Who we are

Bridge is Stripe’s fintech innovation hub focused on building a modern, stablecoin-powered cross-border payments network. We operate like a startup within Stripe: fast-paced, entrepreneurial, and product-obsessed, but with the backing of one of the most trusted names in fintech.

We’re hiring a Security Analyst / Program Manager to build and scale Bridge’s security foundation. This is a rare opportunity to design the security governance, risk and compliance programs from the ground up, while also leveraging the infrastructure, best practices, and tooling of one of the most mature security organizations in the industry.

What you'll do

• Design, and implement Bridge’s security governance, risk and compliance roadmaps from first principles to production.
• Identify and tackle Bridge’s most important security risks quickly and pragmatically.
• Adopt Stripe’s programs, controls and processes where it makes sense, and find custom approaches where it doesn’t.
• Lead risk assessment, control design and testing for all Security and Technology Oversight globally.
• Reinforce engineering best practices around secure development and infrastructure.
• Ensure Bridge meets compliance and audit expectations as we scale to more regulated markets.
• Collaborate cross-functionally with engineering, product, and Stripe’s security org to move fast without compromising safety.

About you

You might be a good fit if you:

• Have 8+ years of experience in Security GRC, ideally with time spent in fast-paced startup environments where you’ve built security practices from the ground up.
• Have a startup mindset: you’re scrappy, pragmatic, and move quickly to solve the most critical problems.
• You’re proficient with NIST CSF, OCC’s Cybersecurity Supervision Work Program and/or FFIEC IT Examination Handbook or other similar global frameworks. 
• Proven prior experience with regulatory audits from Global auditors across Security domains.
• Thrive in ambiguity and know how to ruthlessly prioritize.
• Can balance security rigor with speed, especially in fast-moving environments.
• Communicate clearly across technical and non-technical partners.
• Have experience building or scaling security programs, either at a startup or in an embedded role.
• Are excited about the potential of crypto and stablecoins to power global financial infrastructure (you don’t need deep prior knowledge—just curiosity and openness to learn).

Position Title: Assistant General Counsel (Dublin / London)

Entity: Kroll Bond Rating Agency Europe Limited or Kroll Bond Rating Agency UK Limited

Employment Type: Full-time

Location: Dublin, Ireland or London, England 

Summary/Overview

Kroll Bond Rating Agency Europe Limited/Kroll Bond Rating Agency UK Limited and its affiliates (“KBRA”) are seeking an Assistant General Counsel to join its Legal Department. You will be enthusiastic, highly motivated, have a strong work ethic, and be well-equipped to work closely with other members of the Legal Department on privacy, data protection, and contract-related matters. The position will be based out of our Dublin or London office.

About the Team

The Legal Department handles all of KBRA’s legal matters with the exception of ratings. The Legal Department works with analysts, compliance, finance, technology, and senior management across the company.

About the Job

As Assistant General Counsel, your responsibilities will primarily focus on privacy and data protection issues as well as contract drafting, reviewing, and negotiation. Specific responsibilities may include:

• Advising on international data privacy and cybersecurity laws/regulations (including GDPR, UK GDPR, ePrivacy Directive, CCPA/CPRA, etc.).
• Assisting in the enhancement, implementation, and ongoing maintenance of privacy, data protection, and cybersecurity policies and practices across KBRA.
• Conducting and advising on privacy impact assessments, legitimate interest assessments and assisting with vendor and third-party due diligence, and issues related to cross-border data transfers.
• Supporting records of processing activities.
• Assisting with incident/ breach response, coordinating with Technology, Information Security, Legal, and Compliance and other internal stakeholders.
• Drafting, reviewing, and negotiating contracts and clauses relevant to privacy, including data processing agreements.
• Drafting, reviewing, and negotiating vendor and service provider contracts, client engagement letters, subscription agreements, and technology/service agreements.
• Providing privacy‐related input into contract review workflows and advise internal teams on risk allocation and compliance.
• Monitoring and tracking developments in privacy, data protection and AI, including enforcement, guidance updates, and standards in Ireland, UK, EU, and other relevant jurisdictions.
• Reviewing and updating privacy notices and policies.
• Keeping up to date with technology trends, including AI, and technology in use at KBRA and how they interact with privacy laws.
• Liaising with external regulators, legal advisors, and auditors as needed.
• Delivering training and awareness programs on privacy and data protection for internal teams.
• Acting as a resource for internal teams with respect to privacy-related and other legal questions.
• Contributing to corporate governance on privacy matters, including preparing board or committee materials where required.
• You will collaborate closely with cross-functional teams (Compliance, Technology, Marketing, Business Development), as well as external counsel and regulators, as needed.

About You

You will be successful in this role if you have:

• A qualifying law degree (or equivalent) and are admitted to practise as a solicitor in Ireland or England & Wales with, or eligible to obtain, a current practising certificate. Exceptionally, highly experienced privacy professionals with significant legal advisory experience may also be considered.
• 4-8 years post-qualification experience, specifically with hands-on exposure to privacy/data protection law.
• Strong experience with drafting, negotiating, and reviewing contracts, especially with privacy-sensitive clauses (DPAs, vendor agreements, client contracts, etc.).
• Demonstrated knowledge of GDPR (EU & UK), cross-border data transfer mechanisms (e.g. Standard Contractual Clauses, Binding Corporate Rules, etc.), ePrivacy laws, vendor/third party risk, and cybersecurity basics.
• Excellent verbal and written communication skills. Ability to explain legal and technical privacy concepts to non-legal stakeholders.
• Strong research, analytical, organisational, and project management skills, with great attention to detail. Able to manage multiple matters/tracks simultaneously under tight deadlines.
• Experience working in regulated environments is an advantage (financial services, tech, data / analytics, etc.).
• IAPP certification (CIPP/E, CIPP/US, CIPM, or equivalent) is a plus.

Benefits

• A flexible hybrid work schedule – Tuesdays, Wednesdays, Thursdays in the office
• Competitive benefits and paid time off
• Paid family and disability leave
• Pension plan
• Educational and professional development financial assistance
• Employee referral bonus program

About Us

KBRA (Kroll Bond Rating Agency, LLC) is a full-service credit rating agency registered with the U.S. Securities and Exchange Commission as an NRSRO. Kroll Bond Rating Agency Europe Limited is registered as a CRA with the European Securities and Markets Authority. Kroll Bond Rating Agency UK Limited is registered as a CRA with the UK Financial Conduct Authority pursuant to the Temporary Registration Regime. In addition, KBRA is designated as a designated rating organization by the Ontario Securities Commission for issuers of asset-backed securities to file a short form prospectus or shelf prospectus. KBRA is also recognized by the National Association of Insurance Commissioners as a Credit Rating Provider. Kroll Bond Rating Agency Europe is located at 2nd Floor, One George's Quay Plaza, George's Quay, Dublin 2 D02 E440.  Kroll Bond Rating Agency UK is located at Augustine House, Austin Friars, London, EC2N 2HA, United Kingdom.

#LI-KS1

#HYBRID

The Information Security Risk Team at MongoDB is the operational engine of the internal and third-party risk programs. Situated within the Assurance, Risk, and Compliance (ARC) organization, the team is responsible for the "Reduction of Uncertainty" across the enterprise. We view this team as the "Operational Commander" of the risk function. The team oversees the entire lifecycle of risk identification, assessment, and treatment, ensuring that MongoDB’s leadership has a clear, quantified view of the top risks facing the organization. We are not just a compliance function; we are a "Risk Intelligence" unit that empowers the business to "Think Big" while keeping our eyes wide open to the risks we accept.

As the Senior Information Risk Analyst, you will serve as the subject matter expert and primary executor of our risk function. Reporting directly to the Risk Director, you will be responsible for conducting and owning the lifecycle of internal security assessments (annual + ad-hoc), applying risk methodology, producing risk memos and working with asset/risk owners across the business that powers MongoDB’s growth. This is a pivotal moment for our Risk function as we scale operations to meet the demands of a $100B+ database market while navigating an increasingly rigorous regulatory landscape (DORA, FedRAMP, NIS2).

This role can be based out of our Dublin office or remotely in Ireland. 

Responsibilities

Program Maturity

• Risk Assessment Methodology Implementation: Lead the strategic roadmap to integrate the risk matrix into the risk framework
• Regulatory Governance: Ensure the risk program complies with global regulations, specifically DORA (EU) regarding ICT registers and FedRAMP Rev 5 supply chain controls Maintain the Supply Chain Risk Management (SCRM) plan and oversee strict boundary protections for the "Atlas for Government" environment
• Policy & Procedure Ownership: Maintain the Information Risk Management Procedure (ISQMS), ensuring that risk identification, assessment, and treatment processes are documented, updated annually, and followed consistently across the organization

Operational Execution

• Experience conducting technical security risk assessments (infrastructure, cloud, application-level). Including experience in evaluating control effectiveness through technical evidence (configurations, logs, architecture diagrams)
• Workflow Orchestration: Own the end-to-end risk assessment process
• Inherent Risk Scoring: Validate the team’s application of the Risk Scoring formula.   Apply the risk scoring formula for baseline scores based on breach history (last 12 months) and weighted impact
• Ensure the risk acceptance process has the right level of information and the appropriate stakeholders
• Ticket Hygiene: Actively manage the Jira backlog to prevent "frozen tickets”

Monitoring and Reporting

• Conduct annual enterprise security risk assessments and ad-hoc assessments as triggered by material changes, incidents, or new initiatives
• Identify risk scenarios for the in-scope assets by working with the asset and risk owners
• Assess the inherent risk and residual risk based on established risk assessment methodology and control assessments
• Synthesize the analysis into high-quality, Risk Assessment Memos. These documents must tell a cohesive story, moving from the "Risk Statement" to the "Calculation Logic" to the final "Risk Rating"
• Manage the risk acceptance process in JIRA, review for appropriateness and accuracy
• Maintain the Risk Management Dashboard and report on accurate risk metrics

Requirements

• Professional Experience: 10+ years of experience in Information Security, Governance, Risk & Compliance (GRC)
• Hands-on experience conducting enterprise-level security risk assessments end-to-end, including scoping, threat modeling, control evaluation, and executive reporting
• Evaluate control effectiveness using technical evidence (configs, logs, architecture diagrams)
• Perform threat modeling using established methodologies (STRIDE, MITRE ATT&CK)
• Deep operational understanding of risk assessment methodologies (NIST SP 800-30) and standard control frameworks (NIST CSF, NIST SP 800-53, ISO 27001, SOC 2, SIG Core/Lite, CAIQ)
• Regulatory Knowledge: Comprehensive knowledge of DORA, NIS2, FedRAMP Rev 5 (specifically Supply Chain/SCRM), GDPR, and PCI-DSS requirements
• Ability to write executive-level risk reports that translate technical flaws into business risks
• A strong track record of collaborating effectively across teams and levels to influence change
• Education: Bachelor’s degree in a relevant field (Cybersecurity, Business, Information Systems)
• Certifications: CRISC, CCSP, CISSP, CISA, relevant cloud certifications

About MongoDB

MongoDB is built for change, empowering our customers and our people to innovate at the speed of the market. We have redefined the database for the AI era, enabling innovators to create, transform, and disrupt industries with software. MongoDB’s unified database platform, the most widely available, globally distributed database on the market, helps organizations modernize legacy workloads, embrace innovation, and unleash AI. Our cloud-native platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available across AWS, Google Cloud, and Microsoft Azure.

With offices worldwide and over 60,000 customers, including 75% of the Fortune 100 and AI-native startups, relying on MongoDB for their most important applications, we’re powering the next era of software.

Our compass at MongoDB is our Leadership Commitment, guiding how and why we make decisions, show up for each other, and win. It’s what makes us MongoDB. 

To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!

MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.

MongoDB is an equal opportunities employer.

Req ID: 1273387742

Description:

The Information Security Risk Analyst is the operational engine of the internal risk program. While the Senior IRM Analyst and Risk Director define the strategic roadmap, the Analyst ensures the daily execution of that strategy. They are responsible for the "production line" of risk assessment: taking raw signals from the business, processing them through the established methodology, and outputting actionable risk decisions (Remediation or Acceptance).

The ultimate objective of this role is Reduction of Uncertainty. By managing the program effectively, the IRM Analyst ensures that MongoDB’s leadership has a clear, quantified view of the top risks facing the enterprise. They transform the Risk Register from a static spreadsheet into a dynamic governance tool that drives accountability.

The IRM Analyst must not be afraid to be in the trenches with the Engineering and Product teams. They are the primary face of the "Risk Intake Process," guiding stakeholders through the methodology. They are the gatekeeper of quality, ensuring that no risk enters the register until it has been properly scoped and quantified.

Responsibilities:

Risk Identification & Assessment

• Execute risk assessments under senior guidance - perform scoping, inherent risk scoring, control assessment, and residual risk calculation using established methodology
• Conduct risk identification intake, manage the flow of requests from Jira Service Desk and the Issue Intake Tracker, review incoming submissions against entry criteria, assign Risk IDs, and replicate validated risks into the Risk Register
• Act as the Triage Officer for incoming risk submissions, determine whether submissions represent strategic risks, operational issues, or duplicates. Filter noise to focus the team on signals
• Develop risk scenarios for in-scope assets by working with asset owners and risk owners , identify threat communities, threat events, and impact categories
• Draft Risk Assessment Memos that tell a cohesive story from risk statement to risk rating to actionable recommendation. Progressively build toward independently authored memos that require minimal review notes
• Monitor and flag emerging risk signals , including AI-related risks (model integrity, data poisoning, shadow AI, third-party AI dependencies) , and escalate with documented analysis for integration into the risk framework

Control Identification, Mapping & Assessment

• Identify and document controls that mitigate assessed risks , map controls to specific risk scenarios and applicable framework requirements (NIST SP 800-53, ISO 27001, SOC 2)
• Assess the design adequacy of controls , evaluate whether each control is appropriately designed to address the risk it is mapped to, and document findings with supporting rationale
• Assess the operating effectiveness of controls , collect and evaluate evidence to determine whether controls are functioning as designed over the assessment period, and document results
• Document control gaps and support remediation tracking , maintain clear records of where controls are missing, partially effective, or require compensating controls. Track remediation progress
• Maintain control-to-framework mappings to ensure risk assessment outputs directly support audit and certification evidence packages (FedRAMP, SOC 2, ISO 27001, PCI-DSS)

Risk Categorization & Governance

• Apply the established risk taxonomy and categorization methodology consistently across all assessed risks
• Process risk acceptance requests in Jira , validate completeness, ensure documented context and stakeholder sign-off, confirm time-bound conditions, and flag concerns to the Senior lead
• Maintain the Risk Register, risk inventory, and supporting trackers with obsessive attention to data integrity, no missing dates, undefined owners, or stale entries. A Risk Register with governance gaps is a program failure

Reporting & Stakeholder Engagement

• Contribute to KRI data collection and dashboard inputs , support accurate, timely reporting that feeds executive risk dashboards and governance forum materials
• Engage directly with technical stakeholders (engineering, product, infrastructure teams) during risk assessments , ask informed questions, gather evidence, and document findings
• Progressively build the technical fluency to lead stakeholder conversations independently , develop working proficiency in cloud-native architectures, SaaS security models, and common technical controls (IAM, encryption, network segmentation, logging/monitoring)
• Translate technical findings into clear, business-relevant risk language in all written work products

Policy, Process & Governance Hygiene

• Support drafting and maintaining risk procedures, guidelines, and assessment templates across the IRM program scope
• Execute governance hygiene , data quality, tracker maintenance, workflow adherence, evidence organization, and documentation standards
• Manage the risk assessment pipeline in Jira, create and maintain workflows, dashboards, and use JQL to track the assessment ticket lifecycle

Requirements:

Experience & Education:

• 3–5 years of experience in Information Security, Governance, Risk, and Compliance (GRC), or Enterprise Risk Management
• Experience performing risk assessments — including risk identification, inherent/residual risk scoring, and documentation of findings
• Experience identifying, documenting, and evaluating controls — including assessment of design adequacy and operating effectiveness
• Strong working knowledge of NIST CSF, NIST SP 800-30/39/53, and ISO/IEC 27005 — ability to use these frameworks as a library of controls and risk guidance
• Advanced proficiency in Excel/Google Sheets (pivot tables, VLOOKUP, complex formulas) for risk data analysis and reporting
• Jira proficiency — managing projects, creating workflows and dashboards, and using JQL
• Ability to write clear, concise, and defensible Risk Assessment Memos
• Obsessive attention to detail regarding data integrity and documentation quality
• Foundational understanding of cloud-native architectures and common technical controls (IAM, encryption, logging/monitoring, network segmentation) — with a commitment to building deeper technical fluency
• Awareness of AI risk concepts and willingness to develop expertise in emerging AI risk and regulatory landscape
• A strong track record of collaborating effectively across teams and levels
• Bachelor's degree in Cybersecurity, Information Systems, Business Administration, or a related field
• Certifications: At least, one of the following certifications is required - CRISC, CISM, CISSP, or CISA

About MongoDB

MongoDB is built for change, empowering our customers and our people to innovate at the speed of the market. We have redefined the database for the AI era, enabling innovators to create, transform, and disrupt industries with software. MongoDB’s unified database platform, the most widely available, globally distributed database on the market, helps organizations modernize legacy workloads, embrace innovation, and unleash AI. Our cloud-native platform, MongoDB Atlas, is the only globally distributed, multi-cloud database and is available across AWS, Google Cloud, and Microsoft Azure.

With offices worldwide and over 60,000 customers, including 75% of the Fortune 100 and AI-native startups, relying on MongoDB for their most important applications, we’re powering the next era of software.

Our compass at MongoDB is our Leadership Commitment, guiding how and why we make decisions, show up for each other, and win. It’s what makes us MongoDB. 

To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!

MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.

MongoDB is an equal opportunities employer.

Req ID: 1273425625

About the Opportunity

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Senior Security Analyst with experience performing analysis and incident management of information security events, as well as experience contributing directly to the growth of and design of a security program. As a Senior Security Analyst, you will have daily alert investigation and incident response responsibilities, but you will be empowered to proactively drive change to shape and support the growth of our Security program.

Candidates should have experience triaging new and unfamiliar alerts, leading technical workstreams in incidents, or leading all aspects of medium scale incidents. They should have experience creating and maintaining high quality threat detection and demonstrate knowledge and understanding of common Information Security principles and frameworks, coupled with excellent communications skills and a continuous desire to learn and grow.

You will be expected to work independently, work as a part of a global dispersed team, and partner with stakeholders throughout the organization to ensure comprehensive risk mitigation while reducing impact to end users throughout the organization.

What to expect? 

• Perform daily alert investigation and response in a hybrid environment.
• Conduct detail-oriented analysis across challenging and complex ecosystems.
• Communicate investigation and threat updates to technical and non technical senior leaders.
• Work collaboratively across internal functions to identify, respond, and remediate security issues.
• Investigate and lead incidents of medium size and complexity.
• Investigate vulnerability exploitation and support remediation inline with vulnerability programs.
• Collaborate with the team and actively assist in major response exercises.
• Drive continuous improvement across all aspects of threat detection and response.
• Create processes, documentation, and runbooks to support a rapidly growing team.
• Identify systemic issues and collaborate on approaches to address root causes.
• Collaborate on threat models by incorporating detection use cases into designs.
• Identify and lead efforts to improve efficiency, response, detection, and preventative measures.
• Design and build detection logic across multiple platforms (e.g., SIEM, EDR, etc.)
• Play an active role in scaling Operation practices by contributing to team roadmaps.
• Provide delightful and informative interactions with all end users.
• Proactively identify opportunities for user training and awareness programs.
• Provide insights and input on tool selection to help grow our cybersecurity portfolio.

What you need to be successful

• 5+ years of Security Operations experience, including alert triage and investigation
• 2+ detection and tuning experience, inclusive of Security Operations experience
• 2+ years of Security Incident Response experience
• Ability to support on call and occasional off-hours incident response efforts
• Proficiency in analysis fundamentals (e.g., log analysis, live response, forensics, etc.)
• Mastery of investigation methods and adept at handling new and unfamiliar cases.
• Firm understanding of attacker Tactics, Techniques, and Procedures
• Proficiency in attacker techniques in cloud-native and traditional environments.
• Strong technology fundamentals (e.g., OSI Model, TCP/IP, Layer 7 protocols , etc.)
• Ability to perform detailed host analysis on Mac, Windows, & Linux systems.
• Hands-on experience using security technologies (e.g., SIEM, EDR, AntiVirus, etc.)
• Hands-on experience with malware analysis using dynamic and static analysis tools.
• Expertise in AWS audit and security services to investigate cloud centric threats
• Proficiency investigating incidents across SaaS platforms and identity systems
• Experience performing investigations in cloud service providers (e.g., AWS, GCP, Azure, etc.)
• Practical experience with cross-platform and hybrid environment investigations
• Ability to interpret designs and enumerate actionable detection use cases
• Familiarity with modern engineering and detection engineering practices
• Practical mindset to balance business needs with security requirements.
• A drive for change through continuous improvement
• Capable of working independently but possesses a collaborative mindset
• Comfortable working with a geographically dispersed team.
• Experience working independently and as part of a team
• Ability to work in a fast-paced environment, often juggling multiple tasks, alerts, and incidents
• Passion for solving complex security problems in innovative and scalable ways

What’s in it for you?

• Join an ambitious tech company reshaping the way people build digital experiences
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
• We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, sick days,  education days, compassion days for loss, and volunteer days
• Time off to care for and focus on your growing family 
• Use your personal annual education budget to improve your skills and grow in your career
• Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties 
• An annual wellbeing stipend to care for your physical, financial, or emotional health
• A monthly communication phone/internet stipend and phone hardware upgrade reimbursement.
• New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

Your Role:

The Security Consultant plays a key role in implementing and enabling Tenable’s Exposure Management solutions to help organizations effectively manage and reduce cyber risks. This role onboards Tenable technologies, following industry standards and best practices, to deliver customized solutions that address vulnerabilities across a client’s attack surface. This role's primary focus will be on client billable work, where you will ensure the efficient identification and mitigation of vulnerabilities. Additionally, the role will have the chance to broaden your knowledge across the Tenable portfolio through hands-on experience and learning opportunities facilitated by the Professional Services Organization.

Organisation Structure:

• Reports to: Professional Services Delivery Manager/ Director.
• Direct reports: None.

Your Opportunity:

Client Engagement & Relationship Management:

• Develop a deep understanding of the client’s business and unique security needs to deliver tailored engagements that exceed expectations.
• Build and maintain positive relationships with clients, ensuring ongoing satisfaction and partnership.
• Provide clients with continual insights and consultative advice based on experience with Tenable products, their industry, established standards, and best practices.

Subject Matter Expertise and Solution Implementation & Enablement:

• Support clients with the installation, configuration, and operation of Tenable solutions, ensuring they are effectively implemented to meet business and security goals.
• Oversee upgrades and migrations to new hardware or software, facilitating smooth transitions with minimal disruption.
• Offer expert guidance on implementing best practices with Tenable solutions to optimize security workflows and operational efficiency.
• Assist clients in developing and maintaining security policies, standards, and procedures, ensuring they align with industry standards and regulatory requirements.
• Provide ongoing value through insights and consultative advice on Tenable products, tailored to client needs and industry best practices.
• Share thought leadership on effective deployment and utilization of Tenable One solutions.
• Guide clients in implementing best practices and developing Exposure Management Programs.
• Assess user needs and customer requirements to advance the maturity of their Exposure Management program.

Value Delivery and Best Practices:

• Deliver additional value through continual insights and consultative advice based on Tenable products, client needs, industry standards, and best practices.
• Provide thought leadership on methods and best practices for deploying and using Tenable One solutions.
• Advise clients on process best practices and assist in developing Exposure Management Programs.
• Research user needs and assess customer requirements to enhance the maturity of their Exposure Management program.

Customer Engagement and Satisfaction:

• Ensure overall customer satisfaction while supporting delivery revenue objectives.
• Execute large customer engagements, understanding client business and unique needs to exceed expectations.
• Independently manage client escalations on assigned projects, coordinating with the delivery team and other Tenable departments as needed.
• Develop and maintain positive client relationships and train client staff on the implementation, configuration, and best practices of the Tenable suite.

Additional Responsibilities:

• Perform other duties as assigned to support the success of the Professional Services team and the overall organization.

What You'll Need:

• 5+ years of experience in the Information Technology/Cyber Security field and professional services experience.
• Bachelor’s degree in a related technical field such as Information Technology, Computer Science, or equivalent work experience.
• Strong written and verbal communication skills. Must be comfortable leading 3+ hour calls and keeping up the progression of tasks on the call while assuring that all relevant topics are addressed.
• Strong analytical skills and troubleshooting skills, with the ability to diagnose and resolve complex security issues.
• Proficiency in assessing and identifying threats and risks related to Exposure Management, including vulnerabilities and weaknesses in host or network configurations.
• Recent experience performing vulnerability scans, configuration audits, and security monitoring with core Tenable products, or other industry solutions.
• Familiarity with Metasploit and related tools commonly used to exploit vulnerabilities.
• Familiarity with application security testing, OWASP and common exploitable web application threats in Exposure Management.
• Knowledge of auditing and configuration frameworks such as ISO 17799, CIS, PCI, GLBA, and HIPAA is preferred.
• Proven experience managing client expectations, building relationships and delivering consultative advice to ensure successful outcomes.
• Understanding of IT security principles associated with networks, operating systems, firewalls, databases,  cloud infrastructure, identity and access management with experience in one or more of the fields.
• Familiar with developing integrations via REST API using known coding languages such as Python.
• Knowledge and understanding of SCADA and OT systems is a plus.
• Industry-recognised technical certifications are preferred.

#LI-AV1

#LI-Hybrid

POS-7094

Job Overview: We are seeking a Security Engineer with expertise in implementing and troubleshooting security tools to enhance and support our security infrastructure. This role focuses on evaluating, deploying, and maintaining a suite of security technologies that protect our organization’s assets. The ideal candidate will have extensive experience in security engineering, hands-on tool deployment, and troubleshooting complex issues within various security solutions.

Key Responsibilities:

• Security Tool Implementation: Lead the planning, deployment, and configuration of security tools, ensuring they meet organizational needs and integrate seamlessly with existing systems. Experience with SASE tools such as (Netskope/Zscaler), EDR tools such as (Crowdstrike/SentinelOne), Endpoint Privilege Management, Application Allowlisting, Email Security, SIEM Management and Detection Engineering 
• Troubleshooting and Support: Diagnose and resolve issues with security tools in real-time to maintain their effectiveness, reduce downtime, and ensure optimal performance.
• Tool Evaluation and Testing: Research, test, and recommend new security technologies based on the latest threat landscape and organizational needs. Lead proof-of-concept (POC) projects to assess potential new tools.
• System Integration: Work closely with IT and other teams to ensure security tools are effectively integrated with various systems, including cloud and on-premises environments.
• Automation and Optimization: Develop scripts and automation processes to improve the efficiency and reliability of security tools, minimizing repetitive tasks and reducing time-to-response.
• Documentation and Knowledge Sharing: Create and maintain detailed documentation of security tool configurations, troubleshooting procedures, and best practices to ensure consistent processes and knowledge transfer.
• Collaboration: Collaborate with other security teams, such as incident response and vulnerability management, to identify tool requirements, share insights, and improve overall security capabilities.
• Training and Mentorship: Act as a subject matter expert on security tools, providing training and guidance to junior team members and stakeholders.

Qualifications:

• Experience: 3+ years of experience in cybersecurity, with a focus on security engineering, tool deployment, and troubleshooting.
• Education: Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
• Certifications: Relevant certifications, such as CISSP, GIAC, CEH, or vendor-specific certifications for security tools (e.g., CrowdStrike, Netskope, Tenable, or similar).
• Technical Skills:
• Strong hands-on experience with a variety of security tools, such as endpoint protection, SIEM, vulnerability management, EDR, DLP, and network security tools.
• Deep troubleshooting skills across both hardware and software security solutions.
• Familiarity with scripting languages (Python, PowerShell, Bash) for automation of tasks related to tool deployment and management.
• Understanding of network protocols, cloud environments, and security frameworks (MITRE ATT&CK, NIST, CIS).
• Experience with configuring and managing tools in cloud environments (AWS, Azure, or GCP).
• Soft Skills:
• Strong analytical and problem-solving abilities with attention to detail.
• Excellent communication skills to collaborate across teams and convey technical information effectively.
• Ability to work independently and manage multiple projects in a fast-paced environment.

Your Role:

Join our Technical Support Team at Tenable where you’ll play a pivotal role in bridging the gap between our products and customers. Solve real-world technical challenges by offering exceptional support for cutting-edge vulnerability assessment and compliance auditing software. Your expertise will shine in complex, multi-layered customer environments. Our suite of products, detailed at https://www.tenable.com/products, offers a diverse range of opportunities. From assisting customers with their first Nessus scanner to guiding them through intricate log correlation and real-time vulnerability analysis, you'll contribute to mitigating cyber risks and closing the Cyber Exposure gap. Join us in delivering top-notch support that makes a difference!

Your Opportunity:

What You'll Need:

• Bachelor’s degree in IT or Computer Science (or equivalent experience).
• 2+ years professional experience with networking (TCP/IP), OS administration(Linux/Windows/MacOS), patch deployment, and system configuration.
• Experience providing technical support to enterprise clients, troubleshooting complex issues in production or customer environments; network security experience a plus.
• Familiarity with Artificial Intelligence (AI) as Tenable continues to build an AI-augmented support model to accelerate case resolutions and to provide an exceptional customer/TSE experience.
• Knowledge of computer, network, and application security; familiarity with Nessus or similar tools is a bonus.
• Strong analytical and problem-solving skills, with the ability to learn quickly.
• Excellent written and verbal communication; customer-focused mindset.
• Ability to manage multiple priorities in a fast-paced environment to help meet business and client needs.
• Monthly availability to work weekends (8am-4:30pm) and Holidays is also required.

And Ideally:

• Using Nessus and/or other vulnerability management or cybersecurity tools, either professionally or in an academic setting.
• Experience with ticketing systems (JIRA, Salesforce, Zendesk etc).
• Log analysis using a SEIM product (Splunk, ElasticSearch, etc).
• Database technologies and SQL knowledge (Oracle, MySQL, MSSQL, etc).
• Cloud/Virtualization technologies (AWS, Azure, Docker, Kubernetes, etc).
• Fundamental understanding of programming languages.
• Experience with or understanding of Certificates and CA’s.
• Basic understanding of reviewing PCAPs with tools such as Wireshark.
• Bilingual candidates are desirable but not required (Arabic/French/German/Spanish/Italian).

#LI-JG1

#LI-Office

Your Role:

Tenable's cloud-based exposure management platform helps organizations see, understand, and reduce cyber risk across their entire attack surface. Our SRE teams keep that platform reliable, scalable, and secure — and we're building the next generation of tooling to do it smarter.
 

This role sits within our SRE Infrastructure Management organization on a focused team dedicated to reducing operational toil through AI-powered automation. You'll build intelligent systems that replace manual workflows — from incident diagnostics to infrastructure provisioning to upgrade automation — using LLMs, agentic architectures, and deep SRE domain knowledge.
 

This isn't an operations role with some AI on the side. You'll spend most of your time writing production code: designing and building agentic workflows, integrating across observability and infrastructure platforms, and measuring the impact of what you ship against real toil data.

Your Opportunity:

• Design and build AI-powered agentic workflows that automate complex SRE operations — incident investigation, infrastructure provisioning, deployment reliability, and more.
• Improve the accuracy, reliability, and observability of agent pipelines through evaluation frameworks, prompt engineering, retrieval strategies, and structured output validation.
• Build developer tools and internal platforms — CLI tools, IDE plugins, and workflow automation — that engineers across the organization use daily.
• Build tooling that connects across the SRE tech stack — Kubernetes, Terraform, Helm, CI/CD pipelines, observability platforms, and cloud infrastructure APIs.
• Work on a focused team where everyone writes code, owns what they ship, and drives prioritization from measured toil data.
• Participate in SRE on-call rotation — we use on-call as a direct input into what we build, not just a firefighting duty.
• Collaborate with SRE teams across the organization to identify automation opportunities and deliver tooling that gives engineers hours back.

What Success Looks Like:

• Within your first few months, you've shipped an agentic workflow that automates a real SRE toil category — and engineers are using it.
• Within 6 months, you're independently designing and building AI-powered pipelines, contributing to the team's evaluation and accuracy practices, and your work is driving measurable toil reduction.
• Within a year, you've become a go-to contributor on the team — shaping the roadmap, mentoring others on AI + SRE patterns, and building systems that scale the team's impact across engineering.

What You'll Need:

And Ideally:

You came to Tenable for a career, not just a job. We want you to succeed in the role you have today, but also know there are opportunities for you to grow and develop professionally.

Your Role:

Tenable is looking for a Senior Software Engineer to join our Data Integrations team. Our team is focused on designing, developing, and maintaining state-of-the art solutions for data ingestion, data modelling and data serving within the Tenable One platform. As a Senior Software Engineer on the Data Integration team, you will have the opportunity to be part of implementing and maintaining a globally distributed and highly scalable cloud-native data platform using modern technologies and programming languages.

Your Opportunity:

• Work cross-functionally with other developers, product owners and various Tenable teams to design, develop and maintain cloud services for Data Platform services.
• Promote clear and simple software design while actively driving the team toward better practices and solutions.
• Support a true DevOps / CICD software delivery model.
• Promote high quality aimed at areas such as security, reliability, testability and
• maintainability.
• Drive innovation by contributing new ideas for our processes, tools, and technologies.
• Coach and mentor mid-level and junior staff.

What You'll Need:

• B.S. degree in Computer Science or a directly related field, or equivalent work experience.
• 5+ years of software development experience in enterprise-level, backend systems.
• Experience developing in languages such as: Java or Kotlin.
• Experience working and supporting cloud-native workloads specifically with Kubernetes, docker and container registries.
• Experience with infrastructure as code e.g. Terraform, CloudFormation.
• Strong experience with AWS services, including S3, DynamoDB, EC2, and Aurora,
• preferably via IAC, SDK and/or API.
• Experience with CI/CD pipelines and tools like Jenkins.
• Proficiency with Git for source code version control.
• Experience designing features end to end, including rollout and monitoring.
• Accountability for the behavior of your software in production.
• Experience in working in an Agile team, and an enthusiasm for working collaboratively within and across product teams.
• The ability to work independently and as a part of a team, and to lead/drive projects as necessary.
• Experience coaching and leading mid-level and junior staff in the design, implementation, and execution of highly technical development projects.
• The desire to continuously learn and be exposed to new technologies.

• Experience with data transfer and streaming technologies such as Kafka, Flink, NiFi, Kinesis, etc.
• Experience with cloud data platforms such as Snowflake, Databricks, Clickhouse, etc.
• Experience with data file formats like Parquet and Avro. Experience with Iceberg would be a plus.
• Understanding of SQL scripting and procedures with relational databases.
• History of open-source contributions.

#LI-AV1

#LI-Hybrid

If you are interested in a position in Engineering but don't see what you are looking for, please send us your resume.  We will keep it on file and reach out when we find a match.

Tenable's Engineering Department is the company's heartbeat. Our scrum teams work in locations around the globe, building architectures and developing code for our innovative products, fulfilling SRE and DevOps roles, providing testing and QA services -- insuring that Tenable brings it's best to the market every day!

Positions in Engineering generally require a background in Computer Science, Software Engineering (or similar) and some experience working in an agile, team focused organization.

In the United States, we typically hire in one of our hub locations - Columbia, MD; Boston, MA; and the San Francisco, CA Bay Area. Globally, Engineers are hired in Dublin, Ireland; Tel Aviv, Israel; and Paris, France. Some positions require a hybrid work schedule (2 days a week in the office) and others are fully remote. Required location(s) are posted for each individual opening.

#LI-DNI

Senior Enterprise Account Executive 

Black Duck helps organizations build secure, high‑quality software by minimizing risk and maximizing development speed. As a pioneer in application security, Black Duck delivers industry‑leading SAST, SCA, and DAST solutions that help teams identify and remediate vulnerabilities across proprietary code, open‑source components, and application behavior. With powerful tools, services, and deep expertise, Black Duck enables organizations to secure the modern software supply chain and strengthen DevSecOps practices. 

Role Summary 

The Senior Enterprise Account Executive (Hunter) is responsible for acquiring new enterprise customers, penetrating greenfield accounts, and driving net‑new revenue for Black Duck’s Application Security platform, with a primary focus on Software Composition Analysis (SCA) and open‑source risk management. 

This role is built for a high‑energy, high‑impact seller who excels at prospecting, competitive displacement, and closing complex enterprise deals. You will engage senior engineering, security, and DevOps leaders to position Black Duck as the strategic solution for modern software supply chain security. 

Core Responsibilities 

New Logo Acquisition & Revenue Growth:

• Own the full new‑business sales cycle—from prospecting and qualification to technical evaluation, negotiation, and close. 
• Build and execute territory plans targeting high‑value enterprise prospects across industries. 
• Identify and develop greenfield opportunities through outbound prospecting, partner collaboration, and market intelligence. 
• Drive competitive takeouts and position Black Duck as the preferred SCA and AppSec platform. 
• Consistently achieve new‑logo ARR targets and pipeline creation goals. 

Executive Engagement & Value Selling:

• Build multi‑threaded relationships with CISOs, CTOs, AppSec leaders, DevOps executives, and procurement stakeholders. 
• Lead executive‑level conversations around open‑source governance, SBOM strategy, and secure SDLC modernization. 
• Deliver compelling business cases that quantify risk reduction, compliance alignment, and developer productivity gains. 

Sales Execution & Deal Leadership:

• Run disciplined, high‑velocity sales cycles with strong qualification, forecasting accuracy, and CRM hygiene. 
• Partner with Sales Engineering to guide prospects through technical validation, PoCs, and integration discussions. 
• Navigate complex procurement processes, legal reviews, and multi‑stakeholder decision cycles. 
• Collaborate with Marketing and SDR teams to accelerate pipeline generation and campaign execution. 

Market Expansion & Thought Leadership:

• Represent Black Duck at industry events, conferences, and customer briefings. 
• Provide market feedback to Product and Marketing to influence roadmap and positioning. 
• Stay current on AppSec trends, regulatory pressures, and emerging software supply chain risks. 

Qualifications 

Required

• 7–10+ years of enterprise new‑business sales experience in cybersecurity, DevSecOps, developer tooling, or related technical domains. 
• Proven track record of hunting and closing large, complex enterprise deals with multi‑million‑dollar ARR impact. 
• Strong understanding of Application Security, SCA, SBOM, and modern software supply chain challenges. 
• Ability to engage both technical and executive audiences with credibility and confidence. 
• Exceptional prospecting, negotiation, and strategic selling skills. 

Preferred 

• Experience selling SCA or AppSec platforms (e.g., Black Duck‑style solutions, Snyk, Veracode, Checkmarx, GitHub Advanced Security). 
• Familiarity with CI/CD ecosystems (GitHub, GitLab, Jenkins, Azure DevOps, Bitbucket). 
• Background selling into Fortune 500 or global enterprise organizations. 

Success Indicators 

• Consistent attainment of new‑logo ARR and pipeline generation targets. 
• Strong competitive win rates and successful displacement of incumbent solutions. 
• Rapid expansion of Black Duck’s footprint within target industries and territories. 
• High‑quality forecasting and disciplined sales execution. 

Are you a proactive, results-oriented individual looking to accelerate your career in Software Sales? If you thrive in a consultative sales culture with ample advancement opportunities and executive support, Kaseya Is the place to be. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers, and the betterment of their careers and long-term financial wealth. 

As a Senior Account Manager at Kaseya, you will: 

• Be responsible for proactively engaging with clients to understand their evolving needs and business objectives. This includes learning about their business, initiating regular communications to anticipate challenges, and providing pre-emptive solutions to enhance customer experience. 
• Partner closely with customers to identify cross-sell and upsell opportunities, leveraging additional features or services to drive revenue growth. 
• You will also identify expansion opportunities within existing accounts and work with customers to align strategies for mutual success. 
• Monitor usage metrics and address any potential adoption hurdles proactively, adhering to sales checklists, processes, and timelines to effectively execute cross-sell, upsell, and expansion strategies.  
• Be driven by communication, relationships and sales. You understand that the quality of your customer relationship has a direct correlation to the achievement of your sales goals.  

To excel in this role, you will develop an understanding of our products and their integrations, allowing you to propose their value to customers effectively. You will proactively educate customers on new features, updates, and best practices, providing personalized sessions to ensure they optimize the full potential of IT Complete. Collaboration with specialists and other teams will be essential to engage customers in product value and drive sales. 

Furthermore, you will collaborate cross-functionally to support teams to address customer needs, acting as the voice of the customer to influence continuous improvements. You will participate in proactive meetings to align strategies and enhance customer experiences, supporting the onboarding process for new clients and driving proactive product adoption through tailored strategies and action plans. 

This role offers a stimulating environment where you can continuously learn and grow, with opportunities for education and training to enhance your sales skills and product expertise. 

Requirements: 

•  3+ years’ experience in sales (preferably in the UK/I market)
• Driven, passionate about sales, and eager to earn significant sales commissions 
• Exceptional inside sales experience in a metrics driven, fast-paced sales environment 
• Has a proven track record of crushing sales goals 
• A motivated, coachable and competitive go-getter, a resilient achiever driven to win and excel 
• An energetic team player with exceptional organizational, interpersonal, and communication skills 
• Create weekly, monthly and rolling 6 weeks’ sales forecasts.   
• Exposure to CRM applications (Salesforce) to successfully manage leads, opportunities and accounts 

If you are a resilient achiever, driven to win and excel, and meet the above qualifications, Kaseya would like to speak with you about joining our team to empower our customers' efficiency, profitability, and success through our award-winning IT Complete™ platform of products and solutions, driving our hyper-growth trajectory. 

IND2

What's the opportunity? 

Intercom’s Legal team is seeking a dedicated Senior Privacy Counsel to lead the company on global legal matters involving privacy, data protection and cybersecurity, as well as to help support other compliance initiatives including AI governance and product development.  You will advise and partner with our engineering, product, security, sales, marketing, H.R. and other teams throughout the organization to manage legal risk and compliance with global privacy laws and regulations.  You will develop and effectuate strategies and initiatives that focus on building a scalable privacy and data protection program, as well as educate and train key stakeholders on prioritizing data protection as a core value for Intercom. The position may be based in: San Francisco, California, London, England or Dublin, Ireland.

What will I be doing? 

• Serve as a subject matter expert and resource on privacy, data protection and security with a multi-jurisdicitional lens
• Work with teams across offices on various privacy, data protection and security compliance initiatives 
• Partner very closely with your colleagues on Intercom’s legal team on a number of cross functional projects with privacy, data protection and regulatory implications
• Draft external privacy notices and disclosures, and manage/update internal policies and procedures to ensure compliance with global privacy and data protection laws 
• Provide guidance and interpretation on legal requirements to the engineering and product teams with respect to existing and new product features and functionality for privacy-by-design initiatives 
• Provide guidance to the H.R. team on employee privacy and data protection concerns and processes
• Respond to customer and employee questions about their individual data rights and Intercom’s processing activities
• Draft data protection impact assessments, partnering with product counsel and security, where needed
• Keep up to date on privacy and data protection law developments and provide analysis and guidance for implementation into business processes
• Counsel and advise commercial teams and business partners on data protection related provisions in contracts, including partnering with commercial counsel on drafting and maintaining data processing agreement templates and playbooks
• Partner with the Security team on company policies, risk assessments, projects and breach incidents
• Support projects in other key compliance areas involving our Code of Conduct and other policies

What skills do I need? 

• 10+ years relevant experience as an attorney or counsel with law firm and in-house legal departments, advising a multinational technology company on global data privacy regulation and laws
• Deep experience with global privacy regulations, which include GDPR, the ePrivacy Directive and CCPA-CPRA.  Working understanding of Australian Privacy Act, HIPAA, PIPEDA, LGPD and desire to learn other jurisdictions’ laws and upcoming regulations, as needed, to support the business 
• Foundational knowledge of key security programs such as SOC2, ISO and HIPAA. 
• CIPP/E or CIPP/US certification
• Comfort in influencing and educating an organization on the importance of privacy and implementation of privacy initiatives, and capable of building relationships and gaining respect of senior leaders in the organization 
• An ability to multi-task and handle a variety of projects and tasks simultaneously 
• Attention to detail, a sense of passion to support Intercom’s privacy initiatives and the ability and confidence to assess and balance risk in a fast-paced environment
• California state bar licensed attorney or ability to be registered as in-house counsel if licensed in another jurisdiction; or qualified in Ireland and/or the UK

Benefits 

Dublin/London

We are a well treated bunch, with awesome benefits! If there’s something important to you that’s not on this list, talk to us! 

• Competitive salary and equity in a fast-growing start-up
• We serve lunch every weekday, plus a variety of snack foods and a fully stocked kitchen
• Regular compensation reviews - we reward great work!
• Pension scheme & match up to 4%
• Peace of mind with life assurance, as well as comprehensive health and dental insurance for you and your dependents
• Flexible paid time off policy
• Paid maternity leave, as well as 6 weeks paternity leave for fathers, to let you spend valuable time with your loved ones
• If you’re cycling, we’ve got you covered on the Cycle-to-Work Scheme. With secure bike storage too 
• MacBooks are our standard, but we also offer Windows for certain roles when needed.

#LI-Hybrid

What's the opportunity? 

Intercom’s Legal team is seeking a dedicated Senior Privacy Counsel to lead the company on global legal matters involving privacy, data protection and cybersecurity, as well as to help support other compliance initiatives including AI governance and product development.  You will advise and partner with our engineering, product, security, sales, marketing, H.R. and other teams throughout the organization to manage legal risk and compliance with global privacy laws and regulations.  You will develop and effectuate strategies and initiatives that focus on building a scalable privacy and data protection program, as well as educate and train key stakeholders on prioritizing data protection as a core value for Intercom.  The position may be based in: San Francisco, California, London, England or Dublin, Ireland.

What will I be doing? 

• Serve as a subject matter expert and resource on privacy, data protection and security with a multi-jurisdicitional lens
• Work with teams across offices on various privacy, data protection and security compliance initiatives 
• Partner very closely with your colleagues on Intercom’s legal team on a number of cross functional projects with privacy, data protection and regulatory implications
• Draft external privacy notices and disclosures, and manage/update internal policies and procedures to ensure compliance with global privacy and data protection laws 
• Provide guidance and interpretation on legal requirements to the engineering and product teams with respect to existing and new product features and functionality for privacy-by-design initiatives 
• Provide guidance to the H.R. team on employee privacy and data protection concerns and processes
• Respond to customer and employee questions about their individual data rights and Intercom’s processing activities
• Draft data protection impact assessments, partnering with product counsel and security, where needed
• Keep up to date on privacy and data protection law developments and provide analysis and guidance for implementation into business processes
• Counsel and advise commercial teams and business partners on data protection related provisions in contracts, including partnering with commercial counsel on drafting and maintaining data processing agreement templates and playbooks
• Partner with the Security team on company policies, risk assessments, projects and breach incidents
• Support projects in other key compliance areas involving our Code of Conduct and other policies

What skills do I need? 

• 10+ years relevant experience as an attorney or counsel with law firm and in-house legal departments, advising a multinational technology company on global data privacy regulation and laws
• Deep experience with global privacy regulations, which include GDPR, the ePrivacy Directive and CCPA-CPRA.  Working understanding of Australian Privacy Act, HIPAA, PIPEDA, LGPD and desire to learn other jurisdictions’ laws and upcoming regulations, as needed, to support the business 
• Foundational knowledge of key security programs such as SOC2, ISO and HIPAA. 
• CIPP/E or CIPP/US certification
• Comfort in influencing and educating an organization on the importance of privacy and implementation of privacy initiatives, and capable of building relationships and gaining respect of senior leaders in the organization 
• An ability to multi-task and handle a variety of projects and tasks simultaneously 
• Attention to detail, a sense of passion to support Intercom’s privacy initiatives and the ability and confidence to assess and balance risk in a fast-paced environment
• California state bar licensed attorney or ability to be registered as in-house counsel if licensed in another jurisdiction; or qualified in Ireland and/or the UK

Benefits 

We are a well-treated bunch with awesome benefits! If there’s something important to you that’s not on this list, talk to us! 

• Competitive salary and meaningful equity
• Comprehensive medical, dental, and vision coverage
• Regular compensation reviews - great work is rewarded!
• Flexible paid time off policy
• Paid Parental Leave Program
• 401k plan & match
• In-office bicycle storage
• Fun events for Intercomrades, friends, and family!

*Proof of eligibility to work in the United States is required.

The base salary range for candidates within the San Francisco Bay Area is $220,000 - $263,500. Actual base pay will depend on a variety of factors such as education, skills, experience, location, etc. The base pay range is subject to change and may be modified in the future. All regular employees may also be eligible for the corporate bonus program or a sales incentive (target included in OTE) as well as stock in the form of Restricted Stock Units (RSUs).  

#LI-Hybrid

What's the opportunity? 

Intercom’s Legal team is seeking a dedicated Senior Privacy Counsel to lead the company on global legal matters involving privacy, data protection and cybersecurity, as well as to help support other compliance initiatives including AI governance and product development.  You will advise and partner with our engineering, product, security, sales, marketing, H.R. and other teams throughout the organization to manage legal risk and compliance with global privacy laws and regulations.  You will develop and effectuate strategies and initiatives that focus on building a scalable privacy and data protection program, as well as educate and train key stakeholders on prioritizing data protection as a core value for Intercom.  The position may be based in: San Francisco, California, London, England or Dublin, Ireland.

What will I be doing? 

• Serve as a subject matter expert and resource on privacy, data protection and security with a multi-jurisdicitional lens
• Work with teams across offices on various privacy, data protection and security compliance initiatives 
• Partner very closely with your colleagues on Intercom’s legal team on a number of cross functional projects with privacy, data protection and regulatory implications
• Draft external privacy notices and disclosures, and manage/update internal policies and procedures to ensure compliance with global privacy and data protection laws 
• Provide guidance and interpretation on legal requirements to the engineering and product teams with respect to existing and new product features and functionality for privacy-by-design initiatives 
• Provide guidance to the H.R. team on employee privacy and data protection concerns and processes
• Respond to customer and employee questions about their individual data rights and Intercom’s processing activities
• Draft data protection impact assessments, partnering with product counsel and security, where needed
• Keep up to date on privacy and data protection law developments and provide analysis and guidance for implementation into business processes
• Counsel and advise commercial teams and business partners on data protection related provisions in contracts, including partnering with commercial counsel on drafting and maintaining data processing agreement templates and playbooks
• Partner with the Security team on company policies, risk assessments, projects and breach incidents
• Support projects in other key compliance areas involving our Code of Conduct and other policies

What skills do I need? 

• 10+ years relevant experience as an attorney or counsel with law firm and in-house legal departments, advising a multinational technology company on global data privacy regulation and laws
• Deep experience with global privacy regulations, which include GDPR, the ePrivacy Directive and CCPA-CPRA.  Working understanding of Australian Privacy Act, HIPAA, PIPEDA, LGPD and desire to learn other jurisdictions’ laws and upcoming regulations, as needed, to support the business 
• Foundational knowledge of key security programs such as SOC2, ISO and HIPAA. 
• CIPP/E or CIPP/US certification
• Comfort in influencing and educating an organization on the importance of privacy and implementation of privacy initiatives, and capable of building relationships and gaining respect of senior leaders in the organization 
• An ability to multi-task and handle a variety of projects and tasks simultaneously 
• Attention to detail, a sense of passion to support Intercom’s privacy initiatives and the ability and confidence to assess and balance risk in a fast-paced environment
• California state bar licensed attorney or ability to be registered as in-house counsel if licensed in another jurisdiction; or qualified in Ireland and/or the UK

Benefits 

Dublin/London

We are a well treated bunch, with awesome benefits! If there’s something important to you that’s not on this list, talk to us! 

• Competitive salary and equity in a fast-growing start-up
• We serve lunch every weekday, plus a variety of snack foods and a fully stocked kitchen
• Regular compensation reviews - we reward great work!
• Pension scheme & match up to 4%
• Peace of mind with life assurance, as well as comprehensive health and dental insurance for you and your dependents
• Flexible paid time off policy
• Paid maternity leave, as well as 6 weeks paternity leave for fathers, to let you spend valuable time with your loved ones
• If you’re cycling, we’ve got you covered on the Cycle-to-Work Scheme. With secure bike storage too 
• MacBooks are our standard, but we also offer Windows for certain roles when needed.

#LI-Hybrid

Squarespace is seeking a skilled and detail-oriented technical leader to own the day-to-day operations of our Detection and Incident Response team. Reporting to the VP of Security / CISO, you will be the driving force behind our SIEM and SOAR capabilities and incident response program. You’ll partner with teams throughout Squarespace to improve how we spot and respond to threats, leading the group that identifies and handles security threats as they happen.

You’ll Get To…

• Contribute to define, collect, and analyze security KPIs and KRIs for the security organization.  
• Develop and implement a comprehensive detection and response strategy and roadmap aligned with Squarespace's overall business objectives and risk appetite. This goes beyond just "implementing new security programs" to encompass a holistic vision.
• Oversee the Security Operations Center (SOC) activities, including threat detection, monitoring, analysis, and proactive hunting, ensuring 24/7/365 coverage as appropriate.
• Own the health and effectiveness of the SIEM and SOAR platforms, ensuring high-quality data ingestion, alert tuning, and automated response logic. x
• Establish and maintain a robust incident response program, including defining incident playbooks, leading major incident investigations, and conducting post-incident reviews to drive continuous improvement.
• Design and lead regular tabletop exercises to test the organization’s readiness for various incident scenarios. 
• Serve as the Incident Commander for major security events, coordinating with teams such as Legal, Communications, and HR to ensure clear internal communication and regulatory compliance.
• Identify, evaluate, and implement new security technologies and tools to enhance detection, prevention, and response capabilities.
• Drive continuous improvement of security operations processes through automation, tooling, and best practices.
• Stay abreast of emerging security threats, vulnerabilities, and industry trends and proactively advise leadership on necessary adjustments to strengthen Squarespace's security posture.
• Build, mentor, and lead a high-performing team of security professionals, fostering a culture of continuous learning, collaboration, and accountability. 
• Act as a key liaison and trusted advisor to internal stakeholders (e.g., Engineering, Product, Legal, Compliance, IT) on security-related matters.
• Manage relationships with external security vendors and partners, ensuring effective service delivery and technology adoption.
• Serve as a calm and decisive leader during security events, ensuring the team stays focused while stakeholders remain informed.
• Proactively work with partner teams to implement new security programs and refine existing ones.
• Work collaboratively with partner teams to define implementation patterns that improve security while not negatively affecting Customer or employee engagement.  
• Drive improvements to the team’s operational velocity and response efficiency.

Who We’re Looking For 

•  Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
•  7+ years of experience in cybersecurity, with at least 2 years in a leadership or team-lead role.
• Deep expertise in Incident Response and Detection Engineering.
• Strong knowledge of cloud security operations, specifically within AWS or GCP environments.
• Hands-on experience managing and tuning SIEM and SOAR platforms.
• Experience automating security workflows and incident response playbooks to reduce manual effort.
• Familiarity with security frameworks such as MITRE ATT&CK and NIST.
• Excellent communication skills with the ability to lead technical teams during high-pressure incidents and explain complex threats to non-technical stakeholders.
• Knowledge of software development, design and technical operations.

Benefits & Perks

• Health insurance with 100% covered premiums for you, your spouse or partner and your dependent children including medical, dental, and vision
• Life and Income Protection
• Fertility and adoption benefits
• Headspace mindfulness app subscription
• Global Employee Assistance Program
• Pension benefits with employer match
• Flexible paid time off
• 26 weeks paid maternity leave & 12 weeks paid paternity leave
• 2 weeks paid family care leave
• Education reimbursement
• Employee donation match to community organizations
• 7 Global Employee Resource Groups (ERGs)
• Free lunch and snacks
• Close proximity to cultural landmarks such as Dublin Castle and St. Patrick's Cathedral

About Squarespace

Squarespace is a design-driven platform helping entrepreneurs build brands and businesses online. We empower millions of customers in more than 200 countries and territories with all the tools they need to create an online presence, build an audience, monetize, and scale their business. Our suite of products range from websites, domains, ecommerce, and marketing tools, as well as tools for scheduling with Acuity and creating and managing social media presence with Bio Sites and Unfold. Our team of more than 1,700 is headquartered in New York City, with offices in Dublin, Ireland, and Aveiro, Portugal. For more information about our company, visit https://www.squarespace.com/about/careers.

Our Commitment

Today, more than a million people around the globe use Squarespace to share different perspectives and experiences with the world. Not only do we embrace and celebrate the diversity of our customer base, but we also strive for the same in our employees. At Squarespace, we are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity or expression, sexual orientation, age, citizenship, marital or parental status, disability, veteran status, or other class protected by applicable law. We are proud to be an equal opportunity workplace.

#LI-Hybrid

Position Title: Security Operations Engineer (Dublin)

Entity: Kroll Bond Rating Agency Europe Limited

Employment Type: Full-time

Location: Dublin, Ireland 

Summary/Overview:

KBRA is seeking a Security Operations Engineer to join our growing Information Security team. This role will be based in our Dublin office and will work closely with global security team members across the United States and Europe to monitor security events, investigate threats, and strengthen the organization’s overall security posture.

This is a hands-on operational security role focused on security monitoring, incident response, vulnerability management, and security tooling across KBRA’s cloud and enterprise environments.

About the Team:

KBRA integrates security into all areas of the business and technology which has created a strong security culture. The Security Operations team works closely with engineering, infrastructure, and business teams to identify and respond to security threats while continuously improving the organization’s security posture.

This role will collaborate with security team members across multiple regions and contribute to maintaining monitoring coverage and incident response capability across KBRA’s global environment.

About the Role:

As a Security Operations Engineer, you will play a key role in building and improving KBRA’s security detection and response capabilities across cloud and enterprise environments. This role focuses on engineering effective monitoring, developing detection logic, and streamlining investigation workflows to improve security visibility, reduce operational noise and support business operations.

You will design and enhance security monitoring across systems, applications, and cloud platforms, ensuring meaningful alerts are generated and security risks are quickly identified and addressed. Working closely with infrastructure and engineering teams, you will help strengthen KBRA’s security posture by improving controls, automating operational processes, and supporting incident response activities when security events occur. You will also partner with internal teams to resolve the impact of security controls (e.g., blocked access, email, or endpoint restrictions), ensuring security measures support, rather than disrupt, business operations.

About the Job:

• Design, implement, and improve security monitoring and detection capabilities across KBRA’s cloud and enterprise environments, with a focus on AWS and Azure control-plane activity and identity-based threats.
• Engineer automation and scripting solutions to streamline investigations, alert enrichment, and operational workflows within the security operations environment.
• Leverage automation and AI-assisted tools to improve research, threat analysis, and operational efficiency within the security program.
• Support internal users by resolving security control impacts, including investigating and remediating blocked activity (e.g., web proxy, email, endpoint controls) to restore business operations.
• Investigate security incidents and suspicious activity across cloud, endpoint, and network environments, partnering with infrastructure and engineering teams to determine root cause and implement durable fixes.
• Collaborate with infrastructure and cloud engineering teams to identify and remediate vulnerabilities, security misconfigurations, and architectural weaknesses.
• Enhance visibility across AWS and Azure environments, including monitoring identity activity, API usage, and cloud security posture signals.
• Support and improve vulnerability management processes, helping prioritize risk, validate exposures, and coordinate remediation with system owners.
• Integrate and optimize security technologies including SIEM, EDR, proxy, DLP, vulnerability management, and cloud-native monitoring platforms.
• Participate in incident response activities, helping coordinate investigations and response efforts across infrastructure, engineering, and security teams.
• Develop operational playbooks, detection documentation, and investigation procedures to improve repeatability and response speed.
• Contribute to security awareness initiatives, including phishing simulations and internal security education.
• Assist in developing and maintaining security standards, policies, and operational procedures.
• Participate in a shared on-call rotation supporting security monitoring and incident response.

You will be successful in this role if you have:

• Bachelor’s degree in a related field or equivalent practical experience
• 3+ years of experience in systems administration, network administration, security engineering, or security operations
• Hands-on experience with security technologies such as vulnerability management platforms, endpoint detection and response (EDR), SIEM platforms, or intrusion detection systems
• Understanding of system, network, and cloud security principles
• Familiarity with security frameworks such as MITRE ATT&CK, CIS Critical Security Controls, and the NIST Cybersecurity Framework
• Experience investigating and responding to security alerts and incidents in enterprise or cloud environments
• Strong communication and collaboration skills with the ability to work effectively with infrastructure and engineering teamsOur Tech Stack
• Familiarity with Generative AI tools such as ChatGPT for research, data insights, and general productivity is a plus

Our Tech Stack:

Our team works with many different technologies, and we understand that no one will have experience with all of them. Here is an incomplete list:

• Cloud Platforms: AWS, Azure
• Operating Systems: Windows, Linux, macOS
• Microsoft: Office 365, Active Directory
• Network Security: Intrusion Detection Systems, firewalls, proxies
• Endpoint Security: Antivirus, EDR, Data Loss Prevention
• Vulnerability Management: Tenable, Rapid7, Qualys
• SIEM Technologies: Azure Sentinel, Splunk, Elastic
• Security Operations: threat hunting, log analysis, detection engineering
• Infrastructure/Configuration as Code: Terraform, Ansible
• Programming languages: .Net, NodeJS, PHP, Python
• AI & Developer Productivity Tools: ChatGPT, GitHub Copilot, and AI-assisted tooling

Benefits

• Flexible hybrid work schedule – Tuesdays, Wednesdays, Thursdays in the office
• Competitive benefits and paid time off
• Pension plan
• Educational and professional development financial assistance
• Employee referral bonus program

About Us

KBRA (Kroll Bond Rating Agency, LLC) is a full-service credit rating agency registered with the U.S. Securities and Exchange Commission as an NRSRO. Kroll Bond Rating Agency Europe Limited is registered as a CRA with the European Securities and Markets Authority. Kroll Bond Rating Agency UK Limited is registered as a CRA with the UK Financial Conduct Authority pursuant to the Temporary Registration Regime. In addition, KBRA is designated as a designated rating organization by the Ontario Securities Commission for issuers of asset-backed securities to file a short form prospectus or shelf prospectus. KBRA is also recognized by the National Association of Insurance Commissioners as a Credit Rating Provider. Kroll Bond Rating Agency Europe is located at 2nd Floor, One George's Quay Plaza, George's Quay, Dublin 2 D02 E440.

#LI-KS1

#HYBRID

COMPANY OVERVIEW

ThreatLocker® is a leader in endpoint protection technologies, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. The ThreatLocker® platform with Application Allowlisting, Ringfencing™, Storage Control, Elevation Control, Endpoint Network Control, Configuration Management, and Operational Alert solutions are leading the cybersecurity market toward a more secure approach of blocking the exploits of application vulnerabilities.

POSITION OVERVIEW

ThreatLocker’s Solutions Engineers are the technical subject matter experts in supporting clientele through ThreatLocker’s product lifecycle. 

Solutions Engineers are responsible for, but not limited to:

• Supporting Sales department in lead and product demonstration calls
• Managing post-sales cycle to providing technical support to client through audit reviews
• Serve as a technical expert in providing detailed specifications for proposed solutions including time and scope involved
• Assist other department engineers in creating practical demonstrations of proposed solutions and demonstrating them to other members of the team
• Analyze current technologies used within the company to identify and mitigate potential gaps within processes and cycles
• Document and monitor requirements needed to institute proposed updates in relation to customer experience
• Work alongside sales teams to successfully monitor progress and implementation of initiatives
• Account for possible project challenges or constraints and proactively seek to manage challenges
• Create and deploy product training webinars
• Attend conferences, trade shows, knowledge sessions as a brand ambassador and presenter

REQUIRED QUALIFICATIONS

• Minimum of five years of professional experience in IT solutions 
• Experience within cybersecurity industry, preferred
• Understanding of best practices regarding system security measures
• Advanced understanding of business analysis techniques and processes
• Understanding of sales cycle
• Excellent verbal and written communication

WORKING CONDITIONS

The duties described below are representative of those encountered while performing the essential functions of this position. If necessary, reasonable accommodation may be requested and will be evaluated for its relationship to the essential functions that must be performed.

• Job will generally be performed in an office environment but may require travel to visit company offices and/or property locations.
• While performing duties of this job, would occasionally require to stand, walk, sit, reach with hands and arms, climb or balance, stoop or kneel, talk and hear, and use fingers and hands to feel objects and tools.
• Must occasionally lift and/or move up to 25 pounds.
• Specific vision abilities required include close vision, distance vision, depth perceptions, and the ability to adjust focus.

A background check and drug/substance screening are required after a conditional offer. Employment will proceed only upon receiving clear results from both.

ThreatLocker also conducts randomized drug and substance testing approximately every 60 days, in line with the same screening standards.

COMPANY OVERVIEW

ThreatLocker® is a leader in endpoint protection technologies, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. The ThreatLocker® platform with Application Allowlisting, Ringfencing™, Storage Control, Elevation Control, Endpoint Network Control, Configuration Management, and Operational Alert solutions are leading the cybersecurity market toward a more secure approach of blocking the exploits of application vulnerabilities.

JOB OVERVIEW

ThreatLocker is seeking hardworking and ambitious Sales Representatives to drive growth across both our existing customer base and new prospects, with a focus on expanding sales throughout the EMEA region.

You must have the drive and resilience to prospect daily and make multiple cold calls throughout the workday. This is not a role for someone seeking an easy 9–6 job, it’s for those ready to push hard and win. We offer a base salary in the range of €38,000–€42,000 annually, depending on whether you are selected for a Sales Development Representative (SDR) position or an Account Executive (AE) role. SDRs earn commission on scheduled demos, while AEs receive 10% commission on YR1 of deals closed, with further commission on multiyear deals with no cap on earnings. SDRs also have a clear path to progress into the AE role.

This role is ideal for someone who is sociable, driven, and thrives on building relationships in a high-pressure, fast-paced sales environment. Prior sales experience in technology is helpful but not required, we also welcome candidates with strong customer-facing experience in industries such as retail, hospitality, or service who are ready to transition into technology sales. What matters most is a relentless work ethic, the ability to perform under pressure, and the drive to hit and exceed ambitious targets.

You will be directly responsible for prospecting, managing, and closing opportunities, as well as representing ThreatLocker at trade shows and conferences. Success in this role comes from being persistent, organized, and people focused.

We welcome applicants from all backgrounds. If college wasn’t the right fit for you but you have the drive, ambition, and willingness to work hard, we encourage you to apply.

Please note:

This is an office-based position in Blanchardstown, Dublin.

In-person interviews are required after a phone pre-screen.

This role requires travel to ThreatLocker’s Headquarters in Orlando, Florida, for a two-week onboarding program. Travel arrangements will be covered by the company.

Key Responsibilities

• Develop and execute sales strategies.
• Identify, prospect, and convert new opportunities through phone, email, social, and in-person networking.
• Manage the full sales cycle: pipeline development, discovery, solution presentation with a technical engineer, negotiation, and closing.
• Maintain accurate records of activities, opportunities, and forecasts within our CRM
• Meet or exceed monthly and quarterly revenue targets.
• Build and maintain trusted relationships with ThreatLocker partners to drive growth and expand recurring revenue opportunities.
• Professionally represent ThreatLocker at trade shows, conferences, and industry events to engage prospects, build relationships, and expand market presence.
• Share market feedback with sales leadership and marketing to refine messaging and strategy.

REQUIRED QUALIFICATIONS

• Strong interpersonal and communication skills, confident, sociable, and able to build trust quickly.
• Demonstrated ability to maintain and grow relationships, ideally in sales, customer service, retail, hospitality, or other people-focused roles.
• Comfortable managing a pipeline, following up consistently, and staying organized in a fast-paced environment.
• Highly motivated, competitive, and goal-driven, with a strong work ethic.
• Adaptable and eager to learn technology sales, with the drive to develop into enterprise and MSP sales opportunities.
• Experience with CRM systems is an advantage but not required.

WORKING CONDITIONS

The duties described below are representative of those encountered while performing the essential functions of this position. If necessary, reasonable accommodation may be requested and will be evaluated for its relationship to the essential functions that must be performed.

• Job will generally be performed in an office environment but may require travel to visit company offices and/or property locations.
• While performing duties of this job, would occasionally require to stand, walk, sit, reach with hands and arms, climb or balance, stoop or kneel, talk and hear, and use fingers and hands to feel objects and tools.
• Must occasionally lift and/or move up to 25 pounds.
• Specific vision abilities required include close vision, distance vision, depth perceptions, and the ability to adjust focus.

A background check and drug/substance screening are required after a conditional offer. Employment will proceed only upon receiving clear results from both.

ThreatLocker also conducts randomized drug and substance testing approximately every 60 days, in line with the same screening standards.

COMPANY OVERVIEW

ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools for the Managed Services Provider (MSP) industry to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities.

POSITION OVERVIEW

Windows Kernel Developers develop and maintain a selected subset of the core kernel infrastructures, both in the SUSE enterprise products and upstream.

JOB SCOPE

The Kernel Developer will be responsible for, but not limited to:

• Developing, debugging and testing kernel level code using the C language
• Exercising/validation of system from user space, knowledge of user space API
• Supports the design, development, and maintenance of major system components
• Manages device driver development and support (one or more of USB, network, graphics, video, mtd, storage, power management)
• Design and maintenance of CI/CD
• Ported/maintain Linux distribution for a platform

REQUIRED QUALIFICATIONS

• Minimum of 7 years of professional experience in software development
• Proficient in Windows, Linux and/or Mac operating system
• Proficient in C programming
• Experienced in the following:
• Computer architecture and server platform hardware
• System software development in C and Python
• Internals of Linux, Mac and/or Windows operating systems

PREFERRED QUALIFICATIONS

• Working knowledge of VMM technologies like VMware/Xen/KVM/Hyper-V Experience.
• Experience with memory management and Kernel programming.
• Knowledge about SR-IOV, SIOV, DMA and PCIe.
• Experience with virtualization and containerization (Python virtual environments and Docker)
• Atlassian Suite (Jira, Confluence, Crucible)
• Subversion exposure Familiarity with ARM architecture a plus
• Solid knowledge of Linux kernel internals (process scheduler, memory management, concurrency/synchronization, memory allocation, file systems) and networking or storage subsystems architecture

WORKING CONDITIONS

The duties described below are representative of those encountered while performing the essential functions of this position. If necessary, reasonable accommodation may be requested and will be evaluated for its relationship to the essential functions that must be performed.

• Job will generally be performed in an office environment but may require travel to visit company offices and/or property locations.
• While performing duties of this job, would occasionally require to stand, walk, sit, reach with hands and arms, climb or balance, stoop or kneel, talk and hear, and use fingers and hands to feel objects and tools.
• Must occasionally lift and/or move up to 25 pounds.
• Specific vision abilities required include close vision, distance vision, depth perceptions, and the ability to adjust focus.

A background check and drug/substance screening are required after a conditional offer. Employment will proceed only upon receiving clear results from both.

ThreatLocker also conducts randomized drug and substance testing approximately every 60 days, in line with the same screening standards.