About ProArch:

At ProArch, we partner with businesses around the world to turn big ideas into better outcomes through IT services that span cybersecurity, cloud, data, AI, and app development.

We’re 400+ team members strong across 3 countries (we call ourselves ProArchians)—and here’s what connects us all:

• A love for solving real business problems
• A belief in doing what’s right

What’s it like to work here?

• You’ll keep growing. You’ll work alongside domain experts who love to share what they know.
• You’ll be supported, heard, and trusted to make an impact.
• You’ll take on projects that touch industries, communities, and lives.
• You’ll have the time to focus on what matters most in your life outside of work.

At ProArch, you’ll be part of teams that design and deliver technology solutions solving real business challenges for our clients. With services spanning AI, Data, Application Development, Cybersecurity, Cloud & Infrastructure, and Industry Solutions, your work may involve building intelligent applications, securing business‑critical systems, or supporting cloud migrations and infrastructure modernization.

Every role here contributes to shaping outcomes for global clients and driving meaningful impact. You’ll collaborate with experts across data, AI, engineering, cloud, cybersecurity, and infrastructure—solving complex problems with creativity, precision, and purpose. You’ll join a culture rooted in technology, curiosity, and continuous learning. A place where we move fast, trust you to make an impact, encourage innovation, and support your growth.

About Position:

At ProArch, a leader in IT security consulting with presence in the US, UK, and India, we are looking for a skilled L3 SOC Analyst / Incident Response Analyst to join our Security Operations Center (SOC) team. In this critical role, you will be responsible for advanced incident detection, investigation, and response to complex cybersecurity threats. Leveraging your extensive experience and expertise, you will lead incident response activities, perform deep-dive analysis, and coordinate with cross-functional teams to mitigate risks and strengthen our security posture. If you thrive in a dynamic, fast-paced environment and are passionate about defending organizations against sophisticated cyber threats, this position is ideal for you.Role Summary

ProArch are seeking a highly skilled and technically strong L3 SOC Analyst / Incident Response Analyst to operate within a Managed Security Services Provider (MSSP) environment, supporting multiple customer environments across diverse industries.

This role is heavily focused on:

• Incident Response
• Threat Investigation
• Detection Engineering
• DFIR Operations
• SOC Automation
• Threat Hunting
• Security Platform Engineering
• Response Workflow Optimization

The ideal candidate combines strong incident response expertise, deep Microsoft security platform knowledge, hands-on detection engineering capability, and SOC automation experience within a fast-paced MSSP environment.

This is not a traditional alert-monitoring SOC Analyst role. The position requires strong investigative, analytical, and response-oriented cybersecurity capabilities.

Key Responsibilities

1. Incident Response & Threat Investigation

• Lead and support advanced security incident investigations across multiple customer environments

Perform:

• Threat triage and validation
• IOC analysis and threat correlation
• Endpoint and identity investigations
• Email security investigations
• Cloud security incident analysis
• Root cause analysis

Investigate and respond to:

• Account compromise incidents

• Business Email Compromise (BEC)

• Malware and ransomware activity

• Privilege escalation

• Lateral movement activity

• Suspicious cloud and identity-based attacks

• Advanced phishing and social engineering campaigns

• Coordinate containment, remediation, and recovery activities with customer and internal teams

• Support high-severity incident escalation handling and response coordination

• Provide detailed investigation findings, timelines, impact assessments, and response recommendations

• Conduct proactive threat hunting and threat validation activities where required

• Support digital forensics and evidence collection activities when applicable

2. Detection Engineering & SIEM Operations

Design, develop, and maintain advanced detection rules across:

• Microsoft Sentinel
• Microsoft Defender XDR

Develop and optimize:

• KQL queries
• Analytics rules
• Correlation logic
• Detection use cases

Perform:

• Detection tuning

• False positive reduction

• Behavioral baselining

• Threat-based detection improvements

• Build and maintain reusable detection content and query libraries

• Support proactive detection engineering initiatives aligned with emerging threats and attacker techniques

• Leverage threat intelligence and MITRE ATT&CK mapping to improve detection coverage

3. SOC Automation & SOAR Engineering

Design and implement SOC automation workflows using:

• Microsoft Sentinel Playbooks
• Logic Apps
• SOAR platforms
• API-driven integrations

Build workflows for:

• Alert enrichment

• Incident routing

• Automated containment actions

• Threat intelligence enrichment

• Ticket synchronization

• Investigation acceleration

• Develop scalable automation frameworks to improve SOC operational efficiency

• Support continuous optimization of SOC workflows and automation coverage

• Create automation standards and reusable workflow templates across customer environments

4. Microsoft Security Platform Operations

Provide hands-on operational support, investigation, tuning, administration, and engineering for:

• Microsoft Defender for Endpoint (MDE)
• Microsoft Defender XDR
• Microsoft Defender for Identity (MDI)
• Microsoft Defender for Office 365 (MDO)
• Microsoft Defender for Cloud Apps (MDCA)
• Microsoft Purview
• Microsoft Identity Protection / Entra ID
• Microsoft Sentinel

5. AI Security & Modern Threat Operations

Support detection and response activities related to:

• AI-orchestrated attacks

• Identity-based attacks

• Cloud-native threats

• Advanced phishing and social engineering campaigns

• Leverage AI-assisted SOC operations and automation capabilities where applicable

• Support modern detection strategies aligned with evolving attacker techniques

• Evaluate opportunities to integrate AI-driven efficiencies into detection, investigation, and response workflows

6. Client & Operational Support

• Participate in customer incident discussions and escalation calls when required

• Support onboarding of new customer environments and security integrations

• Maintain:

• Investigation playbooks

• SOPs

• Workflow documentation

• Operational runbooks

• Detection documentation

Collaborate closely with:

• SOC Operations

• Security Engineering

• Vendors

• Consulting teams

• Customer stakeholders

• Support operational improvement initiatives across SOC and DFIR functions

Required Qualifications

Education

• Bachelor’s Degree / Graduation in: Computer Science/Information Technology/Cybersecurity or related technical field is mandatory
• Relevant cybersecurity and automation-focused certifications will be considered an added advantage.

Experience

• 6-9 years of overall cybersecurity experience

Strong hands-on experience in:

• Incident Response

• Threat Investigation

• SOC Operations

• Detection Engineering

• DFIR activities

• Prior Incident Response Analyst experience is highly preferred

• Experience working within MSSP environments preferred

• Experience supporting or collaborating with US-based teams/vendors preferred

• Proven hands-on experience with SOAR platforms in enterprise or MSSP environments

• Strong experience designing and implementing SOC automation workflows from scratch

• Experience supporting enterprise Security Operations Center (SOC) environments

• Experience with detection engineering and SIEM rule development

Required Technical Skills

Security Platforms & Technologies

Strong hands-on experience with:

• Microsoft Defender for Endpoint (MDE)
• Microsoft Defender XDR
• Microsoft Defender for Identity (MDI)
• Microsoft Defender for Office 365 (MDO)
• Microsoft Defender for Cloud Apps (MDCA)
• Microsoft Purview
• Microsoft Identity Protection / Entra ID
• CrowdStrike Falcon
• Threat Intelligence platforms
• Microsoft Sentinel (Mandatory)
• Defender XDR SIEM operations (Mandatory)
• Graph API
• Datto Autotask or equivalent ticketing systems
• Email security solutions
• Endpoint Detection & Response (EDR) platforms
• Identity and authentication platforms
• Cloud security technologies
• Detection Engineering & Automation

Strong experience creating:

• Detection rules
• Analytics rules
• KQL queries
• Detection tuning and fine-tuning

Experience with:

• SOC workflow design
• SOC automation
• SOAR engineering
• API integrations
• Workflow orchestration

Understanding of:

MITRE ATT&CK

• Threat detection methodologies
• Threat hunting methodologies
• AI-driven attack techniques
• AI use cases in SOC operations

Scripting & Technical Skills

Preferred experience with:

• PowerShell
• Python
• REST APIs
• Logic Apps
• KQL (Mandatory)

Preferred Certifications

• Microsoft SC-200
• Microsoft SC-401
• Microsoft AZ-500
• Microsoft SC-900
• Microsoft SC-100
• CISSP
• Security Automation / SOAR Automation / SOAR Certifications

Soft Skills & Work Style

• Strong verbal and written communication skills with the ability to work effectively across technical and non-technical teams
• Excellent collaboration and stakeholder coordination skills across SOC Operations, Engineering, Consulting, Vendors, and Leadership teams
• Strong documentation and technical writing capabilities for investigations, workflows, SOPs, and operational procedures
• Ability to work independently in a remote-first, multicultural, and fast-paced MSSP environment
• Self-driven, proactive, and highly organized with strong ownership and accountability
• Strong analytical, troubleshooting, and problem-solving skills
• Comfortable managing multiple projects, priorities, and operational initiatives simultaneously
• Team-oriented mindset with the ability to operate effectively as an individual contributor
• Professional communication and coordination skills for working with US-based teams and vendors
• Adaptable and flexible to evolving operational and business requirements

Working Model

• Rotational Shift (US Business Hours or After Hours)
• Remote-first operational model
• Participation in on-call escalation rotation for critical incidents when required

What Success Looks Like

• High-quality incident investigations and response handling
• Improved detection fidelity and reduced false positives
• Increased SOC automation coverage and operational efficiency
• Faster containment and response coordination
• Consistent and high-quality incident response across customer environments
• Strong collaboration across SOC, Engineering, and Customer teams
• Continuous improvement of detection, automation, and DFIR capabilities

Life @ ProArch

• At ProArch, we believe our people are the key to our success. That’s why we foster an environment where every employee—known proudly as a ProArchian—can grow, thrive, and make a meaningful impact.
• We empower employees to develop at their own pace through Career Pathways, a clear and supportive guide to professional progression.
• Our culture is one of positivity, inclusivity, and respect. Titles don’t define how we treat each other— every ProArchian is valued equally, and collaboration across roles and teams is the norm.
• We understand that great work starts with balance. That’s why we prioritize work-life harmony, offering flexible work schedules and encouraging time for what matters most.
• Beyond the workplace, ProArchians actively give back—organizing volunteer efforts and charitable initiatives that empower the communities we call home.
• And because we know that extraordinary efforts deserve recognition, we celebrate those who go above and beyond with appreciation programs.
• At ProArch, we’re not just using technology to transform businesses— we’re using it to create a better experience for our people, our clients, and our communities.

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

About GuidePoint Security

GuidePoint Security is a leading cybersecurity solutions and services firm enabling federal government organizations to make smarter security decisions that minimize risk. With more than 800 vetted technology vendor partnerships and deep practitioner expertise across every major cybersecurity domain, GuidePoint serves more than half of the U.S. Government’s cabinet-level agencies across Civilian, DoD, and Intelligence Community segments, as well as Federal System Integrators and major defense prime contractors. We are growing our federal presales engineering team and looking for technically exceptional engineers who thrive at the intersection of federal mission and cybersecurity technology.

The Senior Network Security Engineer will engineer, design, and sustain Comply-to-Connect (C2C) deployment support to migrate and maintain critical services across unclassified and classified environments.

Key Responsibilities

• Engineering, designing, and implementing C2C deployment support while managing the appliances, servers, and supporting infrastructure.
• Coordinating with the network service provider to develop and maintain comprehensive network architecture diagrams.
• Evaluating and recommending technology upgrades to address performance, standardization, and industry best practices.
• Monitoring and investigating C2C performance and faults to recommend and implement necessary improvements.
• Interacting with team members and customers at multiple levels to gather and coordinate vital technical information.
• Supporting Assessment and Authorization (A&A) activities related to cybersecurity technologies and system accreditation.

Requirements

• An active TS/SCI with Polygraph is required.
• Bachelor’s degree or 4+ years of additional experience in lieu of a degree.
• 5+ years of experience in Information Systems Security and/or Cyber Engineering.
• Experience with technologies involved in large-scale enterprise deployments and data center environments.
• Experience deploying enterprise security software products such as firewalls, IPS, Anti-Virus, and network management systems.
• Knowledge of Windows and Linux systems, TCP/IP networking, 802.1x, and general network security concepts.
• IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification or the ability to obtain it within 6 months of hire.

Preferred Qualifications

• Certified Information Systems Security Professional (CISSP) certification.
• Experience implementing vendor-agnostic C2C capabilities and services within DoD engineering and sustainment environments.
• Proficiency with Cisco Identity Services Engine (ISE) and tools such as Nmap, Nessus, and tcpdump.
• Knowledge of Shell, Perl, and XML Scripting to automate security tasks.

Physical Qualifications

• Must be able to remain in a stationary position 50%.
• Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
• Frequently communicates with co-workers, management, and customers, which may involve delivering presentations.
• Must be able to exchange accurate information in these situations.

“ Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.”

We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don’t miss updates on your application.

Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 6,200 customers.

Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.

This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.

Some added perks….

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option

At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

So, what’s the role all about?

The ideal candidate will be responsible for designing, implementing, and maintaining security measures to protect our organization’s computer systems, networks, and SaaS products. This role requires a hands-on approach to identifying vulnerabilities, implementing solutions, and staying abreast of the latest security trends and technologies. The Senior Information Security Engineer will collaborate closely with cross-functional teams to ensure the confidentiality, integrity, and availability of our systems and data.

How will you make an impact?

• Security Tooling: Deploy, maintain, integrate, and perform initial configuration of security tools.
• Vulnerability Management: Coordinate and conduct regular security assessments, penetration testing, and vulnerability scans to identify and address security weaknesses proactively.
• Incident Response: Lead incident response efforts to promptly detect, analyze, and mitigate security incidents and breaches. Develop and maintain incident response plans and procedures.
• Security Operations: Monitor security logs and alerts, investigate suspicious activities, and respond to security events in real-time. Implement and maintain security tools and technologies to enhance our security posture.
• Identity and Access Management: Manage user access controls, authentication mechanisms, and identity management systems to ensure appropriate levels of access and privilege.

Have you got what it takes?

• At least 5 years of experience in information security, with a focus on hands-on security engineering and operations.
• In-depth knowledge of networking protocols, operating systems, and cloud technologies.
• Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001).
• Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools.
• Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP).

You will have an advantage if you also have:

• Relevant certifications such as CISSP, CISM, CEH, or cloud-specific certifications (e.g., AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Professional Cloud Security Engineer) are highly desirable.

What’s in it for you?

Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!

Enjoy NICE-FLEX!

At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere.

About NICE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NICE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

Requisition ID: 10996

Reporting into: Damon Hefner, Manager Information Security

Role Type: Individual Contributor

About NiCE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

Set a new pulse for healthcare!

We are looking for a Senior Security Engineer to join the SecOps team at Doctolib.

Your mission will be to protect the infrastructure, identities, devices and platform that millions of patients and hundreds of thousands of health professionals rely on every day. You will work hands-on across the full corporate IT security perimeter (identity, endpoint, SaaS, network and cloud) in a highly regulated environment (HDS, ISO 27001, C5) where security directly impacts patient safety and trust in the healthcare system.

Working in the tech team at Doctolib means building innovative products and features to improve the daily lives of care teams and patients.

What you’ll do

Your responsibilities include but are not limited to:

• Design and ship security changes as code, reviewed in pull requests like any production change, across our identity, endpoint, SaaS and network security stack
• Build detections, dashboards and automated responses on top of our SIEM (Elastic), writing queries and continuously tuning alert quality
• Drive corporate IT security programs from architecture to enforcement spanning Entra ID, CrowdStrike, Wiz, and Cloudflare
• Investigate security incidents end-to-end and iterate on playbooks with each resolution cycle
• Write proposals and run cross-team change management on major security initiatives, ensuring robust communication with stakeholders
• Mentor junior engineers and contribute to platform security topics when initiatives span both the corporate and product perimeters

Who you are

Before you read on: if you don’t have the exact profile described below, but you feel this job description matches your skill set, we still encourage you to apply.

You’ll be a great fit if you:

• Have 5+ years of hands-on experience in corporate, including at least 2 years at a senior level, with end-to-end ownership of multiple security domains (identity, endpoint, SaaS, network or detection) in production
• Have strong daily mastery of GitHub, Terraform and AI coding assistants (Claude or equivalent) — you ship security work as code reviewed in PRs, and you use AI agents as a structural part of your workflow, not as an occasional helper
• Have a solid detection engineering and SIEM background, and are comfortable writing queries and tuning alerts independently
• Bring a pragmatic mindset and strong written communication skills, with the ability to make decisions under uncertainty and follow through on complex, cross-team initiatives
• Are fluent in English (primary written working language); daily team conversations happen mostly in French, so being a French speaker or willing to learn is a strong plus

It would be fantastic if you:

• Have curiosity for platform security topics (cloud, Kubernetes, supply chain) and a willingness to contribute beyond your core corporate IT perimeter
• Bring prior experience in a regulated industry such as healthcare, fintech or the public sector

Life at Doctolib Tech

• Our solutions are built on a single fully cloud-native platform that supports web and mobile app interfaces, multiple languages, and is adapted to country and healthcare specialty requirements.
• Our stack is composed of Rails, TypeScript, Java, Python, Kotlin, Swift, and React Native.
• We leverage AI ethically across our products to empower patients and health professionals. Discover our AI vision here.

Want to learn more about our tech culture and environment? Visit the Doctolib Tech site .

What we offer

• Free comprehensive health insurance (basic package) for you and your children
• 25 days of paid vacation per year, plus up to 14 days of RTT
• Free mental health and coaching services through our partner Moka.care
• Work from abroad for up to 10 days per year thanks to our flexibility days policy
• Lunch vouchers (Swile card) worth €8.50 per working day, with €4.50 covered by Doctolib
• A subsidy from the work council to refund part of the membership to a sport club or a creative class
• 50% reimbursement of your public transport subscription
• Parent Care Program: receive one additional month of leave on top of the legal parental leave
• Enrollment in Doctolib’s long-term employee value sharing plan called DoctoGrowth
• For caregivers and workers with disabilities, a package including an adaptation of the remote policy, extra days off for medical reasons, and psychological support
• Relocation support in case of international mobility
• Access to the best AI tools for coding, development and dedicated training

Our interview process

• TA Screening
• Technical Deep Dive with a take-home case study and debrief session
• Behavioral Interview
• Final Conversation with the Head of SecOps
• At least one reference check

We want your experience to be clear, respectful, and transparent. Learn more about our hiring process on our candidate experience page.

Job details

• Permanent position
• Tech stack: Elastic, Entra ID, CrowdStrike, Wiz, Cloudflare, GitHub, Terraform
• Full-time
• Paris, France
• Hybrid work setup (up to 2 remote days per week)
• Start date: as soon as possible

We welcome everyone

At Doctolib, we are committed to improving access to healthcare for everyone. This translates into our recruitment process. We evaluate candidates based solely on qualifications and motivation, without any form of discrimination.

The more diverse ideas are heard, the more our product will truly improve healthcare for all. You are welcome to apply to Doctolib, regardless of your gender, religion, age, sexual orientation, ethnicity, or disability.

To ensure equal opportunities, we invite you to exclude personal information (e.g., pictures, age) from your applications. If you require any accommodation, please let us know for support during the hiring process.

Join us in building the healthcare we all dream of!

Your data privacy

All information provided is processed by Doctolib for application management. For data processing details, click here: France . Please contact hr.dataprivacy(at)doctolib.com for inquiries or to exercise your rights.

About the RoleHopper’s Security team is small by design and consequential by impact- and this role sits at the centre of it. As a Senior Security Engineer, you’ll own the...

About the RoleHopper’s Security team is small by design and consequential by impact- and this role sits at the centre of it. As a Senior Security Engineer, you’ll own the...

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

Required Experience:

• Proficiency with the implementation, operationalization, and troubleshooting of Static Application Security Testing (SAST) tools such as Semgrep, Snyk, CodeQL, Checkmarx, Veracode, etc.
• Understanding of Continuous Integration / Continuous Delivery (CI/CD) pipeline tools and processes (e.g. GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, CircleCI, etc.)
• Experience in software engineering, ideally full stack software development, including modern technologies and application architectures
• Strong scripting and automation experience using one or more programming languages
• Solid working knowledge of application security fundamentals including the OWASP Top 10, threat modeling, and implementing secure coding practices throughout the Software Development Lifecycle (SDLC)
• Excellent written and verbal communication skills

Preferred:

• Experience writing or adapting custom SAST rules (Semgrep or CodeQL)

• Familiarity with additional Application Security tools (e.g. Interactive (IAST), Dynamic (DAST) and API security, SCA, etc.)

• Familiarity with API Security tools (e.g., NoName, Traceable, Salt, Cequence)

• Practical hands-on experience validating vulnerabilities and proficiency with Burp Suite

• Strong working knowledge of Secure Development Lifecycles and experience triaging and remediating technical vulnerabilities identified by web application scanning tools

  • Understanding of automated security testing approaches and tools
  • Experience in building and operating security tools within CI/CD pipelines
  • Experience with proactive integration of security into the development process

• Past experience as an application security practitioner or software engineer

Educational & Professional Credentials:

• Bachelor’s degree in a relevant discipline or equivalent experience
• 5-7 years of security engineering experience in the Information Security industry

We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don’t miss updates on your application.

Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 6,200 customers.

Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.

This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.

Some added perks….

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option

We're transforming the grocery industryAt Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together.

The Company

Cypress Creek Energy is powering a sustainable future, one project at a time. We develop, finance, own and operate utility-scale and distributed solar and storage projects across the country. Fostering a diverse group of innovative thinkers from all backgrounds, Cypress people are drawn to work in a purpose-driven organization. We hope you will join us.

Overview

Cypress Creek Energy is hiring an Information Security Manager to lead the company’s security operations and compliance program. This is a hands-on individual contributor role designed for a senior technical security professional ready to take ownership of a complete program — with the opportunity to grow into a leader of a team as the function scales.

The successful candidate brings a balance of deep technical execution and program-level compliance maturity. You will own the day-to-day security tooling stack, lead the company’s NIST-based compliance program, shape policy in emerging areas including artificial intelligence, and maintain an accurate view of every system in the environment. You will report directly to the Chief Technology Officer and partner closely with IT, Counsels, and business stakeholders across the company.

Responsibilities

Security Operations & Engineering

• Endpoint security: Administer and tune Microsoft Defender across the endpoint estate, including policy configuration, alert triage, response, and reporting.
• Network and access security: Manage the Zscaler platform (ZIA/ZPA), including policy development, traffic inspection, access controls, and integration with identity systems.
• SIEM operations: Own SIEM tuning, detection engineering, log source onboarding, alerting, and incident workflows. Build dashboards and metrics that surface meaningful signals.
• Vulnerability management: Run the vulnerability scanning program across AWS and Azure cloud environments and on-premises infrastructure. Prioritize, track, and verify remediation in partnership with IT and engineering teams.
• Patch management: Maintain endpoint patching cadence and reporting, ensuring coverage, exception tracking, and SLA adherence.
• Digital forensics & incident response: Lead investigations into security events, perform forensic analysis, document findings, and coordinate response with internal teams and external partners as needed.

Compliance & Governance

• NIST-based program: Maintain and continuously improve the company’s NIST Cybersecurity Framework-aligned security program, including controls mapping, evidence collection, and gap remediation.
• Policy management: Own the security policy library — ensure policies and standards are current, reviewed on a defined cadence, approved through the right channels, and communicated to the business.
• AI policy and guidance: Develop and maintain the company’s AI usage policies, acceptable use guidance, and review process for new AI tools, in coordination with Counsels and IT.
• System inventory: Build and maintain an authoritative inventory of systems, applications, data flows, and ownership. Keep it accurate as the environment evolves.
• Audit and assessment support: Lead responses to internal and external audits, customer security reviews, and regulatory inquiries. Manage remediation of identified findings through closure.
• Risk management: Identify, document, and track information security risks; propose mitigations and report on residual risk to leadership.

Leadership & Cross-Functional Partnership

• Stakeholder engagement: Partner with IT, Counsels, HR, and business leaders on security matters, providing clear guidance that balances risk with business needs.
• Operational Technology (OT): Act as a partner and advisor to the OT team coordinating security and compliance initiatives across the company. Manage intersection of IT and OT endpoints, systems, and networks.
• Security awareness: Drive the security awareness program, including phishing simulations, training content, and ongoing communications.
• Vendor and third-party risk: Assess and manage security risk associated with vendors, contractors, and third-party service providers.
• Future team leadership: Lay the groundwork to scale the function. As the program matures, hire, mentor, and lead a team of security professionals.

Education & Experience Required

• Use of AI to enhance and scale security operations – establish AI first Security Ops
• Bachelor’s degree in computer science, information systems, cybersecurity, or related field — or equivalent professional experience.
• 5+ years of progressive experience in information security, with demonstrated depth in security operations, engineering, or a combination of both.
• Hands-on administration and tuning experience with Microsoft Defender (Endpoint, Identity, Cloud).
• Production experience operating Zscaler (ZIA and/or ZPA), including policy management and troubleshooting.
• Strong SIEM experience — building detections, tuning alerts, investigating incidents, and onboarding log sources.
• Vulnerability management experience across cloud environments, specifically AWS and Azure.
• Working knowledge of digital forensics and incident response methodology.
• Demonstrated experience operating a security program aligned to the NIST Cybersecurity Framework or NIST 800-53.
• Track record of writing, maintaining, and operationalizing security policies and standards.
• Clear written and verbal communication, including the ability to explain technical risk to non-technical audiences.
• Ability to work from the Durham, NC or Washington, DC office three days per week.
• Embrace and live by the mission and values of Cypress Creek Energy

Preferred Qualifications

• Industry certifications such as CISSP, CISM, GIAC (GCIH, GCFA, GCIA), or equivalent.
• Experience operating in the energy, utility, or critical infrastructure sector.
• Familiarity with NERC CIP or other regulatory frameworks relevant to the power sector.
• Experience scripting or automating security workflows (Python, PowerShell, KQL).
• Prior experience as a senior technical lead preparing to step into a manager role.

Location: The preferred location for this role is for our offices in Durham, NC and Washington, DC. Our team operates on a hybrid schedule, with in-office schedule of three days per week.

Compensation: The salary range for the position is $140,000 - $170,000 plus bonus and benefits. Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience, and location.

Benefits:

• 15 days of Paid Time Off, accrual up to 20 days, 11 observed holidays.
• 401(k) Match
• Comprehensive package including medical, dental, vision and health insurance
• Wellness stipend, family planning stipend, and generous parental leave
• Tuition Reimbursement
• Phone Bill Reimbursement
• Company Swag

A note to Recruiting Agencies Cypress Creek Energy Human Resources team does not accept unsolicited resumes from third party recruiters, staffing firms, or related agencies. The Human Resources team coordinates all recruiting and hiring at our company. We do not accept resumes from third-party recruiters unless authorized by the Human Resources team and if a signed agreement is in place. Any unsolicited resumes will be considered property of CCE and we are not responsible for any related fees. All communication related to recruiting partnerships should ONLY be directed to the Human Resources team.

Cypress Creek Energy is an equal opportunity employer and considers all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. We are committed to providing a workplace that is inclusive and values diversity, and we encourage candidates from all backgrounds to apply.

Please be aware of recruiting scams—official communications will only come from @ccrenew.com, we will never request personal or financial information, and any suspicious activity should be reported to HR@ccrenew.com.

The Company

Cypress Creek Energy is powering a sustainable future, one project at a time. We develop, finance, own and operate utility-scale and distributed solar and storage projects across the country. Fostering a diverse group of innovative thinkers from all backgrounds, Cypress people are drawn to work in a purpose-driven organization. We hope you will join us.

Overview

Cypress Creek Energy is hiring an Information Security Manager to lead the company’s security operations and compliance program. This is a hands-on individual contributor role designed for a senior technical security professional ready to take ownership of a complete program — with the opportunity to grow into a leader of a team as the function scales.

The successful candidate brings a balance of deep technical execution and program-level compliance maturity. You will own the day-to-day security tooling stack, lead the company’s NIST-based compliance program, shape policy in emerging areas including artificial intelligence, and maintain an accurate view of every system in the environment. You will report directly to the Chief Technology Officer and partner closely with IT, Counsels, and business stakeholders across the company.

Responsibilities

Security Operations & Engineering

• Endpoint security: Administer and tune Microsoft Defender across the endpoint estate, including policy configuration, alert triage, response, and reporting.
• Network and access security: Manage the Zscaler platform (ZIA/ZPA), including policy development, traffic inspection, access controls, and integration with identity systems.
• SIEM operations: Own SIEM tuning, detection engineering, log source onboarding, alerting, and incident workflows. Build dashboards and metrics that surface meaningful signals.
• Vulnerability management: Run the vulnerability scanning program across AWS and Azure cloud environments and on-premises infrastructure. Prioritize, track, and verify remediation in partnership with IT and engineering teams.
• Patch management: Maintain endpoint patching cadence and reporting, ensuring coverage, exception tracking, and SLA adherence.
• Digital forensics & incident response: Lead investigations into security events, perform forensic analysis, document findings, and coordinate response with internal teams and external partners as needed.

Compliance & Governance

• NIST-based program: Maintain and continuously improve the company’s NIST Cybersecurity Framework-aligned security program, including controls mapping, evidence collection, and gap remediation.
• Policy management: Own the security policy library — ensure policies and standards are current, reviewed on a defined cadence, approved through the right channels, and communicated to the business.
• AI policy and guidance: Develop and maintain the company’s AI usage policies, acceptable use guidance, and review process for new AI tools, in coordination with Counsels and IT.
• System inventory: Build and maintain an authoritative inventory of systems, applications, data flows, and ownership. Keep it accurate as the environment evolves.
• Audit and assessment support: Lead responses to internal and external audits, customer security reviews, and regulatory inquiries. Manage remediation of identified findings through closure.
• Risk management: Identify, document, and track information security risks; propose mitigations and report on residual risk to leadership.

Leadership & Cross-Functional Partnership

• Stakeholder engagement: Partner with IT, Counsels, HR, and business leaders on security matters, providing clear guidance that balances risk with business needs.
• Operational Technology (OT): Act as a partner and advisor to the OT team coordinating security and compliance initiatives across the company. Manage intersection of IT and OT endpoints, systems, and networks.
• Security awareness: Drive the security awareness program, including phishing simulations, training content, and ongoing communications.
• Vendor and third-party risk: Assess and manage security risk associated with vendors, contractors, and third-party service providers.
• Future team leadership: Lay the groundwork to scale the function. As the program matures, hire, mentor, and lead a team of security professionals.

Education & Experience Required

• Use of AI to enhance and scale security operations – establish AI first Security Ops
• Bachelor’s degree in computer science, information systems, cybersecurity, or related field — or equivalent professional experience.
• 5+ years of progressive experience in information security, with demonstrated depth in security operations, engineering, or a combination of both.
• Hands-on administration and tuning experience with Microsoft Defender (Endpoint, Identity, Cloud).
• Production experience operating Zscaler (ZIA and/or ZPA), including policy management and troubleshooting.
• Strong SIEM experience — building detections, tuning alerts, investigating incidents, and onboarding log sources.
• Vulnerability management experience across cloud environments, specifically AWS and Azure.
• Working knowledge of digital forensics and incident response methodology.
• Demonstrated experience operating a security program aligned to the NIST Cybersecurity Framework or NIST 800-53.
• Track record of writing, maintaining, and operationalizing security policies and standards.
• Clear written and verbal communication, including the ability to explain technical risk to non-technical audiences.
• Ability to work from the Durham, NC or Washington, DC office three days per week.
• Embrace and live by the mission and values of Cypress Creek Energy

Preferred Qualifications

• Industry certifications such as CISSP, CISM, GIAC (GCIH, GCFA, GCIA), or equivalent.
• Experience operating in the energy, utility, or critical infrastructure sector.
• Familiarity with NERC CIP or other regulatory frameworks relevant to the power sector.
• Experience scripting or automating security workflows (Python, PowerShell, KQL).
• Prior experience as a senior technical lead preparing to step into a manager role.

Location: The preferred location for this role is for our offices in Durham, NC and Washington, DC. Our team operates on a hybrid schedule, with in-office schedule of three days per week.

Compensation: The salary range for the position is $140,000 - $170,000 plus bonus and benefits. Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience, and location.

Benefits:

• 15 days of Paid Time Off, accrual up to 20 days, 11 observed holidays.
• 401(k) Match
• Comprehensive package including medical, dental, vision and health insurance
• Wellness stipend, family planning stipend, and generous parental leave
• Tuition Reimbursement
• Phone Bill Reimbursement
• Company Swag

A note to Recruiting Agencies Cypress Creek Energy Human Resources team does not accept unsolicited resumes from third party recruiters, staffing firms, or related agencies. The Human Resources team coordinates all recruiting and hiring at our company. We do not accept resumes from third-party recruiters unless authorized by the Human Resources team and if a signed agreement is in place. Any unsolicited resumes will be considered property of CCE and we are not responsible for any related fees. All communication related to recruiting partnerships should ONLY be directed to the Human Resources team.

Cypress Creek Energy is an equal opportunity employer and considers all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. We are committed to providing a workplace that is inclusive and values diversity, and we encourage candidates from all backgrounds to apply.

Please be aware of recruiting scams—official communications will only come from @ccrenew.com, we will never request personal or financial information, and any suspicious activity should be reported to HR@ccrenew.com.

The Company

Cypress Creek Energy is powering a sustainable future, one project at a time. We develop, finance, own and operate utility-scale and distributed solar and storage projects across the country. Fostering a diverse group of innovative thinkers from all backgrounds, Cypress people are drawn to work in a purpose-driven organization. We hope you will join us.

Overview

Cypress Creek Energy is hiring an Information Security Manager to lead the company’s security operations and compliance program. This is a hands-on individual contributor role designed for a senior technical security professional ready to take ownership of a complete program — with the opportunity to grow into a leader of a team as the function scales.

The successful candidate brings a balance of deep technical execution and program-level compliance maturity. You will own the day-to-day security tooling stack, lead the company’s NIST-based compliance program, shape policy in emerging areas including artificial intelligence, and maintain an accurate view of every system in the environment. You will report directly to the Chief Technology Officer and partner closely with IT, Counsels, and business stakeholders across the company.

Responsibilities

Security Operations & Engineering

• Endpoint security: Administer and tune Microsoft Defender across the endpoint estate, including policy configuration, alert triage, response, and reporting.
• Network and access security: Manage the Zscaler platform (ZIA/ZPA), including policy development, traffic inspection, access controls, and integration with identity systems.
• SIEM operations: Own SIEM tuning, detection engineering, log source onboarding, alerting, and incident workflows. Build dashboards and metrics that surface meaningful signals.
• Vulnerability management: Run the vulnerability scanning program across AWS and Azure cloud environments and on-premises infrastructure. Prioritize, track, and verify remediation in partnership with IT and engineering teams.
• Patch management: Maintain endpoint patching cadence and reporting, ensuring coverage, exception tracking, and SLA adherence.
• Digital forensics & incident response: Lead investigations into security events, perform forensic analysis, document findings, and coordinate response with internal teams and external partners as needed.

Compliance & Governance

• NIST-based program: Maintain and continuously improve the company’s NIST Cybersecurity Framework-aligned security program, including controls mapping, evidence collection, and gap remediation.
• Policy management: Own the security policy library — ensure policies and standards are current, reviewed on a defined cadence, approved through the right channels, and communicated to the business.
• AI policy and guidance: Develop and maintain the company’s AI usage policies, acceptable use guidance, and review process for new AI tools, in coordination with Counsels and IT.
• System inventory: Build and maintain an authoritative inventory of systems, applications, data flows, and ownership. Keep it accurate as the environment evolves.
• Audit and assessment support: Lead responses to internal and external audits, customer security reviews, and regulatory inquiries. Manage remediation of identified findings through closure.
• Risk management: Identify, document, and track information security risks; propose mitigations and report on residual risk to leadership.

Leadership & Cross-Functional Partnership

• Stakeholder engagement: Partner with IT, Counsels, HR, and business leaders on security matters, providing clear guidance that balances risk with business needs.
• Operational Technology (OT): Act as a partner and advisor to the OT team coordinating security and compliance initiatives across the company. Manage intersection of IT and OT endpoints, systems, and networks.
• Security awareness: Drive the security awareness program, including phishing simulations, training content, and ongoing communications.
• Vendor and third-party risk: Assess and manage security risk associated with vendors, contractors, and third-party service providers.
• Future team leadership: Lay the groundwork to scale the function. As the program matures, hire, mentor, and lead a team of security professionals.

Education & Experience Required

• Use of AI to enhance and scale security operations – establish AI first Security Ops
• Bachelor’s degree in computer science, information systems, cybersecurity, or related field — or equivalent professional experience.
• 5+ years of progressive experience in information security, with demonstrated depth in security operations, engineering, or a combination of both.
• Hands-on administration and tuning experience with Microsoft Defender (Endpoint, Identity, Cloud).
• Production experience operating Zscaler (ZIA and/or ZPA), including policy management and troubleshooting.
• Strong SIEM experience — building detections, tuning alerts, investigating incidents, and onboarding log sources.
• Vulnerability management experience across cloud environments, specifically AWS and Azure.
• Working knowledge of digital forensics and incident response methodology.
• Demonstrated experience operating a security program aligned to the NIST Cybersecurity Framework or NIST 800-53.
• Track record of writing, maintaining, and operationalizing security policies and standards.
• Clear written and verbal communication, including the ability to explain technical risk to non-technical audiences.
• Ability to work from the Durham, NC or Washington, DC office three days per week.
• Embrace and live by the mission and values of Cypress Creek Energy

Preferred Qualifications

• Industry certifications such as CISSP, CISM, GIAC (GCIH, GCFA, GCIA), or equivalent.
• Experience operating in the energy, utility, or critical infrastructure sector.
• Familiarity with NERC CIP or other regulatory frameworks relevant to the power sector.
• Experience scripting or automating security workflows (Python, PowerShell, KQL).
• Prior experience as a senior technical lead preparing to step into a manager role.

Location: The preferred location for this role is for our offices in Durham, NC and Washington, DC. Our team operates on a hybrid schedule, with in-office schedule of three days per week.

Compensation: The salary range for the position is $140,000 - $170,000 plus bonus and benefits. Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience, and location.

Benefits:

• 15 days of Paid Time Off, accrual up to 20 days, 11 observed holidays.
• 401(k) Match
• Comprehensive package including medical, dental, vision and health insurance
• Wellness stipend, family planning stipend, and generous parental leave
• Tuition Reimbursement
• Phone Bill Reimbursement
• Company Swag

A note to Recruiting Agencies Cypress Creek Energy Human Resources team does not accept unsolicited resumes from third party recruiters, staffing firms, or related agencies. The Human Resources team coordinates all recruiting and hiring at our company. We do not accept resumes from third-party recruiters unless authorized by the Human Resources team and if a signed agreement is in place. Any unsolicited resumes will be considered property of CCE and we are not responsible for any related fees. All communication related to recruiting partnerships should ONLY be directed to the Human Resources team.

Cypress Creek Energy is an equal opportunity employer and considers all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. We are committed to providing a workplace that is inclusive and values diversity, and we encourage candidates from all backgrounds to apply.

Please be aware of recruiting scams—official communications will only come from @ccrenew.com, we will never request personal or financial information, and any suspicious activity should be reported to HR@ccrenew.com.

Basic Function

Lumin Digital is standing up a dedicated Network Security function within its Risk Engineering group to protect a growing product suite that handles sensitive financial data across multiple product lines. This role exists because the landscape has shifted: in a cloud-native, infrastructure-as-code environment, network security is no longer about managing router ACLs—it is about designing identity-aware policy enforcement, automating end-to-end change management, and building real-time visibility into network activity across both workforce and hosted contexts.

As the Network Security Software Engineer, you will be a domain authority who breaks network security out of the existing Security Engineering and SOC functions, building the specialization from the ground up. You will architect and deliver automated, lights-off pipelines—using agentic development practices and tools like Claude Code—that turn around security changes faster, go deeper than port and protocol in our defense-in-depth story, and extend coverage to the agents our teams create, not just the people who create them.

We are looking for a senior practitioner who will teach us what great network security looks like in a modern, highly-automated fintech environment—not someone who needs to be taught.

Essential Functions and Responsibilities:

• Own the architecture, implementation, and continuous improvement of Lumin’s network security program across cloud, SD-WAN, and ZTNA layers—designing identity-aware, policy-driven controls that secure both human and machine (agent) identities.

• Design and deliver fully automated, end-to-end network security change management pipelines that eliminate manual toil, accelerate change velocity, and maintain audit-ready evidence at every step.

• Build and operate real-time network telemetry, monitoring, and alerting systems that provide deep visibility into network activity — integrating threat intelligence feeds, cloud connectivity data, and asset inventories into a unified, automated network defense posture.

• Engineer production-grade tooling and services—including firewall rule lifecycle management, policy drift detection, configuration compliance validation, and telemetry enrichment—using modern backend languages (Python strongly preferred) and infrastructure-as-code.

• Manage and tune network-layer detection capabilities — including IDS/IPS signatures, firewall rules, and WAF configuration — to ensure high-fidelity signals for SOC consumption.

• Operate at the leading edge of AI-assisted development: write precise engineering specifications, direct AI coding agents (e.g., Claude Code, Cursor), and review/validate generated output to build secure, lights-off agentic pipelines that the broader team can learn from.

• Build and maintain API integrations across the network security technology stack (e.g., Cloudflare, Zscaler, cloud-native controls) with reliability, observability, and audit-readiness designed in from day one.

• Support compliance audit and assessment activities — including evidence collection, control testing, and auditor walkthroughs for network security domains; maintain an accurate network diagram inventory documenting topology, segmentation boundaries, and data flows.

• Partner with the Security Operations Center, SRE, and IT to ensure network security controls integrate cleanly with existing infrastructure pipelines, CI/CD workflows, and incident response processes; participate in security architecture reviews and contribute to runbook development and operational documentation—raising the network security bar across the engineering organization.

• Perform other duties as assigned.

Physical Demands:

• While performing the duties of this job, the employee is regularly required to sit; use hands to type, handle, or feel and talk or hear.

• Specific vision abilities required by this job include close vision.

• Ability to occasionally lift/move up to 25 pounds.

• Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through the Human Resources department.

Supervisory Responsibility:

None.

Position Specifications

Education:

• Bachelor’s degree in Computer Science, Information Security, Network Engineering, or a related technical field, or equivalent combination of education and experience.

• Preferred certifications: CCNP Security, PCNSE (Palo Alto), AWS Solutions Architect, Cloudflare certifications, or equivalent. Relevant certifications are valued but not required if depth of hands-on experience is demonstrated.

Experience:

• 5+ years of progressive experience in network security engineering, with a demonstrated track record of designing, automating, and operating network security controls in cloud-native or hybrid environments.

• Substantive hands-on engineering experience: you write production code, build integrations, and ship tooling—not just policies and diagrams.

• Direct experience with network security platforms such as Cloudflare (WAF, Workers, Rulesets, Terraform provider), Zscaler (ZIA, ZPA), Palo Alto, or equivalent tier-one solutions.

• Experience in fintech, banking, payments, or other regulated financial services environments (PCI-DSS, SOC 2, ISO 27001) strongly preferred.

• Experience with infrastructure-as-code (Terraform, CloudFormation) and CI/CD-driven infrastructure provisioning.

Knowledge, Skills, & Abilities:

Required:

• Deep expertise in network security fundamentals: firewall policy design, micro-segmentation, ZTNA, SD-WAN, DDoS mitigation, traffic analysis, DNS security, and certificate/PKI management.

• Hands-on experience with agentic coding tools and workflows (Claude Code, Cursor, or equivalent)—or demonstrated eagerness and aptitude to adopt them as a primary development methodology.

• Strong proficiency in at least one backend language (Python strongly preferred; Go or similar considered) with the ability to design and build production-grade APIs, automation frameworks, and integration platforms.

• Thorough understanding of identity-aware network security—designing controls that authenticate and authorize not just users but services, workloads, and autonomous agents.

• Demonstrated ability to write clear, precise engineering specifications and technical documentation; comfortable operating on a distributed, async-first team where written clarity drives outcomes.

• Sound engineering judgment: able to evaluate AI-generated code for correctness, security implications, and maintainability; able to architect systems for reliability and observability.

• Strong cross-functional communication skills: able to translate network security requirements into actionable engineering work and influence peers across Security, SRE, and Platform teams.

Preferred:

• Experience building real-time telemetry, monitoring, and threat detection pipelines for network traffic.

• Familiarity with agent-to-agent authentication, service mesh architectures, and securing AI/ML workload communications.

• Experience integrating threat intelligence feeds and automating indicator-of-compromise enrichment into network defense workflows.

Travel:

• Minimal, generally 12 days or less per year (~2 team get-togethers per year).

$145,000 - $175,000 a year

LIFE AT LUMIN DIGITAL

Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. We empower credit unions and banks by creating cutting-edge digital experiences that continuously serve, engage, and grow their membership base — and as a 100% cloud-native company, we’re purpose-built to unlock the full advantages of the cloud for financial institutions and their users.

At Lumin, we thrive on curiosity and innovation. Our culture is built on trust in our expertise and decisions, respect for diverse perspectives and talents, and boldness in pursuing new ideas. These values shape a workplace where collaboration thrives, ideas flourish, and new possibilities are discovered every day. We encourage our team to explore, experiment, and challenge the status quo — because continuous improvement isn’t just a goal, it’s how we operate.

Benefits Include We take care of our people with medical, dental, and vision insurance, a 401(k) with company match, flexible PTO plus 12 paid holidays, paid sick leave, and paid parental and family leave. We also offer a lifestyle spending account, tuition reimbursement, and a cell phone stipend. Additional details are provided during the interview process.

Lumin Digital is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender identity, or any other legally protected basis. For more information, visit lumindigital.com.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Reports to: Sr. Director of Adversary Tactics

Location: Remote US

Compensation Range: $190,000.00 to $210,000.00  base plus bonus and equity

What We Do:

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24⁄7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers’ protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

What You’ll Do:

The Huntress Adversary Tactics team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. We’re looking for someone who wants to pour their creativity into researching, hunting, and uncovering threats in our customer networks. Competitive candidates have experience leading a team of researchers across the threat intelligence cycle. Candidates should also have experience creating Threat Intelligence reports, advocating for product enhancements, and public speaking.

Threat Intelligence Analysts aggregate threat data from the previous month and build out reports for our customers. These reports may also be used for marketing and help illustrate the value of what Huntress provides to customers and the community. Threat Intelligence Analysts are also responsible for writing blog posts and marketing materials regarding emerging threat trends. They also work closely with Security Researchers and Analysts to obtain more context about threat data.

Familiarity with product management, scripting/development, incident response, malware analysis, configuration management, and antivirus technologies is an additional way to differentiate yourself.

As you can imagine, success doesn’t happen in a vacuum. An effective hunter fosters highly collaborative environments between the Product, Marketing, and Security Operations Center teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision, ultimately delivering our most impactful features and capabilities.

We defend over 5 million endpoints and 11 million identities, and that number continues to grow each month, across tens of thousands of mid-sized and small business customers. Given this market’s tighter budgets, it’s impossible to assign human analysts to each client. The Adversary Tactics team addresses this challenge head-on by providing input to build and scale highly automated efficiencies—often lightly augmented by our Security Operations Analysts—that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.

Responsibilities:

• Conducts research on emerging adversary tradecraft in the identity space (Microsoft 365, Google) to help scope and conduct hunt missions
• Responsible for aggregating threat data to build out reports for customers to show Huntress’ value, and inform them of various threats that have been seen and reported
• Responsible for creating reports for marketing to show Huntress’ value to the larger community
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Works with the Sr. Director of Adversary Tactics, the Security Operations Center, Product, and others to develop the Product and threat operations roadmap
• Provides technical leadership for some members of the Security teams
• Supports the professional development of researchers and others in the organization through coaching and mentorship
• Responsible for enhancing Huntress visibility by ingesting and utilizing IOCs from external threat intel sources
• Responsible for blog posts and other marketing materials regarding threat trends
• Excellent written and verbal communication skills
• Familiarity with utilizing AI in workflows

What You Bring To The Team:

• Minimum of 5 years of experience in the field of Threat Intelligence
• Experience with SIEM tools for scaled log analysis
• Familiarity with detection engineering, detection logic, i.e., Sigma Rules
• Experience researching and scoping threat hunt missions
• Understanding of cybersecurity, threat actors, and end-to-end threat life cycle, including one or more of the following: digital forensics, malware research, incident response, vulnerabilities, and exploits
• Experience with 3rd-party intelligence tools, feeds, and reputation services.
• Experience conducting OSINT gathering and analysis
• Foundational development experience across multiple platforms (e.g., Windows and/or macOS), C/C++, GoLang, and Python (nice to have)
• Proficient knowledge of Windows and/or macOS subsystems and how they interact both at the user and kernel level (nice to have)

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit businesses of all sizes.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com . Please note that non-accommodation requests to this inbox will not receive a response.

Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process, but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights.

#BI-Remote

Reports to: Sr. Director of Adversary Tactics

Location: Remote US

Compensation Range: $190,000.00 to $210,000.00  base plus bonus and equity

What We Do:

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24⁄7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers’ protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

What You’ll Do:

The Huntress Adversary Tactics team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. We’re looking for someone who wants to pour their creativity into researching, hunting, and uncovering threats in our customer networks. Competitive candidates have experience leading a team of researchers across the threat intelligence cycle. Candidates should also have experience creating Threat Intelligence reports, advocating for product enhancements, and public speaking.

Threat Intelligence Analysts aggregate threat data from the previous month and build out reports for our customers. These reports may also be used for marketing and help illustrate the value of what Huntress provides to customers and the community. Threat Intelligence Analysts are also responsible for writing blog posts and marketing materials regarding emerging threat trends. They also work closely with Security Researchers and Analysts to obtain more context about threat data.

Familiarity with product management, scripting/development, incident response, malware analysis, configuration management, and antivirus technologies is an additional way to differentiate yourself.

As you can imagine, success doesn’t happen in a vacuum. An effective hunter fosters highly collaborative environments between the Product, Marketing, and Security Operations Center teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision, ultimately delivering our most impactful features and capabilities.

We defend over 5 million endpoints and 11 million identities, and that number continues to grow each month, across tens of thousands of mid-sized and small business customers. Given this market’s tighter budgets, it’s impossible to assign human analysts to each client. The Adversary Tactics team addresses this challenge head-on by providing input to build and scale highly automated efficiencies—often lightly augmented by our Security Operations Analysts—that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.

Responsibilities:

• Conducts research on emerging adversary tradecraft in the identity space (Microsoft 365, Google) to help scope and conduct hunt missions
• Responsible for aggregating threat data to build out reports for customers to show Huntress’ value, and inform them of various threats that have been seen and reported
• Responsible for creating reports for marketing to show Huntress’ value to the larger community
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Works with the Sr. Director of Adversary Tactics, the Security Operations Center, Product, and others to develop the Product and threat operations roadmap
• Provides technical leadership for some members of the Security teams
• Supports the professional development of researchers and others in the organization through coaching and mentorship
• Responsible for enhancing Huntress visibility by ingesting and utilizing IOCs from external threat intel sources
• Responsible for blog posts and other marketing materials regarding threat trends
• Excellent written and verbal communication skills
• Familiarity with utilizing AI in workflows

What You Bring To The Team:

• Minimum of 5 years of experience in the field of Threat Intelligence
• Experience with SIEM tools for scaled log analysis
• Familiarity with detection engineering, detection logic, i.e., Sigma Rules
• Experience researching and scoping threat hunt missions
• Understanding of cybersecurity, threat actors, and end-to-end threat life cycle, including one or more of the following: digital forensics, malware research, incident response, vulnerabilities, and exploits
• Experience with 3rd-party intelligence tools, feeds, and reputation services.
• Experience conducting OSINT gathering and analysis
• Foundational development experience across multiple platforms (e.g., Windows and/or macOS), C/C++, GoLang, and Python (nice to have)
• Proficient knowledge of Windows and/or macOS subsystems and how they interact both at the user and kernel level (nice to have)

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit businesses of all sizes.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com . Please note that non-accommodation requests to this inbox will not receive a response.

Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process, but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights.

#BI-Remote

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and...

Basic Function

The Senior Application Security Engineer is a hands-on technical leader responsible for securing Lumin Digital’s B2B2C SaaS platform across the full software development lifecycle. This role exists at the intersection of application security and AI-augmented engineering: the ideal candidate actively uses AI-powered tools such as Claude Code and Claude Security in their daily workflow to find vulnerabilities faster, automate remediation, and scale security coverage beyond what traditional approaches allow. As AI rapidly transforms how code is written, reviewed, and deployed, this engineer will lead the effort to secure AI-integrated applications, harden CI/CD pipelines, and establish governance for responsible AI adoption across product and engineering teams. Success in this role requires deep technical fluency, a bias toward building and doing over advising, and the ability to operate independently in a fast-moving, remote-first environment.

Essential Functions and Responsibilities:

• Lead security architecture reviews for new and existing applications, ensuring secure-by-design principles are embedded from initial design through deployment and ongoing operation.

• Develop, enforce, and continuously refine secure coding standards across engineering teams through a combination of automated security scans (SAST, DAST, SCA), AI-assisted code review using tools such as Claude Code, periodic manual code audits, and targeted secure development training.

• Own the design, implementation, and evolution of Application Security Posture Management (ASPM) capabilities, integrating signals from static analysis, dynamic testing, software composition analysis, and runtime telemetry to build risk-scoring models that balance exploitability, data sensitivity, and business impact.

• Continuously improve threat modeling frameworks across application components, third-party integrations, cloud-native architectures, and AI/LLM-powered features, leveraging tools such as Claude Security for accelerated threat model generation and scenario analysis.

• Develop custom security automation tools and scripts to improve detection and response capabilities across cloud environments, including AI-assisted vulnerability auto-fix workflows and integration of AI-powered security tooling into CI/CD pipelines.

• Own and operate the company’s bug bounty program end-to-end: define program strategy and scope, triage and validate external researcher submissions, assess severity, and maintain productive engagement with the security research community.

• Manage vulnerability triage and prioritization processes, ensuring vulnerabilities are assessed based on exploitability, business impact, and compliance requirements, and that remediation timelines align with organizational risk tolerance.

• Influence product roadmaps by identifying and advocating for security enhancements aligned with evolving regulatory requirements, industry best practices, and the emerging threat landscape for AI-integrated applications.

• Mentor security engineers and developers through hands-on guidance in secure coding, vulnerability remediation, and effective use of AI-augmented security workflows.

• Present security findings, risk assessments, and program metrics to senior leadership, clients, auditors, and regulators in a clear, actionable manner.

• Perform other duties as assigned.

Physical Demands:

• While performing the duties of this job, the employee is regularly required to sit; use hands to type, handle, or feel and talk or hear.

• Specific vision abilities required by this job include close vision.

• Ability to occasionally lift/move up to 25 pounds.

• Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through the Human Resources department.

Supervisory Responsibility:

None

Position Specifications

Education:

• Bachelor’s in Computer Science, Cybersecurity, Information Assurance, Software Engineering, or a related field, or an equivalent combination of education and experience.

• Preferred certifications: CSSLP, OSCP, GWEB, or GWAPT.

Experience:

• Seven (7+) years of progressive experience in application security, software security engineering, or a closely related domain within production SaaS environments.

• Extensive hands-on experience in secure software development, DevSecOps pipeline design, and security testing methodologies (SAST, DAST, SCA, penetration testing).

• Demonstrated experience securing large-scale cloud-native applications, APIs, and microservices architectures.

• Experience leading application security initiatives, defining program strategy, and mentoring engineering teams on secure development practices.

• Demonstrated, regular hands-on use of AI-powered security and development tools (e.g., Claude Code, Claude Security, or comparable coding/security assistants) as part of daily security engineering workflows, not solely in an evaluative, advisory, or training capacity.

• Experience assessing AI-specific attack surfaces in LLM-integrated applications, including prompt injection, context leakage, insecure tool use, and model denial-of-service.

Knowledge, Skills, & Abilities:

Required:

• Deep expertise in AWS security, Kubernetes security, and cloud-native application security best practices.

• Strong programming proficiency with the ability to review and assess security risks in one or more of: Java, C#, JavaScript/TypeScript, Python, Swift, or Kotlin.

• Expertise in secure authentication and authorization mechanisms, including OAuth 2.0, OIDC, SAML, JWT, WebAuthn, and Zero Trust principles.

• Hands-on proficiency with AI-augmented security workflows, including daily use of AI tools (e.g., Claude Code, Claude Security) for vulnerability discovery, remediation assistance, threat modeling, and security automation across the SDLC.

• Strong understanding of OWASP Top 10, OWASP Top 10 for LLM Applications, SANS 25, CVSS/EPSS scoring, and MITRE ATT&CK framework.

• Ability to identify, assess, and mitigate prompt injection vulnerabilities (direct and indirect) in LLM-integrated applications through input validation, output sanitization, instruction hierarchy enforcement, and adversarial prompt testing.

• Experience with secure context window management in AI-powered products, including preventing sensitive data leakage, enforcing context isolation boundaries, and defining data classification policies for AI model inputs.

• Hands-on experience with security automation and scripting (Python, Bash, or equivalent).

• Proficiency in penetration testing methodologies, including automated and manual security testing of web applications, APIs, and mobile platforms.

• Strong knowledge of encryption standards, cryptographic best practices, and secrets management.

• Ability to communicate complex security concepts to both technical and non-technical audiences, and to present risk assessments to senior leadership and external stakeholders.

• Demonstrated ability to work independently in a remote setting while maintaining high performance and accountability.

Preferred:

• Experience evaluating the security posture of AI providers (API security reviews, data residency assessments, vendor risk questionnaires, and contractual security requirements).

• Familiarity with AI model access controls and secrets hygiene in AI pipelines, including least-privilege principles for LLM tool integrations and securing model inference endpoints.

• Experience with SIEM, WAF, and security monitoring tools.

• Familiarity with cloud security controls in AWS, including IAM, security groups, KMS, Lambda security, and cloud monitoring.

• Strong project management abilities and experience collaborating across product, engineering, and compliance teams.

Travel:

• Minimal, generally 12 days or less per year, ~2X team get-togethers a year.

$155,000 - $175,000 a year

LIFE AT LUMIN DIGITAL

Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. We empower credit unions and banks by creating cutting-edge digital experiences that continuously serve, engage, and grow their membership base — and as a 100% cloud-native company, we’re purpose-built to unlock the full advantages of the cloud for financial institutions and their users.

At Lumin, we thrive on curiosity and innovation. Our culture is built on trust in our expertise and decisions, respect for diverse perspectives and talents, and boldness in pursuing new ideas. These values shape a workplace where collaboration thrives, ideas flourish, and new possibilities are discovered every day. We encourage our team to explore, experiment, and challenge the status quo — because continuous improvement isn’t just a goal, it’s how we operate.

Benefits Include We take care of our people with medical, dental, and vision insurance, a 401(k) with company match, flexible PTO plus 12 paid holidays, paid sick leave, and paid parental and family leave. We also offer a lifestyle spending account, tuition reimbursement, and a cell phone stipend. Additional details are provided during the interview process.

Lumin Digital is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender identity, or any other legally protected basis.

For more information, visit lumindigital.com.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and...

Basic Function

The Senior Application Security Engineer is a hands-on technical leader responsible for securing Lumin Digital’s B2B2C SaaS platform across the full software development lifecycle. This role exists at the intersection of application security and AI-augmented engineering: the ideal candidate actively uses AI-powered tools such as Claude Code and Claude Security in their daily workflow to find vulnerabilities faster, automate remediation, and scale security coverage beyond what traditional approaches allow. As AI rapidly transforms how code is written, reviewed, and deployed, this engineer will lead the effort to secure AI-integrated applications, harden CI/CD pipelines, and establish governance for responsible AI adoption across product and engineering teams. Success in this role requires deep technical fluency, a bias toward building and doing over advising, and the ability to operate independently in a fast-moving, remote-first environment.

Essential Functions and Responsibilities:

• Lead security architecture reviews for new and existing applications, ensuring secure-by-design principles are embedded from initial design through deployment and ongoing operation.

• Develop, enforce, and continuously refine secure coding standards across engineering teams through a combination of automated security scans (SAST, DAST, SCA), AI-assisted code review using tools such as Claude Code, periodic manual code audits, and targeted secure development training.

• Own the design, implementation, and evolution of Application Security Posture Management (ASPM) capabilities, integrating signals from static analysis, dynamic testing, software composition analysis, and runtime telemetry to build risk-scoring models that balance exploitability, data sensitivity, and business impact.

• Continuously improve threat modeling frameworks across application components, third-party integrations, cloud-native architectures, and AI/LLM-powered features, leveraging tools such as Claude Security for accelerated threat model generation and scenario analysis.

• Develop custom security automation tools and scripts to improve detection and response capabilities across cloud environments, including AI-assisted vulnerability auto-fix workflows and integration of AI-powered security tooling into CI/CD pipelines.

• Own and operate the company’s bug bounty program end-to-end: define program strategy and scope, triage and validate external researcher submissions, assess severity, and maintain productive engagement with the security research community.

• Manage vulnerability triage and prioritization processes, ensuring vulnerabilities are assessed based on exploitability, business impact, and compliance requirements, and that remediation timelines align with organizational risk tolerance.

• Influence product roadmaps by identifying and advocating for security enhancements aligned with evolving regulatory requirements, industry best practices, and the emerging threat landscape for AI-integrated applications.

• Mentor security engineers and developers through hands-on guidance in secure coding, vulnerability remediation, and effective use of AI-augmented security workflows.

• Present security findings, risk assessments, and program metrics to senior leadership, clients, auditors, and regulators in a clear, actionable manner.

• Perform other duties as assigned.

Physical Demands:

• While performing the duties of this job, the employee is regularly required to sit; use hands to type, handle, or feel and talk or hear.

• Specific vision abilities required by this job include close vision.

• Ability to occasionally lift/move up to 25 pounds.

• Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through the Human Resources department.

Supervisory Responsibility:

None

Position Specifications

Education:

• Bachelor’s in Computer Science, Cybersecurity, Information Assurance, Software Engineering, or a related field, or an equivalent combination of education and experience.

• Preferred certifications: CSSLP, OSCP, GWEB, or GWAPT.

Experience:

• Seven (7+) years of progressive experience in application security, software security engineering, or a closely related domain within production SaaS environments.

• Extensive hands-on experience in secure software development, DevSecOps pipeline design, and security testing methodologies (SAST, DAST, SCA, penetration testing).

• Demonstrated experience securing large-scale cloud-native applications, APIs, and microservices architectures.

• Experience leading application security initiatives, defining program strategy, and mentoring engineering teams on secure development practices.

• Demonstrated, regular hands-on use of AI-powered security and development tools (e.g., Claude Code, Claude Security, or comparable coding/security assistants) as part of daily security engineering workflows, not solely in an evaluative, advisory, or training capacity.

• Experience assessing AI-specific attack surfaces in LLM-integrated applications, including prompt injection, context leakage, insecure tool use, and model denial-of-service.

Knowledge, Skills, & Abilities:

Required:

• Deep expertise in AWS security, Kubernetes security, and cloud-native application security best practices.

• Strong programming proficiency with the ability to review and assess security risks in one or more of: Java, C#, JavaScript/TypeScript, Python, Swift, or Kotlin.

• Expertise in secure authentication and authorization mechanisms, including OAuth 2.0, OIDC, SAML, JWT, WebAuthn, and Zero Trust principles.

• Hands-on proficiency with AI-augmented security workflows, including daily use of AI tools (e.g., Claude Code, Claude Security) for vulnerability discovery, remediation assistance, threat modeling, and security automation across the SDLC.

• Strong understanding of OWASP Top 10, OWASP Top 10 for LLM Applications, SANS 25, CVSS/EPSS scoring, and MITRE ATT&CK framework.

• Ability to identify, assess, and mitigate prompt injection vulnerabilities (direct and indirect) in LLM-integrated applications through input validation, output sanitization, instruction hierarchy enforcement, and adversarial prompt testing.

• Experience with secure context window management in AI-powered products, including preventing sensitive data leakage, enforcing context isolation boundaries, and defining data classification policies for AI model inputs.

• Hands-on experience with security automation and scripting (Python, Bash, or equivalent).

• Proficiency in penetration testing methodologies, including automated and manual security testing of web applications, APIs, and mobile platforms.

• Strong knowledge of encryption standards, cryptographic best practices, and secrets management.

• Ability to communicate complex security concepts to both technical and non-technical audiences, and to present risk assessments to senior leadership and external stakeholders.

• Demonstrated ability to work independently in a remote setting while maintaining high performance and accountability.

Preferred:

• Experience evaluating the security posture of AI providers (API security reviews, data residency assessments, vendor risk questionnaires, and contractual security requirements).

• Familiarity with AI model access controls and secrets hygiene in AI pipelines, including least-privilege principles for LLM tool integrations and securing model inference endpoints.

• Experience with SIEM, WAF, and security monitoring tools.

• Familiarity with cloud security controls in AWS, including IAM, security groups, KMS, Lambda security, and cloud monitoring.

• Strong project management abilities and experience collaborating across product, engineering, and compliance teams.

Travel:

• Minimal, generally 12 days or less per year, ~2X team get-togethers a year.

$155,000 - $175,000 a year

LIFE AT LUMIN DIGITAL

Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. We empower credit unions and banks by creating cutting-edge digital experiences that continuously serve, engage, and grow their membership base — and as a 100% cloud-native company, we’re purpose-built to unlock the full advantages of the cloud for financial institutions and their users.

At Lumin, we thrive on curiosity and innovation. Our culture is built on trust in our expertise and decisions, respect for diverse perspectives and talents, and boldness in pursuing new ideas. These values shape a workplace where collaboration thrives, ideas flourish, and new possibilities are discovered every day. We encourage our team to explore, experiment, and challenge the status quo — because continuous improvement isn’t just a goal, it’s how we operate.

Benefits Include We take care of our people with medical, dental, and vision insurance, a 401(k) with company match, flexible PTO plus 12 paid holidays, paid sick leave, and paid parental and family leave. We also offer a lifestyle spending account, tuition reimbursement, and a cell phone stipend. Additional details are provided during the interview process.

Lumin Digital is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender identity, or any other legally protected basis.

For more information, visit lumindigital.com.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

1Password is growing. We’ve surpassed $400M in ARR and we’re continuing to accelerate, earning a spot on the Forbes Cloud 100 for four years in a row and teaming up...

MissionSupport the client’s AI Security Governance Program by defining, operationalizing and continuously improving the cybersecurity control framework for AI, GenAI and agentic AI use cases. The role will work with...