Reports to: Chief Security Officer

Location: Remote US

Compensation Range: $220,000 to $240,000 base plus bonus and equity

What We Do:

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24⁄7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers’ protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

What You’ll Do

We are seeking a strategic leader to own the future of Detection Engineering & Threat Hunting at Huntress. As a Director, you will manage multiple sub-teams (via Managers) and serve as a trusted advisor to the Sr. Dir of Threat Detection and Response.

Your mission is to align the DE&TH function with the broader company strategy. As we scale, you will determine the structural, technological, and budgetary requirements needed to maintain superior detection efficacy. You will own the relationship with the Product organization. Ensuring that our defensive strategy evolves faster than the adversaries we protect against.

Responsibilities

• Strategy & Vision: Set the direction, strategy, and vision for the entire DE&TH function. You will define the team’s 12-18-month prioritization.
• Manage a team of Managers: You will manage at least two teams or sub-teams via other managers. Your focus is on developing their leadership capabilities, enabling them to execute effectively, and holding them accountable for the health and output of their team.
• Budgeting & Planning: Propose and own plans for budgeting, execution, and hiring. You will develop capacity models to ensure our team’s growth aligns with our overall growth, presenting these resource needs to executive leadership.
• Cross-Functional Leadership: Strategize with senior leaders across Product, Engineering, and Security. You are a key stakeholder in the company’s direction, advocating for the telemetry and architectural changes required to support future detection use cases.
• Systemic Problem Solving: Identify and surface patterns to leadership regarding root causes of problems. You anticipate future challenges and own the delivery of solutions before they become bottlenecks.
• Culture & Standards: Exemplify and hold others accountable to the management standards of the company. You are responsible for creating a diverse, inclusive, and high-performing culture across the entire function.

What You Bring To The Team

• Strategic Leadership: 5+ years of experience in cybersecurity, with significant experience managing managers. You have led large, high-priority projects that impacted the company’s direction.
• Visionary Thinking: You can look past the current quarter. You understand the “Macro” of the threat landscape and can translate that into a “Micro” plan for your teams.
• Business Acumen: You understand how a SOC fits into the business model. You can articulate the ROI of detection engineering and threat hunting to non-technical stakeholders and manage a department budget.
• Force Multiplier: You excel at empowering others. You don’t solve problems for your team; you build the structures and frameworks that allow your team to solve problems themselves while you focus on accountability and scalability.

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit businesses of all sizes.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com . Please note that non-accommodation requests to this inbox will not receive a response.

Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights.

#BI-Remote

About UsRed Cell Partners is an incubation firm building and investing in rapidly scalable technology-led companies that are bringing revolutionary advancements to market in three distinct practice areas: healthcare, cyber, and national security.

Figma is growing our team of passionate creatives and builders on a mission to make design accessible to all. Figma’s platform helps teams bring ideas to life—whether you’re brainstorming, creating a prototype, translating designs into code, or iterating with AI. From idea to product, Figma empowers teams to streamline workflows, move faster, and work together in real time from anywhere in the world. If you’re excited to shape the future of design and collaboration, join us!

Figma’s Security team is growing, and we’re looking for a Security Operations Manager to lead the strategy and execution of our security operations program. In this role, you’ll build and scale the systems, processes, and tooling that help protect Figma and our community. You’ll partner closely with Security Engineering, Platform Security, IT, GRC, and Legal to strengthen our detection and response capabilities, improve operational resilience, and help shape the future of our DART and SOC functions.

This is a full time role that can be held from one of our US hubs or remotely in the United States.

What you’ll do at Figma:

• Own Figma’s security monitoring and incident response program, from detection engineering through post-incident review and continuous improvement
• Build and automate security operations workflows, including alert triage, enrichment, investigation, and response actions using SOAR and custom tooling
• Develop and maintain incident response run books, escalation procedures, and communication plans for security events of varying severity
• Lead incident response preparedness initiatives, including tabletop exercises, red team engagements, and response capability assessments
• Improve the effectiveness of our SIEM and SOAR platforms by reducing noise, increasing signal fidelity, and closing detection coverage gaps
• Build and operationalize threat intelligence capabilities to identify adversary behaviors, prioritize investments, and strengthen detection and response programs
• Partner with Legal, Privacy, and Communications teams to support breach notification and regulatory response obligations during significant security incidents
• Drive security operations strategy through vendor management, operational metrics, and cross-functional initiatives spanning IAM, vulnerability management, DLP, and exposure reduction

We’d love to hear from you if you have:

• 7+ years of experience in security operations, incident response, or a related security engineering function
• Hands-on experience building and automating detection and response workflows using scripting, APIs, or security automation platforms
• Deep expertise with SIEM and SOAR technologies in a cloud-native or SaaS environment
• Demonstrated success building, scaling, or significantly improving a detection and response program
• Experience leading complex security incidents and partnering with Legal, Privacy, and business stakeholders during high-impact events

While it’s not required, it’s an added plus if you also have:

• Operated in a public company environment with SOX, ISO 27001, SOC 2, or FedRAMP requirements
• Applied AI risk management frameworks such as NIST AI RMF, OECD AI Principles, or ISO 42001
• Utilized AI-powered tools to automate security operations workflows and improve team efficiency

At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you’re excited about this role but your past experience doesn’t align perfectly with the points outlined in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

Pay Transparency Disclosure

If based in Figma’s San Francisco or New York hub offices, this role has the annual base salary range stated below.

Job level and actual compensation will be decided based on factors including, but not limited to, individual qualifications objectively assessed during the interview process (including skills and prior relevant experience, potential impact, and scope of role), market demands, and specific work location. The listed range is a guideline, and the range for this role may be modified. For roles that are available to be filled remotely, the pay range is localized according to employee work location by a factor of between 80% and 100% of range. Please discuss your specific work location with your recruiter for more information.

Figma offers equity to employees, as well a competitive package of additional benefits, including health, dental & vision, retirement with company contribution, parental leave & reproductive or family planning support, mental health & wellness benefits, generous PTO, company recharge days, a learning & development stipend, a work from home stipend, and cell phone reimbursement.  Figma also offers sales incentive pay for most sales roles and an annual bonus plan for eligible non-sales roles. Figma’s compensation and benefits are subject to change and may be modified in the future.

Annual Base Salary Range:

$185,000—$296,000 USD

At Figma we celebrate and support our differences. We know employing a team rich in diverse thoughts, experiences, and opinions allows our employees, our product and our community to flourish. Figma is an equal opportunity workplace - we are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity/expression, veteran status , or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

We will work to ensure individuals with disabilities are provided reasonable accommodation to apply for a role, participate in the interview process, perform essential job functions, and receive other benefits and privileges of employment. If you require accommodation, please reach out to accommodations-ext@figma.com. These modifications enable an individual with a disability to have an equal opportunity not only to get a job, but successfully perform their job tasks to the same extent as people without disabilities.

Examples of accommodations include but are not limited to:

• Holding interviews in an accessible location
• Enabling closed captioning on video conferencing
• Ensuring all written communication be compatible with screen readers
• Changing the mode or format of interviews

To ensure the integrity of our hiring process and facilitate a more personal connection, we require all candidates keep their cameras on during video interviews. Additionally, if hired you will be required to attend in person onboarding.

By applying for this job, the candidate acknowledges and agrees that any personal data contained in their application or supporting materials will be processed in accordance with Figma’s Candidate Privacy Notice.

Figma is growing our team of passionate creatives and builders on a mission to make design accessible to all. Figma’s platform helps teams bring ideas to life—whether you’re brainstorming, creating a prototype, translating designs into code, or iterating with AI. From idea to product, Figma empowers teams to streamline workflows, move faster, and work together in real time from anywhere in the world. If you’re excited to shape the future of design and collaboration, join us!

Figma’s Security team is growing, and we’re looking for a Security Operations Manager to lead the strategy and execution of our security operations program. In this role, you’ll build and scale the systems, processes, and tooling that help protect Figma and our community. You’ll partner closely with Security Engineering, Platform Security, IT, GRC, and Legal to strengthen our detection and response capabilities, improve operational resilience, and help shape the future of our DART and SOC functions.

This is a full time role that can be held from one of our US hubs or remotely in the United States.

What you’ll do at Figma:

• Own Figma’s security monitoring and incident response program, from detection engineering through post-incident review and continuous improvement
• Build and automate security operations workflows, including alert triage, enrichment, investigation, and response actions using SOAR and custom tooling
• Develop and maintain incident response run books, escalation procedures, and communication plans for security events of varying severity
• Lead incident response preparedness initiatives, including tabletop exercises, red team engagements, and response capability assessments
• Improve the effectiveness of our SIEM and SOAR platforms by reducing noise, increasing signal fidelity, and closing detection coverage gaps
• Build and operationalize threat intelligence capabilities to identify adversary behaviors, prioritize investments, and strengthen detection and response programs
• Partner with Legal, Privacy, and Communications teams to support breach notification and regulatory response obligations during significant security incidents
• Drive security operations strategy through vendor management, operational metrics, and cross-functional initiatives spanning IAM, vulnerability management, DLP, and exposure reduction

We’d love to hear from you if you have:

• 7+ years of experience in security operations, incident response, or a related security engineering function
• Hands-on experience building and automating detection and response workflows using scripting, APIs, or security automation platforms
• Deep expertise with SIEM and SOAR technologies in a cloud-native or SaaS environment
• Demonstrated success building, scaling, or significantly improving a detection and response program
• Experience leading complex security incidents and partnering with Legal, Privacy, and business stakeholders during high-impact events

While it’s not required, it’s an added plus if you also have:

• Operated in a public company environment with SOX, ISO 27001, SOC 2, or FedRAMP requirements
• Applied AI risk management frameworks such as NIST AI RMF, OECD AI Principles, or ISO 42001
• Utilized AI-powered tools to automate security operations workflows and improve team efficiency

At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you’re excited about this role but your past experience doesn’t align perfectly with the points outlined in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

Pay Transparency Disclosure

If based in Figma’s San Francisco or New York hub offices, this role has the annual base salary range stated below.

Job level and actual compensation will be decided based on factors including, but not limited to, individual qualifications objectively assessed during the interview process (including skills and prior relevant experience, potential impact, and scope of role), market demands, and specific work location. The listed range is a guideline, and the range for this role may be modified. For roles that are available to be filled remotely, the pay range is localized according to employee work location by a factor of between 80% and 100% of range. Please discuss your specific work location with your recruiter for more information.

Figma offers equity to employees, as well a competitive package of additional benefits, including health, dental & vision, retirement with company contribution, parental leave & reproductive or family planning support, mental health & wellness benefits, generous PTO, company recharge days, a learning & development stipend, a work from home stipend, and cell phone reimbursement.  Figma also offers sales incentive pay for most sales roles and an annual bonus plan for eligible non-sales roles. Figma’s compensation and benefits are subject to change and may be modified in the future.

Annual Base Salary Range:

$185,000—$296,000 USD

At Figma we celebrate and support our differences. We know employing a team rich in diverse thoughts, experiences, and opinions allows our employees, our product and our community to flourish. Figma is an equal opportunity workplace - we are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity/expression, veteran status , or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

We will work to ensure individuals with disabilities are provided reasonable accommodation to apply for a role, participate in the interview process, perform essential job functions, and receive other benefits and privileges of employment. If you require accommodation, please reach out to accommodations-ext@figma.com. These modifications enable an individual with a disability to have an equal opportunity not only to get a job, but successfully perform their job tasks to the same extent as people without disabilities.

Examples of accommodations include but are not limited to:

• Holding interviews in an accessible location
• Enabling closed captioning on video conferencing
• Ensuring all written communication be compatible with screen readers
• Changing the mode or format of interviews

To ensure the integrity of our hiring process and facilitate a more personal connection, we require all candidates keep their cameras on during video interviews. Additionally, if hired you will be required to attend in person onboarding.

By applying for this job, the candidate acknowledges and agrees that any personal data contained in their application or supporting materials will be processed in accordance with Figma’s Candidate Privacy Notice.

Headquarters: Remote

About the Company

Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing.

We're a Series C company backed by a16z, transforming industries that others have written off as too complex to innovate.

Rather than build on top of broken legacy systems, we took a different approach: we built and operate our own mortgage servicing business managing $110+ billion in loans. This wasn't the end goal, it was how we deeply understood the complexity needed to build software that actually works in regulated industries.

The results speak for themselves. We've transformed mortgage servicing from a 0% margin business into 60%+ margins while dramatically improving customer experience. Major enterprise contracts are now deploying across the industry.

ValonOS is our unified platform that makes every process structured and programmable and it is perfectly positioned for the AI era. When everything flows through one system with rich data, AI agents don't just automate tasks, they continuously improve entire operations. Mortgage servicing is just the beginning of our vision to transform regulated industries and beyond.

Security at Valon

Our customers entrust us with some of their most sensitive and personal financial information, and it is the ultimate mission of Valon’s Security team to ensure we have sound programs, processes, and automation in place to safeguard our customers’ data. The Security team protects the infrastructure and data for processing billions of dollars of mortgage loans.

In addition to protecting Valon’s internal systems, the Security team partners closely with Product and Engineering to design and deliver secure, scalable, and trustworthy capabilities for ValonOS. We work cross-functionally across all teams at Valon to enable security throughout the organization. We engage with external security auditors, pentesting firms, and partners to continuously evaluate Valon’s security posture.

Valon offices are located in New York City and San Francisco, but we fully support remote work!

About the Role

We are seeking a seasoned and highly skilled Staff Product Security Engineer - Customer Platform to join our growing team! As a key security member at Valon, you will play a critical role in ensuring the security of our organization's systems, cloud infrastructure, products, and data.

This role blends product security architecture and technical control implementation, incorporating security by design into ValonOS. You will be hands-on and help shape how security is designed, built, and scaled across our SaaS platform both in foundational infrastructure and in customer-facing security features.

Responsibilities

• Define and evolve product security architecture and strategy for Valon’s multi-tenant SaaS platform

• Architect and guide secure implementation of customer-facing security capabilities in conjunction with Engineering (e.g., authentication / authorization models, identity integration, access controls, audit and logging, encryption / key management)

• Build and maintain security reference architectures and standardized secure design patterns for product teams

• Lead threat modeling, security design and code reviews for new features, services, and major architectural changes

• Collaborate with Product, Engineering, Data, Compliance, Legal, and other teams to identify and drive mitigation for product and data security risks

• Support vulnerability triage, remediation strategy, and root cause analysis for product security issues

• Support security compliance and regulatory needs (e.g., SOC 2, CCPA, NYDFS, FTC), including customer-facing security discussions and due diligence

• Develop, implement, and enforce security policies, standards, and procedures

• Support operational activities including security advisory and consultative reviews, incident response, issue remediation, and other security processes

Ideal Background

• Extensive experience in product security, application security, or security architecture roles, with ownership of security design for SaaS platforms including multi-tenancy and customer-facing security capabilities.

• Strong background in cloud security and modern infrastructure, with hands-on experience securing cloud environments (GCP preferred).

• Proven experience in SaaS IAM and tenant security (e.g., authentication/authorization, RBAC, SSO/SAML/OIDC, SCIM, MFA, audit logs).

• Expertise in designing secure platform controls (e.g., APIs, service-to-service auth, encryption/KMS/CMEK, logging/monitoring)

• Demonstrated ability to build and maintain security reference architectures.

• Expert-level experience leading threat modeling and security design reviews including security-focused code reviews.

• Applied knowledge with industry security and compliance frameworks (OWASP, NIST, CIS, SOC 2/ISO 27001 concepts)

• Highly hands-on engineer with proven ability to operate autonomously, drive multiple complex cross-functional efforts, and influence independently.

• Excellent communication and collaboration skills, including the ability to explain complex security concepts to both technical and non-technical stakeholders.

• Prior software engineering experience and/or coding ability (Python) is preferred.

• Experience working in high-growth or startup environments is a plus.

Minimum Qualifications

• 8+ years in progressive senior security engineering or architect level roles, with 3+ years leading security design for enterprise-grade cloud and SaaS platforms

• Bachelor's degree in Information Security, Computer Science, Technology or related field

• Relevant security certifications (e.g., CISSP, CISM, CCSK, CCSP or similar)

• Proven ability to design security reference architectures and implement customer platform security controls and technologies (IAM, API security, encryption/key management, logging/monitoring and others)

• Hands-on experience with modern security technologies and tooling across cloud and application security

Benefits

• Base Compensation Band: $190K - $260K. Base salary offered is determined by a number of factors including the candidate’s experience, qualifications, and skills

  • This Base Compensation pay range applies to our New York City located staff and may differ according to location.

• Compensation: Competitive salary with a meaningful stake in the company via equity, and 401k plan

• Health & well-being: We’ll invest in your physical and mental well-being with comprehensive medical, dental, & vision benefits

• Commuter benefits: We offer pre-tax deductions for public transportation, rideshare services, and parking expenses to make your commute more affordable and convenient

• Grow together: Company wide orientation for you to successfully onboard and other learning & development opportunities including regular review cycles that feature 360 degree feedback

• Play together: Quarterly budgets for team and company outings. Use it for team swag, cooking classes, or team dinners!

• Generous time off: Flexible paid time off, sick days, and 11 company holidays

• Baby bonding time!: 12 weeks off for both birthing and non-birthing parents - fully paid so you can focus your energy on your newest addition

Throughout the interview process, please remember that emails will only be from valon.com email addresses. We will never ask for any personally identifiable information during the interview process itself. Please reach out to talent@valon.com if you have any requests to verify the authenticity of an outreach.

Valon is an equal opportunity employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. Valon makes hiring decisions based solely on qualifications, merit, and business needs at the time.

To apply: https://weworkremotely.com/remote-jobs/valon-tech-staff-product-security-engineer-customer-platform

About Us Temporal is an open source programming model that can simplify code, make applications more reliable, and help developers focus on the important things like delivering features faster. We...

Chainguard is the trusted source for open source. By delivering hardened, secure, and production-ready builds of all the open source software engineers and AI agents rely on, Chainguard helps organizations...

Company Description

• Help protect over 5 million Australians, making a real difference in their lives during their most challenging times.
• Work with experienced and skilled colleagues who support and inspire one another to achieve collective success
• Our competitive benefits package includes everything from financial literacy to health and wellness initiatives, designed with your well-being in mind

Welcome to TAL. As a leading life insurer, we’ve been protecting Australians for over 150 years. Backed by Daiichi Life, we’re driven by big ambitions and empower to create better products and services.

Together with our Partners, we’re helping millions of Australians live a life filled with choices, options, and freedoms. See the direct impact you make delivering support and financial security with care and expertise. Grow beyond expectations with diverse roles, global connections, and exclusive learning opportunities.

Work with passionate, bright and capable colleagues. Feel inspired by supportive leaders. Collaborate with heart, where flexibility, wellbeing and inclusivity is valued. Together, we’re reimagining insurance.

So, bring a curious mind and an ambition to help us become the progressive, digitally enabled leading insurer.

Job Description

The Head of Technology Risk is responsible for establishing and governing TAL’s Technology Risk Management framework, providing independent oversight of the risks arising from the organisation’s technology landscape, digital transformation programs, and data assets. This role ensures that TAL’s technology risk profile is clearly understood, actively managed, and reported within the Board’s approved risk appetite, and that TAL meets its obligations under APRA CPS 230, CPS 234, and CPS 220.

This is a critical first-line-of-defence leadership role within the Technology function, working in close partnership with the CIO, the broader Technology Leadership Team, Enterprise Risk, and the CISO to embed a strong risk management culture across all technology domains. The Head of Technology Risk is accountable for ensuring that technology risk is identified, assessed, and governed with rigour and transparency, and for providing the CIO and Board with the assurance needed to make confident, risk-informed decisions about TAL’s technology investment and operations.

In this role you will:

• Own and continuously enhance TAL’s Technology Risk Management framework, ensuring alignment with Enterprise Risk Management and APRA standards across all risk domains (e.g. cyber, cloud, data, AI, change).
• Lead end-to-end identification, assessment, and monitoring of technology risks, maintaining the Technology Risk Register and escalating material risks to the CIO and relevant committees.
• Provide independent oversight of compliance with key APRA standards (CPS 230, CPS 234, CPS 220), including control effectiveness, remediation tracking, and regulatory engagement support.
• Deliver executive-level technology risk reporting, highlighting risk profile, key trends, control performance, and remediation progress against risk appetite.
• Lead Technology Operational Resilience, including critical operations, tolerance setting, and business continuity/disaster recovery governance and testing.
• Oversee risk assessment for major technology initiatives (e.g. cloud, AI, transformation), ensuring risks are identified early and managed within appetite before execution.
• Drive risk appetite, assurance, and culture across Technology, including KRIs, audit remediation, cross-functional alignment (Risk, Compliance, Legal, CISO), psychosocial risk management, and leadership of the Technology Risk team (including FAR obligations).

Qualifications

• Minimum of 10 years of experience in a combination of technology risk, operational risk, IT audit, or technology governance, with at least three years in a Senior Manager or above role leading technology risk management functions within a highly regulated sector such as financial services, insurance, or banking.
• Deep knowledge and practical experience of APRA prudential standards applicable to technology and operational risk, specifically CPS 230 (Operational Risk Management), CPS 234 (Information Security), and CPS 220 (Risk Management), and their application within a life insurance or financial services context.
• Strong understanding of technology risk domains including infrastructure risk, cloud risk, application risk, data risk, cyber risk, AI risk, and technology change risk — and the ability to assess and govern each within a structured risk management framework.
• Demonstrated experience designing and operating technology risk frameworks, including risk appetite and tolerance frameworks, key risk indicator (KRI) programs, control self-assessment processes, and technology risk registers within a regulated financial services environment.
• Strong knowledge of industry risk frameworks and standards including NIST CSF, ISO 31000, COBIT, and ITIL, with the ability to apply these pragmatically in a technology organisation undergoing digital transformation and cloud adoption.
• Industry-recognised professional certifications such as CRISC, CISM, CGEIT, or CISSP are highly regarded.

Additional Information

TAL is one of Australia’s leading life insurers, committed to inclusion, and supporting the career growth of our diverse workforce. We’re proud to be:

• An Inclusive Employer – Recognised as Employer of Choice for Gender Equality by the Workplace Gender Equality Agency from 2014 to 2025 and 2023 to 2026 Bronze Tier Status within the Australian Workplace Equality Index
• Diversity Champions – Member of Diversity Council Australia, Australian Disability Network, Pride in Diversity and Champions of Change
• Reconciliation Advocates – Read our Innovate Reconciliation Action Plan.
• We welcome applications from people with diverse experiences, perspectives and backgrounds including Aboriginal and Torres Strait Islander people, caregivers, individuals with disability/ies, people from culturally diverse backgrounds and the LGBTQ+ community.
• Need adjustments during the recruitment process? Let our team know by getting in touch with us here.—we’re here to support you.

You’re always accountable for your actions. You never give up. You strive to find the best outcomes for customers and partners. And you value working together to find the best solutions for problems.

As part of the recruitment process, there are several checks which may be conducted to demonstrate your eligibility for a role at TAL including Criminal History, Bankruptcy, Entitlement to Work, Regulatory and Reference Checks.

#LI-Hybrid

Everyone at TAL has a responsibility to do the right thing and is accountable for the way they conduct themselves. Our expectations are that you follow the principles set out in our Code of Conduct when you come to work every day. Risk management is everyone’s responsibility.

If you are already a TAL employee please apply via the SmartRecruiters button in Workday and navigate to the Employee Portal. This is important to ensure that your application is recorded accurately.

Reports to: Sr. Director of Adversary Tactics

Location: Remote US

Compensation Range: $190,000.00 to $210,000.00  base plus bonus and equity

What We Do:

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24⁄7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers’ protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

What You’ll Do:

The Huntress Adversary Tactics team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. We’re looking for someone who wants to pour their creativity into researching, hunting, and uncovering threats in our customer networks. Competitive candidates have experience leading a team of researchers across the threat intelligence cycle. Candidates should also have experience creating Threat Intelligence reports, advocating for product enhancements, and public speaking.

Threat Intelligence Analysts aggregate threat data from the previous month and build out reports for our customers. These reports may also be used for marketing and help illustrate the value of what Huntress provides to customers and the community. Threat Intelligence Analysts are also responsible for writing blog posts and marketing materials regarding emerging threat trends. They also work closely with Security Researchers and Analysts to obtain more context about threat data.

Familiarity with product management, scripting/development, incident response, malware analysis, configuration management, and antivirus technologies is an additional way to differentiate yourself.

As you can imagine, success doesn’t happen in a vacuum. An effective hunter fosters highly collaborative environments between the Product, Marketing, and Security Operations Center teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision, ultimately delivering our most impactful features and capabilities.

We defend over 5 million endpoints and 11 million identities, and that number continues to grow each month, across tens of thousands of mid-sized and small business customers. Given this market’s tighter budgets, it’s impossible to assign human analysts to each client. The Adversary Tactics team addresses this challenge head-on by providing input to build and scale highly automated efficiencies—often lightly augmented by our Security Operations Analysts—that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.

Responsibilities:

• Conducts research on emerging adversary tradecraft in the identity space (Microsoft 365, Google) to help scope and conduct hunt missions
• Responsible for aggregating threat data to build out reports for customers to show Huntress’ value, and inform them of various threats that have been seen and reported
• Responsible for creating reports for marketing to show Huntress’ value to the larger community
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Works with the Sr. Director of Adversary Tactics, the Security Operations Center, Product, and others to develop the Product and threat operations roadmap
• Provides technical leadership for some members of the Security teams
• Supports the professional development of researchers and others in the organization through coaching and mentorship
• Responsible for enhancing Huntress visibility by ingesting and utilizing IOCs from external threat intel sources
• Responsible for blog posts and other marketing materials regarding threat trends
• Excellent written and verbal communication skills
• Familiarity with utilizing AI in workflows

What You Bring To The Team:

• Minimum of 5 years of experience in the field of Threat Intelligence
• Experience with SIEM tools for scaled log analysis
• Familiarity with detection engineering, detection logic, i.e., Sigma Rules
• Experience researching and scoping threat hunt missions
• Understanding of cybersecurity, threat actors, and end-to-end threat life cycle, including one or more of the following: digital forensics, malware research, incident response, vulnerabilities, and exploits
• Experience with 3rd-party intelligence tools, feeds, and reputation services.
• Experience conducting OSINT gathering and analysis
• Foundational development experience across multiple platforms (e.g., Windows and/or macOS), C/C++, GoLang, and Python (nice to have)
• Proficient knowledge of Windows and/or macOS subsystems and how they interact both at the user and kernel level (nice to have)

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit businesses of all sizes.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com . Please note that non-accommodation requests to this inbox will not receive a response.

Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process, but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights.

#BI-Remote

Company Description

• Help protect over 5 million Australians, making a real difference in their lives during their most challenging times.
• Work with experienced and skilled colleagues who support and inspire one another to achieve collective success
• Our competitive benefits package includes everything from financial literacy to health and wellness initiatives, designed with your well-being in mind

Welcome to TAL. As a leading life insurer, we’ve been protecting Australians for over 150 years. Backed by Daiichi Life, we’re driven by big ambitions and empower to create better products and services.

Together with our Partners, we’re helping millions of Australians live a life filled with choices, options, and freedoms. See the direct impact you make delivering support and financial security with care and expertise. Grow beyond expectations with diverse roles, global connections, and exclusive learning opportunities.

Work with passionate, bright and capable colleagues. Feel inspired by supportive leaders. Collaborate with heart, where flexibility, wellbeing and inclusivity is valued. Together, we’re reimagining insurance.

So, bring a curious mind and an ambition to help us become the progressive, digitally enabled leading insurer.

Job Description

The Head of Technology Risk is responsible for establishing and governing TAL’s Technology Risk Management framework, providing independent oversight of the risks arising from the organisation’s technology landscape, digital transformation programs, and data assets. This role ensures that TAL’s technology risk profile is clearly understood, actively managed, and reported within the Board’s approved risk appetite, and that TAL meets its obligations under APRA CPS 230, CPS 234, and CPS 220.

This is a critical first-line-of-defence leadership role within the Technology function, working in close partnership with the CIO, the broader Technology Leadership Team, Enterprise Risk, and the CISO to embed a strong risk management culture across all technology domains. The Head of Technology Risk is accountable for ensuring that technology risk is identified, assessed, and governed with rigour and transparency, and for providing the CIO and Board with the assurance needed to make confident, risk-informed decisions about TAL’s technology investment and operations.

In this role you will:

• Own and continuously enhance TAL’s Technology Risk Management framework, ensuring alignment with Enterprise Risk Management and APRA standards across all risk domains (e.g. cyber, cloud, data, AI, change).
• Lead end-to-end identification, assessment, and monitoring of technology risks, maintaining the Technology Risk Register and escalating material risks to the CIO and relevant committees.
• Provide independent oversight of compliance with key APRA standards (CPS 230, CPS 234, CPS 220), including control effectiveness, remediation tracking, and regulatory engagement support.
• Deliver executive-level technology risk reporting, highlighting risk profile, key trends, control performance, and remediation progress against risk appetite.
• Lead Technology Operational Resilience, including critical operations, tolerance setting, and business continuity/disaster recovery governance and testing.
• Oversee risk assessment for major technology initiatives (e.g. cloud, AI, transformation), ensuring risks are identified early and managed within appetite before execution.
• Drive risk appetite, assurance, and culture across Technology, including KRIs, audit remediation, cross-functional alignment (Risk, Compliance, Legal, CISO), psychosocial risk management, and leadership of the Technology Risk team (including FAR obligations).

Qualifications

• Minimum of 10 years of experience in a combination of technology risk, operational risk, IT audit, or technology governance, with at least three years in a Senior Manager or above role leading technology risk management functions within a highly regulated sector such as financial services, insurance, or banking.
• Deep knowledge and practical experience of APRA prudential standards applicable to technology and operational risk, specifically CPS 230 (Operational Risk Management), CPS 234 (Information Security), and CPS 220 (Risk Management), and their application within a life insurance or financial services context.
• Strong understanding of technology risk domains including infrastructure risk, cloud risk, application risk, data risk, cyber risk, AI risk, and technology change risk — and the ability to assess and govern each within a structured risk management framework.
• Demonstrated experience designing and operating technology risk frameworks, including risk appetite and tolerance frameworks, key risk indicator (KRI) programs, control self-assessment processes, and technology risk registers within a regulated financial services environment.
• Strong knowledge of industry risk frameworks and standards including NIST CSF, ISO 31000, COBIT, and ITIL, with the ability to apply these pragmatically in a technology organisation undergoing digital transformation and cloud adoption.
• Industry-recognised professional certifications such as CRISC, CISM, CGEIT, or CISSP are highly regarded.

Additional Information

TAL is one of Australia’s leading life insurers, committed to inclusion, and supporting the career growth of our diverse workforce. We’re proud to be:

• An Inclusive Employer – Recognised as Employer of Choice for Gender Equality by the Workplace Gender Equality Agency from 2014 to 2025 and 2023 to 2026 Bronze Tier Status within the Australian Workplace Equality Index
• Diversity Champions – Member of Diversity Council Australia, Australian Disability Network, Pride in Diversity and Champions of Change
• Reconciliation Advocates – Read our Innovate Reconciliation Action Plan.
• We welcome applications from people with diverse experiences, perspectives and backgrounds including Aboriginal and Torres Strait Islander people, caregivers, individuals with disability/ies, people from culturally diverse backgrounds and the LGBTQ+ community.
• Need adjustments during the recruitment process? Let our team know by getting in touch with us here.—we’re here to support you.

You’re always accountable for your actions. You never give up. You strive to find the best outcomes for customers and partners. And you value working together to find the best solutions for problems.

As part of the recruitment process, there are several checks which may be conducted to demonstrate your eligibility for a role at TAL including Criminal History, Bankruptcy, Entitlement to Work, Regulatory and Reference Checks.

#LI-Hybrid

Everyone at TAL has a responsibility to do the right thing and is accountable for the way they conduct themselves. Our expectations are that you follow the principles set out in our Code of Conduct when you come to work every day. Risk management is everyone’s responsibility.

If you are already a TAL employee please apply via the SmartRecruiters button in Workday and navigate to the Employee Portal. This is important to ensure that your application is recorded accurately.

About Us_ // At Masabi, we’re driving the fare payment revolution, powering the journeys of millions all over the world.

Our Purpose

At SentinelOne, we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build, operate, and innovate, the responsibility to protect them becomes more critical than ever. When you join SentinelOne, your work helps protect global enterprises, critical infrastructure, and the technologies shaping tomorrow. If you are motivated by meaningful challenges and want your impact to be real, measurable, and global, you will find purpose here.

About Us

SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. Our AI-native platform unifies protection across endpoint, cloud, identity, data, and AI systems to deliver autonomous detection and response with clarity and speed. By combining real-time analytics, intelligent automation, and a unified data foundation, we reduce noise, simplify complexity, and empower security teams to focus on what truly matters.

Our teams are builders, problem-solvers, and innovators committed to shaping the future of security. If you are excited to solve hard problems alongside talented, mission-driven people, we invite you to help us build a safer future for humanity.

What Are We Looking For?

We’re looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes.

As a​ Sr. Staff Back-End AppSec Lead, you will be tasked with​ acting as a trusted advisor to customers by reviewing and validating AI-generated findings on Java and .NET back-end systems during high-stakes security engagements.​ Work​ing directly with SentinelOne’s agentic code scanning pipeline to analyze vulnerabilities, apply expert human judgment, and communicate actionable results to both technical teams and executive stakeholders.​ Help build and scale the Wayfinder Frontier AI Services practice by refining methodologies, improving AI-assisted exposure management workflows, and collaborating with elite offensive and defensive security experts.

What Will You Do?

Primary responsibilities include :

• Lead Wayfinder Frontier AI Services customer engagements end-to-end, scope the work, deliver the technical findings, and present results to executive and technical stakeholders.
• Review and triage findings from our agentic code scanning pipeline against customer Java and .NET codebases. Validate true positives, eliminate noise, and ensure every finding that reaches the customer is a decision they can act on.
• Conduct deep code review across Java and .Net code and common frameworks.
• Present findings to stake holders, translate technical risk into business impact and map exposures into end-to-end exploitation chains.
• Author and maintain SAST rule packs that scale across the customer base, and partner with our AI/ML engineers to improve our agentic scanning engine.
• Provide expert remediation guidance to customer development teams and validate fixes through follow-up review.
• Work closely with our engineering teams to enhance our agentic code scanning pipeline, and reduce false positives.
• Mentor Senior-level AppSec engineers and dev-skilled threat hunters; raise the technical bar of the practice and shape the service line’s methodology, engagement playbooks, and scoping templates.

What Skills And Knowledge Will You Bring?

Ideal candidates will have:

• 7+ years in application security or product security with a strong software development background.
• Proven track record translating complex findings into technical and executive-level debriefs. Excellent written and verbal communication is essential.
• Experience delivering customer-facing or consulting-style engagements end-to-end, comfortable in a distributed remote organization.
• Expert-level Java / Spring, you’ve identified and explained vulnerabilities at the framework level, not just the application level.
• Expert-level .NET Framework and ASP.NET Core, vulnerabilities and secure coding methodologies.
• Mastery of OWASP Top 10, CWE Top 25, and modern authentication infrastructure (SAML, OAuth, OIDC, JWT internals).
• Hands-on experience authoring custom static-analysis rules and queries for modern SAST engines; familiarity with AI-assisted code review workflows and validating findings produced by automated and agentic analysis pipelines.
• Strong threat modeling experience throughout the secure SDLC.
• Fluency with Git-based source control and CI/CD pipelines, including build-pipeline security controls, runner hardening, and release-gate enforcement.
• Experience with AI accelerated development / code scanning methodologies.

Why SentinelOne?

AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.

We invest in our Sentinels with comprehensive, competitive benefits designed to support you and your family:

Equity & Rewards

• Restricted Stock Units (RSUs)
• Employee Stock Purchase Plan (ESPP)

Time Off & Wellbeing

• Flexible time off
• Paid company holidays and paid sick time
• Gender-neutral parental leave
• Grandparent leave

Insurance & Financial Security

• Medical, dental, and vision coverage
• 401(k) retirement plan with company match
• Life and disability insurance
• Health and dependent care FSA
• Voluntary benefits (hospital, accident, critical illness)
• Employee Assistance Program (EAP)
• ARAG pre-paid legal
• Nationwide pet insurance
• Cancer Care program
• Global business travel medical insurance

Work Perks & Flexibility

• Home office allowance
• Mobile phone reimbursement

Wellness & Lifestyle

• Wellness coach
• Wellness/gym reimbursement
• Fertility coverage
• Adoption & surrogacy reimbursement

This U.S. role has a base pay range that will vary based on the location of the candidate. For some locations, a different pay range may apply.  If so, this range will be provided to you during the recruiting process. You can also reach out to the recruiter with any questions.

Base Salary Range

$184,000—$235,000 USD

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles.

General information Requisition # R67796 Locations USA-Remote Work Posting Date 05/15/2026 Security Clearance Required None Remote Type Fully Remote Time Type Full time Description & Requirements Elevate your career with...

Who we are At Twilio, we’re shaping the future of communications, all from the comfort of our homes.