GitLab towards a zero-trust architecture and a microservices-oriented future. Collaborating closely with the Authentication, Authorization, Platform, and Infrastructure teams, you will design and implement critical components such as Envoy proxy configurations, token services, bi-directional gRPC tunnels, mTLS, and service mesh architecture, while also enhancing observability and debugging capabilities for distributed authentication systems.This position offers the chance to address authentication infrastructure challenges on a global scale, directly influencing the roadmap for our systems.

Join Binance, the world’s leading blockchain ecosystem, as a Security Engineer focused on fortifying our cloud infrastructure, CI/CD pipelines, and production systems. In this pivotal technical role, you will enhance our security posture, prioritize preventative measures, and implement secure-by-default platforms. Collaborating closely with our Platform, DevOps, and Engineering teams, you will design and operate security tools across cloud environments, Kubernetes, and CI/CD pipelines, with a strong emphasis on developing production-grade security software using Python.

Join Binance, the leading global blockchain ecosystem and the world’s largest cryptocurrency exchange by trading volume. With a user base exceeding 300 million across 100+ countries, we are dedicated to providing industry-leading security, transparency in user funds, rapid trading engine performance, and a comprehensive suite of digital asset products. Our diverse offerings encompass trading, finance, education, research, payments, institutional services, Web3 features, and beyond. We harness the potential of blockchain technology and digital assets to create an inclusive financial system that enhances monetary freedom and broadens financial access for individuals worldwide.This is an exceptional opportunity to make a significant impact in the blockchain community. As a Smart Contract Security Engineer, you will collaborate closely with a talented team at Binance, working at the forefront of cryptocurrency innovation. Your role will involve safeguarding the security of various projects and systems while engaging with cross-functional teams to deepen your understanding of the crypto landscape.

Join Offchain Labs as a Blockchain Security Engineer and play a pivotal role in revolutionizing decentralized applications. We are at the forefront of blockchain scalability and security, addressing real-world challenges while upholding the principles of decentralization, security, and transparency. As part of our innovative team, you will engage with ambitious thinkers and problem-solvers dedicated to creating a more equitable digital future. If you thrive in dynamic environments and are passionate about the potential of decentralized systems, we want to hear from you!

Join Canonical as an Ubuntu Security Engineer and be part of a dynamic team dedicated to securing open source software. This role involves monitoring and addressing vulnerabilities in the Ubuntu ecosystem, collaborating with internal teams and external partners to enhance security features, and contributing to the overall safety of the community. You will engage with talented professionals in technology, participate in industry events, and make a meaningful impact on global security initiatives. International travel is required twice a year for strategic alignment.

About UsAt Turnkey, we develop secure, developer-centric infrastructure for private key management, simplifying the process of creating wallets, signing transactions, and automating on-chain actions through a single, elegant API—without ever compromising sensitive key material.Our mission is to fortify the open internet by making strong cryptography and key management the standard. Founded by the team behind Coinbase Custody, the world’s largest and most secure cryptocurrency custodian, our work has safeguarded over $100 billion in crypto assets across the industry.Our team embodies a culture of low ego, high agency, and autonomy, bringing over 100 years of combined expertise in cryptography, security, and low-level systems, building robust infrastructure designed for scalability.Role OverviewWe are on the lookout for a Senior Corporate Security Engineer to spearhead and enhance the security of Turnkey's corporate infrastructure. This is a pivotal role as you will be our first dedicated corporate security hire, collaborating directly with the security lead to establish enterprise security capabilities from the ground up.In this capacity, you will safeguard Turnkey’s personnel, endpoints, SaaS applications, identity systems, and internal infrastructure, ensuring the security of our distributed workforce while enabling rapid progress without compromising safety. Operating at the intersection of security engineering, IT operations, and risk management, you will design and implement security controls that are robust yet user-friendly, ensuring our company remains secure as we grow.What You’ll DoBuild & Secure Corporate InfrastructureArchitect, implement, and oversee security measures for endpoints and distributed systems; deploy and manage our security stack (MDM, EDR/XDR, ZTNA, SSO); enforce zero-trust principles, least-privilege access, and hardening standards.Drive Security Initiatives & Risk ReductionLead initiatives focused on endpoint hardening, access controls, and vendor risk; conduct security design reviews, risk assessments, and vulnerability remediation; develop and enforce security policies and best practices.Detection, Response & AutomationRespond to security incidents with urgency and technical expertise; collaborate on detection rules, alerts, and monitoring; automate workflows and create runbooks and playbooks to efficiently scale security operations.

At Assured, we are revolutionizing the insurance landscape by modernizing claims processing—a critical yet often neglected aspect of the industry. This process, traditionally reliant on manual efforts like phone calls and faxes, incurs significant costs annually. We're here to change that.We empower major insurance providers with cutting-edge software solutions essential for thriving in today’s technology-driven environment. From self-service claim-filing systems to advanced backend fraud detection, we serve as the backbone for claims processing for some of the world’s largest insurance companies.Our team faces a variety of complex challenges—from crafting digital experiences that offer comfort and clarity to claimants during their most vulnerable moments, to orchestrating large-scale machine learning-driven decision-making for billions in claims payments. Life at Assured is dynamic, collaborative, and incredibly fulfilling.We invite you to join us as a Senior Cloud Security Engineer, where you will play a crucial role in securing and enhancing the cloud infrastructure that underpins our operations. You will be responsible for designing robust architectures, driving automation initiatives, and advocating for security-by-design principles throughout our platform. Your contributions will directly protect our data, build customer trust, and bolster our compliance efforts as we expand.Key Responsibilities Architect, implement, and scale secure AWS environments with a focus on innovation and regulatory compliance. Develop and maintain Terraform modules and infrastructure-as-code pipelines to support secure, auditable deployments. Conduct regular security assessments, execute vulnerability tests, and lead incident response initiatives. Partner with engineering and DevOps teams to seamlessly integrate security controls into CI/CD processes and product development lifecycles. Establish IAM strategies, enforce network segmentation, apply encryption standards, and implement continuous monitoring practices. Identify anomalies, investigate alerts, and respond proactively to evolving threats within our cloud environments.‍ Mentor peers on secure design principles, share insights on emerging risks, and promote best practices in cloud security. Stay ahead of emerging threats and security tools while contributing to our long-term security strategy with creativity and vision.Qualifications Extensive experience in cloud security engineering, particularly within AWS environments. Proficiency in Terraform and infrastructure-as-code methodologies. Strong foundation in security best practices, risk assessment, and compliance frameworks. Proven track record of implementing security controls and leading incident response efforts. Excellent collaboration skills with the ability to engage cross-functionally. Continuous learner with a passion for staying updated on the latest in security technologies and threats.

As a Senior Cloud Security Engineer at Included Health, you will play an essential role in fortifying our cloud environments by engineering, implementing, and automating comprehensive security controls, primarily within AWS, with considerations for GCP. This hands-on position is vital for enhancing our cloud security framework, safeguarding our product infrastructure, and actively contributing to the prevention of unauthorized PHI exfiltration. You will be responsible for designing and developing sophisticated security solutions, utilizing programming languages such as Python and Go, as well as automation tools like Terraform, to tackle critical challenges related to access control, development environment security, and infrastructure hardening. The ideal candidate will possess profound technical expertise in cloud security, exceptional software development skills for crafting security tools and automation, and a proactive mindset toward risk mitigation. You will collaborate closely with our infrastructure software and engineering teams, fostering a culture of security-by-design while implementing solutions that minimize HIPAA incidents. This remote role reports directly to the Chief Information Security Officer.

At Garner, we are on a mission to revolutionize the healthcare landscape, ensuring high-quality and affordable care for everyone.We are fundamentally rethinking how healthcare operates in the U.S. by collaborating with employers to reshape healthcare benefits through clear incentives and powerful, data-driven insights. Our innovative approach leads employees to superior, cost-effective care, creating a system that benefits all parties involved. Patients experience improved health outcomes, employers utilize healthcare funds more efficiently, and physicians are rewarded for providing outstanding care instead of simply increasing procedure counts.Garner is among the fastest-growing healthcare technology firms in the nation. Our products are trusted by some of the most sophisticated employers and providers in the industry, and we are assembling a team of talented, mission-driven individuals who are eager to make a significant impact on healthcare at scale.About the Role:We are in search of an outstanding Senior Security Engineer to join our Security Engineering team. In this pivotal role, you will be instrumental in safeguarding our most valuable asset: patient data. The Security Engineering team at Garner is tasked with securing cloud infrastructure, implementing secure code guardrails, and fostering trust with our clients. This position involves a variety of projects that span multiple security domains.Where You Will Work:This position is open to remote candidates across the U.S. For those located in New York City, a hybrid schedule will apply, requiring in-office attendance on Tuesday, Wednesday, and Thursday each week.What You Will Do:Lead technical initiatives to secure networks, systems, applications, and databases.Participate in our Security Engineering on-call rotation to address security incidents.Integrate security into the build pipeline through automated SAST/DAST testing and policy enforcement.Manage vulnerability assessments and coordinate remediation efforts.Educate engineers and promote a culture of security within the engineering organization.

Join Canonical as a Linux Cryptography and Security Engineer, where you will leverage your software engineering and cryptography expertise to fortify the security framework that empowers Ubuntu and its users to operate securely, ensuring compliance with global information security standards such as FIPS 140-3 and Common Criteria. In this dynamic role, you will apply your knowledge of cryptography, Linux security, and programming to enhance the Ubuntu distribution while collaborating with esteemed organizations like DISA and CIS to establish and implement robust security hardening benchmarks.As a vital member of the Security Hardening team, you will develop automation tools to audit deployed systems for DISA-STIG and CIS benchmark compliance. Your insights will help identify gaps in our frameworks, allowing you to create innovative solutions to address these challenges. This position offers the chance to influence our security culture, facilitate technical delivery, and guide team direction and execution. You will work closely with Canonical’s kernel team and the broader engineering organization to drive impactful features for all Ubuntu users.

About XBOWJoin us at XBOW as we redefine the future of offensive security. In a world where attackers leverage AI to outpace defenders, we are developing an innovative platform that ensures security stays a step ahead. Our AI-driven system autonomously identifies, validates, and even exploits vulnerabilities, delivering proof-backed results in hours instead of weeks.Founded by Oege de Moor, the visionary behind GitHub Copilot, and supported by top-tier investors such as Sequoia and Altimeter, XBOW is tackling one of the most pressing challenges of our time with cutting-edge AI technology. Within just over a year, our elite AI team and renowned security researchers have discovered thousands of real-world zero-day vulnerabilities, earning us the top spot on HackerOne’s global leaderboard.We are a community of builders, hackers, and researchers who thrive on overcoming challenges deemed impossible. If you are passionate about pushing the limits of AI and transforming security practices, we would love to connect with you.Your Role: Software Engineer - ConsoleWe are seeking a dedicated Software Engineer who is enthusiastic about crafting reliable, high-quality products with robust backend systems. In this position, you will design and implement comprehensive features across the technology stack: from React-based frontends and TypeScript APIs to backend services in Kotlin and Go, all deployed on AWS.You will be part of a small, exceptional team that delivers quickly and operates with a high degree of trust. This role is suited for individuals who enjoy tackling open-ended problems, whether that involves crafting seamless API contracts, optimizing database interactions, or building scalable systems that enhance powerful AI functionalities. If you thrive at the intersection of advanced technology and real-world impact, you will feel right at home here.What You Will DoDesign and develop full-stack systems that ensure seamless integration between frontend and backend.Create scalable APIs and backend services using TypeScript, Kotlin, and Go.Deploy and manage services in AWS and other cloud environments.Take ownership of problems from design through deployment to production support.Navigate through uncertainty and contribute to defining our development processes.Collaborate closely with teammates from various disciplines, including AI researchers, security experts, and backend engineers.

As the leading Linux distribution, Ubuntu plays a crucial role in maintaining the security of the global internet ecosystem. We are seeking a passionate Engineering Manager for our Security team, whose leadership will significantly enhance the safety and security of millions of users worldwide. Join a dedicated group of security professionals committed to safeguarding the open-source environment while fostering innovation. In this pivotal role, you will tackle emerging security threats, devise robust protective measures, and uphold the integrity of the Ubuntu platform. Your contributions will not only protect users but will also create a lasting impact on the digital landscape.The Security Engineering team is primarily focused on responding to new threats and securing the open-source ecosystem for both the community and enterprise users. You will directly improve security by addressing potential CVEs and vulnerabilities throughout the lifecycle of Canonical's products, including Ubuntu. This position involves engaging with our community and customers, collaborating across multiple engineering teams and projects to achieve our security goals.As an Engineering Manager, your responsibilities will encompass line management and career development for your team. Success in this role requires a strong ability to nurture engineering talent, represent your team's technical capabilities, and foster collaboration with other teams and partners.

Canonical seeks a talented Software Engineer to join our Solutions Engineering team, working remotely from anywhere in the world. As a leading provider of open-source software, we empower enterprises with our widely adopted Ubuntu platform, driving innovation across public cloud, data science, AI, engineering, and IoT sectors. You'll play a pivotal role in transforming open-source IT and DevOps operations, enabling high-performance computing, private cloud, and advanced analytics through infrastructure-as-code. Collaborate closely with our managed infrastructure operations team to refine our products based on real-world experiences while developing Python-based automation tools that simplify operations for users globally. If you are passionate about distributed systems and cloud computing, and eager to work on the cutting edge of software engineering, we invite you to apply.