Senior Security Engineer

We are seeking a highly skilled Senior Security Engineer to join our innovative team at Decagon in San Francisco. In this pivotal role, you will be responsible for safeguarding our digital infrastructure and ensuring the security of our systems against potential threats. You will work closely with cross-functional teams to design and implement security solutions, conduct risk assessments, and develop incident response strategies.As a Senior Security Engineer, you will have the opportunity to leverage your expertise in security protocols, threat detection, and vulnerability management to enhance our security posture. Your contributions will be essential in creating a secure environment for our operations and clients.

About LangChainLangChain is dedicated to making intelligent agents a common part of our daily lives. We provide the essential framework for agent engineering that enables developers to transition from experimental prototypes to production-ready AI agents that organizations can depend on. Having started as widely embraced open-source tools, we have evolved to also deliver a robust platform for the development, evaluation, deployment, and management of agents at scale.Our tools, including LangChain, LangGraph, LangSmith, and Agent Builder, are actively utilized by teams delivering tangible AI products across both startups and large corporations. Millions of developers rely on LangChain to empower AI teams at renowned companies such as Replit, Clay, Coinbase, Workday, Lyft, Cloudflare, Harvey, Rippling, Vanta, and 35% of the Fortune 500.With $125M raised in our Series B funding round from prominent investors including IVP, Sequoia, Benchmark, CapitalG, and Sapphire Ventures, we are at a pivotal point of innovation, accelerating growth, and empowering every team member to have a significant impact on our products and collaborative culture. At LangChain, your contributions can truly influence how this technology integrates into the real world.About the RoleAs the hands-on security lead, you will work closely with our core product teams to ensure the security of agent workloads from end to end, encompassing everything from SDK to LangSmith/Graph services and customer integrations. You will be responsible for defining our security roadmap, achieving immediate hardening wins, and elevating the standards for how AI infrastructure is secured in production. We are seeking engineers with expertise in either cloud/infrastructure security or application security (expertise in both is a significant advantage!).Lead product & platform security: Design and implement application/infrastructure security controls across LangSmith, LangGraph, and the LangChain SDK ecosystem (Python/TS/Go).Implement secure-by-default authentication and authorization: Enhance SSO/SAML/OIDC/SCIM, manage token lifecycles, establish service-to-service authentication, and ensure tenant isolation for both cloud and self-hosted customers.Vulnerability management: Oversee scanning, triage, and patching SLAs; coordinate with engineering teams to ensure swift remediation without delaying delivery.Develop secure code, conduct reviews, and create tools: Implement secure design principles, write pull requests, execute penetration tests, and introduce lightweight checks (linters, dependency/supply-chain scanning, SBOM/SLSA provenance) to facilitate security at scale.Enhance hardening & operations: Focus on network segmentation/Zero Trust, Kubernetes posture management, secrets management, key rotation, least-privilege IAM, and egress controls.

Join Our Team as a Senior Security EngineerAt LiteLLM, the leading AI Gateway trusted by industry giants such as Adobe, Netflix, and NASA, we empower developers with secure and reliable access to LLMs and associated services. We are seeking a talented Senior Security Engineer to establish robust security measures and observability tools as we scale our platform.Your Role:Become a cornerstone of our security team as our inaugural Security Engineer, tackling pivotal security challenges head-on.Key Responsibilities:Perform in-depth security assessments of the LiteLLM proxy codebase to uncover potential supply chain vulnerabilities.Develop and manage automated security scans for our Docker images, PyPI packages, and CI/CD workflows (including dependency scanning and secrets detection).Create and enforce secure-by-default configurations for both cloud and self-hosted environments (API authentication, IAM least privilege, key rotation).Implement and oversee intrusion detection systems and alerts tailored to model and API usage patterns.Lead incident response efforts and post-mortem analyses, including vulnerability assessments and stakeholder communication.Establish a formal CVE triage and disclosure protocol in collaboration with the engineering team.Conduct internal red teaming and adversarial testing to simulate real-world attacks and enhance our defenses.Collaborate with engineering teams to fortify release pipelines (signed builds, provenance checks, reproducible builds).Develop secure coding standards and conduct regular training sessions for developers focused on supply chain and dependency management.Maintain and update threat models as LiteLLM’s products and architecture evolve.

About SentryAt Sentry, we are dedicated to eradicating bad software. Our mission is to empower developers to create better software more efficiently, allowing everyone to enjoy technology once more.With over $217 million in funding and a community of more than 100,000 organizations, including industry leaders like Disney, Microsoft, and Atlassian, we are at the forefront of building performance and error monitoring tools that minimize bug fixing and maximize product development.We embrace a hybrid work model across our global teams, designating Mondays, Tuesdays, and Thursdays as in-office days to foster collaboration. If you are passionate about creating tools that enhance the digital experience, join us in developing the next generation of software monitoring solutions.About The RoleOur security team is committed to safeguarding every aspect of Sentry, from our customer data to our internal code. As a Senior Security Engineer, you will be integral to our mission of enhancing security across our application and Kubernetes platform. Collaborating with engineering teams, you will help strengthen Sentry’s cloud security posture through strategic architecture, threat modeling, and hands-on coding when necessary.Key ResponsibilitiesLead critical initiatives aimed at addressing significant security challenges, from conceptualization to execution.Collaborate on cross-departmental objectives to drive security goals forward.Conduct research and assess new technologies that can bolster our security framework with a focus on scalability.Identify vulnerabilities within our systems and data while developing and implementing robust protective measures.Support cross-functional teams in integrating security solutions that adhere to Secure-by-Design principles.Ideal Candidate AttributesDesire to be a foundational member of an agile, engineering-centric security team.Enjoy collaborating with enthusiastic security, application, platform, and infrastructure engineers eager to innovate.Passionate about advancing security practices to enhance software quality.

Oleria Security seeks a Senior Implementation Engineer based in San Francisco, CA. This role focuses on integrating and deploying Oleria’s security solutions for clients, ensuring each rollout is reliable and tailored to customer needs. Role overview The Senior Implementation Engineer leads technical deployments of security products. Success in this position means customers experience smooth transitions and ongoing support as their solutions go live. What you will do Take ownership of technical implementation for security products with client organizations Collaborate with engineering, product, and customer success teams to coordinate deployments Diagnose and resolve integration or deployment issues as they arise Contribute to project outcomes and maintain strong customer satisfaction throughout each engagement

Join Airwallex as a Senior Corporate Security EngineerAt Airwallex, we are redefining global financial solutions. As a Senior Corporate Security Engineer, you will play a pivotal role in safeguarding our enterprise systems and employee data from various security threats, including malware and phishing attacks. This is a highly technical position focused on detecting, investigating, and preventing security incidents within a dynamic corporate environment.You will engage in digital forensics, incident response, and the development and deployment of tools designed to protect our diverse range of IT platforms. Collaborate with exceptional teammates to tackle significant challenges while advancing your career as we pioneer the future of global banking.

About Scribd:At Scribd Inc., we ignite curiosity and foster a vibrant ecosystem of stories and knowledge. Our mission is to democratize access to ideas and empower collective wisdom through our innovative platforms: Everand, Scribd, Slideshare, and Fable. Join us as we create an inclusive environment where creativity and collaboration thrive.We believe in cultivating a culture where authenticity and boldness flourish—encouraging open discussions and commitment to our goals while embracing the unexpected. Every team member is empowered to prioritize customer needs and take meaningful actions.Our flexible work policy, Scribd Flex, enhances individual work styles while fostering community connections. We encourage team members to collaborate intentionally through in-person moments, regardless of their location.We're looking for team members who embody "GRIT"—a blend of passion and perseverance towards long-term objectives. We seek individuals who can set and achieve Goals, deliver Results, offer Innovative solutions, and positively impact the Team's culture through collaboration.Role OverviewAs a Senior Security Engineer on our Infrastructure Security team, you'll play a crucial role in safeguarding our applications, platforms, and users. As we scale, we're enhancing our Detection & Response capabilities, transitioning towards a time-based security model that prioritizes speed, signal quality, and resilience as core design principles.

Why Join Brex?Brex is an innovative AI-driven spend management platform designed to empower businesses to manage expenses with confidence. We provide integrated corporate cards, banking solutions, and global payment options, alongside intuitive software for travel and expense management. From startups to large enterprises, clients like DoorDash, Flexport, and Compass leverage Brex to optimize spending, lower costs, and enhance efficiency worldwide.Joining Brex means embracing challenges, pushing boundaries, and collaborating with industry leaders. We are dedicated to fostering a diverse and inclusive culture where your potential is only limited by your aspirations. We equip you with the necessary tools, resources, and support to advance your career.Engineering at BrexOur engineering culture focuses on building scalable systems with intention and speed. Our teams, spanning Software, Data, Security, and IT, work with high autonomy and deep collaboration. We confront challenging technical problems, take ownership of outcomes, and strive for excellence across all levels—from architecture to deployment. Here, engineering is regarded as a craft, and builders evolve into leaders.Your RoleAs a Senior Application Security Engineer, you will be pivotal in identifying and addressing security vulnerabilities within the Brex platform. Your responsibilities will include conducting code and design reviews, penetration testing, and managing vulnerabilities. You will also develop and maintain tools for static and dynamic testing of the platform, ensuring secure developer workflows. You will collaborate closely with teams across Security Operations, GRC, Product Security, Front End Platform, and IT Infrastructure.We seek individuals with a robust background in penetration testing and a proven track record of uncovering vulnerabilities in complex systems. Your ability to craft exploits that highlight business risk will be essential. This role demands a collaborative spirit, as you will engage with various engineering teams throughout Brex. Your enthusiasm for diverse perspectives and needs is crucial as we build world-class financial services with top-tier security.Brex is at the forefront of AI-driven financial services for dynamic companies such as Coinbase, Robinhood, and Anthropic. As we integrate AI across our product suite, this role will have the chance to significantly influence our approach.

Astranis is on the forefront of satellite technology, developing advanced satellites designed for high orbits that expand humanity’s reach into the solar system. Our innovative satellites deliver dedicated, secure communication networks to a diverse range of clients, including large enterprises, sovereign governments, and the US military. With five satellites currently in orbit and numerous launches planned, we are proudly managing a backlog exceeding $1 billion in commercial contracts.Astranis is the go-to satellite communications partner for clients with rigorous demands for uptime, data security, and network customization. Having raised more than $750 million from some of the most recognized investors, including Andreessen Horowitz, Blackrock, and Fidelity, we boast a talented team of 450 engineers and entrepreneurs. Our operations are based in a state-of-the-art 153,000 sq. ft. facility in Northern California, USA.Senior Product Security EngineerAs a Senior Product Security Engineer at Astranis, you will leverage your extensive software engineering expertise with a strong focus on security. You will be tasked with designing and building secure systems, specializing in critical areas such as cryptography, Public Key Infrastructure (PKI), and zero trust architectures. Your role will encompass evaluating processes, operating systems, and applications from a security-first engineering perspective. While your primary responsibility will be to develop secure software, you will also play a key role in identifying vulnerabilities, conducting risk analyses, and leading thorough security reviews.

At Asana, we are committed to proactively mitigating security risks by developing core libraries, platforms, and frameworks that ensure robust security across our organization. We are seeking a highly skilled Senior Software Engineer to become a vital member of our newly established Security Development team. This team is dedicated to crafting resilient, secure-by-default solutions aimed at safeguarding Asana's infrastructure and products. Rather than acting as gatekeepers, we create guardrails that empower our engineering teams to operate swiftly and securely. Your role will involve engineering scalable preventative controls and developing platforms and frameworks that eliminate systemic risks. This position is based in our San Francisco office with a hybrid work schedule, requiring in-office attendance on Mondays, Tuesdays, and Thursdays, while Wednesdays offer a work-from-home option. Fridays may also allow for remote work, depending on your projects and team dynamics. If you are selected for an interview, your recruiter will provide additional insights on the in-office expectations.

About UsTriumph Arcade revolutionizes mobile gaming by allowing players to wager and win real money, engage in mass multiplayer games, and compete in social tournaments. Our app has become the leading choice in its App Store category, showcasing remarkable month-over-month growth in both revenue and active player engagement. As we continue to innovate and expand, we're excited to introduce new products, including Rips, our collectibles app, which has already gained significant traction.Supported by esteemed venture capitalists such as Goodwater Capital, General Catalyst, and DraftKings Drive Fund, Triumph is on a hyper-growth trajectory.The RoleAs our Founding Security Engineer, you will play a pivotal role in shaping and implementing the security framework that safeguards Triumph’s players, funds, and data across all platforms. Your expertise will ensure Triumph's resilience against technical failures, credential compromises, or security incidents, thereby protecting our assets and maintaining operational viability.You will be the primary authority on security for our backend systems, mobile applications, infrastructure, and internal tools, establishing the standards for security practices at Triumph. This position reports directly to our CTO and Co-Founder, Jared Geller.What You’ll DoIdentity, Access & Privilege Escalation - Manage all service accounts, IAM, and privilege elevation systems within the production infrastructure.Blast Radius & Recovery Guarantees - Oversee disaster recovery design and execution, ensuring that no infrastructure failure or security incident can lead to irreparable loss of critical data, funds, or system integrity. Set and enforce recovery point (RPO) and recovery time (RTO) objectives for all crucial data systems.Audibility & Forensic Readiness - Ensure all security actions in production are auditable, attributable, and easily reconstructable.Compliance - Lead the technical implementation of data protection controls necessary for compliance with GDPR and similar regulations.

At Discord, we connect over 200 million users each month through shared interests and gaming experiences. With more than 90% of our community engaging in video games, we aim to enhance the gaming experience by providing seamless communication before, during, and after play.We are on the lookout for a skilled Senior Enterprise Security Engineer to join our dynamic security team. Reporting to the Engineering Manager of Enterprise Security, you will lead the charge in implementing and safeguarding Discord’s enterprise environment with a strong emphasis on security and privacy measures. If you have a passion for creating robust security frameworks while ensuring smooth operational workflows, we want to hear from you. Join us in our mission to create a secure environment where data protection is paramount and where innovative solutions thrive.

Handshake connects over 20 million knowledge workers, 1,600 educational institutions, and 1 million employers, including every Fortune 50 company, through its career network focused on the AI economy. The platform supports career discovery, hiring, and professional development for a broad range of roles, from freelance AI training to full-time positions. With rapid growth and a forecast to triple ARR by 2025, Handshake works closely with leading AI labs and major organizations. Role overview The Senior Security Engineer will lead the architecture, design, and implementation of Handshake’s enterprise identity automation and governance systems. This position shapes the long-term IAM automation strategy, develops scalable and resilient lifecycle workflows, and ensures secure-by-default identity operations across SaaS, cloud, and internal platforms. The role involves close collaboration with Security, IT Engineering, People Operations, and Product/Platform Engineering to deliver automated, auditable, and reliable identity solutions. What you will do Design, develop, and manage automated onboarding, offboarding, and access-change workflows using Okta, Workday, SCIM, and event-driven systems. Build integration layers between identity platforms and internal applications with Python, REST APIs, Webhooks, and Terraform. Implement error-handling, reconciliation logic, telemetry, and monitoring to maintain reliability of identity lifecycle events. Modernize provisioning logic and move manual processes to scalable automation frameworks. Create tooling and pipelines for version-controlled, testable, and observable IAM automation. Serve as the technical lead for Handshake’s IAM ecosystem, including Okta, Google Workspace, GCP, AWS IAM, and internal access systems. Why join Handshake Shape the future of careers in the AI economy and make a visible impact on the community. Work alongside AI labs, Fortune 500 companies, and leading educational institutions. Join a team with leadership experience from companies such as Scale AI, Meta, xAI, Notion, Coinbase, and Palantir. Contribute to a business positioned for significant revenue growth.

This position is open to remote candidates across the U.S., with a preference for those located in the San Francisco/Bay Area or Seattle/Bellevue. U.S. citizenship is required.Databricks is on the lookout for a highly skilled and strategic Senior Staff Security Engineer specializing in Incident Response to bolster our Incident Response team. In this critical role, you will make decisions that will significantly influence the long-term success of Databricks' security framework, crafting solutions that pave the way for future opportunities even when paths are unclear. Your contributions will be vital in shaping a multi-year technology strategy for key sectors of our business, involving multiple systems and teams, and consistently delivering large-scale projects aligned with corporate objectives.The Incident Response team is dedicated to swiftly, effectively, and uniformly addressing security threats, incidents, and investigations to safeguard our customers, employees, and enterprise data. Utilizing Databricks' own platform for near-real-time log analytics, alerting, and forensics, we embody a philosophy of "Security for Databricks on Databricks." As a Senior Staff Security Engineer, you will tackle the most challenging Security Incident Response Team (SIRT) tasks, navigate complex, ambiguous problems, and enhance the organization’s efficiency through systems enablement, tool creation, or policy innovation.Your Impact:Strategic Direction & Technical Vision: Influence the organization's roadmap and lead discussions on vital technology domains, fostering adoption and contributing decisions with long-term implications for Databricks' success.Incident Leadership & Crisis Management: Spearhead intricate investigations and impact assessments, executing crisis management through the Incident Management System (IMS). Collaborate with various stakeholders and convey findings to executive leadership, ensuring effective handling of significant security incidents with minimal operational disruption.Advanced Threat Management: Demonstrate expert knowledge across all cloud services utilized by Databricks (AWS, Azure, GCP), possessing a deep understanding of the architecture of essential business components and articulating their security and risk parameters. Propel the creation of a sophisticated threat detection and response program aimed at significantly reducing Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) to security incidents.Technical Innovation & Automation: Design scalable security solutions that leverage automation to enhance incident response efficiency and effectiveness.

Metriport is looking for a Senior Security Engineer to join the team in San Francisco. The role centers on safeguarding company infrastructure and maintaining the security of sensitive data. Candidates should bring deep experience with security protocols and risk assessment, with a focus on countering new and evolving threats. Key responsibilities Evaluate risks and pinpoint vulnerabilities throughout Metriport's infrastructure Create and apply security measures that protect data integrity and confidentiality Collaborate with colleagues across departments to improve security practices Monitor the latest security threats and adjust strategies as needed Location This role is based in San Francisco.

Join Lightning AI as a Senior Application Security Engineer specializing in the realms of Artificial Intelligence and Machine Learning. In this pivotal role, you'll be responsible for enhancing our application security posture across our innovative platforms. Collaborate with a team of talented engineers to identify vulnerabilities, implement security best practices, and ensure our AI-driven solutions remain robust and secure.

Asana is seeking a passionate and experienced Senior Engineering Manager, Security to lead our dynamic team in San Francisco. In this role, you will be responsible for enhancing our security infrastructure while fostering a culture of innovation and collaboration. This position involves managing a talented team of engineers, guiding them in the development and implementation of security protocols and best practices to protect our users and data.

About Cogent SecurityCogent Security is at the forefront of cybersecurity innovation, leveraging Applied AI to develop next-generation AI agents. In an era where cyber attacks evolve rapidly, our AI Taskforce analyzes vast amounts of enterprise data to proactively address vulnerabilities and prevent critical breaches.We combine pioneering research with practical execution, ensuring that our innovative solutions meet real-world challenges. Our Cogent Research division acts as our dedicated AI lab, driving the development of advanced security workflows.Since our emergence from stealth mode, we have rapidly grown, collaborating with Fortune 500 companies to secure complex production environments globally.Supported by Greylock, we have gathered a team of top talent from renowned institutions and leading organizations in the AI and cybersecurity sectors.About the RoleAs an Agent Engineer at Cogent Security, you will be pivotal in designing, building, and deploying critical AI agents tailored for complex client environments. Your role is highly cross-functional, involving direct collaboration with customers to understand their unique needs, adapting our platform accordingly, and iterating on scalable solutions to handle millions of real-world security events.You will manage projects from inception to deployment, including data onboarding and integrating feedback into our core agent platform. Your contributions will shape how AI agents detect threats, triage incidents, and automate security workflows for some of the most sophisticated organizations worldwide.This position is ideal for engineers who excel in dynamic environments, enjoy tackling complex technical challenges, and wish to see the tangible impact of their work.

At Crusoe, we are on a mission to accelerate the accessibility of energy and intelligence for everyone. Join us in creating the infrastructure that enables individuals to innovate boldly with AI, all while maintaining a commitment to scale, speed, and sustainability.Become a key player in the AI revolution through sustainable technology at Crusoe. Here, you will spearhead groundbreaking innovations, make a significant impact, and collaborate with a team dedicated to shaping the future of responsible cloud infrastructure.Role Overview:Crusoe AI is seeking a Senior Product Security Engineer to play a pivotal role in protecting our cloud products and applications, particularly those centered on AI/ML, throughout their entire lifecycle.In this position, you will lead the establishment and enforcement of security best practices within the development lifecycle. Your responsibilities will include performing comprehensive threat modeling, executing security assessments, and working closely with product and engineering teams to strengthen our security posture, ensuring the robustness of our innovative solutions and the protection of customer data.Your Daily Responsibilities:Collaborate with product and engineering teams to embed security best practices into the software development lifecycle.Conduct threat modeling, security architecture evaluations, design assessments, and code reviews for new product initiatives. Perform penetration testing, vulnerability assessments, and security evaluations of product features and systems.Create and implement security automation tools to monitor and test code and software for vulnerabilities.Establish and maintain secure coding protocols and procedures tailored for cloud and Kubernetes environments.Proactively detect and mitigate risks in user-facing processes and critical infrastructure.Lead security education, training, and mentorship initiatives to cultivate a culture of security awareness across all teams.Identify and manage security vulnerabilities, ensuring they are documented, prioritized, and addressed promptly.Qualifications for Success:You possess 4-6+ years of experience in Information Security, with a specialization in application or product security.You have proficiency in cloud platforms such as AWS, GCP, or Azure, and expertise in Kubernetes orchestration as well as automation scripting (e.g., Python).

Join Us in Revolutionizing HealthcareAt candidhealth, we are on a mission to transform one of the most flawed and expensive components of the US healthcare system: medical billing. Healthcare providers currently expend over $250 billion annually just in administrative costs to receive payments from insurance. The complexity of medical billing makes it significantly more challenging than credit card processing—around 100 times more difficult. Traditionally, this process is managed by numerous individuals who navigate intricate rules and procedures unique to each insurance provider, often without adequate software support. Our goal is to rethink medical billing from the ground up, leveraging advanced data science and soon machine learning to automate these complexities, allowing healthcare providers to receive payments with ease and efficiency.Having participated in the Y Combinator W20 batch, we have secured substantial funding from distinguished investors including 8VC, First Round Capital, and BoxGroup, along with numerous angel investors. Our impact extends beyond billing; we are aiding clients in addressing opioid addiction, delivering comprehensive care for women, promoting weight loss, enhancing access to mental health services, and much more. This is crucial, fulfilling work, and we eagerly anticipate your addition to our team to support the groundbreaking innovations in healthcare!Your RoleWe are seeking a Senior Security Engineer who is eager to enhance the security framework of our systems and networks. As our security steward, you will ensure that our platforms are robust against threats while adhering to compliance standards. We appreciate a proactive approach and are looking for someone well-versed in security frameworks while actively participating in both strategic and operational security initiatives.