Replit: Cloud-based platform for building and hosting software applications.
8+ YOE8+ years in GRC or information security; deep cloud (GCP/AWS) and security architecture; strong regulatory experience; automation mindset with GRC tools.
GCP, AWS, Vanta, Drata, SOC 2, ISO 27001, PCI, HIPAA
Postman: Platform for building, testing, and managing software APIs.
6+ YOE6+ years GRC experience in tech, SOC2/ISO27001/HIPAA/GDPR/CCPA/FedRAMP knowledge, proficiency in Python or JavaScript, experience integrating GRC tooling, and strong communication.
fal: Generative media infrastructure and high-performance AI inference platform.
Experience designing and running governance, risk, and compliance programs (SOC 2, ISO 27001, GDPR), conducting risk and vendor assessments, supporting audits and customer security reviews, and validating security controls in cloud/AI infrastructure.
United States or San Francisco or New York City or London or Dublin or Tel Aviv or Sydney
$178k-$209k/yrRemoteFull Time
Vanta: Automated security compliance and trust management software for businesses.
Deep expertise in AI governance, risk, and compliance; experience using AI agents and building automations; coding experience with TypeScript, Go, or Python; cloud-native security knowledge (AWS); experience with compliance programs (SOC 2, ISO).
Brex: Corporate cards and spend management software for businesses.
5+ YOE5+ years in GRC or Security Engineering; strong automation; security frameworks SOC 2, PCI DSS, ISO 27001; Python and API integrations; cross-functional collaboration; cloud native; Terraform.
RobloxNYSE: RBLX: Platform for creating and playing user-generated 3D digital experiences.
4+ YOE4+ years GRC experience, risk assessment and policy development, ability to work with engineers, knowledge of compliance frameworks and security controls.
Factor Analysis of Information Risk (FAIR), Roblox Studio
F5NASDAQ: FFIV: Provides application delivery networking and multi-cloud security solutions.
10+ YOEBachelor's degree required; 10+ years in cybersecurity/GRC with 3–5 years hands-on engineering; Python, API, and systems-integration experience; ServiceNow IRM and Agentic/LLM framework familiarity; professional certs preferred.
Hevo Data: Automated no-code data pipeline platform for real-time analytics.
5+ YOE5+ years in security or compliance engineering; hands-on SOC 2 Type II audit ownership; cloud security (AWS/GCP/Azure); GRC tooling experience; strong written communication and policy authorship skills.
SOC 2 Type II, ISO 27001, GDPR, CCPA, AWS, GCP, Azure, Sprinto, Tugboat Logic, GRC, CI/CD, infrastructure-as-code, DevSecOps, SDLC, IAM
Anthropic: Developing safe and reliable artificial intelligence systems.
8+ YOE8+ years building backend systems, data pipelines, or internal platforms; proficiency in Python or Go; experience with cloud platforms and infrastructure-as-code; strong systems thinking and experience with integrations or data infrastructure.
Python, Go, AWS, GCP, Azure, Claude, ServiceNow, Vanta, Drata, OneTrust, REST APIs, webhooks, CI/CD, ELT, ETL, infrastructure-as-code, version control
Clearly AI: Automates enterprise security and privacy reviews using AI.
2+ YOE2+ years in GRC, privacy, or security engineering; hands-on threat modeling, vendor risk, and security tool integrations; strong project management and customer debugging skills.
8+ YOEBachelor’s degree or equivalent experience; 8+ years software development; 5+ years ML/AI experience; 5+ years ML design/infrastructure; 5+ years software design/architecture; 5+ years testing and launching software.
BlinkOps: Agentic security automation platform for enterprise workflows.
3+ YOE3+ years in sales/solutions engineering in cybersecurity, strong security operations knowledge, hands-on with APIs, JSON/YAML and jq, experience with SIEM/SOAR/EDR/IAM/GRC integrations, demo/POC and customer-facing skills.
Principal / Staff Security Engineer - AI Platform & DevSecOps
Palo Alto, California, United States
$210k-$270k/yrHybridFull Time
AiDash: Satellite-first AI platform for utility and infrastructure resilience
10+ YOE10+ years in security engineering; 3+ years leading DevSecOps or platform-security in cloud native environments; strong AppSec, AI security, EDR/XDR, zero-trust, SBOM/AIBOM, vulnerability management, IaC policy-as-code, Kubernetes security, DLP, and SOC 2/ISO experience.
Skydio: Develops autonomous AI drones for defense and industrial inspection.
3+ YOE3+ years engineering experience; strong coding in Python or Go; experience automating workflows and integrating systems via APIs; working knowledge of cloud (ideally AWS); participation in on-call rotation; eligibility to access export-controlled technical data.
Kikoff: A fintech focused on financial security for consumers.
7+ YOE7+ years in security compliance, GRC, or technical audit; end-to-end SOC 2 Type II and PCI DSS experience; IaC and IAM; cloud-native; auditor liaison; strong written and engineering deliverables.
Git, CI/CD, Infrastructure as Code, Cloud platforms, IAM