Now we’re looking for a visionary Automation Engineer to join our Automation teams. As a member of this team, you will be responsible for the design, implementation, and maintenance of Automated tests. Our Automated tests cover various aspects of the product, including complex networking topology, traffic, security rules, Users authentication scenarios and mobile applications interacting deeply with the operating system. 

Responsibilities 

• Design and develop automation solutions for mobile applications, including end-to-end scenarios across backend, network, and device layers  

• Build, configure, and maintain mobile testing environments (emulators, simulators, and physical devices), including CI-integrated mobile labs  

• Develop automation for applications that integrate with mobile OS capabilities (e.g., VPN configuration, system extensions, network controls, background services) 

• Evaluate and integrate AI-driven solutions into the automation workflow, improving productivity, reliability, and insight generation 

• Leverage AI-based tools and techniques to enhance test automation, including test generation, failure analysis, and optimization of test coverage and execution 

• Cope with complex code along with quality standards and best practices. 

• You will be expected to come up with initiatives regarding Automation infrastructure and tools. 

• You will work with other Automation teams, as part of cross-teams Automation efforts to achieve code reuse and unified standards in code, tools, and processes. 

• You will take part in planning and implementing non-functional testing aspects of product management modules. 

• Collaborate with development and product teams to ensure high-quality delivery of mobile and networking features 

Requirements 

• 5+ years of experience implementing automated tests for multi-layered products 

• Strong coding skills in Java/Phyton or another object-oriented language  

• Hands-on experience with mobile testing (iOS and/or Android)  

• Experience with mobile automation frameworks (Appium, Espresso, XCUITest, or similar)  

• Experience testing applications with deep OS integration (e.g., VPN, networking, system extensions)  

• Experience building and maintaining mobile test environments (emulators, real devices, CI integration)  

• Practical experience using AI-based tools to improve software development or test automation workflows (e.g., test generation, code assistance, failure analysis, or test optimization) 

• Strong debugging and troubleshooting skills  

• Ability to work independently and drive tasks end-to-end 

• Experience with device farms or cloud-based mobile labs  

• Knowledge of networking protocols (TCP/IP, DNS, HTTP, TLS, etc.)  

• Experience with VPN clients, proxies, or endpoint security solutions  

• Experience with CI/CD tools (Jenkins, Git)  

• Experience with ESX / virtualization 

Required:

• 3+ in Windows desktop application development using Windows App SDK, WinUI (or similar), C#, XAML — and ideally additional experience with native Windows code (C++, Win32/WinRT/COM).
• Deep understanding of Windows application architecture, including interop between managed code (.NET) and native code.
• Proven track record of designing, building, and shipping production-quality desktop applications, with an emphasis on reliability, performance, scalability, and maintainability.
• Strong experience with accessibility APIs on Windows (e.g. Microsoft UI Automation or similar), and a dedication to building accessible and inclusive software.
• Excellent software engineering fundamentals: OOP, design patterns, data structures, algorithms, memory management, multi-threading or asynchronous programming (where relevant).
• Experience leading technical design, mentoring other engineers, conducting code reviews, and making architecture-level decisions.
• Strong communication skills; ability to articulate tradeoffs, collaborate with cross-functional teams, and drive consensus.
• A user-centric mindset: focus on building polished, intuitive, and accessible experiences for end users.

Preferred / Bonus:

• Experience with writing automated tests for UI — unit tests, integration tests, UI automation tests; familiarity with relevant testing frameworks.
• Experience with performance optimization for desktop apps (memory usage, startup time, rendering performance, high-DPI support, responsiveness under load).
• Experience with localization/globalization, right-to-left UI support, internationalization, accessibility for multiple regions.
• Familiarity with telemetry, analytics, crash reporting, logging, and error monitoring in desktop applications.
• Previous experience in shaping CI/CD workflows, release pipelines, and deployment strategies for desktop applications.
• Demonstrated ability to take ownership of feature areas or modules and drive them long-term, including maintenance, refactoring, and technical debt management.

What we offer

• A high-impact role: you will define architecture, shape the future of our Windows product, and directly influence what millions of users see and experience.
• A collaborative, flat-structure engineering culture — you are not just a coder, but a builder and a decision-maker.
• Opportunities to lead — mentor others, steer technical direction, and grow into broader technical leadership (e.g. Tech Lead, Architect).
• Flexibility, autonomy, and responsibility: you define how to solve problems, own features end-to-end, and contribute to long-term product vision.
• A purpose-driven mission: building software that’s reliable, accessible, and user-centered — making a real difference for people.                  

Think you’re a good fit for this job? 

Tell us more about yourself and why you're interested in the role when you apply.
And don’t forget to include links to your portfolio and LinkedIn.

Not looking but know someone who would make a great fit? 
Refer them! 

Speechify is committed to a diverse and inclusive workplace. 
Speechify does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

Role Overview

We are looking for a proactive Security Assurance Lead to advance our security program into a proactive "validate and verify" model. Your mission is to ensure our defenses aren't just present, but effective. In this hands-on technical role will own and manage testing, validating and reporting on our security posture, through automated testing against our controls, and ensure our security stack is optimized, integrated, and fully utilized.

Key Responsibilities

• Security Assurance Management: Define, orchestrate and drive the security assurance program from vision to full implementation.
• Continuous Control Validation: Design and execute automated testing (e.g., Breach & Attack Simulation) to verify that prevention and detection controls are functioning across cloud, SaaS and IT environments.
• Central Visibility Hub: Build and maintain a real-time Security Posture Dashboard. This hub will provide a single pane of glass for the coverage and health of our security stack.
• Tool Optimization & Efficacy: Review our existing security suite to ensure tools are properly configured, integrated, and delivering ROI. You will identify "blind spots" where tools are installed but not effectively monitoring or blocking.
• Offensive Testing Strategy: Coordinate regular external offensive testing cycles such as Penetration Testing, Phishing, etc. and translate "broken" controls and findings into actionable items.
• Operational Excellence: Define clear ownership, maintenance schedules, and lifecycle processes for all security technologies to prevent "tool rot."

Required Experience & Qualifications

• 8+ years experience of cybersecurity engineering and architecting (Infosec/DevSecOps).
• Proven technical capabilities in automation, scripting, AI, etc.
• Experience in offensive testing methodologies and practices such as penetration testing, red team exercises, etc.
• Strong understanding of breach simulation, continuous control monitoring (CCM) and technical validation concepts and methodologies.
• Strong understanding of:
• Cloud and SaaS security (WAF, CNAPP)
• Identity, access control, and infrastructure security (IDM, IDP, PAM)
• Endpoint and corporate IT security (EDR, DLP, SASE)

Required Skills & Attributes

• Self-directed architect: Able to take full ownership of the security assurance roadmap from initial design and selection to a working, breathing program.
• Authority without ego: Able to lead across departments without formal reporting lines. While you will operate independently, success is measured by your ability to partner with peers to achieve implementation and ongoing adherence.
• Critical thinking: Able to challenge, validate and verify, while maintaining trust and collaboration with peers and stakeholders.
• Strategic planning: Don’t just patch and quick fix, but ensure correct practices and procedures are developed to provide assurance over time.
• Executive communication: Clear, concise, and credible with senior leadership.
• Analytical thinking: Attention to details and ability to connect multiple dots into a concise and accurate picture.

Nice to Have

• Experience in crypto, fintech, or highly regulated financial environments
• Familiarity with the NIST Cybersecurity Framework (CSF) 2.0, Cloud Security Alliance (CSA) controls matrix, offensive security frameworks (MITRE), etc.

Required:

• 3+ in Windows desktop application development using Windows App SDK, WinUI (or similar), C#, XAML — and ideally additional experience with native Windows code (C++, Win32/WinRT/COM).
• Deep understanding of Windows application architecture, including interop between managed code (.NET) and native code.
• Proven track record of designing, building, and shipping production-quality desktop applications, with an emphasis on reliability, performance, scalability, and maintainability.
• Strong experience with accessibility APIs on Windows (e.g. Microsoft UI Automation or similar), and a dedication to building accessible and inclusive software.
• Excellent software engineering fundamentals: OOP, design patterns, data structures, algorithms, memory management, multi-threading or asynchronous programming (where relevant).
• Experience leading technical design, mentoring other engineers, conducting code reviews, and making architecture-level decisions.
• Strong communication skills; ability to articulate tradeoffs, collaborate with cross-functional teams, and drive consensus.
• A user-centric mindset: focus on building polished, intuitive, and accessible experiences for end users.

Preferred / Bonus:

• Experience with writing automated tests for UI — unit tests, integration tests, UI automation tests; familiarity with relevant testing frameworks.
• Experience with performance optimization for desktop apps (memory usage, startup time, rendering performance, high-DPI support, responsiveness under load).
• Experience with localization/globalization, right-to-left UI support, internationalization, accessibility for multiple regions.
• Familiarity with telemetry, analytics, crash reporting, logging, and error monitoring in desktop applications.
• Previous experience in shaping CI/CD workflows, release pipelines, and deployment strategies for desktop applications.
• Demonstrated ability to take ownership of feature areas or modules and drive them long-term, including maintenance, refactoring, and technical debt management.

What we offer

• A high-impact role: you will define architecture, shape the future of our Windows product, and directly influence what millions of users see and experience.
• A collaborative, flat-structure engineering culture — you are not just a coder, but a builder and a decision-maker.
• Opportunities to lead — mentor others, steer technical direction, and grow into broader technical leadership (e.g. Tech Lead, Architect).
• Flexibility, autonomy, and responsibility: you define how to solve problems, own features end-to-end, and contribute to long-term product vision.
• A purpose-driven mission: building software that’s reliable, accessible, and user-centered — making a real difference for people.                  

Think you’re a good fit for this job? 

Tell us more about yourself and why you're interested in the role when you apply.
And don’t forget to include links to your portfolio and LinkedIn.

Not looking but know someone who would make a great fit? 
Refer them! 

Speechify is committed to a diverse and inclusive workplace. 
Speechify does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

The role

Nebius is looking for a highly technical, hands-on SIEM Engineer Lead to design, implement, and optimize advanced Security Information and Event Management (SIEM) capabilities. This role is responsible for developing detection strategies, improving security visibility, and driving automation across security operations processes. The ideal candidate will combine deep SIEM expertise with strong analytical and engineering skills to enhance threat detection, incident response efficiency, and security monitoring maturity. This is not a people management position, you will provide technical guidance, mentorship, and direction to SOC analysts, security engineers, and cross-functional teams

You’re welcome to work in our offices in Tel Aviv.

Your responsibilities will include: 

• Architect, deploy, and maintain enterprise SIEM platforms and related security monitoring infrastructure.
• Develop and optimize detection rules, correlation logic, and alert mechanisms to identify security threats and anomalous activity.
• Design and implement log ingestion pipelines, normalization, and enrichment processes across diverse data sources.
• Continuously improve detection coverage by analyzing threat intelligence, attacker techniques, and emerging vulnerabilities.
• Create and maintain dashboards, reports, and metrics to support security visibility and operational decision-making.
• Drive automation of security monitoring and response workflows using scripting, APIs, and orchestration tools.
• Perform tuning and performance optimization of SIEM platforms to ensure scalability and reliability.
• Conduct threat hunting activities and support complex security investigations using SIEM data.
• Collaborate with engineering, infrastructure, and security stakeholders to integrate new log sources and telemetry.
• Develop documentation, standards, and best practices for SIEM configuration, logging, and detection engineering.
• Create APIs and interfaces that enable AI agents to query SIEM, pull evidence, and execute actions

We expect you to have: 

• 5+ years of experience in cybersecurity with strong focus on SIEM engineering or security monitoring.
• Hands-on experience with SIEM platforms such as Splunk, Microsoft Sentinel, QRadar, CrowdStrike, Elastic, or similar.
• Strong knowledge of log analysis,event correlation, and detection engineering.
• Experience with data pipelines, log parsing, and schema design.
• Experience with SOAR platforms and security automation.
• Experience with scripting or programming (e.g., Python, PowerShell, Bash) for automation and integrations.
• Solid understanding of network protocols, operating systems, cloud environments, and common attack techniques.
• Familiarity with frameworks such as MITRE ATT&CK, NIST, or CIS for detection mapping and security controls.
• Experience integrating threat intelligence and security tools with SIEM platforms.
• Knowledge of cloud logging and monitoring (AWS, Azure, GCP).
• Strong knowledge of Kubernetes architecture and security concepts
• Experience with Terraform, CI/CD pipelines and Detection as code workflow

It will be an added bonus if you have: 

• Experience building and deploying LLM-based AI agents
• Experience in transitioning from manual SOC to AI-augmented operations.
• Relevant security certifications
• Certification in cloud computing, including administration, development, engineering, or architecture.
• Knowledge of AI safety and reliability - guardrails, validation, human oversight mechanisms

An overview of this role

As the Principal Engineer, Software Supply Chain Security, you’ll own the technical strategy that secures how software is built and delivered on GitLab’s DevSecOps platform. You’ll provide architectural leadership across multiple engineering teams. You’ll also partner closely with infrastructure and CI/CD teams to harden our pipelines, infrastructure, and access layers. Your work will shape GitLab’s enterprise security posture in the rapidly growing software supply chain security market. You’ll focus on SLSA Level 3 compliance, secrets management, CI/CD security hardening, and the foundations of GitLab’s global zero trust architecture. You’ll mentor Staff Engineers and individual contributors, and you’ll guide critical technical decisions. You’ll also act as a spokesperson with customers and external stakeholders for GitLab’s secure, mission-critical SaaS that runs millions of pipelines.

Some examples of our projects:

• SLSA Level 3 compliance and provenance attestation across GitLab’s CI/CD platform
• Integrated secrets management and runner security for container-isolated, secure pipelines

What you’ll do

• Lead the end-to-end software supply chain security architecture for GitLab’s CI/CD platform, including SLSA Level 3 implementation and CI infrastructure hardening.
• Drive cross-team technical strategy and decisions across our Software Supply Chain Security (SSCS) stage teams, aligning engineering work to SSCS strategic plans.
• Collaborate with infrastructure and CI/CD teams to design and land long-term initiatives for secure, scalable runner architecture, container isolation, and pipeline security at scale.
• Propose and validate technical implementations that support architectural changes to improve CI/CD scaling and performance on critical paths.
• Teach, mentor, and coach Staff Engineers and individual contributors, raising the bar on supply chain threat modeling, secrets management, artifact signing, and SBOM lifecycle practices.
• Partner with Engineering Managers and senior leadership to define roadmaps, break down complex initiatives, and enable Staff Engineers to lead sub-department-wide efforts.
• Engage with customers and external stakeholders as a technical consultant and spokesperson for GitLab’s software supply chain security capabilities and roadmap.
• Collaborate with product, security, and compliance stakeholders to ensure features meet enterprise security, governance, and regulatory expectations in the software supply chain security market.

What you’ll bring

• Deep expertise in software supply chain security, including threat modeling for supply chain attack vectors, SLSA implementation and attestation systems, and SBOM generation and lifecycle management.
• Strong knowledge of artifact signing and verification using the Sigstore ecosystem, including Cosign, Fulcio, Rekor, and in-toto attestations.
• Experience designing and hardening CI/CD security, such as runner isolation, pipeline security controls, and secrets management in large-scale environments.
• Background in distributed systems and infrastructure, including building resilient CI/CD platforms that process high pipeline volumes and optimizing performance for critical paths.
• Practical experience with container security and Kubernetes security, including admission controllers, policy controllers, workload isolation, and registry hardening.
• Proficiency in Go or Rust in a production environment, combined with expert-level understanding of CI/CD workflows and DevSecOps best practices.
• Experience operating as a Principal or Staff Engineer across multiple development teams, providing architectural leadership and partnering with Engineering Managers and senior leaders.
• Demonstrated capacity to clearly communicate complex problems and solutions.

About the team

Our Software Supply Chain Security stage engineering teams are responsible for authentication and access within GitLab. We also build features that help customers manage vulnerabilities, dependencies, security policies, and compliance frameworks across their organizations. Our group includes four core teams (Authentication, Authorization, Pipeline Security, and Compliance) and more than 40 engineers. We work asynchronously across regions and partner closely with product, security, and infrastructure to deliver secure-by-default features for customers in highly regulated industries.

What is The Role

Elastic is building Agent Builder, a conversational platform that connects production agents to real customer business data in Elasticsearch. As a Principal Engineer, you will set technical direction and drive the Kibana backend architecture for the agentic platform: streaming APIs, secure tool execution, session and memory persistence, retrieval and citations contracts, and evaluation telemetry. Your influence will extend beyond a single feature, shaping service boundaries, reliability posture, and standards that other solutions build on.

What You Will Be Doing

• Own the architecture for chat back-end services (Node/TypeScript), defining service boundaries, data contracts, and scalability targets
• Lead cross-team design reviews; author ADRs and RFCs that become reference standards for AI-chat and ingestion work.
• Build and harden event-driven pipelines that capture chat telemetry, evaluation traces, and LLM feedback loops; expose them via self-service analytics endpoints.
• Champion reliability—define error budgets, introduce testing strategy, and steer incident-response playbooks for conversational workloads.
• Mentor senior and Junior engineers; grow their system-design skills and foster a high-trust, low-ego culture.
• Partner with Product, Design, and Data Science to translate ambiguous goals (e.g., “multi-step reasoning with tool calling”) into incremental, testable action items.
• Represent Elastic in open-source AI communities (LangGraph/LangChain, MCP/A2A) through design proposals, blog posts, and conference talks.

What You Bring

• We appreciate articulate and “low ego” people who want to grow as part of a team.
• 10 + years building distributed, production SaaS services—at least 5 years leading large-scale Node/TypeScript or similar back-end stacks.
• Deep expertise in distributed systems fundamentals—shard routing, consensus, eventual consistency, back-pressure, and circuit-breaker patterns.
• Demonstrated success designing high-throughput, low-latency APIs (gRPC / REST / WebSocket)—including streaming responses and resumable sessions.
• Hands-on experience with observability: OpenTelemetry, log/metric pipelines, synthetic checks, and SLO dashboards.
• Exposure to LLM tooling (LangChain/LangGraph, OpenAI function calls, vector-search, RAG orchestration) and enthusiasm for advancing GenAI architectures.
• Clear, persuasive written communication—your ADRs and RFCs set the standard others emulate.
• Nice-to-have: contribution history to Kibana or other large SPAs; ability to prototype front-end dashboards when it unblocks back-end work.

If this sounds interesting, we would love to hear from you! Please include whatever info you believe is relevant: resume, GitHub profile, code samples, blog posts and writing samples, links to personal projects, etc.

What Is The Role:

As part of the Platform Engineering department, the Traffic team is crafting, building, and improving the multi-cloud platform at scale for Elastic Cloud Hosted and Serverless. We grow and mature our distributed network services and solutions for multiple cloud service provider platforms. We are built on Kubernetes, Go/Scala, and custom orchestration architectures. In your daily life with us, you will participate in coding, innovating technical designs, crafting solutions, improving resilience, and prioritizing security, bug fixes, and features. For example, Debugging Azure Networking for Elastic Cloud Serverless is part of our efforts, and we want your experience to contribute to a truly exceptional customer experience!

What You Will Be Doing:

• Taking an engineering approach in leading technical initiatives for automating network engineering efforts to guarantee the reliability of the global Elastic infrastructure. .
• Growing our global Platform infrastructure to meet the increasing scaling demands by developing and maintaining software, codebases, tooling and automations.
• Collaborating in an environment with an inclusive approach, and focusing on operational perfection which uplifts others.
• Preventing repeated customer impact in response to major incidents and prioritised problem management. Our on call rotation is spread well, and we address complex customer concerns too.

What You Bring:

• 10+ years in Software Engineering with product success in delivering Cloud network solutions. You collaborate with engineers as an authority in identifying, implementing and delivering solutions. Experience in public cloud, Go and managed Kubernetes services is advantageous.
• Success and lessons of experiences from striving for 'progress not perfection' in the name of Platform reliability. We want to hear about your customer first approach in solving operational problems for both today and the future.
• Passion for developing solutions that involve inclusive communication methods to grow and strengthen partner and team relationships. Examples of working in distributed teams or working remotely is desirable.

Bonus Points:

You don't need to have all of these items, but these represent the types of work you will do as a Software Engineer at Elastic.

• You have designed and built a SaaS product in a public cloud ideally built using Infrastructure-as-Code tooling such as Crossplane or Terraform
• You have built Kubernetes-at-scale infrastructure, ideally across multiple cloud providers, and the vital automation to support it.
• You have written product features or functions in Golang or other programming languages.
• You have worked with containerized services (such as Docker.)
• You have proven results in leading and improving cross-team engineering initiatives.
• You have experience in system administration with professional skills in Linux on distributed systems at scale.
• You have diagnosed or designed, implemented and created solutions with the Elastic Stack.
• You are experienced in a self-organizing and sharing in a globally distributed team environment.
• You strengthen team members in bringing out the best of each other by uplifting others with coaching and mentoring.

We’re looking for a team player with excellent interpersonal skills & service oriented. Creative & out of the box thinker. An autodidact, quick, effective and versatile who’s able to change directions in midstream. Independent & Accountable.

As a Senior DevSecOps Engineer at Payoneer, you’ll play a critical role in embedding security throughout the software development lifecycle (SDLC). You’ll help design, implement, and maintain security controls and automations across our CI/CD pipelines, infrastructure, and application stack.

What you'll do:

• Integrate and maintain security tools across the CI/CD pipeline:
  • SAST (e.g., SonarQube)
  • SCA (Software Composition Analysis) / Dependency Scanning (e.g., Snyk, Trivy, GitHub Dependabot)
  • Secret Detection (e.g., Gitleaks, HashiCorp Vault)
  • Container/Image Scanning (e.g., Aqua, Prisma Cloud, Trivy)
• Drive security automation and enforcement for:
  • Infrastructure as Code (e.g., Terraform)
  • Configuration Management (e.g., Ansible, Chef)
  • GitOps workflows (e.g., ArgoCD)
  • Embed security guardrails and best practices across the SDLC
  • Automate compliance checks (e.g., OWASP Top 10, CIS Benchmarks) into development workflows
  • Integrate with observability and monitoring systems (e.g., Prometheus, Grafana, ELK, Coralogix)
• Collaborate cross-functionally with Product, QA, Development, and IT/Ops teams to continuously improve the security posture
• Participate in on-call rotations for production systems as needed

Who you are:

• At least 3 years’ experience as DevOps/DevSecOps/Security Engineer
• A minimum of 3 years of exposure running production workloads (AWS, Azure or GCP)
• Experience with CI/CD tools and source control management tools (e.g., Git, Azure DevOps, SonarQube, Artifactory etc...)
• Proven experience securing CI/CD pipelines
• Expertise in SCA, SAST, secret scanning, and container security
• Hands-on experience with Kubernetes, Docker, and GitOps tooling (ArgoCD or Flux)
• Proven Scripting capabilities: (e.g. PowerShell/Bash/Python)
• Experience with logging, SIEM, and monitoring platforms
• Experience with IAM, secrets management, and compliance frameworks (SOC2, ISO, etc.)
• High level Linux OS expertise
• Strong troubleshooting skills
• Proactive by nature; internal drive for excellence and improvement
• BS degree in computer science, computer engineering, relevant technical discipline or equivalent practical experienc

Advantage:

• Experience with relational and non-relational databases (Oracle, PostgreSQL, SQL, MongoDB) Experience with software development and development frameworks
• Experience with event streaming and messaging platforms such as Kafka, RabbitMQ
• Knowledge and understanding Storage and Networking

#LI-AG2

We offer the industry’s only platform that fuses customer identity and anti-fraud solutions – customer identity management, identity verification, and fraud prevention. 

We sell to industries with large, consumer-facing businesses such as: banking, financial services, insurance, fintech, gaming, ecommerce/retail, telco / media, utilities, etc.

About the Role:

We are seeking an experienced Security Engineer to join our team and take ownership of our enterprise security infrastructure. In this role, you will be responsible for managing, monitoring, and optimizing our security stack to protect the organization against evolving cyber threats. You will play a critical role in ensuring the security and integrity of our network, endpoints, cloud services, and email communications.

What you’ll do:

• Manage and maintain FortiGate firewalls, including policy configuration, VPN setup, traffic monitoring, and firmware updates to ensure robust network perimeter security, Hands-on experience with next-generation firewalls, preferably FortiGate
• Administer Cisco Meraki cloud-managed networking infrastructure, including security appliances, access points, and network segmentation policies
• Oversee Netskope CASB and SASE solutions to enforce cloud security policies, manage data loss prevention (DLP), and ensure secure access to cloud applications
• Monitor and respond to security incidents using CrowdStrike EDR, including threat hunting, investigation, containment, and remediation of endpoint threats
• Manage Abnormal Security platform to detect and respond to advanced email threats, including business email compromise (BEC), phishing, and account takeover attacks
• Administer Kandji MDM solution for Apple device management, ensuring endpoint compliance, software deployment, and security policy enforcement across the Mac and iOS fleet
• Secure and manage Google Workspace environment, including user access controls, security configurations, and audit log monitoring
• Develop and maintain security documentation, playbooks, and incident response procedures
• Collaborate with IT and DevOps / R&D  teams to implement security best practices across the organization
• Conduct regular security assessments, vulnerability scans, and risk analyses
• Stay current with emerging threats and security trends to continuously improve the organization's security posture
• Experience managing cloud-based networking solutions such as Cisco Meraki

What you’ll need:

The ideal candidate should possess a strong foundation in security principles and practical experience with the tools listed below.

• 3+ years of experience in a security engineering or similar role
• Knowledge of network protocols, VPNs, and firewall rule management
• Experience with incident response and threat investigation
• Strong analytical and problem-solving skills
• Excellent communication skills and ability to work cross-functionally
• Familiarity with MDM solutions for Apple devices, preferably Kandji
• Experience with email security solutions and threat detection
• Strong knowledge of CASB/SASE solutions, preferably Netskope
• Proficiency with EDR platforms, preferably CrowdStrike Falcon

#LI-AM1 #LI-Hybrid 

#LI-TL1 #LI-Hybrid 

Making Security Real

As a Senior Information Security Engineer, you’ll be on the front lines of protecting the systems, users, and data at scale. This role is about turning strategy, architecture, and intent into enforced controls, effective detections, and resilient operations. You’ll work hands-on with the tools, signals, and incidents that define our real security posture.

If you believe security should be practical, measurable, and embedded into daily operations—and not just documented—we want you on the team.

What the Role Looks Like in Practice

You will be the technical anchor of our internal security posture:

• Architectural Ownership: Deploy, manage, and tune enterprise-grade security stacks (EDR, DLP, IAM, CASB, MDM) with a focus on deep integration and automation.
• The AI Frontier: Lead the charge on AI Security. You will implement and secure AI-driven workflows, ensuring LLM use is governed and protected against emerging threats such as data leakage and prompt injection.
• Proactive Defense: Build and maintain high-fidelity detections and guardrails that align with real-world attack techniques.
• Cross-Functional Synergy: Partner as a peer with Engineering, IT, and DevOps to ensure security controls are frictionless, automated, and effective.

What You’ll Bring

Technical Must-Haves:

• 7+ Years of Senior Experience: Extensive hands-on experience in InfoSec Engineering or SecOps within high-growth, cloud-native environments.
• AI Security Mastery (Required): You are ahead of the curve. You have practical experience securing AI adoption and leveraging AI-driven platforms to scale defensive capabilities.
• Deep Technical Stack: Expert-level knowledge of endpoint security (macOS/Linux), SaaS ecosystems, and Identity (Okta/OIDC).
• The Developer Mindset: Advanced scripting skills (Python is a must) to automate away manual toil and build custom security integrations.

Professional & Interpersonal Excellence:

• Strategic Communication: The ability to articulate complex technical risks as actionable business intelligence for diverse stakeholders, ensuring alignment between security objectives and business goals.
• Collaborative Influence: A track record of fostering strong partnerships with R&D and DevOps. You are a facilitator of "Secure-by-Design" principles, focused on engineering solutions rather than creating administrative bottlenecks.
• Crisis Management & Decisiveness: The capacity to maintain operational composure during high-stakes incidents, applying rigorous prioritization and risk-based analysis to drive remediation.
• Pragmatic Professionalism: A disciplined approach to balancing theoretical security ideals with the functional requirements of a high-velocity, global financial infrastructure.

Transmit Security gives businesses the modern tools they need to build secure, trusted and end-to-end digital identity journeys to innovate and grow. 

CX-focused, cybersecurity conscious leaders rely on Transmit Security’s xCIAM platform to provide their customers with smooth experiences protected from fraud across all channels and devices. 

Transmit Security serves many of the world’s largest banks, insurers, retailers, and other leading brands, collectively responsible for more than $1.3 trillion in annual commerce. 

About the Role:

As a DevSecOps engineer you will be a part of our DevOps group and play a critical role in designing and implementing application and infrastructure security programs that will make sure that our systems continue to be secure and compliant with our clients’ high bar.

You will work closely with developers and DevOps engineers to help identify and remediate application and infrastructure security issues.

What you’ll do:

• Implement an application security program
• Design and implement security automation and controls within CI/CD pipelines utilizing SAST, DAST and SCA tools
• Collaborate on architecture reviews, threat modeling, and developer security training sessions to elevate AppSec maturity
• Implement an infrastructure security program
• Integrate and implement CSPM controls within a high scale cloud environment.
• Own strategy for security in IAM, secret management and similar security-critical components
• Own security training and review for DevOps teams.
• Orchestrate execution of penetration testing on infrastructure and application and a bug bounty program
• Own compliance processes within DevOps
• Build and continuously improve SOC2 compliance processes and audit readiness tooling
• Lead technical responses for internal and external audits, working closely with GRC, engineering, and cloud teams to resolve gaps and strengthen security posture.​

What you’ll need:

1. At least 3 years of experience in Application Security and Infrastructure Security in a SaaS company operating in a highly regulated market (finance, healthcare, crypto, security)
2. Experience managing SoC2 or ISO 27001 certifications.
3. Strong software development capabilities and application security knowledge.
4. Strong expertise in AWS, Google Cloud, and Azure security best practices.​
5. Hands-on work with CI/CD, IAC, artifact repositories and related technologies (GitHub Actions, Jenkins, ArgoCD, JFrog, Terraform, CloudFormation)
6. Hands-on work with CSPM,  SCA, SAST, secret scanning and similar tools (ORCA, Veracode, …)
7. Hands-on work with building automations and integrations around security tools.
8. Familiarity with SOC 2, ISO 27001, or NIST frameworks and 24x7 cloud security operations in regulated environments.​