CrawlJobs Logo

Security Engineer

tryprofound.com Logo

Profound

Location Icon

Location:
United States , New York City

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

100000.00 - 170000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Profound is on a mission to help companies understand and control their AI presence. We are hiring a Security Engineer to own the security posture of our platform, infrastructure, and corporate environment. You will work directly with Engineering and Operations teams to build and maintain the security controls, compliance programs, and threat defenses that protect customer data and enable rapid growth. This role is ideal for someone who sees security as a business accelerator rather than a blocker and who thrives on building practical, scalable security systems from the ground up. As the first dedicated security hire, you will shape how we approach access control, vulnerability management, compliance, and incident response as we scale.

Job Responsibility:

  • Design, implement, and maintain role-based and attribute-based access control across production systems, cloud infrastructure, and corporate tools
  • Own identity and access management including SSO, SCIM provisioning, and lifecycle automation across Google Workspace, AWS, and internal systems
  • Conduct regular access reviews and enforce least-privilege principles across environments
  • Build automated workflows for onboarding, offboarding, and role change provisioning
  • Build and run a vulnerability management program across infrastructure, applications, and dependencies
  • Integrate security scanning into CI or CD pipelines including SAST, DAST, SCA, and container image scanning
  • Triage and respond to security findings from automated tools, bug bounty programs, and third-party assessments
  • Own SOC 2 Type II compliance end to end, including defining controls, collecting evidence, managing auditor relationships, and closing gaps
  • Build and maintain security policies, standards, and procedures aligned with operational reality
  • Support customer security reviews, vendor assessments, and due diligence processes
  • Conduct risk assessments and maintain a risk register that informs prioritization decisions
  • Secure AWS infrastructure including VPC architecture, security groups, IAM policies, and network segmentation
  • Implement and maintain logging, monitoring, and alerting for security-relevant events across cloud and corporate systems
  • Oversee physical security controls for the Union Square office including access management, visitor policies, and asset tracking
  • Build and maintain an incident response plan, run tabletop exercises, and lead incident response when necessary
  • Implement detection capabilities using log aggregation, SIEM tooling, and anomaly detection
  • Conduct post-incident reviews and drive systemic improvements

Requirements:

  • 3 or more years of experience in security engineering, including experience in high-growth SaaS or infrastructure-heavy environments
  • Deep understanding of access control models, identity management systems, and authentication protocols such as OAuth, SAML, and OIDC
  • Hands-on experience building or maintaining a SOC 2 compliance program
  • Strong knowledge of AWS security services and cloud security architecture including IAM, VPC, CloudTrail, GuardDuty, and Security Hub
  • Experience integrating vulnerability management tooling into CI or CD workflows
  • Familiarity with network security fundamentals including firewalls, DNS, VPNs, segmentation, and traffic analysis
  • Practical scripting skills in Python or Bash for automation of security workflows
  • Clear communicator who can translate security risks into business terms for engineering, leadership, and customer-facing teams
  • Systems thinker who understands root causes, blast radius, and scalable control design
  • Self-directed with strong judgment and comfort operating with significant autonomy
  • Motivated by building the security foundation for a category-defining AI company

Nice to have:

  • Experience with infrastructure as code security such as Terraform or CloudFormation
  • Familiarity with data infrastructure security for systems such as ClickHouse or PostgreSQL
  • Background in penetration testing or application security assessments
  • Relevant certifications such as CISSP, CCSP, AWS Security Specialty, or similar
  • Experience with data processing compliance in analytics-heavy environments
What we offer:
  • Equity
  • Full range of benefits and perks
  • Visa sponsorship for qualified international candidates

Additional Information:

Job Posted:
February 18, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Profound - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security Engineer

Principal Security Engineer

We’re seeking a Principal Security Engineer with deep expertise in cloud securit...
Location
Location
United States , San Francisco
Salary
Salary:
136000.00 - 241000.00 USD / Year
ethoslife.com Logo
Ethos
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in security engineering or architecture roles
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field from a reputable institution
  • Deep expertise in cloud platforms (particularly AWS), including infrastructure-as-code (e.g., Terraform, CloudFormation)
  • Strong experience in secure software development and application security (e.g., OWASP Top 10, SAST, DAST, threat modeling)
  • Experience designing and implementing zero-trust architectures, secure API gateways, and identity/access controls
  • Proficient in scripting or development languages (e.g., Python, Go, JavaScript) and secure coding practices
  • Demonstrated leadership in cross-functional security initiatives and technical mentorship
  • Ability to come into our San Francisco, CA office once a week
Job Responsibility
Job Responsibility
  • Design and implement secure architectures for applications, APIs, microservices, and containerized workloads
  • Develop and enforce application security best practices across SDLC
  • partner with DevOps and engineering teams to integrate security into CI/CD pipelines
  • Conduct threat modeling, security design reviews, and risk assessments for new and existing systems
  • Evaluate and implement cloud security tools, controls, and frameworks (e.g., CSPM, CWPP, IAM, KMS, logging, and monitoring)
  • Provide technical leadership and mentorship to security engineers, software developers, and DevOps personnel
  • Lead response to complex security incidents or architectural flaws
  • conduct root cause analysis and recommend strategic remediations
  • Contribute to and influence security policies, standards, and governance
  • Stay current with emerging threats, vulnerabilities, and security technologies, advising stakeholders on evolving risks and mitigations
  • Fulltime
Read More
Arrow Right

Product Security Engineer - Secure SDLC Analyst

HPE Aruba Networking is looking for a person excited to work at the intersection...
Location
Location
United States , San Juan
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Information Security, Computer Science, or related technical field
  • A background in software security, either academic or work experience, including reverse engineering, vulnerability classes such as buffer overflows and their prevention, web application security, and/or cloud security
  • Programming knowledge of at least one programming language with the ability to look at source code and figure out what it’s doing
  • Familiarity with the purpose of tools such as IDEs, compilers, source code revision control systems, ASPM, SCA and code scanners
  • Minimum 3 years of experience working directly in software engineering or in an adjacent field with exposure to the software engineering environment
  • Experience conducting risk assessments, threat modeling, and/or compliance assessments
  • Experience supporting the integration of security practices through the software development lifecycle
Job Responsibility
Job Responsibility
  • Assist in the execution of product compliance assessments against various frameworks (e.g. NIST SSDF, NIST SP 800-218, SP 800-53, CIS Benchmarks)
  • Assist in the development and/or maintenance of GRC and SDLC tooling implementations, including scripting and automation
  • Operate as a representative of HPE Aruba in working groups, with government representatives, and with auditors
  • Provide consulting, information, and advice to product teams around implementing and improving the maturity of our SDLC
  • Document known issues and provide information to product teams in a manner which allows for easy interpretation and corrective actions to be performed
  • Monitor worldwide government standards and communicate to management and product teams when changes are made that may impact an existing control or introduce new requirements
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Security and Application Security Engineer

Beacon Technologies is seeking a Security and Application Security Engineer. The...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
beacontechinc.com Logo
Beacon Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of five years of Information Security experience with at least two years of application-level security
  • Strong communication skills: ability to convey and document security guidelines, requirements, and coding best practices
  • Familiarity with Security Best Practices in common coding languages
  • Application Penetration Testing / API Security Testing
  • Software Development Life Cycle Design and Implementation
  • Static and Dynamic Application Testing Tools and Methods
  • Container and orchestration security (Kubernetes, Docker, Octopus, GitHub, etc.)
  • Familiarity with Application Security Testing Frameworks such as OWASP
  • Strong logical and analytical thinker
  • exceptional skills in security systems solutions
Job Responsibility
Job Responsibility
  • Operate as a liaison between the Security Team and the Development Teams
  • Preserve PCI and SOX Security Certification programs with a primary focus on ensuring compliance with the appropriate industry standards and security controls
  • Supporting incident response and architecture review whenever applications security expertise is needed
  • Integrating threat modeling practices into the SDLC
  • Work with other staff to perform periodic scans and evaluation of system security including areas such as patch management, penetration testing, vulnerability assessments, and other types of InfoSec-related tasks
  • Assist in identifying and communicating security exposures, information security incidents or non-compliance situations to IT management or the CISO as appropriate. Duties may also include collecting and documenting cyber security and incident response event data as necessary.
What we offer
What we offer
  • Career advancement opportunities
  • extensive training
  • excellent benefits including paying for health and dental premiums for salaried employees.
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

We’re building a world-class global Security team as part of our Trust Program. ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
highspot.com Logo
Highspot
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of robust, progressive experience in security engineering, application security, DevSecOps, incident detection and response, or closely related fields
  • Advanced proficiency in at least one programming language (Python, Ruby, Go, Rust, JavaScript), with deep experience conducting detailed code reviews and security assessments across multiple languages
  • Hands-on experience with deploying, operating, and interpreting results from security tools such as static analyzers, web vulnerability scanners, supply chain analysis scanners, and host-based intrusion detection systems
  • Demonstrated experience mentoring, coaching and guiding junior and mid-level security engineers, contributing to a strong team culture, and supporting peer development as a senior individual contributor
  • Demonstrated proactive approach, strong continuous learning orientation, and curiosity about emerging threats, security trends, and innovative technologies
  • Extensive expertise securing cloud-native environments (AWS, Azure, GCP, containers, microservices), with in-depth knowledge of modern cloud security risks and defenses
  • Demonstrated ability to embrace being wrong, practice humility, continuously learn from experiences, and actively seek insights through thoughtful questioning and collaboration
Job Responsibility
Job Responsibility
  • Lead comprehensive application security assessments, advanced threat modeling sessions, and secure code reviews across critical product features, internal tooling, endpoints, and third-party integrations
  • Collaborate strategically with product engineering to establish and enhance secure-by-default and privacy-by-design practices within the software development lifecycle (SDLC)
  • Lead and otherwise participate in incident detection, investigation, triage, containment, and root cause analysis for high impact security incidents, providing mentorship and guidance to junior engineers as required
  • Drive the development and continuous improvement of sophisticated detection rules, response automation, and optimized alert management across cloud environments, corporate infrastructure, and SaaS platforms
  • Lead and participate in complex vulnerability remediation processes, and effectively respond to security issues discovered by both internal teams and external sources
  • Document technical findings and strategic decisions in a clear and accessible manner, and procedural enhancements
  • significantly contribute to comprehensive security playbooks and knowledge repositories
  • Manage and oversee asksecurity@ request handling, and actively participate in sprint-based security activities, balancing strategic and tactical execution
  • Actively participate in the security on-call rotation, or provide senior-level guidance as required during an event and aid in rapid response capabilities to protect our 24x7 platform and global workforce
  • Fulltime
Read More
Arrow Right

Security Engineer, Application Security

Figure is an AI Robotics company developing a general purpose humanoid. Our huma...
Location
Location
United States , San Jose
Salary
Salary:
150000.00 - 350000.00 USD / Year
figure.ai Logo
Figure
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in several of the following application security domains: penetration testing, vulnerability research, security assessment, secure coding practices, security architecture & design, hardware security
  • Strong software engineering (not scripting or automation) skills in C/C++, Rust, Golang, Python or similar
  • Experience with securing embedded systems, including secure boot, secure identity, OTA, or others
  • Solid foundation in web security, mobile security, or cryptography
  • Ability to collaborate with internal and external stakeholders whilst prioritizing tasks and work independently under minimal supervision.
  • BS in Computer Science, Engineering, Information Systems, or equivalent years of experience in a related technical field
  • 3+ years of experience in the field of application security or related security role
  • Passion for learning and helping others
  • Excellent verbal and written communication skills, with high attention to detail
Job Responsibility
Job Responsibility
  • Conduct security assessments of applications, embedded systems, back-end services, and business integrations, as well as build tooling for a secure development lifecycle
  • Design technical solutions to mitigate security weaknesses on the robot and our service stack. Work with teams across the company to implement them.
  • Build frameworks and systems to prevent classes of vulnerabilities
  • Hunt for vulnerabilities and insecure coding patterns on our product stack (backend services and robot internal systems)
  • Be a champion for security and user privacy
  • Fulltime
Read More
Arrow Right

Security Engineer

As a Security Engineer, you’ll play a key role in shaping the security and resil...
Location
Location
France , Aix en Provence
Salary
Salary:
Not provided
voyage-prive.co.uk Logo
Voyage Privé
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–7 years of experience in software engineering, security engineering, DevSecOps, or equivalent technical security roles
  • Strong development background (Python, Node.js, Java, Go, PhP or similar)
  • Hands-on experience with modern CI/CD systems (GitHub Actions, GitLab, Jenkins)
  • Solid understanding of cloud security principles (AWS, GCP, Azure)
  • Experience securing both virtualized systems (VMs) and containerized workloads
  • Strong knowledge of secure coding, OWASP Top 10, and application security fundamentals
  • Experience with SAST, SCA, container/IaC scanning, runtime security tools, IAM, and secrets management
  • Pragmatic, engineering-first mindset: able to balance security with developer experience, velocity, and real-world constraints
  • Excellent communication skills: able to translate complex security issues into actionable guidance for both technical and non-technical stakeholders
  • Proactive, autonomous, critical thinker with a continuous improvement mindset
Job Responsibility
Job Responsibility
  • Strengthen the security posture across products and infrastructure: secure coding practices, code reviews, threat modeling, vulnerability remediation, cloud, and network hardening
  • Develop automated security guardrails integrated into CI/CD pipelines (SAST, SCA, secrets scanning)
  • Design secure architectures for applications, APIs, data flows, and integrations in partnership with engineering teams
  • Secure hybrid environments combining virtual machines, containerized workloads, and cloud-native services, ensuring consistent security standards across the entire platform
  • Drive proactive risk identification through continuous scanning, threat modeling sessions, risk assessments, and architecture reviews
  • Enable engineering teams to build secure-by-design practices by acting as a trusted advisor, developing internal tools, and leading security awareness sessions
  • Operational security & incident readiness: participate in on-call rotations, investigate security events, and improve incident response workflows
  • Lead security improvement projects: build automation, enhance tools, optimize processes, and foster a culture of security ownership
What we offer
What we offer
  • Access our large on-site fitness center morning, noon, and night
  • Private padel court
  • Company Breaks, Carnival, Annual Convention, meetups and talks
  • Free tickets to every Provence Rugby home match and live music nights at the Dalida Institute
  • Up to 20% off our exclusive getaway offers
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

PagerDuty is seeking a Senior Security Engineer to join our diverse, customer-fo...
Location
Location
Canada , Toronto
Salary
Salary:
137000.00 - 207000.00 CAD / Year
https://www.pagerduty.com Logo
PagerDuty
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficiency with Application & Product Security typically associated with 4 - 5 years of experience in a Security Engineering role working with a cloud-native, microservices environment, preferably AWS
  • Familiarity with cloud-native product technologies including: Vulnerability detection via multiple approaches including SAST, DAST, SCA, and runtime (e.g., Qualys/Nessus, Wiz, Snyk, GHAS, Semgrep, etc.)
  • CI/CD technologies and integrations (e.g., CircleCI, Buildkite, Helm, Terraform, Chef)
  • Product security event logging standards and analysis tools (e.g., SIEM such as: SumoLogic, LogRythm, or Splunk, etc.)
  • Security Incident Response & Risk Management processes and tools
  • Proficiency in at least one programming language and framework (e.g. Python, Bash, Phoenix/Elixir, Java, Ruby on Rails), typically associated with 3 - 4 years of experience with the language/framework
  • Have exceptional written, oral communication, and interpersonal skills
  • Organizational skills with the ability to successfully manage multiple priorities and deadlines
Job Responsibility
Job Responsibility
  • Embrace the role of hands-on technical lead in defining product security standards and guiding platform protections
  • Establish criteria and conduct comprehensive security reviews throughout all stages of product development to identify and address security risks
  • Perform regular threat assessments, coordinate with third-party testers for penetration testing, and conduct internal penetration testing to identify and mitigate security risks
  • Mentor and guide team members to ensure product and business objectives are prioritized in project implementations, fostering a strong documentation culture with project charters and design documents
  • Work with loosely defined requirements where you exercise your analytical skills to clarify questions, share your approach, and collaborate with the team to design and implement effective security frameworks. Maintain a strong appetite for challenging problems with a high degree of ownership
  • Participate in the team’s On-Call rotation, triaging and addressing security issues as they arise, and implement measures to prevent future occurrences
  • Enable service team security implementations by developing security-as-code constructs, including infrastructure-as-code (IaC) modules, libraries and frontend components, while creating and maintaining developer-focused documentation to promote easy adoption
  • Establish and uphold baseline standards and hardened configurations for platform components
  • Continuously enhance security frameworks by focusing on product security standards and software supply chain protections, tailored for application security in cloud-native, microservices environments
What we offer
What we offer
  • Competitive salary
  • Comprehensive benefits package from day one
  • Flexible work arrangements
  • Company equity
  • ESPP (Employee Stock Purchase Program)
  • Retirement or pension plan
  • Generous paid vacation time
  • Paid holidays and sick leave
  • Dutonian Wellness Days & HibernationDuty - companywide paid days off in addition to PTO
  • Paid parental leave: 22 weeks for pregnant parent, 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)
  • Fulltime
Read More
Arrow Right

Sr. Infrastructure Security Engineer

As a Sr. Infrastructure Security Engineer, you will be responsible for protectin...
Location
Location
United States , West Point
Salary
Salary:
84410.00 - 129987.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science, Information Systems, or related field, or equivalent experience and certifications
  • Ability to script using Python
  • 7+ years of experience in Security Engineering, including planning and operations
  • Advanced knowledge of security technologies in medium to complex computing environments
  • Hands-on experience with multiple enterprise security technologies (e.g., firewalls, VPNs, intrusion detection/prevention, endpoint security)
  • Strong understanding of server/network architecture and core networking concepts (e.g., routing, DNS, DHCP)
Job Responsibility
Job Responsibility
  • Design and Deploy Security Solutions: Build, test, and implement new security technologies, including creating operational manuals and runbooks
  • Operate and Optimize Security Systems: Maintain and improve existing security tools such as DLP, Antivirus, IPS/IDS, and Endpoint Protection, while automating monitoring and enforcement processes
  • Conduct Risk Assessments and Incident Response: Lead or support technical risk evaluations and respond to security incidents, ensuring thorough remediation and reporting
  • Collaborate and Advise: Work with internal and external stakeholders to identify security needs, recommend solutions, and stay current with evolving technologies
  • Monitor and Report: Continuously monitor infrastructure for threats, produce security reports for senior leadership, and implement changes following established procedures
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy