Software Engineer - Security

About UsTriumph Arcade revolutionizes mobile gaming by allowing players to wager and win real money, engage in mass multiplayer games, and compete in social tournaments. Our app has become the leading choice in its App Store category, showcasing remarkable month-over-month growth in both revenue and active player engagement. As we continue to innovate and expand, we're excited to introduce new products, including Rips, our collectibles app, which has already gained significant traction.Supported by esteemed venture capitalists such as Goodwater Capital, General Catalyst, and DraftKings Drive Fund, Triumph is on a hyper-growth trajectory.The RoleAs our Founding Security Engineer, you will play a pivotal role in shaping and implementing the security framework that safeguards Triumph’s players, funds, and data across all platforms. Your expertise will ensure Triumph's resilience against technical failures, credential compromises, or security incidents, thereby protecting our assets and maintaining operational viability.You will be the primary authority on security for our backend systems, mobile applications, infrastructure, and internal tools, establishing the standards for security practices at Triumph. This position reports directly to our CTO and Co-Founder, Jared Geller.What You’ll DoIdentity, Access & Privilege Escalation - Manage all service accounts, IAM, and privilege elevation systems within the production infrastructure.Blast Radius & Recovery Guarantees - Oversee disaster recovery design and execution, ensuring that no infrastructure failure or security incident can lead to irreparable loss of critical data, funds, or system integrity. Set and enforce recovery point (RPO) and recovery time (RTO) objectives for all crucial data systems.Audibility & Forensic Readiness - Ensure all security actions in production are auditable, attributable, and easily reconstructable.Compliance - Lead the technical implementation of data protection controls necessary for compliance with GDPR and similar regulations.

RDQ226R609 - This position is open to candidates located anywhere in the United States. At Databricks, we are passionate about empowering data teams to tackle the world’s most challenging issues, from detecting security threats to advancing cancer drug development. We achieve this by building and operating an exceptional data and AI infrastructure platform, allowing our clients to concentrate on the critical challenges that define their missions. As a key member of the Security Continuous Monitoring team, you will be instrumental in developing and scaling Databricks Security systems on our platform. Your responsibilities will include designing, testing, and implementing data pipelines to evaluate the security configurations of Cloud, SaaS, and on-premise tools. You will create and deploy reliable supporting security tools for managing and assessing security posture, integrate with third-party applications, and engage with cloud APIs (AWS, Azure, GCP, Terraform). You will lead and oversee projects from conception to completion, facilitating data collection and integration with our vulnerability and threat detection initiatives. In this role, you will be an individual contributor on the Security Continuous Monitoring team, reporting directly to the Director of Continuous Monitoring.

Join our dynamic team at Cloudflare as a Senior Software Engineer specializing in Security. In this role, you will work on cutting-edge security solutions that protect our customers' data and privacy. You will collaborate with cross-functional teams to design, develop, and implement robust security features while ensuring the scalability and performance of our systems. Your expertise in software engineering and security practices will be essential in driving innovation and leading projects to enhance our security posture.

About UsXOXO AI is an innovative research laboratory dedicated to shaping the future of intelligence for everyday life. Our dynamic team of skilled engineers, designers, and researchers is committed to discovering transformative solutions for challenges that extend beyond the workplace.Following a significant breakthrough in infrastructure, architecture, and model layers, we are on the lookout for dedicated builders to develop the interface and application layer that will actualize our visionary goals.About the RoleWe are seeking a seasoned Security Engineer to safeguard our systems and uphold user trust. Your role will involve fortifying our cloud infrastructure, enforcing access restrictions, and establishing tools and response mechanisms that ensure security as we scale. Collaborating with the founders and our engineering team, you will embed security as a fundamental principle in our development processes.What You’ll DoCollaborate with engineering, product, and research teams to integrate security throughout the development lifecycle, including threat modeling, design reviews, and secure defaults.Strengthen cloud infrastructure and enforce network topology standards such as subnets, firewalls, routing, and organizational security policies.Implement isolation and segmentation strategies to limit potential damage and prevent lateral movement.Develop and maintain security tools and automation for engineers, including CI/CD checks, scanning, and guardrails, driving findings to remediation.Enhance observability, detection, and incident response for security-related events such as intrusions, abuse patterns, DDoS attacks, and bots, ensuring rapid containment.Design and manage identity and access management systems for both users and services, alongside third-party integration controls, prioritizing private connectivity and the principle of least privilege.

At Discord, we empower over 200 million users each month to connect, communicate, and collaborate in their gaming experiences. With more than 90% of our users engaging in video games, our platform serves as a vital hub for gaming communities. Our mission is to enhance the social aspect of gaming by enabling seamless interactions among players before, during, and after gameplay.Discord is dedicated to fostering a sense of belonging for all users. Our commitment to security and privacy ensures that communications remain safe and confidential, which is essential to our continued success.We are on the lookout for a talented Senior Detection and Response Engineer to join our dynamic Detection & Response Team (DART). Our team is focused on engineering innovative detection systems, automating response processes, and developing tools to proactively combat threats rather than merely responding to them. If you are passionate about security and enjoy transforming investigative insights into robust automated solutions, we would love to hear from you!

About UsAt XOXO, we are a pioneering research lab reshaping the interface of intelligence for daily life. Our stealth team, comprised of exceptional engineers, designers, and researchers, is dedicated to uncovering innovative solutions to challenges that arise beyond the workplace.Following our recent advancements in infrastructure, architecture, and model layers, we are in search of talented builders to create the interface and application layers that will realize our vision.About the RoleWe are seeking a skilled Security Engineer to safeguard our systems and uphold user trust. In this role, you will fortify our cloud infrastructure, establish robust access controls, and create the tools and response mechanisms necessary to ensure safety as we grow. You will collaborate closely with our founders and engineering team to embed security as a fundamental principle in our development processes.What You’ll DoCollaborate with cross-functional teams including engineering, product, and research to integrate security throughout the development lifecycle (e.g., threat modeling, design reviews, and establishing secure defaults).Enhance cloud infrastructure security and enforce network topology standards, including subnets, firewalls, routing, and organizational security policies.Develop isolation and segmentation strategies to minimize blast radius and prevent lateral movement within the network.Create and maintain security tools and automation for engineering teams (such as CI/CD checks, scanning, and guardrails) while driving remediation of security findings.Enhance observability, detection, and incident response for security-related events (like intrusions, abuse patterns, DDoS attacks, and bot activity), including rapid containment measures.Design and oversee identity and access management strategies for both users and services, as well as third-party integration controls, with a focus on private connectivity and the principle of least privilege.Skills & QualificationsMinimum qualifications include:Proven experience in deploying security or infrastructure systems from design through to production, achieving measurable enhancements in risk management, reliability, or incident response outcomes.In-depth knowledge of cloud security practices, including configuration baselines, network topology (subnets/firewalls), and policy enforcement.Strong software engineering background with the capability to assess production code for security vulnerabilities.Hands-on experience with securing web applications and APIs, particularly in authentication flows, access control, secrets management, input validation, and data protection practices.

Astranis is on the forefront of satellite technology, developing advanced satellites designed for high orbits that expand humanity’s reach into the solar system. Our innovative satellites deliver dedicated, secure communication networks to a diverse range of clients, including large enterprises, sovereign governments, and the US military. With five satellites currently in orbit and numerous launches planned, we are proudly managing a backlog exceeding $1 billion in commercial contracts.Astranis is the go-to satellite communications partner for clients with rigorous demands for uptime, data security, and network customization. Having raised more than $750 million from some of the most recognized investors, including Andreessen Horowitz, Blackrock, and Fidelity, we boast a talented team of 450 engineers and entrepreneurs. Our operations are based in a state-of-the-art 153,000 sq. ft. facility in Northern California, USA.Senior Product Security EngineerAs a Senior Product Security Engineer at Astranis, you will leverage your extensive software engineering expertise with a strong focus on security. You will be tasked with designing and building secure systems, specializing in critical areas such as cryptography, Public Key Infrastructure (PKI), and zero trust architectures. Your role will encompass evaluating processes, operating systems, and applications from a security-first engineering perspective. While your primary responsibility will be to develop secure software, you will also play a key role in identifying vulnerabilities, conducting risk analyses, and leading thorough security reviews.

Join Discord, a platform cherished by over 200 million users monthly, where gaming is at the heart of our community. With more than 90% of our users engaging in games, they collectively spend 1.5 billion hours enjoying thousands of unique titles on Discord every month. Our commitment is to enhance the gaming experience by facilitating enjoyable interactions before, during, and after gameplay.At Discord, we empower individuals to connect within diverse communities, and our users trust us to safeguard their conversations. Our Platform Security Engineering team is dedicated to fortifying the systems that underpin Discord, ensuring that the "secure way" becomes the "easy way." We are seeking a Staff Software Engineer to drive this mission forward through your security expertise, software development skills, and operational excellence. In this technical leadership role, you will identify and pursue impactful opportunities to mitigate security risks across our Engineering teams. You will design and implement user-friendly "paved paths" for managing identities, deploying code, configuring cloud infrastructure, and operating services effectively.If you are a security engineer with a profound curiosity, keen on tackling technically and socially complex projects, and motivated to enhance security and privacy at Discord, we encourage you to explore this opportunity further!

We are seeking a highly skilled Senior Security Engineer to join our innovative team at Decagon in San Francisco. In this pivotal role, you will be responsible for safeguarding our digital infrastructure and ensuring the security of our systems against potential threats. You will work closely with cross-functional teams to design and implement security solutions, conduct risk assessments, and develop incident response strategies.As a Senior Security Engineer, you will have the opportunity to leverage your expertise in security protocols, threat detection, and vulnerability management to enhance our security posture. Your contributions will be essential in creating a secure environment for our operations and clients.

About UsAt Sierra, we are revolutionizing customer interactions by integrating artificial intelligence into business solutions. Our headquarters are located in the vibrant city of San Francisco, with expanding offices in Atlanta, New York, London, France, Singapore, and Japan, fostering a diverse and inclusive work environment.Our core values—Trust, Customer Obsession, Craftsmanship, Intensity, and Family—guide our practices and shape our culture. We are committed to these principles in every aspect of our work, ensuring a cohesive and supportive workplace.Sierra was co-founded by industry leaders Bret Taylor and Clay Bavor. Bret has held prominent roles such as Board Chair of OpenAI and co-CEO of Salesforce, while Clay’s extensive experience at Google includes leading innovative projects in AR/VR and product design.Your RoleEstablish Trust Foundations. Develop and implement systems that ensure Sierra’s platform is secure by default, focusing on privacy, identity, authentication, authorization, and data security across backend services, APIs, and infrastructure.Manage Cross-Functional Systems. Collaborate with product and platform teams to enhance Sierra’s trust components: identity management, access control, auditability, and data lifecycle management, balancing usability, performance, and security.Safeguard AI Systems. Design controls that prevent AI agents from leaking customer data or executing unauthorized actions. You’ll implement runtime policy enforcement and create data protection boundaries while maintaining agent functionality.Automate Security Workflows. Build tools that streamline security processes, reducing risks and friction through automated security checks in CI/CD, privacy schema validation, and runtime monitoring for sensitive events.

At Lyft, we are dedicated to connecting people and creating a community where every team member feels valued and empowered to reach their full potential.As a pivotal player in transforming how our communities move, Lyft's engineering team is rapidly expanding. We are seeking passionate Software Engineers specialized in Security to join our dynamic Security team. Together, we will enhance our ability to deliver secure services at scale.Lyft is entrusted with the sensitive information of both drivers and passengers, and we take the responsibility of safeguarding that data seriously. Our Security team spearheads initiatives across the organization to protect our systems and uphold user trust.Our work encompasses designing and building a robust security architecture, collaborating with various teams during the development and launch of new products, anticipating potential challenges, and managing security incidents effectively. Our impact spans the entire organization, covering all aspects of the technology stack, including infrastructure, web applications, mobile apps, IT, and even autonomous vehicles. We adopt an engineering-focused approach to security, aiming to automate and streamline our processes while ensuring frequent updates. Explore more about our innovations on our blog at https://eng.lyft.com/tagged/security.The Cloud Security team is dedicated to enhancing Lyft's security posture by architecting a comprehensive security model tailored for our cloud infrastructure, protecting both our employees and intellectual property.As a Senior Software Engineer, you will play a crucial role in shaping this team and driving high-impact security initiatives. Your responsibilities will include leading security reviews, implementing detection measures, addressing vulnerabilities, enforcing the principle of least privilege, and establishing secure configurations for our multi-cloud and container environments.

Join Our Team at MacroscopeAt Macroscope, we are dedicated to providing unparalleled insight into the software development landscape. Our mission is to empower leaders with the clarity they need and engineers with the time they deserve.We facilitate a deeper understanding of product and codebase evolution—identifying changes, tracking team contributions, and highlighting progress—all rooted in the ultimate truth: the code itself.Founded by seasoned entrepreneurs with a track record of launching and selling successful ventures, and seasoned executives from publicly traded tech companies, we are backed by premier venture capital firms and angel investors, including Lightspeed Venture Partners, Thrive Capital, Google Ventures, and Adverb.Your RoleWe are seeking a Senior Security Engineer to fortify and expand the security framework of Macroscope’s platform. In this pivotal role, you will design and implement robust security architectures, controls, and secure-by-default protocols across our distributed systems, infrastructure, and APIs that drive our core product.You will spearhead initiatives aimed at protecting customer data, reinforcing our production environment, and elevating security standards throughout our product offerings. Your expertise will ensure our systems adapt to customer demands while upholding enterprise-level security. Collaboration with the engineering team will be crucial as you establish best practices in identity and access management, cloud security, secure CI/CD, secrets management, vulnerability management, and production monitoring.As part of our compact team, you will work closely with founders, engineers, and designers to make architectural choices that will shape the future of our product and organization. This hands-on position is ideal for someone passionate about creating secure systems and empowering the team to innovate swiftly without compromising safety.Technology Stack: Typescript/React (frontend), Golang (backend), Temporal, Google Cloud (GCP), Postgres, Terraform, and custom-built AST “code walkers” in various languages (Golang, Typescript, Swift, Python, Rust).

About LangChainLangChain is dedicated to making intelligent agents a common part of our daily lives. We provide the essential framework for agent engineering that enables developers to transition from experimental prototypes to production-ready AI agents that organizations can depend on. Having started as widely embraced open-source tools, we have evolved to also deliver a robust platform for the development, evaluation, deployment, and management of agents at scale.Our tools, including LangChain, LangGraph, LangSmith, and Agent Builder, are actively utilized by teams delivering tangible AI products across both startups and large corporations. Millions of developers rely on LangChain to empower AI teams at renowned companies such as Replit, Clay, Coinbase, Workday, Lyft, Cloudflare, Harvey, Rippling, Vanta, and 35% of the Fortune 500.With $125M raised in our Series B funding round from prominent investors including IVP, Sequoia, Benchmark, CapitalG, and Sapphire Ventures, we are at a pivotal point of innovation, accelerating growth, and empowering every team member to have a significant impact on our products and collaborative culture. At LangChain, your contributions can truly influence how this technology integrates into the real world.About the RoleAs the hands-on security lead, you will work closely with our core product teams to ensure the security of agent workloads from end to end, encompassing everything from SDK to LangSmith/Graph services and customer integrations. You will be responsible for defining our security roadmap, achieving immediate hardening wins, and elevating the standards for how AI infrastructure is secured in production. We are seeking engineers with expertise in either cloud/infrastructure security or application security (expertise in both is a significant advantage!).Lead product & platform security: Design and implement application/infrastructure security controls across LangSmith, LangGraph, and the LangChain SDK ecosystem (Python/TS/Go).Implement secure-by-default authentication and authorization: Enhance SSO/SAML/OIDC/SCIM, manage token lifecycles, establish service-to-service authentication, and ensure tenant isolation for both cloud and self-hosted customers.Vulnerability management: Oversee scanning, triage, and patching SLAs; coordinate with engineering teams to ensure swift remediation without delaying delivery.Develop secure code, conduct reviews, and create tools: Implement secure design principles, write pull requests, execute penetration tests, and introduce lightweight checks (linters, dependency/supply-chain scanning, SBOM/SLSA provenance) to facilitate security at scale.Enhance hardening & operations: Focus on network segmentation/Zero Trust, Kubernetes posture management, secrets management, key rotation, least-privilege IAM, and egress controls.

About FaireFaire is a dynamic online wholesale marketplace that champions local entrepreneurship. We believe in the power of small, independent retailers who collectively generate more revenue than giants like Walmart and Amazon. Our mission is to empower these businesses through cutting-edge technology, data insights, and machine learning, enabling them to find unique products from around the world to offer in their stores. We strive to level the competitive field, allowing small businesses to thrive against larger corporations.By nurturing the growth of independent retailers, Faire is making a significant economic impact in communities worldwide. We are looking for talented, innovative, and dedicated individuals who share our passion for supporting local businesses. If you resonate with the values of community and collaboration, we invite you to be a part of our mission.Role Description:As a pivotal member of our Engineering organization, you will be at the forefront of developing the software that powers our marketplace. The Product Security team plays a crucial role in enabling our product engineering teams to build and deploy secure software solutions. We prioritize strong engineering practices and are passionate about writing scalable, maintainable, and secure code that successfully caters to millions of users. Our approach focuses on building reusable frameworks, consulting with product teams, leveraging data insights, and continuously iterating on our processes.In your role as a Senior Staff Software Engineer specializing in Product Security, you will take the lead in defining the technical vision for security practices across Faire’s application stack. You will collaborate closely with Platform and Product Engineering teams to identify and mitigate security vulnerabilities, spearhead critical security initiatives, and mentor fellow engineers to elevate secure engineering standards throughout the organization.Your efforts will also include leading cross-functional programs that integrate security deeply into our architecture, pipelines, and overall developer experience, ensuring a balanced approach that minimizes risk while maintaining development velocity.As a Senior Staff Software Engineer, Product Security, you will collaborate with us to:Establish a long-term technical strategy for application security at Faire, creating scalable and developer-friendly frameworks that facilitate secure development across all product domains.

Join Pinterest as a Security Software Engineer II within our Corporate Security team. In this pivotal role, you will be responsible for developing and enhancing security solutions that protect our platform and its users. Your expertise will contribute to the implementation of innovative security measures while collaborating with cross-functional teams to ensure a secure environment.

Join the Revolution at HarveyAt Harvey, we're not just changing the game for legal and professional services; we're redefining it from the ground up. By harnessing cutting-edge agentic AI, a robust enterprise platform, and unparalleled domain expertise, we're transforming the way essential knowledge work is performed for generations to come.This is an extraordinary opportunity to contribute to the foundation of a groundbreaking company at a pivotal moment. With a client base exceeding 1,000 across over 58 countries, a strong product-market fit, and exceptional investor backing, we're rapidly scaling and creating a new genre in real-time. The challenges are ambitious, the expectations are high, and the potential for growth — personally, professionally, and financially — is unparalleled.Our team is composed of sharp, driven individuals who are passionately committed to our mission. We operate with agility, intensity, and take genuine ownership of the challenges we face — from initial concept to long-term impact. We maintain close relationships with our customers, spanning from leadership to engineering teams, working collaboratively to address real issues with urgency and care. If you excel in uncertain environments, strive for excellence, and wish to help craft the future of work alongside like-minded individuals, we welcome you to join us in building something remarkable.At Harvey, the future of professional services is being crafted today — and we’re only at the beginning.Role OverviewAs a Senior Staff Software Engineer on our Product Security team, you will play a vital role in integrating security into our AI platform from the outset. Given that we handle and process our clients’ most sensitive information, prioritizing security is essential throughout our product lifecycle. You will take the lead in safeguarding crucial aspects of our product while spearheading high-impact security initiatives that elevate our entire engineering organization — balancing hands-on technical contributions with cross-functional leadership and mentorship. You’ll be responsible for designing and implementing both technical safeguards and security features within the Harvey platform.Our security program thrives on our collective offensive security experience: penetrating systems at other organizations (in white-hat capacities), responding to real security incidents, and drawing lessons from data breaches elsewhere. We routinely conduct penetration tests and red team exercises with external security experts. Simultaneously, we are all software engineers who contribute code daily, approaching security with an engineering-first mindset.What You’ll DoEstablish and enhance the security posture across the engineering organization, setting scalable standards.Collaborate with Product Engineering, Infrastructure, and other teams to integrate security into every facet of our development process.

Join Our Team as a Senior Security EngineerAt LiteLLM, the leading AI Gateway trusted by industry giants such as Adobe, Netflix, and NASA, we empower developers with secure and reliable access to LLMs and associated services. We are seeking a talented Senior Security Engineer to establish robust security measures and observability tools as we scale our platform.Your Role:Become a cornerstone of our security team as our inaugural Security Engineer, tackling pivotal security challenges head-on.Key Responsibilities:Perform in-depth security assessments of the LiteLLM proxy codebase to uncover potential supply chain vulnerabilities.Develop and manage automated security scans for our Docker images, PyPI packages, and CI/CD workflows (including dependency scanning and secrets detection).Create and enforce secure-by-default configurations for both cloud and self-hosted environments (API authentication, IAM least privilege, key rotation).Implement and oversee intrusion detection systems and alerts tailored to model and API usage patterns.Lead incident response efforts and post-mortem analyses, including vulnerability assessments and stakeholder communication.Establish a formal CVE triage and disclosure protocol in collaboration with the engineering team.Conduct internal red teaming and adversarial testing to simulate real-world attacks and enhance our defenses.Collaborate with engineering teams to fortify release pipelines (signed builds, provenance checks, reproducible builds).Develop secure coding standards and conduct regular training sessions for developers focused on supply chain and dependency management.Maintain and update threat models as LiteLLM’s products and architecture evolve.

About SentryAt Sentry, we are dedicated to eradicating bad software. Our mission is to empower developers to create better software more efficiently, allowing everyone to enjoy technology once more.With over $217 million in funding and a community of more than 100,000 organizations, including industry leaders like Disney, Microsoft, and Atlassian, we are at the forefront of building performance and error monitoring tools that minimize bug fixing and maximize product development.We embrace a hybrid work model across our global teams, designating Mondays, Tuesdays, and Thursdays as in-office days to foster collaboration. If you are passionate about creating tools that enhance the digital experience, join us in developing the next generation of software monitoring solutions.About The RoleOur security team is committed to safeguarding every aspect of Sentry, from our customer data to our internal code. As a Senior Security Engineer, you will be integral to our mission of enhancing security across our application and Kubernetes platform. Collaborating with engineering teams, you will help strengthen Sentry’s cloud security posture through strategic architecture, threat modeling, and hands-on coding when necessary.Key ResponsibilitiesLead critical initiatives aimed at addressing significant security challenges, from conceptualization to execution.Collaborate on cross-departmental objectives to drive security goals forward.Conduct research and assess new technologies that can bolster our security framework with a focus on scalability.Identify vulnerabilities within our systems and data while developing and implementing robust protective measures.Support cross-functional teams in integrating security solutions that adhere to Secure-by-Design principles.Ideal Candidate AttributesDesire to be a foundational member of an agile, engineering-centric security team.Enjoy collaborating with enthusiastic security, application, platform, and infrastructure engineers eager to innovate.Passionate about advancing security practices to enhance software quality.

At Thinking Machines Lab, our mission is to enhance human capabilities through the development of collaborative general intelligence. We are dedicated to creating a future where everyone can utilize AI tailored to their specific needs and aspirations.Our team consists of accomplished scientists, engineers, and innovators responsible for some of the most popular AI applications, including ChatGPT and Character.ai, along with renowned open-weight models like Mistral and influential open-source projects such as PyTorch, OpenAI Gym, Fairseq, and Segment Anything.About the RoleWe are on the lookout for a passionate Software Engineer with a focus on security to ensure our products are secure by design while facilitating rapid and ambitious product development. You will collaborate closely with product and research teams to integrate security measures into the design and development processes, and create tools and automation to maintain system safety at scale.Note: This is an ongoing opportunity, and we encourage you to express your interest. While we receive numerous applications and there may not always be an immediate match for your skills, we encourage you to apply. We consistently review applications and will reach out as new roles become available. You may reapply if you gain additional experience, but please limit applications to once every six months. We also post specific roles for particular projects or teams, and you are welcome to apply for those as well.What You’ll DoCollaborate with product and research teams to integrate security into the development lifecycle: threat modeling, design reviews, and establishing secure defaults for new features.Design and implement security controls throughout our product stack (authentication, authorization, session management, input validation, etc.).Create and maintain security tooling and automation for engineers: secure frameworks and templates, CI/CD checks, dependency management, and vulnerability detection.Work alongside researchers to identify and address AI-specific product risks, such as model abuse, prompt injection, data leakage, or misuse of capabilities.Enhance observability and detection for security-related events: access anomalies, abuse patterns, and suspicious behavior in production.