Vulnerability Management Engineer

Join Cloudflare as a Vulnerability Management Engineer, where you will play a critical role in identifying, assessing, and mitigating vulnerabilities across our systems. You will work closely with security teams to implement robust vulnerability management processes, ensuring our infrastructure remains secure. This is an exciting opportunity to enhance your skills in a dynamic and fast-paced environment.

Astranis Space Technologies Corp. is seeking a dedicated Vulnerability Management Analyst to join our growing team in San Francisco. In this role, you will be instrumental in identifying and mitigating vulnerabilities across our systems and applications. You will collaborate with various teams to enhance our security posture and ensure the integrity of our operations.Key responsibilities include conducting vulnerability assessments, managing remediation efforts, and providing insights on security best practices. Your analytical mindset and attention to detail will contribute significantly to our mission of delivering innovative satellite technology to improve global connectivity.

Join Sonsoft Inc. as a Vulnerability Assessment Specialist and play a crucial role in safeguarding our organization's digital assets. You will conduct thorough assessments of our systems and applications to identify vulnerabilities and recommend remediation strategies. This position requires a keen eye for detail and a solid understanding of cybersecurity best practices.

About DepthFirst AIAt DepthFirst AI, we recognize that software underpins modern civilization, yet its vulnerabilities pose significant risks to integrity and security. Our mission is to enhance software security through innovative solutions.We are developing cutting-edge intelligence to identify and remediate critical software vulnerabilities, leveraging AI agents to discover zero-day vulnerabilities across extensive customer codebases and popular open-source software.Our founding team comprises industry leaders from DeepMind, Databricks, Square, and Faire, bringing unparalleled expertise in security and large language models (LLMs). We seek talented technical professionals eager to explore the intersection of AI, security, and infrastructure.Role Overview:We are looking for a skilled Research Engineer to contribute to the development and training of AI agents focused on vulnerability discovery and exploitation.Your work will be pivotal in creating technology capable of detecting vulnerabilities, akin to Log4J, at scale, ensuring the security of customer and open-source codebases.Ideal candidates will possess a strong engineering intuition, experience in model evaluation and benchmarks, with reinforcement learning experience being an added advantage. Your contributions will be instrumental in shaping a product that aims to revolutionize security practices for companies.Why You Will Love This Role:Develop Cutting-Edge AI pipelines tailored for the detection and exploitation of complex software vulnerabilities.Design and Maintain evaluation benchmarks that genuinely reflect the challenges faced by our users.Craft effective training methodologies and reinforcement learning environments for security coding agents.Be Part of a Solution to critical security challenges, with feedback from our valued customers revealing the immediate impact of our product.

Are you passionate about enhancing cybersecurity and protecting sensitive information? Join our team as a Vulnerability Assessment Consultant. In this role, you will conduct thorough assessments to identify vulnerabilities in our clients' networks and systems, providing actionable insights to mitigate risks and enhance security.

Join our dynamic team at Sonsoft Inc. as a Vulnerability Assessment Specialist. In this pivotal role, you will be responsible for identifying, analyzing, and mitigating security vulnerabilities within our IT infrastructure. You will work closely with cross-functional teams to ensure our systems are robust against potential threats.Your expertise will help us maintain the highest standards of security and compliance, ultimately protecting our valuable data and resources.

About AnthropicAt Anthropic, we are dedicated to developing trustworthy, interpretable, and controllable AI systems. Our vision is to ensure that AI remains safe and beneficial for our users and society. Our rapidly expanding team consists of passionate researchers, engineers, policy specialists, and business leaders collaborating to create forward-thinking AI solutions.About the RoleIn the position of Technical Program Manager for Security, focusing on Coordinated Vulnerability Disclosure (CVD), you will establish and steer the initiatives that dictate how Anthropic responsibly reveals software vulnerabilities identified by our AI-driven tools, such as Claude, Patchy, and Claude Code. These advanced tools have already uncovered genuine zero-day vulnerabilities in critical software including Firefox and the Linux kernel. The challenge now extends beyond merely identifying vulnerabilities; it encompasses managing the fallout of these discoveries at an unprecedented scale and speed.Conventional coordinated disclosure frameworks were designed for a time when a researcher might uncover a significant vulnerability every few weeks. The AI-powered discovery landscape has dramatically transformed this paradigm; for instance, Claude can identify hundreds of issues within a single codebase in just one day. Your role is crucial in guaranteeing that every finding is communicated to the appropriate maintainer, at the right speed, with the necessary context, while ensuring Anthropic adheres to its Responsible Scaling Policy (RSP) commitments.You will oversee the complete CVD lifecycle: from internal assessment and human validation of AI-generated findings to tiered disclosure timelines and external coordination with vendors, open-source maintainers, and relevant organizations. This role necessitates extensive collaboration across Security Engineering, Legal, Communications, Product, and Frontier Red Team to ensure Anthropic serves as a responsible steward of the vulnerabilities its tools reveal.Responsibilities:Lead the CVD program strategy and implementation: Define and steer the roadmap for coordinated vulnerability disclosure, from AI-generated findings to maintainer notifications, remediation tracking, and public disclosure. Ensure alignment with Anthropic’s security posture and RSP compliance requirements.Oversee internal triage and quality assurance: Establish and manage a human review process to validate all AI-generated findings before external disclosure. Set minimum confidence thresholds and deduplicate against known CVEs.

Join Sonsoft Inc. as a Vulnerability Assessment Specialist, where you will play a crucial role in identifying and mitigating security vulnerabilities within our systems and applications. Your expertise will help safeguard our clients' data and enhance our security posture.In this dynamic position, you will conduct thorough assessments, analyze security risks, and collaborate with cross-functional teams to implement effective solutions. This is an excellent opportunity for individuals passionate about cybersecurity and eager to grow their careers in a supportive environment.

Join Sonsoft Inc., a leading technology solutions provider, as a Vulnerability Analyst focusing on Infrastructure Security. In this role, you will be responsible for identifying and mitigating security vulnerabilities in our infrastructure systems. You will work closely with cross-functional teams to ensure that our security measures are robust and effective. Your expertise will help shape our security strategy and safeguard our systems against potential threats.

Join Sonsoft Inc. as an Infrastructure Security Vulnerability Analyst, where you'll play a crucial role in identifying and mitigating security risks within our infrastructure. As part of our dynamic security team, you will work with cutting-edge technologies to enhance our security posture and ensure the integrity of our systems.

Join Sonsoft Inc. as a Vulnerability Assessment Specialist focusing on Infrastructure Security. In this role, you will be integral to our mission of safeguarding our clients’ infrastructures against potential threats. You will utilize your skills to identify, analyze, and remediate vulnerabilities, ensuring robust security measures are in place.

About DepthFirst AIAt DepthFirst, we recognize that software serves as the backbone of modern civilization, yet its vulnerabilities pose significant risks to integrity, security, and resilience. Our mission is to address these security challenges head-on.We are pioneering the development of intelligent systems that autonomously identify and remediate critical software vulnerabilities. Our focus lies in training and scaling AI agents to uncover zero-day vulnerabilities across extensive customer codebases and widely-used open-source software.Our esteemed founding team brings a wealth of experience in security and large language models, featuring technical leaders from industry giants such as DeepMind, Databricks, Square, and Faire. We are in search of talented individuals eager to explore the intersection of AI, security, and infrastructure.About the Role:We are on the lookout for a seasoned Backend Engineer who will spearhead the creation of the world's first AI-native platform dedicated to autonomously identifying and resolving software vulnerabilities in code. You will be integral to developing the infrastructure that drives our security AI agents, tackling challenges related to large-scale code execution, complex agent orchestration, evaluation benchmarks, and training pipelines. We prioritize engineering excellence and secure designs capable of scaling for thousands of enterprise-level users. Your contributions will be pivotal in redefining how businesses approach security.What Excites You About This Role:Technical Leadership: Mentor team members, establish technical direction, and set best practices for backend engineering at DepthFirst.Architect and Scale: Develop complex coding agent pipelines that efficiently scan and execute large codebases to identify intricate vulnerabilities.Benchmark Development: Build, maintain, and refine evaluation benchmarks for AI agents that mirror real-world user challenges.Ownership: Take charge of our product, influencing its architecture, performance, and long-term success.Impactful Work: Participate in a project that addresses critical security issues. Our initial customers have already seen significant value in resolving vulnerabilities shortly after adopting our solution.

About Us: At ResiQuant, we are at the forefront of addressing a critical issue in disaster resilience: the need for accurate, standardized, and dynamic property data. As climate change and natural disasters such as earthquakes, hurricanes, and wildfires increasingly affect our world, it is vital that risk assessments are based on reliable information.Our mission is to empower insurers, financial institutions, and asset managers through innovative AI solutions integrated with deep structural engineering knowledge. These systems fill essential data gaps, providing precise and actionable insights about buildings to enhance decision-making.Founded by Stanford PhDs, we are dedicated to using advanced AI technology to shield communities and businesses from the impacts of disasters. At ResiQuant, we envision a future where every organization has access to top-tier property risk intelligence, enabling them to foster resilience and protect their most valued assets.The Role: In this pivotal position, you will enhance the structural engineering intelligence that fuels our AI systems, enabling them to evaluate building vulnerabilities akin to expert engineers. You will generate ground truth data and establish logical reasoning frameworks that dictate how buildings withstand various natural disasters. Collaborating closely with our Stanford PhD founders and elite AI team, you will build the technical foundation that allows insurers to make billion-dollar risk decisions with unmatched precision, while positioning yourself to lead all engineering and catastrophe modeling efforts as we expand across the US and internationally.What You'll Do:Examine building imagery and diverse property documents to create extensive datasets that train AI systems on how expert engineers evaluate structures across varying US regions and construction practices.Work directly with AI and backend engineering teams to integrate your structural expertise into our product, ensuring accuracy at scale.Support customer success by engaging with insurance clients and addressing domain-specific technical inquiries.Define failure modes and vulnerability frameworks for buildings exposed to earthquakes, hurricanes, wildfires, and other natural hazards.Review and validate AI-generated structural assessments to enhance model accuracy continuously.Who You Are:2–6 years of experience in structural engineering consulting, focusing on existing buildings (preferably in retrofit design or forensic investigations).Proficient in analyzing building structures and understanding varied construction practices.Strong analytical skills and attention to detail.

Join Anchorage Digital, the forefront of innovation in the digital asset space, where we are crafting the world’s most sophisticated platform tailored for institutional participation in cryptocurrency.Anchorage Digital is a pioneering crypto platform, empowering institutions to engage with digital assets through advanced custody solutions, staking, trading, governance, and a state-of-the-art security infrastructure. As home to Anchorage Digital Bank N.A., the inaugural federally chartered crypto bank in the U.S., we extend our services globally through Anchorage Digital Singapore, Porto by Anchorage Digital, and other innovative offerings.Backed by prominent investors such as Andreessen Horowitz, GIC, Goldman Sachs, KKR, and Visa, Anchorage Digital boasts a Series D valuation exceeding $3 billion. Since our inception in 2017 in San Francisco, California, we have expanded our presence to offices in New York, Porto, Singapore, and Sioux Falls. Discover more at anchorage.com or connect with us on X @Anchorage and LinkedIn.As an Engineering Lead for the Security Operations team, you will play a pivotal role in fostering the growth of a dynamic engineering organization. Your responsibilities will include recruiting top-tier engineers to fortify our team, mentoring and collaborating with team members to help them achieve their career aspirations, and implementing processes that ensure sustained high performance. Cultivating a vibrant organizational culture is central to your mission as you guide and support your colleagues, refine our strategic roadmap, and actively contribute to our recruiting efforts.In this role, you will also enhance our security roadmap, champion operational excellence in vulnerability management and incident response, develop strategic initiatives for security automation, and leverage your influence to foster sound decision-making throughout the organization.We are committed to continuous growth and impact, providing frameworks for team members to measure their contributions and cultivate their skills within and beyond the Engineering Lead, Security Operations role.

About SemgrepSemgrep is at the forefront of code security for developers, enabling innovative work without compromising safety. Our platform allows teams to identify, report, and rectify genuine issues before deployment, supported by an intelligent security system that evolves alongside development. Semgrep enhances code security as it is authored, providing essential guardrails that allow developers to operate swiftly while maintaining security. Built for creators and endorsed by security professionals, our solution integrates seamlessly into developers' workflows, delivering solutions that preserve productivity while granting security teams enhanced oversight, control, and assurance. As Semgrep evolves, our AI adapts to your context, minimizing false positives and prioritizing actionable vulnerabilities, a claim validated by 95% of security reviewers across over 6 million findings. We are committed to making zero false positives a reality, enabling AppSec teams to manage 80% fewer false alarms across Code and Supply Chain, significantly reducing backlog.Founded in San Francisco and supported by investors such as Menlo Ventures, Felicis Ventures, Lightspeed Venture Partners, Redpoint Ventures, and Sequoia Capital, Semgrep has been acknowledged by Gartner in Application Security Testing and is trusted by top-tier organizations like Snowflake, Dropbox, and Figma. Discover more at semgrep.dev.About the RoleAs the Security Research Manager for the Coverage Team, you will spearhead a group of Security Researchers dedicated to enhancing detection rules for Secrets, Code, and Supply Chain across all Semgrep products. Your responsibilities will include:Crafting high-quality detection rulesInnovating research and automation techniques to expedite and enhance rule creationEvaluating and elevating the overall quality and scope of detectionsIn this managerial role, you will report directly to the Head of Security Research. You will define the strategic roadmap, collaborate with Product Management to concentrate on the most impactful detection areas, and drive ongoing enhancements in both detection accuracy and coverage breadth. Achieving success in this position means leading a team that produces exceptional detections, scales rule generation through automation and AI, and expands the limits of contemporary vulnerability research.Your Responsibilities:Recruit, mentor, and nurture your team, fostering a productive, engaging, diverse, and inclusive workplace that aligns with Semgrep's core valuesCollaborate closely with product management, sales, and development teams across all product linesAnalyze, measure, and enhance the velocity and quality of Semgrep detections

Join Anthropic as a Research Engineer on our Cybersecurity Reinforcement Learning team, where you'll contribute to the development of AI systems designed for secure coding, vulnerability remediation, and other defensive cybersecurity initiatives. This role blends research with engineering, allowing you to innovate new methodologies while implementing them in code. You will design RL environments, conduct experiments, and collaborate with a diverse team of experts to enhance our AI capabilities while ensuring safety and reliability.

At Crusoe, we are dedicated to accelerating the abundance of energy and intelligence. Our innovative solutions are designed to empower a world where ambitious AI creations thrive, seamlessly merging scale, speed, and sustainability.Join us in the AI revolution by leveraging sustainable technology at Crusoe. Here, you will spearhead significant innovations, make a real difference, and collaborate with a team that is leading the charge in responsible and transformative cloud infrastructure.About This Role:We seek a dynamic Engineering Manager to guide our Managed Services and Production Engineering team. In this role, you will balance your efforts between enhancing reliability and managing a team of Site Reliability Engineers (SREs) focused on Crusoe's AI-managed and service offerings. You will take responsibility for the production health of services provided to enterprise clients, including Managed Kubernetes, Managed Inference, and AutoClusters, while collaborating closely with embedded engineering teams to elevate operational excellence, automation, and customer satisfaction.What You'll Be Working On:Leading and developing a team of SREs within Crusoe's Managed AI and Managed Services sectors, establishing technical direction and nurturing a culture of ownership and continuous enhancement.Contributing as an individual contributor—reviewing code, creating tools, and promoting automation to minimize manual work and increase the reliability and scalability of managed services.Taking charge of SLA/SLO performance, incident response, and on-call health for managed services; conducting blameless post-mortems and driving systemic remediation efforts.Collaborating with product and platform engineering teams to influence infrastructure design, observability strategies, and operational readiness for both new and existing managed services.Establishing and monitoring reliability, performance, and operational maturity metrics across the team; converting data into prioritized roadmap investments.Acting as a technical escalation point for high-severity production incidents impacting enterprise customers, and coordinating with Cloud Support and Customer Success teams to ensure effective resolution and communication.What You'll Bring to the Team:Over 5 years of experience in software or infrastructure engineering, with a minimum of 1–2 years in an engineering management or technical lead position.Proven track record in leading teams and driving technical initiatives.

Join our dynamic Application Security team at Anthropic, where your mission will be to integrate robust security practices throughout every stage of our software development lifecycle. In this pivotal hands-on role, you will work alongside our innovative software engineers and researchers, ensuring security remains a fundamental focus from design inception to deployment. You will lead initiatives in threat modeling and secure design reviews, proactively identifying and mitigating risks, and enhancing our continuous risk assessment processes. Your expertise will contribute to developing tools and systems that empower our developers to ship secure code while adhering to best practices. By shaping our security tools, detection capabilities, and defenses against emerging threats, you will play a crucial role in fostering a culture of security among our engineers, helping them become champions of secure coding. This is a high-impact role that requires a security-savvy professional who possesses a developer's mindset and can build collaborative relationships.

Join Lever as a Senior Engineering Manager, where you'll lead a dedicated team that plays a critical role in maintaining our platform APIs. Your expertise will guide the development of essential services, including user management, authentication, and payment gateways, while fostering a collaborative team environment.We are passionate about building the future of hiring software, which is trusted by industry leaders such as Netflix, Yelp, Cirque du Soleil, Shopify, and Spotify. As a part of our team, you will contribute to a culture that values innovation and growth, and be recognized in a company that has been honored as a top workplace in San Francisco and the broader United States.

Join Verse Medical as an Engineering Manager and lead a talented team of engineers in developing innovative healthcare solutions. In this pivotal role, you will drive engineering excellence, oversee project timelines, and collaborate with cross-functional teams to deliver high-quality products that enhance patient care.