Staff Product Designer, Security & Compliance

We are excited to announce multiple openings for Senior and Staff Security Operations Engineers (SOC) as we establish a dedicated team reporting directly to our Chief Information Security Officer (CISO). We seek candidates with a diverse range of expertise. At the senior level, we are looking for individuals with extensive experience defending critical assets and high-value cyber targets against sophisticated threats from advanced persistent threats and state-sponsored actors. For more junior roles, we welcome exceptional candidates with a demonstrated passion for cybersecurity, engagement in cyber defense, and notable academic and professional achievements, even if their experience is limited.Our mission is to enhance the security and reliability of the open-source supply chain. While we monitor our own infrastructure, our broader objective is to strengthen the overall security of the global Ubuntu ecosystem through the efforts of this team.The Security Operations (SecOps) team is pivotal in designing, implementing, and evolving Canonical's security practices, techniques, tools, systems, and policies. This team leads strategies that dictate how Canonical secures its data, internal infrastructure, and build processes, ensuring the integrity and security of our infrastructure and product deployments. They are responsible for developing and implementing technical security controls that automatically detect, contain, and remediate security threats. Additionally, the team will contribute to Canonical's product security, reinforcing the resilience of all Ubuntu customers and users against cyber threats.The SecOps team is committed not only to securing Canonical but also to enhancing the security of the broader open-source community. They will have opportunities to share knowledge through public presentations, participate in industry events, and engage in threat intelligence sharing within the community.

The Canonical Security Operations team is on the lookout for a dynamic Senior or Staff Engineer to join our ranks. As a pivotal member of our team, you will play a crucial role in designing, building, and operating a state-of-the-art Security Operations Center (SOC). Your leadership, mentorship, and technical expertise will guide our efforts to maintain the highest security standards.This multifaceted role encompasses:Core SOC responsibilities, including security monitoring, threat hunting, and incident response.Security engineering focused on evaluating and fortifying Canonical's platforms and products.Software engineering to create tailored tools and platforms.Site Reliability Engineering (SRE) to deploy, maintain, and automate security solutions.We seek candidates with robust engineering and security backgrounds, complemented by a track record of significant achievements. Whether you are a seasoned security operations professional with engineering expertise or a senior developer with a strong security focus, you will find this role rewarding.In addition to safeguarding Canonical’s digital assets, this position offers a unique opportunity to engage with the open-source community. Team members will have the chance to present at industry conferences, share threat intelligence, and contribute to open-source security software.We also have openings for junior positions for candidates with a strong academic or professional foundation.

At Assured, we are revolutionizing the insurance landscape by modernizing claims processing—a critical yet often neglected aspect of the industry. This process, traditionally reliant on manual efforts like phone calls and faxes, incurs significant costs annually. We're here to change that.We empower major insurance providers with cutting-edge software solutions essential for thriving in today’s technology-driven environment. From self-service claim-filing systems to advanced backend fraud detection, we serve as the backbone for claims processing for some of the world’s largest insurance companies.Our team faces a variety of complex challenges—from crafting digital experiences that offer comfort and clarity to claimants during their most vulnerable moments, to orchestrating large-scale machine learning-driven decision-making for billions in claims payments. Life at Assured is dynamic, collaborative, and incredibly fulfilling.We invite you to join us as a Senior Cloud Security Engineer, where you will play a crucial role in securing and enhancing the cloud infrastructure that underpins our operations. You will be responsible for designing robust architectures, driving automation initiatives, and advocating for security-by-design principles throughout our platform. Your contributions will directly protect our data, build customer trust, and bolster our compliance efforts as we expand.Key Responsibilities Architect, implement, and scale secure AWS environments with a focus on innovation and regulatory compliance. Develop and maintain Terraform modules and infrastructure-as-code pipelines to support secure, auditable deployments. Conduct regular security assessments, execute vulnerability tests, and lead incident response initiatives. Partner with engineering and DevOps teams to seamlessly integrate security controls into CI/CD processes and product development lifecycles. Establish IAM strategies, enforce network segmentation, apply encryption standards, and implement continuous monitoring practices. Identify anomalies, investigate alerts, and respond proactively to evolving threats within our cloud environments.‍ Mentor peers on secure design principles, share insights on emerging risks, and promote best practices in cloud security. Stay ahead of emerging threats and security tools while contributing to our long-term security strategy with creativity and vision.Qualifications Extensive experience in cloud security engineering, particularly within AWS environments. Proficiency in Terraform and infrastructure-as-code methodologies. Strong foundation in security best practices, risk assessment, and compliance frameworks. Proven track record of implementing security controls and leading incident response efforts. Excellent collaboration skills with the ability to engage cross-functionally. Continuous learner with a passion for staying updated on the latest in security technologies and threats.

As a Senior Cloud Security Engineer at Included Health, you will play an essential role in fortifying our cloud environments by engineering, implementing, and automating comprehensive security controls, primarily within AWS, with considerations for GCP. This hands-on position is vital for enhancing our cloud security framework, safeguarding our product infrastructure, and actively contributing to the prevention of unauthorized PHI exfiltration. You will be responsible for designing and developing sophisticated security solutions, utilizing programming languages such as Python and Go, as well as automation tools like Terraform, to tackle critical challenges related to access control, development environment security, and infrastructure hardening. The ideal candidate will possess profound technical expertise in cloud security, exceptional software development skills for crafting security tools and automation, and a proactive mindset toward risk mitigation. You will collaborate closely with our infrastructure software and engineering teams, fostering a culture of security-by-design while implementing solutions that minimize HIPAA incidents. This remote role reports directly to the Chief Information Security Officer.

Join Binance, the pioneering global blockchain ecosystem that powers the world’s largest cryptocurrency exchange by trading volume and user base. Trusted by over 300 million individuals across 100+ countries, we are renowned for our top-tier security measures, transparency in user funds, rapid trading engine capabilities, profound liquidity, and an unmatched array of digital asset products. From trading and finance to education, research, payments, institutional services, and Web3 innovations, our offerings are designed to leverage the power of digital assets and blockchain technology, fostering an inclusive financial ecosystem that enhances financial freedom and accessibility for people worldwide.We are seeking a dynamic SOC Security Development Engineer to become an integral part of our Security Operations team. This position emphasizes the development of security platforms, automation, and the seamless integration of internal tools, while also playing a key role in incident response and SOC on-call operations.The ideal candidate will possess robust programming skills, a comprehensive understanding of SOC workflows, and hands-on experience with integrating and enhancing security platforms such as SIEM, EDR, and cloud-based security solutions through APIs and bespoke development efforts.

About Us:At Alpaca, we are a US-based self-clearing broker-dealer and a leading brokerage infrastructure provider for stocks, ETFs, options, cryptocurrencies, fixed income, and more, facilitating 24/5 trading. Our recent Series D funding round has propelled our total investment to over $320 million, empowering us to realize our ambitious vision for the future.We serve hundreds of financial institutions across 40 countries through our institutional-grade APIs, including broker-dealers, investment advisors, wealth managers, hedge funds, and crypto exchanges, managing over 9 million brokerage accounts.Our international team comprises a diverse group of engineers, traders, and brokerage professionals committed to our mission of making financial services accessible to everyone globally. We value open-source contributions and strive to foster a vibrant community while continuously enhancing our award-winning, developer-friendly API and the robust infrastructure that supports it.Alpaca is backed by prominent global investors such as Portage Ventures, Spark Capital, Tribe Capital, Social Leverage, Horizons Ventures, Unbound, SBI Group, Derayah Financial, Elefund, and Y Combinator.Join Our Team:We are a dynamic team of over 230 globally distributed members who enjoy working from their favorite places worldwide, including the USA, Canada, Japan, Hungary, Nigeria, Brazil, the UK, and beyond! If you are passionate and eager to contribute to Alpaca's rapid growth while aligning with our core values—Stay Curious, Have Empathy, and Be Accountable—we encourage you to apply.Your Role:We are on the lookout for a dedicated Security Operations Engineer to enhance Alpaca's daily security operations. In this role, you will manage our third-party Security Operations Center (SOC) relationship, operate and fine-tune our on-premises Security Information and Event Management (SIEM) system, and act as a crucial bridge between the IT Helpdesk and Security team to ensure that security issues are promptly identified, triaged, and resolved consistently.You will have a hands-on approach and an operational mindset: improving detection quality, streamlining alert triage, coordinating incident response, and ensuring that our security operations scale effectively with the growth of the business. Your contributions will be pivotal in transforming security signals into actionable insights and preventing operational issues from escalating into security incidents.

In this pivotal global leadership position, you will spearhead the Security Operations (SecOps) team, overseeing the comprehensive design, implementation, and continual enhancement of Canonical's cyber security strategies, methodologies, tools, and policies. As the primary architect of our security practices, your team will play a crucial role in safeguarding Canonical's data, internal infrastructure, and build processes. You will ensure the security and integrity of our infrastructure and product deployments by establishing and implementing robust technical security controls that autonomously identify, contain, and remediate security threats. Additionally, your insights will enhance Canonical product security, fortifying the resilience of our Ubuntu customers and users against cyber attacks.As the leader within the cyber security domain, you will collaborate with our Organizational Learning and Development team to craft playbooks and facilitate SecOps training throughout Canonical. You will be part of a larger security organization, leading a high-performing security team, and enhancing Canonical's overall security posture. Your initiatives will integrate the team's insights into Canonical's broader software development lifecycle.While this is a management role, we seek leaders who are also expert practitioners, capable of leading by example, contributing at the highest levels, and assessing work based on their extensive professional experience and expertise. Ideal candidates will possess deep, hands-on knowledge of a diverse array of open-source and proprietary security tools and practices, blending them into a comprehensive next-generation security solution tailored to Canonical's wide-ranging interests.The mission of the SecOps team extends beyond just securing Canonical; it includes contributing to the security of the broader open-source ecosystem. You may share knowledge through public speaking engagements and industry events, disseminate threat intelligence, or represent Canonical in sector-specific governance bodies.This role reports directly to the Chief Information Security Officer (CISO).

As a Senior Security Engineer, you will play a pivotal role in fortifying our technical landscape by architecting, implementing, and automating comprehensive security measures throughout our application stack and cloud environments, with a primary focus on AWS and considerations for GCP.Your expertise will enhance our security framework by actively identifying and addressing vulnerabilities, developing sophisticated security solutions throughout the Software Development Life Cycle (SDLC), and creating scalable automation using languages and tools such as Python, Go, Terraform, and Tines. Your contributions will be essential in preventing unauthorized access and exfiltration of Protected Health Information (PHI), enabling our transition towards a proactive defense strategy.This fully remote position reports to the Senior Manager of Security Engineering and is crucial to advancing our organization's security maturity and overall resilience.

Join Binance, the world’s leading blockchain ecosystem, as a Security Engineer focused on fortifying our cloud infrastructure, CI/CD pipelines, and production systems. In this pivotal technical role, you will enhance our security posture, prioritize preventative measures, and implement secure-by-default platforms. Collaborating closely with our Platform, DevOps, and Engineering teams, you will design and operate security tools across cloud environments, Kubernetes, and CI/CD pipelines, with a strong emphasis on developing production-grade security software using Python.

Join Binance, the leading global blockchain ecosystem and the world’s largest cryptocurrency exchange by trading volume. With a user base exceeding 300 million across 100+ countries, we are dedicated to providing industry-leading security, transparency in user funds, rapid trading engine performance, and a comprehensive suite of digital asset products. Our diverse offerings encompass trading, finance, education, research, payments, institutional services, Web3 features, and beyond. We harness the potential of blockchain technology and digital assets to create an inclusive financial system that enhances monetary freedom and broadens financial access for individuals worldwide.This is an exceptional opportunity to make a significant impact in the blockchain community. As a Smart Contract Security Engineer, you will collaborate closely with a talented team at Binance, working at the forefront of cryptocurrency innovation. Your role will involve safeguarding the security of various projects and systems while engaging with cross-functional teams to deepen your understanding of the crypto landscape.

Join Offchain Labs as a Blockchain Security Engineer and play a pivotal role in revolutionizing decentralized applications. We are at the forefront of blockchain scalability and security, addressing real-world challenges while upholding the principles of decentralization, security, and transparency. As part of our innovative team, you will engage with ambitious thinkers and problem-solvers dedicated to creating a more equitable digital future. If you thrive in dynamic environments and are passionate about the potential of decentralized systems, we want to hear from you!

Join Canonical as an Ubuntu Security Engineer and be part of a dynamic team dedicated to securing open source software. This role involves monitoring and addressing vulnerabilities in the Ubuntu ecosystem, collaborating with internal teams and external partners to enhance security features, and contributing to the overall safety of the community. You will engage with talented professionals in technology, participate in industry events, and make a meaningful impact on global security initiatives. International travel is required twice a year for strategic alignment.

About UsAt Turnkey, we develop secure, developer-centric infrastructure for private key management, simplifying the process of creating wallets, signing transactions, and automating on-chain actions through a single, elegant API—without ever compromising sensitive key material.Our mission is to fortify the open internet by making strong cryptography and key management the standard. Founded by the team behind Coinbase Custody, the world’s largest and most secure cryptocurrency custodian, our work has safeguarded over $100 billion in crypto assets across the industry.Our team embodies a culture of low ego, high agency, and autonomy, bringing over 100 years of combined expertise in cryptography, security, and low-level systems, building robust infrastructure designed for scalability.Role OverviewWe are on the lookout for a Senior Corporate Security Engineer to spearhead and enhance the security of Turnkey's corporate infrastructure. This is a pivotal role as you will be our first dedicated corporate security hire, collaborating directly with the security lead to establish enterprise security capabilities from the ground up.In this capacity, you will safeguard Turnkey’s personnel, endpoints, SaaS applications, identity systems, and internal infrastructure, ensuring the security of our distributed workforce while enabling rapid progress without compromising safety. Operating at the intersection of security engineering, IT operations, and risk management, you will design and implement security controls that are robust yet user-friendly, ensuring our company remains secure as we grow.What You’ll DoBuild & Secure Corporate InfrastructureArchitect, implement, and oversee security measures for endpoints and distributed systems; deploy and manage our security stack (MDM, EDR/XDR, ZTNA, SSO); enforce zero-trust principles, least-privilege access, and hardening standards.Drive Security Initiatives & Risk ReductionLead initiatives focused on endpoint hardening, access controls, and vendor risk; conduct security design reviews, risk assessments, and vulnerability remediation; develop and enforce security policies and best practices.Detection, Response & AutomationRespond to security incidents with urgency and technical expertise; collaborate on detection rules, alerts, and monitoring; automate workflows and create runbooks and playbooks to efficiently scale security operations.

At Assured, we are dedicated to transforming the insurance landscape. Claims processing, often sidelined, is the very core of the industry. Currently, this process is labor-intensive, relying on phone calls, faxes, and instinctual judgments, which costs the industry billions annually. We believe there’s a better way.We empower major insurers with innovative software solutions designed for success in a modern, tech-centric world. From streamlined self-service claim-filing tools to backend fraud detection systems, we are the driving force behind claims processing for some of the world’s largest insurance companies.The challenges we encounter are vast and varied, from crafting digital experiences that bring comfort and clarity to claimants during their most daunting moments to orchestrating large-scale, machine learning-driven decision-making on billions in claims payments. Life at Assured is dynamic, collaborative, and fulfilling.Join us as a Senior Staff Release Engineer and play a pivotal role in revolutionizing our software delivery process. You will be at the heart of our deployment strategy—automating, refining, and ensuring that every release transitions seamlessly from development to production. This position merges hands-on technical expertise with strategic influence, empowering you to enhance release practices across various teams.Your Responsibilities Design and enhance fully automated CI/CD pipelines for reliable, zero-downtime releases. Work collaboratively with developers, QA, product, and SRE teams to ensure deployment readiness. Diagnose and resolve intricate release and environment issues, implementing root-cause solutions. Manage the Release Candidate (RC) lifecycle, ensuring builds meet quality, stability, and compliance standards. Establish and refine deployment, rollback, and verification protocols to safeguard production environments. Provide mentorship and guidance to engineers on best practices for release management and automation strategies. Oversee and maintain consistent environment configurations across development, staging, and production. Lead emergency and out-of-cycle deployments with precision and confidence. Conduct Go/No-Go reviews, balancing technical readiness with business priorities.Qualifications 5+ years of experience in release engineering, DevOps, or application deployment. Demonstrated proficiency with GitLab CI/CD, Git, and automated testing integrations. Strong understanding of cloud infrastructure and orchestration tools. Experience with containerization technologies such as Docker and Kubernetes. Excellent problem-solving skills with a focus on innovation and efficiency.

At Assured, we're revolutionizing the insurance landscape by modernizing claims processing—a crucial yet often neglected aspect of the industry. Currently, the process relies heavily on manual efforts, such as phone calls and faxes, resulting in inefficiencies that cost billions annually. We're here to change that.Our mission is to empower large insurance providers through innovative software solutions tailored for today’s technology-driven world. From intuitive self-service claim-filing systems to advanced backend fraud detection mechanisms, we serve as the backbone for claims processing for some of the largest insurers globally.Facing a myriad of challenges, we strive to create digital experiences that offer reassurance and clarity to claimants during their most stressful moments, while also managing large-scale machine learning-driven decision-making processes involving billions in claims payments. Life at Assured is dynamic, collaborative, and fulfilling.We are seeking a Senior AI Engineer to spearhead the development of next-generation AI-powered systems central to our platform. In this hands-on leadership role, you will architect scalable solutions, mentor fellow engineers, and push the boundaries of what’s possible with large language models (LLMs) and contemporary development tools.If you are passionate about AI, enjoy solving complex challenges, and are eager to see the tangible impact of your work, we want to connect with you.

At Garner, we are on a mission to revolutionize the healthcare landscape, ensuring high-quality and affordable care for everyone.We are fundamentally rethinking how healthcare operates in the U.S. by collaborating with employers to reshape healthcare benefits through clear incentives and powerful, data-driven insights. Our innovative approach leads employees to superior, cost-effective care, creating a system that benefits all parties involved. Patients experience improved health outcomes, employers utilize healthcare funds more efficiently, and physicians are rewarded for providing outstanding care instead of simply increasing procedure counts.Garner is among the fastest-growing healthcare technology firms in the nation. Our products are trusted by some of the most sophisticated employers and providers in the industry, and we are assembling a team of talented, mission-driven individuals who are eager to make a significant impact on healthcare at scale.About the Role:We are in search of an outstanding Senior Security Engineer to join our Security Engineering team. In this pivotal role, you will be instrumental in safeguarding our most valuable asset: patient data. The Security Engineering team at Garner is tasked with securing cloud infrastructure, implementing secure code guardrails, and fostering trust with our clients. This position involves a variety of projects that span multiple security domains.Where You Will Work:This position is open to remote candidates across the U.S. For those located in New York City, a hybrid schedule will apply, requiring in-office attendance on Tuesday, Wednesday, and Thursday each week.What You Will Do:Lead technical initiatives to secure networks, systems, applications, and databases.Participate in our Security Engineering on-call rotation to address security incidents.Integrate security into the build pipeline through automated SAST/DAST testing and policy enforcement.Manage vulnerability assessments and coordinate remediation efforts.Educate engineers and promote a culture of security within the engineering organization.

Join Canonical as a Staff Engineer in Development Lifecycle and lead the initiative to adapt Ubuntu for applications in automotive, aerospace, industrial robotics, and other highly regulated sectors. Your role will be pivotal in transforming complex regulatory demands into actionable engineering excellence, ensuring Ubuntu stands as the premier choice for mission-critical systems. Collaborate across teams to cultivate a culture of quality and continuous improvement, and establish strong partnerships within the industry to advance open-source software's reputation in highly regulated environments.

Join Canonical as a Linux Cryptography and Security Engineer, where you will leverage your software engineering and cryptography expertise to fortify the security framework that empowers Ubuntu and its users to operate securely, ensuring compliance with global information security standards such as FIPS 140-3 and Common Criteria. In this dynamic role, you will apply your knowledge of cryptography, Linux security, and programming to enhance the Ubuntu distribution while collaborating with esteemed organizations like DISA and CIS to establish and implement robust security hardening benchmarks.As a vital member of the Security Hardening team, you will develop automation tools to audit deployed systems for DISA-STIG and CIS benchmark compliance. Your insights will help identify gaps in our frameworks, allowing you to create innovative solutions to address these challenges. This position offers the chance to influence our security culture, facilitate technical delivery, and guide team direction and execution. You will work closely with Canonical’s kernel team and the broader engineering organization to drive impactful features for all Ubuntu users.

Join Our TeamAt Turnkey, we are revolutionizing the way developers manage private key infrastructure, crafting secure, developer-first solutions that empower wallet creation, transaction signing, and automated on-chain actions—all through a streamlined API that safeguards sensitive key information.Our ambition is to fortify the open internet by establishing robust cryptography and key management as standard practice. Founded by the team behind Coinbase Custody, the foremost crypto custodian globally, we’ve dedicated ourselves to protecting over $100 billion in digital assets across the industry.Our culture thrives on low egos, high agency, and exceptional autonomy, bringing together more than a century of collective expertise in cryptography, security, and low-level systems. We build reliable infrastructure that scales effectively.Your RoleWe are looking for a Senior Application Security Engineer to join our innovative team. You will play a crucial role in ensuring our systems, pipelines, and runtime environments are designed with security at their core and resilient for high-scale deployment.You will work closely with both product and infrastructure engineering teams, influencing how security is woven into every aspect of our architecture. This hands-on role is perfect for a builder who enjoys creating secure systems from the ground up.Your ResponsibilitiesIn collaboration with the Product and Engineering teams, you'll engage at both the design and development stages to implement new features securely. Your tasks will include:Engaging in the implementation processesConducting security reviewsContributing to product design decisionsAuditing our existing products to identify vulnerabilitiesPerforming threat modeling and security assessments for new features, identifying risks early and guiding secure architectural choices.Enhancing our automated tooling to scale security capabilities and detect code issues pre- and post-deploymentEstablishing application guardrails to enable developers to build securely by defaultInvestigating and resolving security incidents and vulnerabilities while implementing long-term improvements to prevent future occurrencesCultivating a culture of secure development across engineering teams, establishing practices that shape how Turnkey builds and deploys software.