Senior Security Engineer II – Threat Detection & Response

About the Role Sigma Computing is hiring a Senior Security Engineer II focused on Threat Detection and Response for our Security Engineering team in New York City. This position acts as the technical subject matter expert for threat intelligence, detection, and response. The role partners closely with Security, Platform, Product, and Engineering teams to reduce risk and strengthen our defenses at scale. Responsibilities include translating Cyber Threat Intelligence (CTI) into practical security strategies and reinforcing our architecture to guard against modern attack techniques before they can impact our systems. Beyond platform management, this engineer will write production-grade code, design scalable detection systems, automate security responses, and build proactive controls. A strong understanding of cloud, identity, application, and data attack vectors is essential. What You’ll Do Adversary Response Planning: Develop and maintain a comprehensive adversary response strategy that connects organizational risks to specific threat actor tactics, techniques, and procedures (TTPs). Cross-Functional Leadership: Act as a subject matter expert for Infrastructure, Engineering, and Security teams. Guide the adoption of proactive security measures and help integrate security best practices throughout the development lifecycle and company infrastructure. Proactive Threat Modeling: Lead collaborative threat modeling for new products and infrastructure. Support cloud platform, Engineering, and IT teams in identifying and mitigating architectural vulnerabilities before deployment. Continuous Detection Engineering: Build, refine, and continually improve a library of high-fidelity detections. Ensure alerting mechanisms adapt to new exploitation methods and evolving industry standards. Industry Alignment: Stay current with the latest security developments (such as CISA advisories and new MITRE techniques) to keep Sigma’s controls aligned with industry standards. Resilience Testing & Training: Design and run incident response simulations and tabletop exercises. Educate non-security teams on their crisis roles and identify any weaknesses in our layered defense approach. Advanced Incident Management: Lead advanced incident response efforts to ensure security incidents are managed quickly and effectively.

Role Overview FanDuel Inc. is hiring a Director of Threat Detection and Response in New York City. This leader will guide a skilled team focused on protecting FanDuel’s digital assets from evolving security threats. What You Will Do Design, implement, and refine threat detection strategies to stay ahead of emerging risks. Lead and develop the threat detection and response team. Promote security awareness and resilience throughout the organization. Work closely with cross-functional teams to strengthen defenses against cyber threats.

As an Incident Manager in the Detection & Response team, you will play a pivotal role in safeguarding our systems and data. You will be responsible for leading incident response efforts, coordinating with various teams to ensure rapid resolution of incidents, and enhancing our incident management processes. This position requires a keen understanding of security vulnerabilities and incident management best practices.

Role overview Peloton Interactive, Inc. is hiring a Security Engineer with a focus on Incident Response. This hybrid position is based in New York City, NY, and plays a key role in supporting Peloton’s Security Program. The schedule includes part-time telecommuting. Key responsibilities Research and analyze intelligence data from a variety of sources to support threat-hunting activities. Monitor vulnerabilities, track threat actors, and stay informed about indicators of compromise (IOCs). Identify actionable intelligence and highlight emerging threats relevant to Peloton’s environment. Provide insights into anomalies and possible malicious activities across the enterprise. Collaborate with Security Engineering and Security Operations Center teams to establish baselines for user behaviors and events. Develop new detection methods and response workflows to strengthen incident response capabilities. Triage security incidents and assist with investigations alongside internal teams. Recommend and implement countermeasures based on analysis findings. Create and maintain playbooks for security incidents. Prepare analytical reports for management and senior leadership. Work location This position is based at Peloton Interactive’s New York, NY offices. Part-time remote work is available as part of a hybrid schedule.

About the Role Sigma Computing is seeking a Senior Security Engineer II focused on Cloud & Data Security to help safeguard our large-scale, cloud-native SaaS platform. This position centers on engineering: building security solutions, not just operating existing tools. The role calls for a subject matter expert in cloud security architecture. Collaboration with Engineering, Security, and Product teams is key, as is designing scalable controls that support business growth. Responsibilities include creating secure architectures, integrating controls into infrastructure-as-code, and setting up automated guardrails so teams can move quickly without waiting for manual security sign-offs. This is a hands-on position for someone who thrives in complex cloud environments, values automation, and knows how to scale security for a growing SaaS company. What You Will Do Architectural Leadership: Work closely with infrastructure and engineering teams to embed security into development workflows. Lead technical discussions that shape security strategy and initiatives. Multi-Cloud Engineering: Design, implement, and refine Sigma’s cloud security across AWS, GCP, and Azure, using deep architectural expertise. Threat Modeling & Incident Response: Conduct threat modeling for cloud environments and handle incident response, including investigation and remediation of malicious activity. Identity & Access Management: Develop strategies for IAM and privileged access (RBAC/ABAC, federation, least privilege, cross-account access). Remove standing privileges and long-lived credentials, and promote zero-trust and privileged access controls across IaaS and SaaS. Cloud Data Security Controls: Implement data classification, encryption/KMS, masking/tokenization, access governance, retention and deletion policies, and reduce exfiltration risks across APIs and data pipelines. Automated Remediation Workflows: Build automated responses for recurring cloud misconfigurations, drift, and policy violations to improve operational efficiency and response times. Security Stack Management: Deploy and manage cloud-native services, including CSPM, CNAPP, DSPM, SIEM, DLP, WAF, Kubernetes, and container security tools. Network Defense: Evaluate and implement zero-trust network security measures. Location: New York City, NY

At Artemis, we are revolutionizing the realm of AI-driven cybersecurity, empowering organizations to proactively detect and defend against threats in a rapidly evolving digital landscape where AI technologies are engaged in cyber warfare.Supported by esteemed investors such as First Round Capital and Brightmind, alongside a cadre of renowned cybersecurity professionals, we are committed to delivering cutting-edge solutions.Our leadership team, including Shachar (former Palo Alto Networks, AWS, Demisto) and Dan (former Abnormal Security, Twitter), has successfully launched and scaled trusted cybersecurity products for thousands of clients, bringing unparalleled expertise in customer relations, technology, and security.Our diverse and talented team consists of software engineers, AI researchers, security engineers, and product designers from leading companies including Google, Abnormal AI, Wiz, Meta, AWS, and CERN.As we expand our team, we seek enthusiastic builders eager to contribute to our growing customer community.Position SummaryAs a Security Research Engineer at Artemis, you will spearhead detection research, threat hunting, and the automation of security processes powered by AI. This role presents a unique opportunity to engage with both security expertise and advanced AI technology, where you will research data sources, develop detection mechanisms, investigate real incidents, and collaborate directly with clients to enhance security outcomes. Your contributions will significantly influence the threats we identify and the methods we employ to tackle them.Key ResponsibilitiesAI-Driven Detection Development - Create automation tools that utilize AI to expedite the development, fine-tuning, and validation of detection strategies on a large scale.Security Research - Conduct thorough analyses of cloud, identity, and SaaS data sources, including AWS CloudTrail, Okta, and more.

OverviewAt AegisAI, we're a pioneering team of former Google engineers who have developed some of the world's most robust defensive technologies, including Safe Browsing and reCAPTCHA. Our mission is to combat the escalating threats posed by adversarial AI attacks targeting organizations today.We are entering a market exceeding $5 billion, ripe for innovation. Traditional detection methods are struggling to keep pace with adversaries leveraging AI for sophisticated, high-evasion attacks, rendering outdated rules-based systems ineffective.The RoleWe are on the lookout for a Senior Threat Intelligence Researcher to join our expanding team. This position entails a blend of hands-on investigation into phishing, Business Email Compromise (BEC), and malware campaigns, along with research and thought leadership that enhances the broader cybersecurity community.In this role, you will spearhead investigations into real-world email threats, directly contribute to detection enhancements, and publish insightful analyses (blogs, whitepapers, presentations) to position AegisAI as a thought leader in the cybersecurity space.This is a high-impact role that interfaces with both customers and the industry, where your research will inform our product roadmap and thought leadership strategy.Your Responsibilities Include:Investigating Campaigns: Delve into phishing, BEC, and malware campaigns to uncover attacker infrastructure, tactics, techniques, and procedures (TTPs), and trends.Detection Improvement: Partner with engineering and data science teams to integrate intelligence into our AI detection models and automation processes.Malware & Artifact Analysis: Conduct static and dynamic analysis of malicious files, links, and payloads utilizing sandbox and forensic tools.Public Reporting: Create detailed reports and analyses for public dissemination, contributing to industry standards in email security.

At January, we are on a mission to revolutionize consumer finance from the ground up. By personalizing interactions and optimizing decision-making throughout all stages of consumer credit, we empower both consumers and creditors, ensuring that credit is fair, accessible, and tailored to individual needs.As a Lead Security Engineer, you will redefine security standards in an industry where trust has been significantly compromised. This is a unique opportunity to join us at a pivotal moment: we have established the hard-earned trust of leading financial institutions, and now you will create the security framework that extends this trust to millions of consumers.You will design and implement a dual trust architecture, safeguarding both consumer-facing experiences and robust enterprise systems. You will tackle technical challenges that are unparalleled in the industry, such as privacy-preserving data systems, compliance automation across multiple jurisdictions, and AI-driven decision-making processes. Your influence will shape our security strategy and culture from the ground up, demonstrating that security is not merely an overhead cost, but a competitive advantage that drives enterprise partnerships and market growth.Your ImpactTransform security into a competitive edge: Position January's security as a key differentiator that attracts banks and enterprises, unlocking Tier 1 partnerships and deals that competitors cannot secure.Promote security-by-design in product and application development: Collaborate with product and engineering teams to identify critical risks early in the process, focusing on application security across frontend, Flask services, and databases. Integrate security into the discovery and design phases, ensuring secure development patterns are embedded in workflows.Design systems for bank-grade data protection: Create and enforce data classification, encryption, and access control mechanisms that comply with regulatory standards, ensuring sensitive data remains within authorized boundaries.Foster a security-first engineering culture: Advocate for security-centric thinking within engineering teams without hindering progress. Lead incident responses decisively, ensuring that January emerges stronger from security events through thorough post-incident analyses.Streamline compliance with minimal overhead: Maintain SOC 2, PCI-DSS, and financial compliance using automated systems and build infrastructure that generates audit evidence seamlessly, eliminating compliance bottlenecks.

About the RoleJoin our dynamic team at FanDuel as we seek a skilled Senior Enterprise Security Engineer. This pivotal role requires a professional who is dedicated to crafting and implementing enterprise security control strategies, while also shaping our security posture. You will play a key role in balancing risk reduction with user experience and operational enablement at scale.Reporting directly to the Senior Manager of Enterprise Security Engineering, you will tackle diverse security challenges and lead initiatives that foster a secure environment for our operations.Your ResponsibilitiesImplement cutting-edge models such as “secure by default” and “zero trust” to maintain a robust security posture.Act as a security subject matter expert, collaborating with internal teams to meet business objectives and overcome security challenges.Develop and manage team roadmaps while staying informed of the latest threats and identifying security risks independently.Utilize automation and development approaches to enhance enterprise-wide security controls.Employ AI technologies to amplify the effectiveness of Security Engineering and FanDuel's operations.Support the security organization as needed, fostering a collaborative team environment.What We’re Looking ForProven expertise in security engineering across multiple domains, including Zero Trust, Endpoint Security, Data Protection, and more.Intermediate proficiency in scripting languages such as Python, Go, or Ruby; experience with Python and PowerShell is a plus.Familiarity with identity access management frameworks and protocols like SAML, SCIM, OAuth, and WebAuthN.Ability to model threats to corporate infrastructure and implement preventative architectures and controls.Strong communication skills to work effectively with a diverse range of partners, from engineering to legal teams.Adeptness in navigating rapidly evolving environments with a focus on solving ambiguous challenges.

About Method SecurityMethod Security is at the forefront of revolutionizing cybersecurity, especially in an age where AI-driven threats are escalating. Our mission is to protect essential institutions—ranging from government entities to defense organizations and critical commercial sectors—against these advanced threats by crafting state-of-the-art, autonomous defense solutions. We unite our expertise in AI, cybersecurity, and software development to create innovative products that shift the balance of power in security from offense to defense.Our Team and ValuesJoining Method means becoming part of a distinguished, purpose-driven team that champions innovation, transparency, and excellence. We operate with intent, valuing diverse viewpoints and experiences while holding ourselves to high standards of quality. Our team thrives on trust, efficiency, and mutual respect. We are dedicated to fostering an environment where each member can make significant contributions. At Method, you will have the freedom to propel projects forward, the support to overcome challenges, and the chance to shape the future of cybersecurity.Role OverviewAs a Backend Engineer at Method Security, you will be integral in building and scaling the foundational systems that drive our autonomous cybersecurity products. This position entails designing and optimizing distributed systems to adhere to stringent performance and latency benchmarks, along with implementing secure APIs and robust database structures. Collaborating with a high-performing team, you will tackle intricate technical challenges to guarantee our backend infrastructure remains secure, efficient, and dependable.

About the Team The Server Security team at MongoDB, Inc. is part of the core engineering group, focused on advancing database user security at a global level. Based in New York City, this team designs and builds security features that support MongoDB’s distributed database platform. What You Will Work On Cryptography: Implement Queryable Encryption, at-rest data encryption, and core cryptographic features. For more details on Queryable Encryption, see the MongoDB documentation. Identity & Access: Design authentication and authorization systems, manage TLS, and work with X.509 certificates. Network Security: Develop networking protocols that are both high-performance and low-latency, including PKI, Hashing, and Certificate Revocation Lists (CRLs). System Integrity: Build features that support resilience, observability, and compliance for large-scale distributed systems. Team Culture MongoDB values inclusivity, diversity, and collaboration. The Server Security team applies distributed systems principles to deliver essential features for application developers, system architects, and database operators.

Join Veeam Software as a Senior Sales Engineer specializing in Data & AI Security. In this pivotal role, you will leverage your extensive technical expertise to support our sales team, ensuring the successful delivery of data protection solutions to our clients. Your ability to communicate complex technical concepts in an accessible manner will be crucial as you engage with customers and stakeholders.

About EliseAIAt EliseAI, we are dedicated to revolutionizing vital industries such as housing and healthcare. Everyone deserves a comfortable home and access to quality healthcare, yet these essentials are often challenging to obtain. By seamlessly integrating AI agents into existing workflows, we enhance efficiency, reduce costs, and elevate the overall experience for our users.Housing: We streamline the rental experience by simplifying apartment tours, lease signings, maintenance requests, and communication with property management—bringing everything tenants need into one convenient platform.Healthcare: We facilitate appointment scheduling, streamline intake forms, and enhance communication between patients and providers, allowing everyone to prioritize health over paperwork.With EliseAI, organizations minimize manual tasks, enhance accessibility, and deliver a cohesive experience across crucial services. Recently, we secured a $250 million Series E round led by Andreessen Horowitz to further accelerate our mission.About The RoleEliseAI is seeking a Senior Security Engineer to join our dynamic team and safeguard our cutting-edge AI solutions. In this role, you will be tasked with designing, implementing, and maintaining robust security measures to protect our systems, data, and users. Collaborating closely with our engineering, IT, and infrastructure teams, you will identify and resolve security vulnerabilities, automate security processes, and ensure compliance with industry standards.Key ResponsibilitiesAutomate security processes, including asset management, vulnerability management, and patch management using cloud-based tools and scripting.Drive the integration of developer tooling—such as linters, static analysis tools, posture assessment scanners, and query inspectors—to expedite secure system development.Develop and incorporate security-first application foundations across our products.Contribute significantly to AWS security, ensuring comprehensive protection across our cloud infrastructure.Provide security guidance throughout the development lifecycle, including secure coding practices and vulnerability assessments.

Oscar Health builds technology-driven health insurance with a focus on personal, supportive experiences. Since 2012, the company has aimed to make insurance feel as approachable as working with a trusted family doctor. Role overview The Senior Security Engineer I, GRC joins Oscar’s Security Team to design and operate systems that deliver ongoing security assurance, actionable risk insights, and scalable compliance. This position focuses on engineering infrastructure and automation that enable the organization to demonstrate security and compliance in practice, not just through documentation or audit preparation. What you will do Design and maintain systems that automate security assurance and compliance processes Integrate governance and control validation into system architecture Connect operational telemetry, engineering workflows, and risk signals to create a feedback loop for security intelligence Identify patterns and relationships that traditional GRC programs may overlook Collaborate closely with the Senior Manager of GRC Requirements Background in security engineering, platform engineering, risk management, and regulatory assurance Ability to combine technical and compliance expertise to create scalable solutions Experience with automation, telemetry, and self-evidencing controls Work location This role is based in Oscar’s New York City office. The hybrid schedule requires three days per week in the office. Thursdays are mandatory in-office days for team meetings and events; the other two days are flexible. Compensation and benefits Base salary: $163,944 to $215,176 per year Eligibility for equity grants and annual performance bonuses Access to Oscar’s unlimited vacation program Comprehensive employee benefits

About UsAt Candid Health, we are on a mission to revolutionize the broken medical billing system that burdens the US healthcare landscape. With healthcare providers spending over $250 billion annually on administrative costs to receive payments from insurance companies, we are developing innovative software solutions supported by cutting-edge data science and machine learning to simplify and automate these complex processes.Having participated in the Y Combinator W20 batch, we are backed by esteemed investors such as 8VC, First Round Capital, and BoxGroup. Our efforts are currently aiding clients in diverse areas, including opioid addiction treatment, women's health, weight management, and mental health care access. Join us in making a meaningful impact in healthcare!To learn more about our journey, check out this blog post by our founders.Your RoleWe are seeking a dedicated Senior Security Engineer to fortify the security of our systems and networks. As a key player in our team, you will ensure our platforms are resilient against various threats while adhering to compliance mandates. We appreciate a proactive approach and are looking for someone well-versed in security frameworks and actively involved in both strategic and operational security initiatives.Key ResponsibilitiesEstablish Security Protocols: Integrate security measures into our systems to maintain a secure-by-default environment.Engage with Engineering Teams: Take part in design reviews and threat modeling sessions to detect potential security vulnerabilities early in the development phase, ensuring that security remains a priority throughout all projects.Manage Compliance Obligations: Understand and oversee the processes related to HIPAA, SOC2, SOC1, PCI, and HITRUST to maintain compliance and provide guidance to teams.

About Pangram LabsAt Pangram Labs, we are dedicated to ensuring authenticity through the development of cutting-edge AI detection systems. Our team is at the forefront of research, creating algorithms and products that integrate our advanced technology into everyday life.We seek individuals who are proactive, mission-focused, and passionate about innovation to join our in-person team based in Brooklyn, New York.About the RoleWe are on the lookout for a Senior Software Engineer with a backend emphasis to design, implement, and scale our production systems, which support our core technology for a rapidly expanding user base.In this senior-level position, you will be responsible for the backend infrastructure that drives Pangram's AI detection platform. You will have the autonomy to make architectural decisions, tackle complex scaling challenges, and ensure that our systems remain reliable and efficient as user demand increases. Collaborating closely with our frontend and machine learning teams, you will work primarily with our Django backend and AWS infrastructure.What You'll DoDesign and develop scalable backend services and APIs to deliver AI detection features effectively.Ensure the reliability, performance, and observability of our production systems.Architect and manage data pipelines, caching layers, and service infrastructure using AWS.Collaborate with machine learning engineers to deploy and manage machine learning models in production.Identify and resolve performance bottlenecks as user traffic and system complexity increase.Establish and enhance engineering best practices related to testing, deployment, and incident management.

Join MongoDB as a Senior Software Engineer within the Atlas Clusters Organization, a team that's pivotal in developing MongoDB Atlas, our premier database-as-a-service offering and the fastest-growing product in our portfolio. Atlas empowers users to effortlessly deploy secure, fault-tolerant, and globally distributed MongoDB clusters within minutes. You will be instrumental in crafting software that interfaces with major cloud providers (AWS, Azure, and GCP) to ensure security, durability, availability, and performance across all MongoDB deployments. The Atlas Clusters Security team is dedicated to delivering a top-tier cloud database security experience to our diverse clientele. Our team works on developing and maintaining essential systems for cluster networking, data encryption, database authentication, and more, enabling critical applications around the globe. This position is available in New York City with the flexibility of a hybrid work model or can be remote for candidates on the East Coast.

Join Our Innovative Security TeamAt OpenAI, security is paramount to our mission of ensuring that artificial general intelligence serves the best interests of humanity. Our dedicated Security team safeguards OpenAI’s technology, personnel, and products. We are technical in our solutions and operational in our approach, committed to supporting all aspects of our products and research. Our guiding principles include prioritizing impactful initiatives, empowering our researchers, preparing for future technological advancements, and fostering a robust security culture.Your Role as an Application Security EngineerIn the role of Application Security Engineer, you will play a vital part in identifying and mitigating security vulnerabilities within our software applications. This involves creating security tools, conducting code reviews, performing penetration testing, and executing comprehensive security assessments.We seek individuals who will collaborate closely with development teams to embed secure coding practices throughout the software development lifecycle, preemptively addressing security risks. You will also offer security guidance to developers and stakeholders, promoting a culture of security awareness across the organization.This position is based in New York City, but we also consider candidates for remote work. Our hybrid work model requires three days in the office each week, and we offer relocation assistance for new employees.Key ResponsibilitiesConduct Security Assessments: Regularly perform security assessments, code reviews, and penetration tests to identify vulnerabilities in applications and software.Create and Implement Security Tools: Design and develop security tools, frameworks, and methodologies to defend applications against potential threats.Collaborate with Development Teams: Work hand-in-hand with development teams to ensure security best practices are integrated throughout the software development lifecycle, including secure coding standards.Threat Modeling and Risk Assessment: Carry out threat modeling and risk assessments to proactively identify potential risks and devise effective mitigation strategies.Manage Vulnerabilities: Track, analyze, and manage vulnerabilities within applications, providing guidance and support for remediation efforts.Incident Response Support: Assist in incident response efforts and contribute to the development of incident response protocols.

Join Crosby as a Security Engineer, where you'll play a pivotal role in safeguarding our information systems and data integrity. As a vital member of our security team, you will implement robust security measures, conduct risk assessments, and collaborate with cross-functional teams to protect our infrastructure from potential threats.

At GPTZero, we are dedicated to enhancing trust and transparency across the internet. As the foremost AI detection platform, we provide essential tools for educators, students, journalists, marketers, and writers to effectively navigate the complexities of AI-generated content. With millions of users and institutions depending on our solutions, we are creating a pioneering company that sits at the convergence of AI and information integrity.Our engineering team boasts expertise from elite organizations, including Meta, Perplexity, AWS, Affirm, and top-tier AI research institutions like Princeton, Caltech, and Vector Institute.What We're SeekingWe are looking for a Senior Software Engineer with a robust background in experimentation to develop and deliver responsible AI-powered products to millions of users. You will play a critical role in expanding our AI detection and verification platform, while also innovating new products. The ideal candidate will exhibit agility in shipping new features and user interfaces, spearheading experiments and growth loops, and collaborating closely with our exceptional design team.