Senior Software Engineer (Security) at Cloudflare | San Francisco

RDQ226R609 - This position is open to candidates located anywhere in the United States. At Databricks, we are passionate about empowering data teams to tackle the world’s most challenging issues, from detecting security threats to advancing cancer drug development. We achieve this by building and operating an exceptional data and AI infrastructure platform, allowing our clients to concentrate on the critical challenges that define their missions. As a key member of the Security Continuous Monitoring team, you will be instrumental in developing and scaling Databricks Security systems on our platform. Your responsibilities will include designing, testing, and implementing data pipelines to evaluate the security configurations of Cloud, SaaS, and on-premise tools. You will create and deploy reliable supporting security tools for managing and assessing security posture, integrate with third-party applications, and engage with cloud APIs (AWS, Azure, GCP, Terraform). You will lead and oversee projects from conception to completion, facilitating data collection and integration with our vulnerability and threat detection initiatives. In this role, you will be an individual contributor on the Security Continuous Monitoring team, reporting directly to the Director of Continuous Monitoring.

Join Cloudflare as a Software Engineer specializing in security! In this dynamic role, you will be responsible for developing innovative security solutions to protect our platform and users. You'll collaborate with cross-functional teams to design, implement, and enhance security features that maintain the integrity of our services.

About UsAt XOXO, we are a pioneering research lab reshaping the interface of intelligence for daily life. Our stealth team, comprised of exceptional engineers, designers, and researchers, is dedicated to uncovering innovative solutions to challenges that arise beyond the workplace.Following our recent advancements in infrastructure, architecture, and model layers, we are in search of talented builders to create the interface and application layers that will realize our vision.About the RoleWe are seeking a skilled Security Engineer to safeguard our systems and uphold user trust. In this role, you will fortify our cloud infrastructure, establish robust access controls, and create the tools and response mechanisms necessary to ensure safety as we grow. You will collaborate closely with our founders and engineering team to embed security as a fundamental principle in our development processes.What You’ll DoCollaborate with cross-functional teams including engineering, product, and research to integrate security throughout the development lifecycle (e.g., threat modeling, design reviews, and establishing secure defaults).Enhance cloud infrastructure security and enforce network topology standards, including subnets, firewalls, routing, and organizational security policies.Develop isolation and segmentation strategies to minimize blast radius and prevent lateral movement within the network.Create and maintain security tools and automation for engineering teams (such as CI/CD checks, scanning, and guardrails) while driving remediation of security findings.Enhance observability, detection, and incident response for security-related events (like intrusions, abuse patterns, DDoS attacks, and bot activity), including rapid containment measures.Design and oversee identity and access management strategies for both users and services, as well as third-party integration controls, with a focus on private connectivity and the principle of least privilege.Skills & QualificationsMinimum qualifications include:Proven experience in deploying security or infrastructure systems from design through to production, achieving measurable enhancements in risk management, reliability, or incident response outcomes.In-depth knowledge of cloud security practices, including configuration baselines, network topology (subnets/firewalls), and policy enforcement.Strong software engineering background with the capability to assess production code for security vulnerabilities.Hands-on experience with securing web applications and APIs, particularly in authentication flows, access control, secrets management, input validation, and data protection practices.

Join Discord, a platform cherished by over 200 million users monthly, where gaming is at the heart of our community. With more than 90% of our users engaging in games, they collectively spend 1.5 billion hours enjoying thousands of unique titles on Discord every month. Our commitment is to enhance the gaming experience by facilitating enjoyable interactions before, during, and after gameplay.At Discord, we empower individuals to connect within diverse communities, and our users trust us to safeguard their conversations. Our Platform Security Engineering team is dedicated to fortifying the systems that underpin Discord, ensuring that the "secure way" becomes the "easy way." We are seeking a Staff Software Engineer to drive this mission forward through your security expertise, software development skills, and operational excellence. In this technical leadership role, you will identify and pursue impactful opportunities to mitigate security risks across our Engineering teams. You will design and implement user-friendly "paved paths" for managing identities, deploying code, configuring cloud infrastructure, and operating services effectively.If you are a security engineer with a profound curiosity, keen on tackling technically and socially complex projects, and motivated to enhance security and privacy at Discord, we encourage you to explore this opportunity further!

About UsAt Sierra, we are revolutionizing customer interactions by integrating artificial intelligence into business solutions. Our headquarters are located in the vibrant city of San Francisco, with expanding offices in Atlanta, New York, London, France, Singapore, and Japan, fostering a diverse and inclusive work environment.Our core values—Trust, Customer Obsession, Craftsmanship, Intensity, and Family—guide our practices and shape our culture. We are committed to these principles in every aspect of our work, ensuring a cohesive and supportive workplace.Sierra was co-founded by industry leaders Bret Taylor and Clay Bavor. Bret has held prominent roles such as Board Chair of OpenAI and co-CEO of Salesforce, while Clay’s extensive experience at Google includes leading innovative projects in AR/VR and product design.Your RoleEstablish Trust Foundations. Develop and implement systems that ensure Sierra’s platform is secure by default, focusing on privacy, identity, authentication, authorization, and data security across backend services, APIs, and infrastructure.Manage Cross-Functional Systems. Collaborate with product and platform teams to enhance Sierra’s trust components: identity management, access control, auditability, and data lifecycle management, balancing usability, performance, and security.Safeguard AI Systems. Design controls that prevent AI agents from leaking customer data or executing unauthorized actions. You’ll implement runtime policy enforcement and create data protection boundaries while maintaining agent functionality.Automate Security Workflows. Build tools that streamline security processes, reducing risks and friction through automated security checks in CI/CD, privacy schema validation, and runtime monitoring for sensitive events.

About UsXOXO AI is an innovative research laboratory dedicated to shaping the future of intelligence for everyday life. Our dynamic team of skilled engineers, designers, and researchers is committed to discovering transformative solutions for challenges that extend beyond the workplace.Following a significant breakthrough in infrastructure, architecture, and model layers, we are on the lookout for dedicated builders to develop the interface and application layer that will actualize our visionary goals.About the RoleWe are seeking a seasoned Security Engineer to safeguard our systems and uphold user trust. Your role will involve fortifying our cloud infrastructure, enforcing access restrictions, and establishing tools and response mechanisms that ensure security as we scale. Collaborating with the founders and our engineering team, you will embed security as a fundamental principle in our development processes.What You’ll DoCollaborate with engineering, product, and research teams to integrate security throughout the development lifecycle, including threat modeling, design reviews, and secure defaults.Strengthen cloud infrastructure and enforce network topology standards such as subnets, firewalls, routing, and organizational security policies.Implement isolation and segmentation strategies to limit potential damage and prevent lateral movement.Develop and maintain security tools and automation for engineers, including CI/CD checks, scanning, and guardrails, driving findings to remediation.Enhance observability, detection, and incident response for security-related events such as intrusions, abuse patterns, DDoS attacks, and bots, ensuring rapid containment.Design and manage identity and access management systems for both users and services, alongside third-party integration controls, prioritizing private connectivity and the principle of least privilege.

At Lyft, we are dedicated to connecting people and creating a community where every team member feels valued and empowered to reach their full potential.As a pivotal player in transforming how our communities move, Lyft's engineering team is rapidly expanding. We are seeking passionate Software Engineers specialized in Security to join our dynamic Security team. Together, we will enhance our ability to deliver secure services at scale.Lyft is entrusted with the sensitive information of both drivers and passengers, and we take the responsibility of safeguarding that data seriously. Our Security team spearheads initiatives across the organization to protect our systems and uphold user trust.Our work encompasses designing and building a robust security architecture, collaborating with various teams during the development and launch of new products, anticipating potential challenges, and managing security incidents effectively. Our impact spans the entire organization, covering all aspects of the technology stack, including infrastructure, web applications, mobile apps, IT, and even autonomous vehicles. We adopt an engineering-focused approach to security, aiming to automate and streamline our processes while ensuring frequent updates. Explore more about our innovations on our blog at https://eng.lyft.com/tagged/security.The Cloud Security team is dedicated to enhancing Lyft's security posture by architecting a comprehensive security model tailored for our cloud infrastructure, protecting both our employees and intellectual property.As a Senior Software Engineer, you will play a crucial role in shaping this team and driving high-impact security initiatives. Your responsibilities will include leading security reviews, implementing detection measures, addressing vulnerabilities, enforcing the principle of least privilege, and establishing secure configurations for our multi-cloud and container environments.

About UsTriumph Arcade revolutionizes mobile gaming by allowing players to wager and win real money, engage in mass multiplayer games, and compete in social tournaments. Our app has become the leading choice in its App Store category, showcasing remarkable month-over-month growth in both revenue and active player engagement. As we continue to innovate and expand, we're excited to introduce new products, including Rips, our collectibles app, which has already gained significant traction.Supported by esteemed venture capitalists such as Goodwater Capital, General Catalyst, and DraftKings Drive Fund, Triumph is on a hyper-growth trajectory.The RoleAs our Founding Security Engineer, you will play a pivotal role in shaping and implementing the security framework that safeguards Triumph’s players, funds, and data across all platforms. Your expertise will ensure Triumph's resilience against technical failures, credential compromises, or security incidents, thereby protecting our assets and maintaining operational viability.You will be the primary authority on security for our backend systems, mobile applications, infrastructure, and internal tools, establishing the standards for security practices at Triumph. This position reports directly to our CTO and Co-Founder, Jared Geller.What You’ll DoIdentity, Access & Privilege Escalation - Manage all service accounts, IAM, and privilege elevation systems within the production infrastructure.Blast Radius & Recovery Guarantees - Oversee disaster recovery design and execution, ensuring that no infrastructure failure or security incident can lead to irreparable loss of critical data, funds, or system integrity. Set and enforce recovery point (RPO) and recovery time (RTO) objectives for all crucial data systems.Audibility & Forensic Readiness - Ensure all security actions in production are auditable, attributable, and easily reconstructable.Compliance - Lead the technical implementation of data protection controls necessary for compliance with GDPR and similar regulations.

Join Pinterest as a Security Software Engineer II within our Corporate Security team. In this pivotal role, you will be responsible for developing and enhancing security solutions that protect our platform and its users. Your expertise will contribute to the implementation of innovative security measures while collaborating with cross-functional teams to ensure a secure environment.

Join the Revolution at HarveyAt Harvey, we're not just changing the game for legal and professional services; we're redefining it from the ground up. By harnessing cutting-edge agentic AI, a robust enterprise platform, and unparalleled domain expertise, we're transforming the way essential knowledge work is performed for generations to come.This is an extraordinary opportunity to contribute to the foundation of a groundbreaking company at a pivotal moment. With a client base exceeding 1,000 across over 58 countries, a strong product-market fit, and exceptional investor backing, we're rapidly scaling and creating a new genre in real-time. The challenges are ambitious, the expectations are high, and the potential for growth — personally, professionally, and financially — is unparalleled.Our team is composed of sharp, driven individuals who are passionately committed to our mission. We operate with agility, intensity, and take genuine ownership of the challenges we face — from initial concept to long-term impact. We maintain close relationships with our customers, spanning from leadership to engineering teams, working collaboratively to address real issues with urgency and care. If you excel in uncertain environments, strive for excellence, and wish to help craft the future of work alongside like-minded individuals, we welcome you to join us in building something remarkable.At Harvey, the future of professional services is being crafted today — and we’re only at the beginning.Role OverviewAs a Senior Staff Software Engineer on our Product Security team, you will play a vital role in integrating security into our AI platform from the outset. Given that we handle and process our clients’ most sensitive information, prioritizing security is essential throughout our product lifecycle. You will take the lead in safeguarding crucial aspects of our product while spearheading high-impact security initiatives that elevate our entire engineering organization — balancing hands-on technical contributions with cross-functional leadership and mentorship. You’ll be responsible for designing and implementing both technical safeguards and security features within the Harvey platform.Our security program thrives on our collective offensive security experience: penetrating systems at other organizations (in white-hat capacities), responding to real security incidents, and drawing lessons from data breaches elsewhere. We routinely conduct penetration tests and red team exercises with external security experts. Simultaneously, we are all software engineers who contribute code daily, approaching security with an engineering-first mindset.What You’ll DoEstablish and enhance the security posture across the engineering organization, setting scalable standards.Collaborate with Product Engineering, Infrastructure, and other teams to integrate security into every facet of our development process.

At Thinking Machines Lab, our mission is to enhance human capabilities through the development of collaborative general intelligence. We are dedicated to creating a future where everyone can utilize AI tailored to their specific needs and aspirations.Our team consists of accomplished scientists, engineers, and innovators responsible for some of the most popular AI applications, including ChatGPT and Character.ai, along with renowned open-weight models like Mistral and influential open-source projects such as PyTorch, OpenAI Gym, Fairseq, and Segment Anything.About the RoleWe are on the lookout for a passionate Software Engineer with a focus on security to ensure our products are secure by design while facilitating rapid and ambitious product development. You will collaborate closely with product and research teams to integrate security measures into the design and development processes, and create tools and automation to maintain system safety at scale.Note: This is an ongoing opportunity, and we encourage you to express your interest. While we receive numerous applications and there may not always be an immediate match for your skills, we encourage you to apply. We consistently review applications and will reach out as new roles become available. You may reapply if you gain additional experience, but please limit applications to once every six months. We also post specific roles for particular projects or teams, and you are welcome to apply for those as well.What You’ll DoCollaborate with product and research teams to integrate security into the development lifecycle: threat modeling, design reviews, and establishing secure defaults for new features.Design and implement security controls throughout our product stack (authentication, authorization, session management, input validation, etc.).Create and maintain security tooling and automation for engineers: secure frameworks and templates, CI/CD checks, dependency management, and vulnerability detection.Work alongside researchers to identify and address AI-specific product risks, such as model abuse, prompt injection, data leakage, or misuse of capabilities.Enhance observability and detection for security-related events: access anomalies, abuse patterns, and suspicious behavior in production.

About Resolve AIAt Resolve AI, we are redefining software maintenance and production troubleshooting with our innovative, fully autonomous AI Production Engineer. This pioneering technology autonomously investigates and resolves intricate system challenges from start to finish.Founded by industry leaders Spiros Xanthos and Mayank Agarwal, who were instrumental in the creation of OpenTelemetry and have successfully led previous ventures to Splunk and VMware.We have secured over $150 million in funding from top-tier investors such as Lightspeed, Greylock, and Unusual Ventures, along with individual contributions from renowned figures like Jeff Dean (Google DeepMind), Thomas Dohmke (GitHub), Matt Garman (AWS), Reid Hoffman (LinkedIn), and Fei-Fei Li (Stanford).Your RoleTake charge of security across the entire Resolve AI platform, including application security, cloud infrastructure, internal services, integrations, and agent execution.Design robust security mechanisms tailored for autonomous systems, ensuring agents perform actions safely, audibly, and within established limits.Collaborate closely with engineers across various teams to proactively shape secure system designs from the outset.Integrate security into our software delivery processes: automate security in CI/CD, implement guardrails in our infrastructure, and establish scalable defaults.Assess and enhance our management of identity, permissions, and access across diverse customers, tools, and environments.Monitor emerging risks associated with AI-driven systems and suggest actionable, engineering-focused mitigations.Assist Resolve AI in aligning with enterprise customer expectations by clearly communicating our security posture and engaging in technical security discussions as required.Establish the foundational principles for security practices at Resolve, ensuring they are pragmatic, high-signal, and in line with real-world system operations.

About the RoleJoin Perplexity as a dynamic Software Engineer specializing in security, where you will play a pivotal role in developing and enhancing the software, automation, and systems that drive our security operations. This position focuses on engineering innovative security tools and AI-driven agents aimed at improving our detection and response capabilities, vulnerability management, and overall security posture across our products and infrastructure.ResponsibilitiesDesign, build, and maintain software and automation solutions that enhance our detection and response capabilities, including alert enrichment, triage workflows, and investigation tools.Implement and refine internal AI agents and security bots that facilitate monitoring, investigations, reporting, and other security operations tasks.Develop and manage systems and workflows that support our bug bounty and vulnerability disclosure program, covering intake, triage, prioritization, and remediation tracking.Collaborate with product and engineering teams to perform threat modeling on new features and systems, propose mitigations, and integrate security guardrails into designs and implementations.Contribute to secure-by-default libraries, services, and patterns that empower teams to build secure features effortlessly.Integrate security signals from cloud services, endpoints, SaaS, and applications into unified pipelines and data models that bolster detection and analysis.Automate processes to minimize manual effort in incident response, containment, and remediation.Work closely with security engineers and fellow software engineers to review designs and code, continuously enhancing our security tools and platforms.QualificationsA minimum of 4 years of experience as a software engineer, particularly in developing security-related tools, platforms, or automation, or in a security engineering role with a strong emphasis on software development.Proficiency in at least one major programming language (e.g., Python, Go, or TypeScript) with experience in building production services, command-line interfaces, or internal tools.Experience with integration of security-relevant systems such as logging pipelines, SIEMs, EDR, cloud APIs, or identity platforms.Hands-on experience in threat modeling, secure design, or conducting application security reviews for services or features.Experience in operating or contributing to bug bounty or vulnerability management programs is a plus.

Supported by top-tier investors from Silicon Valley, Peregrine Technologies is dedicated to empowering public safety organizations, local and state governments, federal agencies, and private-sector institutions to tackle societal challenges with unparalleled speed and precision. Our innovative AI-driven platform transforms isolated and fragmented data into actionable intelligence, instantly revealing critical information that promotes quicker, more informed decisions enhancing outcomes at every level. Currently, Peregrine serves hundreds of clients across more than 30 states and two countries, impacting over 125 million individuals, and we are excited to broaden our reach into enterprise and international markets.Our TeamAt Peregrine, we maintain that empathy is vital to enhancing our solutions. Observing how users engage with our products is essential for finding the best solutions. Our engineers work closely with teams on-site to gain insights into the diverse use cases we support.We are in search of a talented security engineer to join our core engineering teams. Our teams face various challenges, from enabling real-time user collaboration on intricate maps to constructing robust backend architectures capable of processing billions of data points.We value humility and empathy as fundamental traits for crafting effective solutions—you will collaborate directly with our deployment team and users as we refine our approach to addressing their needs. Creativity and perseverance are vital in realizing our vision.RoleThis is an exciting opportunity for a software engineer to join our expanding team, where you will gain substantial ownership over our technology stacks, making impactful decisions that will shape our future. You will play a pivotal role in ensuring that security is woven into every aspect of our product development lifecycle.Our technology stack is continually evolving, anchored by a backend built on Python, Django, Celery, Airflow, and Kafka; a frontend utilizing React, Redux, and Mapbox; data storage solutions including PostgreSQL and Elasticsearch; machine learning models deployed using Bedrock and SageMaker; and infrastructure managed through AWS, Pulumi, Terraform, and Kubernetes.About YouDevelop scalable, security-first frameworks that form the backbone of our infrastructure, ensuring top-tier data security.Recognize and mitigate emerging security threats, establishing strategies that align with our product goals.Design security architecture across the platform...

About Cogent SecurityCogent Security is at the forefront of cybersecurity innovation, leveraging Applied AI to develop next-generation AI agents. In an era where cyber attacks evolve rapidly, our AI Taskforce analyzes vast amounts of enterprise data to proactively address vulnerabilities and prevent critical breaches.We combine pioneering research with practical execution, ensuring that our innovative solutions meet real-world challenges. Our Cogent Research division acts as our dedicated AI lab, driving the development of advanced security workflows.Since our emergence from stealth mode, we have rapidly grown, collaborating with Fortune 500 companies to secure complex production environments globally.Supported by Greylock, we have gathered a team of top talent from renowned institutions and leading organizations in the AI and cybersecurity sectors.About the RoleAs an Agent Engineer at Cogent Security, you will be pivotal in designing, building, and deploying critical AI agents tailored for complex client environments. Your role is highly cross-functional, involving direct collaboration with customers to understand their unique needs, adapting our platform accordingly, and iterating on scalable solutions to handle millions of real-world security events.You will manage projects from inception to deployment, including data onboarding and integrating feedback into our core agent platform. Your contributions will shape how AI agents detect threats, triage incidents, and automate security workflows for some of the most sophisticated organizations worldwide.This position is ideal for engineers who excel in dynamic environments, enjoy tackling complex technical challenges, and wish to see the tangible impact of their work.

At Discord, we empower over 200 million users each month to connect, communicate, and collaborate in their gaming experiences. With more than 90% of our users engaging in video games, our platform serves as a vital hub for gaming communities. Our mission is to enhance the social aspect of gaming by enabling seamless interactions among players before, during, and after gameplay.Discord is dedicated to fostering a sense of belonging for all users. Our commitment to security and privacy ensures that communications remain safe and confidential, which is essential to our continued success.We are on the lookout for a talented Senior Detection and Response Engineer to join our dynamic Detection & Response Team (DART). Our team is focused on engineering innovative detection systems, automating response processes, and developing tools to proactively combat threats rather than merely responding to them. If you are passionate about security and enjoy transforming investigative insights into robust automated solutions, we would love to hear from you!

At Crusoe, our mission is to accelerate the abundance of energy and intelligence. We are developing cutting-edge technology that empowers individuals to create ambitiously with AI, ensuring that we do not compromise on scale, speed, or sustainability.Join us in driving the AI revolution through sustainable technology. At Crusoe, you will lead significant innovations, make a real impact, and collaborate with a team that is at the forefront of responsible and transformative cloud infrastructure.About This RoleCrusoe is establishing the foundational infrastructure for the future of AI and high-performance computing. We are in search of a talented individual who is committed to building security into our systems from the ground up. As a member of the Product Security team, you will not only secure our future but actively contribute to building it. You will work closely with engineering teams, deploy production code, design secure architectures, and establish the security foundations necessary to safeguard our platform at scale. This is a high-impact role where you will influence security practices across the company, enabling teams to choose the secure path effortlessly.We are looking for a Senior Product Security Software Engineer who excels as a software engineer with expertise in AI. You will design secure systems, create security controls that integrate smoothly into developer workflows, and elevate the security standards across our AI infrastructure and distributed systems while maintaining a pragmatic, delivery-focused approach.

Join Pinterest as a Senior Security Software Engineer within our Corporate Security team, where you will play a critical role in safeguarding our platform and users. In this position, you will design, develop, and implement innovative security solutions that protect against emerging threats. You will collaborate with cross-functional teams to ensure the highest security standards are maintained across all systems and processes.

As digital transformation accelerates, the need for robust cloud security solutions becomes vital. Britive stands at the forefront of this evolving landscape, offering an innovative privileged access management platform designed to deliver comprehensive Privileged Access Visibility, Dynamic Privilege Management, and Secrets Governance across diverse cloud environments, platforms, and SaaS applications.Our cutting-edge, patent-pending technology is already in use by numerous Fortune 500 companies, solidifying our reputation as one of the most promising startups in the Cloud Security sector. Founded by seasoned veterans in the CyberSecurity field, Britive is supported by leading venture capital firms, ensuring a solid foundation for growth and innovation.About YouYou are a dedicated Software Engineer eager to create and enhance our multi-tenant SaaS applications on the AWS platform. With a solid software engineering foundation and an in-depth understanding of AWS tools and services, you are ready to contribute from day one. Your positive, proactive attitude and enthusiasm for delivering technical solutions in a dynamic startup environment will be key to your success.Your ImpactKey Responsibilities:Design and develop a large-scale application stack operating on AWS.Collaborate with cross-functional teams to implement new features and enhancements.Maintain and optimize existing systems for improved performance and scalability.Ensure high-quality code through best practices and thorough testing.