Senior Offensive Security Engineer

Join Datadog as a Senior Offensive Security Engineer, where you will play a crucial role in enhancing our security posture and protecting our clients. You will work on advanced security projects, conduct vulnerability assessments, and strengthen our defenses against cyber threats.

Horizon3.ai builds cybersecurity solutions that help organizations identify and address attack vectors before real threats emerge. The company’s main product, NodeZero™, provides autonomous penetration testing designed for use in live production environments. NodeZero is capable of running large-scale security assessments across a range of network types, including internal, external, cloud, and hybrid cloud infrastructures. Clients include small schools, government agencies, and Fortune 100 companies. The platform is used by IT and Security Operations teams, penetration testers, Managed Security Service Providers (MSSPs), and Managed Service Providers (MSPs). Team background The Horizon3.ai team includes former U.S. Special Operations cyber operators, startup engineers, and seasoned cybersecurity professionals. Their work addresses industry challenges such as unreliable security tools, alert fatigue from too many false positives, and gaps in network visibility.

CLEAR builds secure identity technology for both digital and physical spaces. With more than 38 million members and a growing global partner network, CLEAR’s platform helps people move through airports, stadiums, workplaces, and daily routines with greater safety and ease. Role Overview The Senior Security Engineer on the Infrastructure Security Engineering (ISE) team protects CLEAR’s core platforms. This position focuses on cloud security, identity management, and endpoint controls. The work centers on AWS and Kubernetes environments, using infrastructure-as-code to scale and automate security practices. What You Will Do Strengthen security across AWS and Kubernetes infrastructure Develop and implement security controls using infrastructure-as-code Work closely with Engineering, CorpIT, and Security teams to make security a default part of CLEAR’s systems Location This role is based in New York, New York, United States.

Why Join UsAt Brex, we are transforming the way businesses manage their expenses through our innovative AI-powered spend platform. By integrating corporate cards, banking, and global payments with user-friendly software for travel and expenses, we empower companies—from startups to large enterprises like DoorDash, Flexport, and Compass—to control their spending proactively, reduce costs, and enhance efficiency on a global scale.Joining Brex means you will push boundaries, challenge conventional thinking, and collaborate with some of the brightest minds in the industry. We are dedicated to fostering a diverse team and inclusive culture, believing that your potential is only limited by your ambition. We provide you with the tools, resources, and support necessary to elevate your career.Engineering at BrexOur engineering approach at Brex focuses on building scalable systems with intention and speed. Our teams, which encompass Software, Data, Security, and IT, operate with a high degree of autonomy and foster deep collaboration. We take on complex technical challenges, take ownership of our results, and strive for excellence across all stages—from architecture to deployment. At Brex, engineering is a craft, and our builders evolve into leaders.Your RoleAs a Senior Security Operations Engineer at Brex, your mission will be to prevent, detect, and respond to security threats across our corporate and cloud environments. You will leverage existing systems and develop new tools to enhance our security capabilities. Our team is responsible for various functions in corporate security, detection & response, and infrastructure security domains, employing systems engineering and automation to support these functions.Security Operations is nested within our broader Trust & IT organization, providing opportunities to collaborate closely with Application Security, Corporate Engineering, Governance, Risk & Compliance (GRC), and IT. You will work to enhance security configurations, promote positive employee behaviors, and prevent incidents from escalating. Furthermore, you will contribute to our open-source project Substation and have the chance to share insights on the Brex Tech Blog. You will be part of a team that actively engages with the broader security community, committed to mentorship and engineering excellence.We seek individuals with a robust background and a keen interest in detecting, responding to, and resolving security incidents and challenges. You should be passionate about security and eager to contribute to a forward-thinking team.

At January, we are on a mission to revolutionize consumer finance from the ground up. By personalizing interactions and optimizing decision-making throughout all stages of consumer credit, we empower both consumers and creditors, ensuring that credit is fair, accessible, and tailored to individual needs.As a Lead Security Engineer, you will redefine security standards in an industry where trust has been significantly compromised. This is a unique opportunity to join us at a pivotal moment: we have established the hard-earned trust of leading financial institutions, and now you will create the security framework that extends this trust to millions of consumers.You will design and implement a dual trust architecture, safeguarding both consumer-facing experiences and robust enterprise systems. You will tackle technical challenges that are unparalleled in the industry, such as privacy-preserving data systems, compliance automation across multiple jurisdictions, and AI-driven decision-making processes. Your influence will shape our security strategy and culture from the ground up, demonstrating that security is not merely an overhead cost, but a competitive advantage that drives enterprise partnerships and market growth.Your ImpactTransform security into a competitive edge: Position January's security as a key differentiator that attracts banks and enterprises, unlocking Tier 1 partnerships and deals that competitors cannot secure.Promote security-by-design in product and application development: Collaborate with product and engineering teams to identify critical risks early in the process, focusing on application security across frontend, Flask services, and databases. Integrate security into the discovery and design phases, ensuring secure development patterns are embedded in workflows.Design systems for bank-grade data protection: Create and enforce data classification, encryption, and access control mechanisms that comply with regulatory standards, ensuring sensitive data remains within authorized boundaries.Foster a security-first engineering culture: Advocate for security-centric thinking within engineering teams without hindering progress. Lead incident responses decisively, ensuring that January emerges stronger from security events through thorough post-incident analyses.Streamline compliance with minimal overhead: Maintain SOC 2, PCI-DSS, and financial compliance using automated systems and build infrastructure that generates audit evidence seamlessly, eliminating compliance bottlenecks.

CoreWeave is the definitive cloud solution for AI™. Designed by innovators for innovators, we provide a robust platform of technology, tools, and expert teams that empower trailblazers to confidently build and scale AI solutions. Trusted by top AI research labs, startups, and global enterprises, CoreWeave merges exceptional infrastructure performance with profound technical know-how to expedite breakthroughs and transform computing power into actionable capability. Established in 2017, CoreWeave became publicly traded (Nasdaq: CRWV) in March 2025. Discover more at www.coreweave.com.What You Will Do:The Enterprise Security team at CoreWeave is tasked with safeguarding our daily operations—covering identity, endpoints, networks, and SaaS—ensuring the company can maintain agility without sacrificing security. This team is accountable for the controls, guardrails, and automation that protect our workforce, contractors, and vital business applications within a cloud-native environment.If you're passionate about zero trust, phishing-resistant MFA, and creating secure-by-default experiences that enhance productivity, this is the perfect team for you.About the Role:As a Senior Security Engineer, Enterprise Security, you will architect and implement the security measures that support CoreWeave's workforce and enterprise framework. You will spearhead projects related to identity, access management, device and endpoint security, and SaaS security—collaborating closely with IT Engineering, Endpoint, Network, and various security teams.Your routine will involve a blend of hands-on engineering (coding, building integrations, fine-tuning controls) and architecture and program leadership (setting standards, defining frameworks, and encouraging adoption across teams). You will be accountable for transforming high-level goals—such as “implementing zero trust for workforce access” or “deploying phishing-resistant MFA at scale”—into tangible designs, automation, and quantifiable risk reduction.In this position, you will:Develop advanced identity and access controls

About the Role Sigma Computing is seeking a Senior Security Engineer II focused on Cloud & Data Security to help safeguard our large-scale, cloud-native SaaS platform. This position centers on engineering: building security solutions, not just operating existing tools. The role calls for a subject matter expert in cloud security architecture. Collaboration with Engineering, Security, and Product teams is key, as is designing scalable controls that support business growth. Responsibilities include creating secure architectures, integrating controls into infrastructure-as-code, and setting up automated guardrails so teams can move quickly without waiting for manual security sign-offs. This is a hands-on position for someone who thrives in complex cloud environments, values automation, and knows how to scale security for a growing SaaS company. What You Will Do Architectural Leadership: Work closely with infrastructure and engineering teams to embed security into development workflows. Lead technical discussions that shape security strategy and initiatives. Multi-Cloud Engineering: Design, implement, and refine Sigma’s cloud security across AWS, GCP, and Azure, using deep architectural expertise. Threat Modeling & Incident Response: Conduct threat modeling for cloud environments and handle incident response, including investigation and remediation of malicious activity. Identity & Access Management: Develop strategies for IAM and privileged access (RBAC/ABAC, federation, least privilege, cross-account access). Remove standing privileges and long-lived credentials, and promote zero-trust and privileged access controls across IaaS and SaaS. Cloud Data Security Controls: Implement data classification, encryption/KMS, masking/tokenization, access governance, retention and deletion policies, and reduce exfiltration risks across APIs and data pipelines. Automated Remediation Workflows: Build automated responses for recurring cloud misconfigurations, drift, and policy violations to improve operational efficiency and response times. Security Stack Management: Deploy and manage cloud-native services, including CSPM, CNAPP, DSPM, SIEM, DLP, WAF, Kubernetes, and container security tools. Network Defense: Evaluate and implement zero-trust network security measures. Location: New York City, NY

About GeminiFounded in 2014 by Cameron and Tyler Winklevoss, Gemini is a prominent global crypto and Web3 platform that offers a diverse range of secure, reliable, and user-friendly crypto products and services. Serving individuals and institutions in over 70 countries, our mission is to usher in a new era of financial, creative, and personal liberty by granting trusted access to the decentralized future. We envision a world where cryptocurrency transforms the global financial landscape, the internet, and money itself, fostering greater choice, independence, and opportunity for everyone. As a publicly traded entity, Gemini is uniquely positioned to amplify this vision with greater scale and influence.The Application Security DepartmentAt Gemini, we operate at the critical juncture of financial services and innovative technology, where security failures can severely impact customer trust and regulatory compliance. Our Application Security (AppSec) team is dedicated to ensuring that security is integrated from the very beginning of product development. We aim to secure our products during the conceptual and building phases—right from the requirements documentation to architectural decisions and code implementation. We believe that the most valuable security contributions occur before the product is finalized, as addressing issues afterward can be prohibitively expensive.Role Overview: Senior Application Security EngineerAs a Senior Application Security Engineer on our AppSec team, you will serve as a valued partner to engineering, product, and business teams throughout Gemini. Your role will involve guiding these teams in the design and development of secure products while fostering a culture of security awareness and judgment. Given Gemini's AI-first approach, the AppSec team is responsible for building tools that secure this innovative vision.This position requires in-person attendance at our New York City office twice a week.

About the RoleJoin our dynamic team at FanDuel as we seek a skilled Senior Enterprise Security Engineer. This pivotal role requires a professional who is dedicated to crafting and implementing enterprise security control strategies, while also shaping our security posture. You will play a key role in balancing risk reduction with user experience and operational enablement at scale.Reporting directly to the Senior Manager of Enterprise Security Engineering, you will tackle diverse security challenges and lead initiatives that foster a secure environment for our operations.Your ResponsibilitiesImplement cutting-edge models such as “secure by default” and “zero trust” to maintain a robust security posture.Act as a security subject matter expert, collaborating with internal teams to meet business objectives and overcome security challenges.Develop and manage team roadmaps while staying informed of the latest threats and identifying security risks independently.Utilize automation and development approaches to enhance enterprise-wide security controls.Employ AI technologies to amplify the effectiveness of Security Engineering and FanDuel's operations.Support the security organization as needed, fostering a collaborative team environment.What We’re Looking ForProven expertise in security engineering across multiple domains, including Zero Trust, Endpoint Security, Data Protection, and more.Intermediate proficiency in scripting languages such as Python, Go, or Ruby; experience with Python and PowerShell is a plus.Familiarity with identity access management frameworks and protocols like SAML, SCIM, OAuth, and WebAuthN.Ability to model threats to corporate infrastructure and implement preventative architectures and controls.Strong communication skills to work effectively with a diverse range of partners, from engineering to legal teams.Adeptness in navigating rapidly evolving environments with a focus on solving ambiguous challenges.

About UsAt Justworks, we foster a friendly and inclusive environment where exceptional benefits, wellness programs, company retreats, and opportunities to connect with industry leaders abound. Our commitment to our greatest asset—our people—is paramount.We empower businesses to thrive by handling their HR challenges, allowing them to concentrate on what they do best. Our data-driven approach fuels our continuous improvement. If you seek a supportive and entrepreneurial atmosphere where you can contribute to meaningful projects while enjoying your work, we want to hear from you!At Justworks, we are united by common goals and values, which are reflected in our products and our team dynamics.Discover Our ValuesIf this resonates with you, you will thrive here.Your RoleJustworks is in search of a skilled and proactive Senior Security Engineer to enhance our Security Architecture & Engineering initiatives. We need a versatile professional with expertise in various security domains, including but not limited to cloud security, application security, identity and access management (IAM), and data protection. This role will involve close collaboration with our Security Operations and Governance, Risk, and Compliance (GRC) teams.The ideal candidate will have a strong track record of developing security solutions that bolster organizational security and managing our overall security posture. As this is a hands-on technical position, proficiency in coding languages such as Ruby on Rails, Go, or JavaScript is essential. Experience in a Linux environment and familiarity with common cybersecurity tools are also preferred.

About UsAt Justworks, we foster a friendly and inclusive workplace culture where our employees are valued and supported. We offer comprehensive benefits, wellness programs, team retreats, and opportunities to connect with industry leaders in the startup ecosystem. Our commitment is to empower businesses by allowing them to focus on their core operations while we tackle their HR challenges. We are driven by data and constant innovation. If you are eager to contribute to a dynamic, entrepreneurial environment and are passionate about creating meaningful solutions while enjoying the journey, we invite you to join us.Our team is united by shared objectives and motivations, which are reflected in our core values as a company.Discover Our ValuesIf this resonates with you, we would love to have you on board.Your RoleWe are seeking a dedicated and experienced Senior Security Engineer with a specialization in AI to spearhead the execution of our AI strategy and advance the objectives of our Digital Security team. The ideal candidate will possess extensive expertise in developing and enhancing security protocols for AI systems, effectively defending against unique AI-related threats. You should have a strong background in assessing the security of software systems featuring AI capabilities, and designing protective measures to safeguard our data from AI-specific vulnerabilities. A foundational understanding of programming and development, particularly with languages such as Ruby on Rails and JavaScript, is essential. Experience in a Unix-like environment and proficiency with standard cybersecurity tools are also preferred.

K Health Careers seeks a Senior Application Security Engineer based in New York, NY. The focus of this role is to strengthen application security and protect user data and privacy across the organization. Key responsibilities Identify and analyze software vulnerabilities, then recommend practical solutions. Collaborate with developers and cross-functional teams to integrate security into every phase of the software development lifecycle. Conduct thorough security assessments and review both application code and system architecture. Advise teams on secure coding practices and support their adoption throughout the company. Lead projects focused on enhancing application security protocols and maintaining high standards. Collaboration and impact This position works closely with engineering and other stakeholders to embed security thinking into daily development. Sharing expertise, guiding teams, and shaping a strong security culture are central to the role.

Join our dynamic team as a Senior Security Engineer specializing in Enterprise SaaS solutions. In this pivotal role, you will leverage your expertise to enhance the security posture of our software offerings, ensuring robust protection against emerging threats. Collaborate with cross-functional teams to implement security best practices and drive initiatives that safeguard our clients' data.

The Security Incident Response Team (SIRT) is integral to safeguarding Datadog from cybersecurity threats. In this pivotal role, you will collaborate with diverse teams to identify, triage, and swiftly respond to an array of security threats, ensuring that incidents are contained promptly. Your contributions will also extend to enhancing our tools and systems, fostering cross-functional learning from incidents to bolster our overall security posture.At Datadog, we value a vibrant office culture that nurtures relationships, collaboration, and creativity. We support a hybrid workplace model, allowing our team members to achieve a harmonious work-life balance.

At StubHub, our mission is to revolutionize the live event experience on a global scale. Whether someone is preparing to attend their first concert or their hundredth sporting event, we strive to enhance their journey from ticket discovery to entry at the venue. We extend the same commitment to our sellers, whether they are fans parting with a single ticket or promoters managing a major stadium tour; we aim to make StubHub the most secure and convenient platform for millions of fans worldwide.Join our Product Security Engineering Team as a Senior Product Security Engineer, where you'll play a pivotal role in strengthening our security framework within the end user and services product domain. The ideal candidate will bring extensive experience in CI/CD pipeline security, conducting product and application architecture assessments, implementing contextualized vulnerability management processes, and driving automation initiatives.

Join NBCUniversal as a Senior Staff Cyber Security Engineer (AI), where you will play a pivotal role in enhancing our cyber security initiatives. You will leverage cutting-edge artificial intelligence technologies to develop robust security solutions and safeguard our digital assets.Your expertise will be crucial in identifying vulnerabilities, implementing security measures, and collaborating with cross-functional teams to ensure the integrity of our systems. If you have a passion for AI and a commitment to excellence in cyber security, we want to hear from you!

At Headway, we are on a transformative journey to revolutionize mental healthcare accessibility. Our cutting-edge technology connects individuals with exceptional therapists through the first software-enabled national network of providers who accept insurance.With 1 in 4 Americans experiencing a treatable mental health condition, the lack of insurance acceptance among many providers makes therapy unaffordable for many. Headway is committed to creating an inclusive mental healthcare system that facilitates therapists in accepting insurance and growing their practices.Founded in 2019, we have expanded into a dynamic national network comprising over 60,000 mental healthcare providers throughout all 50 states. Our software has helped serve over 1 million patients. As a Series D company, we have secured over $325 million in funding from prominent investors including a16z (Andreessen Horowitz), Accel, GV (formerly Google Ventures), Spark Capital, Thrive Capital, Forerunner Ventures, and Health Care Service Corporation.We aspire for your time with us to be the most impactful experience of your career. Join us in our mission to enhance mental healthcare for all.

Join our dynamic team at Lewis Associates as a Senior Information Security Engineer. In this pivotal role, you will be responsible for safeguarding our information systems and ensuring compliance with security standards. Your expertise will help us develop and implement robust security solutions, conduct risk assessments, and respond to security incidents.

About the Role Sigma Computing is hiring a Senior Security Engineer II focused on Threat Detection and Response for our Security Engineering team in New York City. This position acts as the technical subject matter expert for threat intelligence, detection, and response. The role partners closely with Security, Platform, Product, and Engineering teams to reduce risk and strengthen our defenses at scale. Responsibilities include translating Cyber Threat Intelligence (CTI) into practical security strategies and reinforcing our architecture to guard against modern attack techniques before they can impact our systems. Beyond platform management, this engineer will write production-grade code, design scalable detection systems, automate security responses, and build proactive controls. A strong understanding of cloud, identity, application, and data attack vectors is essential. What You’ll Do Adversary Response Planning: Develop and maintain a comprehensive adversary response strategy that connects organizational risks to specific threat actor tactics, techniques, and procedures (TTPs). Cross-Functional Leadership: Act as a subject matter expert for Infrastructure, Engineering, and Security teams. Guide the adoption of proactive security measures and help integrate security best practices throughout the development lifecycle and company infrastructure. Proactive Threat Modeling: Lead collaborative threat modeling for new products and infrastructure. Support cloud platform, Engineering, and IT teams in identifying and mitigating architectural vulnerabilities before deployment. Continuous Detection Engineering: Build, refine, and continually improve a library of high-fidelity detections. Ensure alerting mechanisms adapt to new exploitation methods and evolving industry standards. Industry Alignment: Stay current with the latest security developments (such as CISA advisories and new MITRE techniques) to keep Sigma’s controls aligned with industry standards. Resilience Testing & Training: Design and run incident response simulations and tabletop exercises. Educate non-security teams on their crisis roles and identify any weaknesses in our layered defense approach. Advanced Incident Management: Lead advanced incident response efforts to ensure security incidents are managed quickly and effectively.

Join Ro, a pioneering direct-to-patient healthcare company, dedicated to empowering patients in achieving their health goals through seamless and effective care. We uniquely provide nationwide telehealth, lab, and pharmacy services, all through our vertically integrated platform that ensures a convenient, end-to-end healthcare experience—from initial diagnosis to medication delivery and ongoing care. Since our inception in 2017, Ro has positively impacted millions of patients, covering every county in the United States and reaching 98% of primary care deserts.Recognized as a Fortune Best Workplace in New York and Health Care for four consecutive years (2021-2024), Ro was also honored as the Best Workplace for Parents for three years in a row in 2023, and featured in the CNBC Disruptor 50 list in 2022.The Cloud Security team at Ro is committed to safeguarding the security and privacy of our patients by continuously enhancing security measures across our cloud environments. We collaborate closely with engineers and leaders across Ro’s platform, data, and product teams to develop, implement, and communicate a comprehensive security approach. In this role, you will play a pivotal part in strategic initiatives, providing engineering expertise to help make informed, scalable, secure, and privacy-respecting decisions, all while embracing a hands-on builder mindset to integrate security into our processes.This senior-level individual contributor position requires you to act as a hands-on technical expert, developing internal products and infrastructure to bolster Ro’s cloud security posture and fulfill compliance objectives. As a vital member of the Product Security team, which encompasses expertise in product security, cloud security, architecture, and privacy engineering, you will design and automate scalable architectures and tools. You will advocate for secure cloud security decisions, lead discussions and designs, and work closely with Ro’s infrastructure and engineering teams to create secure infrastructure solutions.Your exceptional communication skills and collaborative spirit will be essential to your success in this role.