Create an Account
Create an account for powerful AI tools, award-winning courses, and access to our vibrant community.
or
Already have an account?
Create an account for powerful AI tools, award-winning courses, and access to our vibrant community.
Already have an account?
Join 250,000+ professionals and teams at Microsoft, Shopify, and even NASA. 🚀
Already have an account? Login
Find the best remote jobs. Answer a few questions and we'll deploy a powerful assistant to help you search, create alerts, and more.
1 What roles are you open to?
2 Experience level
3 Work style
Did you know? If memory is enabled, Writing.io can remember your job search preferences and help you to improve your resume, craft customized outreach and more.
Category
Manages customer security reviews, coordinates due diligence requests, and serves as a security subject matter expert to MongoDB's field teams and customers.
MongoDB’s Security Assurance team is on a mission to make MongoDB one of the world’s most trusted technology vendors. We are doing this in two ways. First, we provide customers with the clear, concise and accurate information about the security of our products that customers require to use our products. Second, we serve as trusted security SMEs to MongoDB’s field teams.
The InfoSec Analyst I is an independent contributor role. This role is vital to the Security Assurance team’s mission and is responsible for coordinating completion of customer due diligence reviews as well as helping MongoDB’s field personnel answer complex customer security questions.
We are looking to speak to candidates who are based in Dublin for our hybrid working model.
MongoDB is built for change, empowering our customers and our people to innovate at the speed of the market. We have redefined the data platformbase for the AI era, enabling buildersinnovators to create, transform, and disrupt industries with software. MongoDB’s unified database platform, the most widely available, globally distributed data platformbase on the market, helps organizations modernize legacy workloads, embrace innovation, and unleash AI. Our cloud-native platform, MongoDB Atlas, is the only globally distributed, multi-cloud data platformbase and is available across AWS, Google Cloud, and Microsoft Azure.
With offices worldwide and over 670,000 customers, including 75% of the Fortune 100 and AI-native startups, relying on MongoDB for their most important applications, we’re powering the next era of software.
Our compass at MongoDB is our Leadership Commitment, guiding how and why we make decisions, show up for each other, and win. It’s what makes us MongoDB.
To drive the personal growth and business impact of our employees, we’re committed to developing a supportive and enriching culture for everyone. From employee affinity groups, to fertility assistance and a generous parental leave policy, we value our employees’ wellbeing and want to support them along every step of their professional and personal journeys. Learn more about what it’s like to work at MongoDB, and help us make an impact on the world!
MongoDB is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform your recruiter.
MongoDB is an equal opportunities employer.
Req ID: 2273456141
L3 SOC analyst leads incident detection, investigation, and response to complex cybersecurity threats while coordinating cross-functional teams.
About ProArch:
At ProArch, we partner with businesses around the world to turn big ideas into better outcomes through IT services that span cybersecurity, cloud, data, AI, and app development.
We’re 400+ team members strong across 3 countries (we call ourselves ProArchians)—and here’s what connects us all:
What’s it like to work here?
At ProArch, you’ll be part of teams that design and deliver technology solutions solving real business challenges for our clients. With services spanning AI, Data, Application Development, Cybersecurity, Cloud & Infrastructure, and Industry Solutions, your work may involve building intelligent applications, securing business‑critical systems, or supporting cloud migrations and infrastructure modernization.
Every role here contributes to shaping outcomes for global clients and driving meaningful impact. You’ll collaborate with experts across data, AI, engineering, cloud, cybersecurity, and infrastructure—solving complex problems with creativity, precision, and purpose. You’ll join a culture rooted in technology, curiosity, and continuous learning. A place where we move fast, trust you to make an impact, encourage innovation, and support your growth.
About Position:
At ProArch, a leader in IT security consulting with presence in the US, UK, and India, we are looking for a skilled L3 SOC Analyst / Incident Response Analyst to join our Security Operations Center (SOC) team. In this critical role, you will be responsible for advanced incident detection, investigation, and response to complex cybersecurity threats. Leveraging your extensive experience and expertise, you will lead incident response activities, perform deep-dive analysis, and coordinate with cross-functional teams to mitigate risks and strengthen our security posture. If you thrive in a dynamic, fast-paced environment and are passionate about defending organizations against sophisticated cyber threats, this position is ideal for you.Role Summary
ProArch are seeking a highly skilled and technically strong L3 SOC Analyst / Incident Response Analyst to operate within a Managed Security Services Provider (MSSP) environment, supporting multiple customer environments across diverse industries.
This role is heavily focused on:
The ideal candidate combines strong incident response expertise, deep Microsoft security platform knowledge, hands-on detection engineering capability, and SOC automation experience within a fast-paced MSSP environment.
This is not a traditional alert-monitoring SOC Analyst role. The position requires strong investigative, analytical, and response-oriented cybersecurity capabilities.
Key Responsibilities
1. Incident Response & Threat Investigation
• Lead and support advanced security incident investigations across multiple customer environments
Perform:
Investigate and respond to:
Account compromise incidents
Business Email Compromise (BEC)
Malware and ransomware activity
Privilege escalation
Lateral movement activity
Suspicious cloud and identity-based attacks
Advanced phishing and social engineering campaigns
Coordinate containment, remediation, and recovery activities with customer and internal teams
Support high-severity incident escalation handling and response coordination
Provide detailed investigation findings, timelines, impact assessments, and response recommendations
Conduct proactive threat hunting and threat validation activities where required
Support digital forensics and evidence collection activities when applicable
2. Detection Engineering & SIEM Operations
Design, develop, and maintain advanced detection rules across:
Develop and optimize:
Perform:
Detection tuning
False positive reduction
Behavioral baselining
Threat-based detection improvements
Build and maintain reusable detection content and query libraries
Support proactive detection engineering initiatives aligned with emerging threats and attacker techniques
Leverage threat intelligence and MITRE ATT&CK mapping to improve detection coverage
3. SOC Automation & SOAR Engineering
Design and implement SOC automation workflows using:
Build workflows for:
Alert enrichment
Incident routing
Automated containment actions
Threat intelligence enrichment
Ticket synchronization
Investigation acceleration
Develop scalable automation frameworks to improve SOC operational efficiency
Support continuous optimization of SOC workflows and automation coverage
Create automation standards and reusable workflow templates across customer environments
4. Microsoft Security Platform Operations
Provide hands-on operational support, investigation, tuning, administration, and engineering for:
5. AI Security & Modern Threat Operations
Support detection and response activities related to:
AI-orchestrated attacks
Identity-based attacks
Cloud-native threats
Advanced phishing and social engineering campaigns
Leverage AI-assisted SOC operations and automation capabilities where applicable
Support modern detection strategies aligned with evolving attacker techniques
Evaluate opportunities to integrate AI-driven efficiencies into detection, investigation, and response workflows
6. Client & Operational Support
Participate in customer incident discussions and escalation calls when required
Support onboarding of new customer environments and security integrations
Maintain:
Investigation playbooks
SOPs
Workflow documentation
Operational runbooks
Detection documentation
Collaborate closely with:
SOC Operations
Security Engineering
Vendors
Consulting teams
Customer stakeholders
Support operational improvement initiatives across SOC and DFIR functions
Required Qualifications
Education
Experience
Strong hands-on experience in:
Incident Response
Threat Investigation
SOC Operations
Detection Engineering
DFIR activities
Prior Incident Response Analyst experience is highly preferred
Experience working within MSSP environments preferred
Experience supporting or collaborating with US-based teams/vendors preferred
Proven hands-on experience with SOAR platforms in enterprise or MSSP environments
Strong experience designing and implementing SOC automation workflows from scratch
Experience supporting enterprise Security Operations Center (SOC) environments
Experience with detection engineering and SIEM rule development
Required Technical Skills
Security Platforms & Technologies
Strong hands-on experience with:
Strong experience creating:
Experience with:
Understanding of:
MITRE ATT&CK
Scripting & Technical Skills
Preferred experience with:
Preferred Certifications
Soft Skills & Work Style
Working Model
What Success Looks Like
Life @ ProArch
Designs and implements SOAR automation solutions for SOC operations, optimizing incident response workflows and security integrations in a managed security services environment.
About ProArch:
At ProArch, we partner with businesses around the world to turn big ideas into better outcomes through IT services that span cybersecurity, cloud, data, AI, and app development.
We’re 400+ team members strong across 3 countries (we call ourselves ProArchians)—and here’s what connects us all:
What’s it like to work here?
At ProArch, you’ll be part of teams that design and deliver technology solutions solving real business challenges for our clients. With services spanning AI, Data, Application Development, Cybersecurity, Cloud & Infrastructure, and Industry Solutions, your work may involve building intelligent applications, securing business‑critical systems, or supporting cloud migrations and infrastructure modernization.
Every role here contributes to shaping outcomes for global clients and driving meaningful impact. You’ll collaborate with experts across data, AI, engineering, cloud, cybersecurity, and infrastructure—solving complex problems with creativity, precision, and purpose. You’ll join a culture rooted in technology, curiosity, and continuous learning. A place where we move fast, trust you to make an impact, encourage innovation, and support your growth.
Position Overview
ProArch IT Solutions is seeking a highly motivated and technically skilled Security / SOAR Automation Engineer to join our global cybersecurity operations team supporting a fast-paced Managed Security Services Provider (MSSP) environment. The ideal candidate will possess strong hands-on experience in cybersecurity automation, SOAR platform engineering, SOC workflow orchestration, and security integrations across modern security ecosystems.
This role is heavily focused on designing, implementing, optimizing, and scaling SOC automation capabilities to improve operational efficiency, incident response, alert enrichment, triage automation, threat intelligence utilization, and AI-driven security operations enhancements.
The Engineer will work closely with SOC Operations, Security Engineering, Security Consulting, and Leadership teams to deliver automation initiatives and operational improvements while supporting a globally distributed security environment.
This is a permanently remote opportunity for candidates based in India, aligned primarily to USA Eastern Time (ET) business hours, with flexibility depending on operational requirements.
Key Responsibilities:
SOAR Engineering & Automation
Design, develop, implement, and maintain SOAR playbooks and automation workflows for SOC operations.
Build scalable security orchestration workflows for:
Alert triage
Automated enrichment
Threat intelligence correlation
Incident response
Containment workflows
Identity-based investigations
Case management
Reporting automation
Reporting automation
Implement and maintain integrations between SOAR platforms and various security technologies using APIs, webhooks, SDKs, and custom connectors.
Develop automation logic to improve SOC efficiency, reduce analyst fatigue, and accelerate Mean Time to Respond (MTTR) and Mean Time to Resolve.
Support SOAR platform lifecycle management including upgrades, change management, testing, governance, RBAC, and operational maintenance.
Assist with SOAR platform administration, identity & access management, and environment hardening.
Security Platform Integrations
Hands-on experience integrating and automating workflows involving:
SOC Operations Enhancement
AI & Advanced Security Operations
Collaboration & Project Coordination
Experience
Technical Skills
Strong understanding of:
Preferred Qualifications
Soft Skills & Work Style
Work Schedule & Environment
What Success Looks Like in This Role
Life @ ProArch
Build and operate security scanning infrastructure (SAST, DAST, SCA) across CI/CD pipelines, tune detection rules, and enforce security gates in the software delivery process.
Interactive Brokers Group, Inc. (Nasdaq: IBKR) is a global financial services company headquartered in Greenwich, CT, USA, with offices in over 15 countries. We have been at the forefront of financial innovation for over four decades, known for our cutting-edge technology and client commitment.
IBKR affiliates provide global electronic brokerage services around the clock on stocks, options, futures, currencies, bonds, and funds to clients in over 200 countries and territories. We serve individual investors and institutions, including financial advisors, hedge funds and introducing brokers. Our advanced technology, competitive pricing, and global market help our clients to make the most of their investments.
Barron’s has recognized Interactive Brokers as the #1 online broker for six consecutive years. Join our dynamic, multi-national team and be a part of a company that simplifies and enhances financial opportunities using state-of-the-art technology.
About the Role
We are looking for an Application Security Engineer who lives at the intersection of security and engineering. This is not a policy role — you will be hands-on building, tuning, and scaling the security scanning infrastructure that protects our software delivery pipeline. You will own SAST, DAST, and SCA tooling end to end, drive false positive reduction, and embed security gates directly into CI/CD workflows across engineering teams. A deep understanding of how vulnerabilities actually work — not just what scanners report — is fundamental to success in this role.
The Problem We’re Solving
We operate in a complex, regulated environment — multiple languages, layered network boundaries, and delivery velocity that cannot be sacrificed for security theater. We are building a scanning program that works in that reality. Tuned, automated, trusted — coverage that is measurable and findings that engineers actually act on. This role exists to solve that problem.
What You’ll Do
Own and operate static, dynamic, and software composition analysis scanning platforms across all engineering pipelines — onboarding new repositories, tuning rulesets, and maintaining coverage metrics
Build and maintain CI/CD security gates that enforce scan policies at pull request, merge, and release stages across engineering workflows
Write custom detection rules tailored to the organization’s tech stack and threat model — covering vulnerability classes specific to the languages and frameworks in use
Triage and prioritize scan findings with a deep understanding of actual exploitability — distinguish true positives from noise, explain the real-world impact of each finding, and build suppression workflows that reduce false positive rates without creating blind spots
Develop automation to ticket, deduplicate, and route findings to the right engineering teams with enough context for developers to understand and act on them
Integrate dynamic scanning into pre-production environments with authenticated coverage — understanding what attack surface is actually reachable versus what scanners miss
Partner with engineering teams on remediation — provide exploit context, reproduce findings where necessary, and give concrete fix guidance grounded in how the vulnerability actually works
Support software composition analysis and dependency security programs — tying third-party vulnerabilities back to actual reachability and exploitability in the codebase rather than treating every CVE as equal severity
Contribute to the security champions program — help developers understand not just what is flagged but why it matters and how an attacker would use it
Run structured evaluations of new tooling and drive buy vs build decisions with documented PoC results
What We’re Looking For
These areas are the capabilities we are looking for. Strong candidates will not check every box. If you are strong in either of the below, we want to hear from you. Depth in one area with curiosity about other matters more than surface-level familiarity across all of them.
5-7 years in application security, DevSecOps, or a security engineering role with tooling focus
Strong foundational knowledge of how web application vulnerabilities work at a technical level — injection classes, broken authentication patterns, insecure deserialization, XXE, SSRF, IDOR, race conditions, and business logic flaws — not just awareness of their names
Ability to read a scan finding and independently reason about whether it is exploitable in context — understanding data flow, trust boundaries, and what an attacker would actually need to trigger it
Hands-on experience deploying and tuning SAST platforms — writing or modifying rules, understanding AST-based and dataflow analysis, and knowing where static analysis fundamentally cannot reach
Experience integrating security tooling into CI/CD pipelines and enforcing policy at key delivery gates
Proficiency in at least one scripting language — Python or Go strongly preferred — for automation and tooling development
Experience with DAST tooling in authenticated scan configurations — understanding what authenticated coverage requires and how session handling, CSRF tokens, and multi-step flows affect scan fidelity
Familiarity with SCA concepts — dependency graphs, transitive vulnerabilities, license risk, reachability analysis, and SBOM formats including CycloneDX and SPDX
Ability to read and reason about code across multiple languages
Nice to Have
Development background — candidates who have written production code and personally addressed security vulnerabilities in a codebase bring a fundamentally different perspective to this role; they understand why developers make the choices they do, where fixes break things, and how to give remediation guidance that engineers will actually implement
Background that spans both sides of the SDLC — having sat in a developer role before moving into security means stronger partnerships with engineering teams and more credible guidance during code review and triage conversations
Experience writing custom detection logic for organization-specific vulnerability patterns beyond out-of-the-box scanner coverage
\* Depending upon the shifts.
** The benefits package is subject to change at the management’s discretion.
Hands-on security engineer who validates bug bounty submissions, reproduces exploits, and partners with engineering teams to drive vulnerability remediation across web, API, and trading platforms.
Interactive Brokers Group, Inc. (Nasdaq: IBKR) is a global financial services company headquartered in Greenwich, CT, USA, with offices in over 15 countries. We have been at the forefront of financial innovation for over four decades, known for our cutting-edge technology and client commitment.
IBKR affiliates provide global electronic brokerage services around the clock on stocks, options, futures, currencies, bonds, and funds to clients in over 200 countries and territories. We serve individual investors and institutions, including financial advisors, hedge funds and introducing brokers. Our advanced technology, competitive pricing, and global market help our clients to make the most of their investments.
Barron’s has recognized Interactive Brokers as the #1 online broker for six consecutive years. Join our dynamic, multi-national team and be a part of a company that simplifies and enhances financial opportunities using state-of-the-art technology.
Security Engineer -Bug Bounty
About the Role
We are looking for a Security Engineer focused on Bug Bounty who treats researcher reports as security data, not support tickets. This is not a coordination role — you will be hands-on validating vulnerabilities, reproducing exploits, and working directly with engineering teams to drive fixes. You will own the full lifecycle of the program: scope design, triage, researcher relations, remediation tracking, and the upstream feedback that turns external findings into internal controls.
The other half of this role is developer partnership. Findings that sit in a backlog do not improve security. You will reduce the friction that keeps confirmed vulnerabilities from being fixed — translating researcher reports into clear remediation guidance, removing ambiguity that slows engineers down, and identifying the process or tooling gaps that let the same vulnerability class appear repeatedly.
A deep understanding of how vulnerabilities actually work — not just how to classify them — is fundamental to success here.
What You’ll Do
Own day-to-day operations of the bug bounty program on the managed platform, including report triage, severity assessment, researcher communication, and payout decisions — maintaining SLA compliance across all inbound volume
Reproduce and technically validate submitted vulnerabilities across web, API, mobile, and trading infrastructure attack surfaces — reason independently about exploitability in context, not just what the report claims
Classify findings using CVSS, OWASP, and business impact criteria; distinguish genuine risk from theoretical severity; escalate critical issues into incident response workflows with enough context for engineering leadership to act immediately
Act as a remediation partner, not just a reporter — work directly with developers to clarify findings, provide exploit context, reproduce issues where needed, and give fix guidance grounded in how the vulnerability actually works; track what slows remediation and fix it
Identify recurring vulnerability classes across inbound reports and feed patterns back into AppSec initiatives — SAST rule tuning, developer training, design review checklists — closing the loop from external discovery to internal prevention
Maintain program scope, out-of-scope guidance, and rules of engagement; adjust based on surface area changes, new products, and program maturity signals
Coordinate with legal, compliance, and communications on responsible disclosure edge cases, researcher disputes, and public disclosure timelines
Produce monthly and quarterly program metrics for security leadership — coverage, triage velocity, remediation cycle times, finding trends — with enough analytical depth to drive program decisions
Evaluate attack surface expansions — new APIs, products, acquisitions — for readiness to enter program scope
What We’re Looking For
These are the capabilities that matter for this role. Strong candidates will not check every box. Depth in vulnerability validation and developer partnership matters more than broad platform familiarity. If you have operated on both sides of the researcher-developer relationship, we want to hear from you.
2–5 years in application security, penetration testing, bug bounty operations, or a security engineering role with hands-on validation focus
Strong foundational knowledge of how web application vulnerabilities work at a technical level — SSRF, IDOR, auth bypass, injection classes, business logic flaws, API authorization failures, OAuth misconfigurations — not just awareness of their names
Ability to read a researcher report and independently reason about exploitability in the specific context of the application — understand trust boundaries, data flow, and what an attacker would actually need to trigger the finding
Experience operating a bug bounty or vulnerability disclosure program on a managed platform — Bugcrowd, HackerOne, or equivalent — with ownership of triage decisions and researcher communication
Strong written communication under pressure — you will be writing triage decisions to elite researchers and remediation guidance to developers simultaneously; both audiences require clarity and credibility
Familiarity with REST and GraphQL API security, OAuth 2.0 flows, session management, and web application architecture at the level needed to validate findings without relying on the researcher’s reproduction steps alone
Ability to work cross-functionally with engineering teams — translate security findings into actionable, developer-friendly guidance that engineers will actually implement rather than defer
Nice to Have
Active bug bounty participation as a researcher — candidates who have filed reports themselves understand what makes a finding credible, what frustrates researchers about triage decisions, and how to run a program that retains high-signal contributors
Development background — candidates who have written production code and personally addressed security vulnerabilities bring a fundamentally different perspective to remediation partnership; they understand why developers make the choices they do, where fixes break things, and how to give guidance that engineers will actually act on
Experience in financial services or a similarly regulated environment — understanding the compliance overlay on remediation timelines and disclosure decisions changes how you prioritize and escalate
Scripting ability in Python or Bash — for triage automation, scope monitoring, duplicate detection, or metrics extraction from platform APIs
Familiarity with DAST tooling (Burp Suite Pro, Nuclei, ZAP) — candidates who can independently reproduce and extend researcher findings without relying solely on the submitted reproduction steps are significantly more effective in this role
\* Depending upon the shifts.
** The benefits package is subject to change at the management’s discretion.
Design, implement, and maintain Comply-to-Connect deployment infrastructure while monitoring performance and supporting cybersecurity system accreditation for federal government agencies.
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.
About GuidePoint Security
GuidePoint Security is a leading cybersecurity solutions and services firm enabling federal government organizations to make smarter security decisions that minimize risk. With more than 800 vetted technology vendor partnerships and deep practitioner expertise across every major cybersecurity domain, GuidePoint serves more than half of the U.S. Government’s cabinet-level agencies across Civilian, DoD, and Intelligence Community segments, as well as Federal System Integrators and major defense prime contractors. We are growing our federal presales engineering team and looking for technically exceptional engineers who thrive at the intersection of federal mission and cybersecurity technology.
The Senior Network Security Engineer will engineer, design, and sustain Comply-to-Connect (C2C) deployment support to migrate and maintain critical services across unclassified and classified environments.
Key Responsibilities
Requirements
Preferred Qualifications
Physical Qualifications
“ Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.”
We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don’t miss updates on your application.
Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 6,200 customers.
Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.
This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.
Some added perks….
Staff-level security engineer designs and implements security controls across product infrastructure, cloud systems, and customer-facing platforms for a regulated fintech company.
Headquarters: Remote
Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing.
We're a Series C company backed by a16z, transforming industries that others have written off as too complex to innovate.
Rather than build on top of broken legacy systems, we took a different approach: we built and operate our own mortgage servicing business managing $110+ billion in loans. This wasn't the end goal, it was how we deeply understood the complexity needed to build software that actually works in regulated industries.
The results speak for themselves. We've transformed mortgage servicing from a 0% margin business into 60%+ margins while dramatically improving customer experience. Major enterprise contracts are now deploying across the industry.
ValonOS is our unified platform that makes every process structured and programmable and it is perfectly positioned for the AI era. When everything flows through one system with rich data, AI agents don't just automate tasks, they continuously improve entire operations. Mortgage servicing is just the beginning of our vision to transform regulated industries and beyond.
Security at Valon
Our customers entrust us with some of their most sensitive and personal financial information, and it is the ultimate mission of Valon’s Security team to ensure we have sound programs, processes, and automation in place to safeguard our customers’ data. The Security team protects the infrastructure and data for processing billions of dollars of mortgage loans.
In addition to protecting Valon’s internal systems, the Security team partners closely with Product and Engineering to design and deliver secure, scalable, and trustworthy capabilities for ValonOS. We work cross-functionally across all teams at Valon to enable security throughout the organization. We engage with external security auditors, pentesting firms, and partners to continuously evaluate Valon’s security posture.
Valon offices are located in New York City and San Francisco, but we fully support remote work!
About the Role
We are seeking a seasoned and highly skilled Staff Product Security Engineer - Customer Platform to join our growing team! As a key security member at Valon, you will play a critical role in ensuring the security of our organization's systems, cloud infrastructure, products, and data.
This role blends product security architecture and technical control implementation, incorporating security by design into ValonOS. You will be hands-on and help shape how security is designed, built, and scaled across our SaaS platform both in foundational infrastructure and in customer-facing security features.
Responsibilities
Define and evolve product security architecture and strategy for Valon’s multi-tenant SaaS platform
Architect and guide secure implementation of customer-facing security capabilities in conjunction with Engineering (e.g., authentication / authorization models, identity integration, access controls, audit and logging, encryption / key management)
Build and maintain security reference architectures and standardized secure design patterns for product teams
Lead threat modeling, security design and code reviews for new features, services, and major architectural changes
Collaborate with Product, Engineering, Data, Compliance, Legal, and other teams to identify and drive mitigation for product and data security risks
Support vulnerability triage, remediation strategy, and root cause analysis for product security issues
Support security compliance and regulatory needs (e.g., SOC 2, CCPA, NYDFS, FTC), including customer-facing security discussions and due diligence
Develop, implement, and enforce security policies, standards, and procedures
Support operational activities including security advisory and consultative reviews, incident response, issue remediation, and other security processes
Ideal Background
Extensive experience in product security, application security, or security architecture roles, with ownership of security design for SaaS platforms including multi-tenancy and customer-facing security capabilities.
Strong background in cloud security and modern infrastructure, with hands-on experience securing cloud environments (GCP preferred).
Proven experience in SaaS IAM and tenant security (e.g., authentication/authorization, RBAC, SSO/SAML/OIDC, SCIM, MFA, audit logs).
Expertise in designing secure platform controls (e.g., APIs, service-to-service auth, encryption/KMS/CMEK, logging/monitoring)
Demonstrated ability to build and maintain security reference architectures.
Expert-level experience leading threat modeling and security design reviews including security-focused code reviews.
Applied knowledge with industry security and compliance frameworks (OWASP, NIST, CIS, SOC 2/ISO 27001 concepts)
Highly hands-on engineer with proven ability to operate autonomously, drive multiple complex cross-functional efforts, and influence independently.
Excellent communication and collaboration skills, including the ability to explain complex security concepts to both technical and non-technical stakeholders.
Prior software engineering experience and/or coding ability (Python) is preferred.
Experience working in high-growth or startup environments is a plus.
Minimum Qualifications
8+ years in progressive senior security engineering or architect level roles, with 3+ years leading security design for enterprise-grade cloud and SaaS platforms
Bachelor's degree in Information Security, Computer Science, Technology or related field
Relevant security certifications (e.g., CISSP, CISM, CCSK, CCSP or similar)
Proven ability to design security reference architectures and implement customer platform security controls and technologies (IAM, API security, encryption/key management, logging/monitoring and others)
Hands-on experience with modern security technologies and tooling across cloud and application security
Benefits
Base Compensation Band: $190K - $260K. Base salary offered is determined by a number of factors including the candidate’s experience, qualifications, and skills
This Base Compensation pay range applies to our New York City located staff and may differ according to location.
Compensation: Competitive salary with a meaningful stake in the company via equity, and 401k plan
Health & well-being: We’ll invest in your physical and mental well-being with comprehensive medical, dental, & vision benefits
Commuter benefits: We offer pre-tax deductions for public transportation, rideshare services, and parking expenses to make your commute more affordable and convenient
Grow together: Company wide orientation for you to successfully onboard and other learning & development opportunities including regular review cycles that feature 360 degree feedback
Play together: Quarterly budgets for team and company outings. Use it for team swag, cooking classes, or team dinners!
Generous time off: Flexible paid time off, sick days, and 11 company holidays
Baby bonding time!: 12 weeks off for both birthing and non-birthing parents - fully paid so you can focus your energy on your newest addition
Throughout the interview process, please remember that emails will only be from valon.com email addresses. We will never ask for any personally identifiable information during the interview process itself. Please reach out to talent@valon.com if you have any requests to verify the authenticity of an outreach.
Valon is an equal opportunity employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. Valon makes hiring decisions based solely on qualifications, merit, and business needs at the time.
To apply: https://weworkremotely.com/remote-jobs/valon-tech-staff-product-security-engineer-customer-platform
Designs, implements, and maintains security measures to protect systems, networks, and SaaS products through vulnerability management, incident response, and security operations.
At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
So, what’s the role all about?
The ideal candidate will be responsible for designing, implementing, and maintaining security measures to protect our organization’s computer systems, networks, and SaaS products. This role requires a hands-on approach to identifying vulnerabilities, implementing solutions, and staying abreast of the latest security trends and technologies. The Senior Information Security Engineer will collaborate closely with cross-functional teams to ensure the confidentiality, integrity, and availability of our systems and data.
How will you make an impact?
Have you got what it takes?
You will have an advantage if you also have:
What’s in it for you?
Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!
Enjoy NICE-FLEX!
At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere.
About NICE
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud and digital, NICE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.
NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.
Requisition ID: 10996
Reporting into: Damon Hefner, Manager Information Security
Role Type: Individual Contributor
About NiCE
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.
NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.
Leads ServiceNow security operations and risk management implementations, provides technical leadership and pre-sales consulting on cybersecurity solutions for enterprise clients.
Tech native for over 30 years, Devoteam guides businesses through sustainable digital transformation to deliver value.
With over 11,000 tech architects in more than 25 countries across Europe, the Middle East, and Africa, Devoteam is committed to using technology to serve people.
Devoteam has been a ServiceNow Elite Partner since 2019. In 2026, it was recognised as ServiceNow Partner of the Year for the fourth consecutive year.
Looking to take your IT security consulting career to the next level? Our ServiceNow Cyber & Risk team is seeking a Consultant with an innovative, can-do attitude and a passion for making a difference. You’ll be based in our Prague office and work with global companies from across Europe.
With us, you’ll have the chance to do the job of your dreams - the one you didn’t even know you wanted yet. Here’s what you can expect:
Qualifications
You will be a great fit for this role if you have…
Want to be head of the pack? We’d definitely welcome…
What will you get apart from the salary?
Moreover, we offer:
And last but not least, you can rely on:
Benefits:
Moreover, we offer:
And last but not least, you can rely on:
Implements and administers information security tools, manages security incidents, conducts analysis, and ensures compliance with regulatory requirements.
At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
The Information Security Engineer will assist in implementing and administering initiatives implemented by InfoSec, including security initiatives mandated by regulatory and compliance requirements. This position will be responsible for ensuring that regular housekeeping activities are performed to maintain and monitor processes and systems.
The role ensures that both Corporate and Production services are managed according to company policies, processes, and compliance and regulatory requirements.
Learn more about the Benefits at NICE
Join an ever-growing, market-disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime, and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud, and digital, NICE is consistently recognized as the market leader, with over 8,500 employees across 30+ countries.
NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation, or any other category protected by law.
#LI-Hybrid
Requisition ID: 10994 Reporting into: Manager, Information Security, CX
Role Type: Individual Contributor
About NiCE
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.
NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.
Implements and administers security initiatives, manages security tools, responds to incidents, and ensures compliance with regulatory requirements.
At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
The Information Security Engineer will assist in implementing and administering initiatives implemented by InfoSec, including security initiatives mandated by regulatory and compliance requirements. This position will be responsible for ensuring that regular housekeeping activities are performed to maintain and monitor processes and systems.
The role ensures that both Corporate and Production services are managed according to company policies, processes, and compliance and regulatory requirements.
Learn more about the Benefits at NICE
Join an ever-growing, market-disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime, and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud, and digital, NICE is consistently recognized as the market leader, with over 8,500 employees across 30+ countries.
NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation, or any other category protected by law.
#LI-Hybrid
Requisition ID: 10995 Reporting into: Manager, Information Security, CX
Role Type: Individual Contributor
About NiCE
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.
NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.
Ensures compliance with information security frameworks, conducts internal audits, and supports cybersecurity operations and incident response activities.
At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
So, what’s the role all about?
The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also contributing to Cybersecurity Operations Center (CSOC) activities, including incident monitoring and response.
How will you make an impact?
Have you got what it takes?
Strong expertise in audit and compliance frameworks, including ISO 27001, ISO 27701, ISO 42001, GDPR, DORA, Cyber Essentials, and Cyber Essentials Plus.
Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions.
Hands-on experience in internal and external audits, compliance assessments, and process improvement.
Basic understanding of incident response frameworks and cybersecurity best practices.
Exceptional analytical, organizational, and communication skills.
Commitment to continuous learning and professional development in audit, compliance, and security.
You will have an advantage if you also have:
A Master’s degree in Cybersecurity, Risk Management, or related fields is a plus.
Certifications (preferred or required):
Certified Information Systems Auditor (CISA)
Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
ISO 27001 Lead Auditor or Implementer
Cyber Essentials Assessor (or equivalent)
GIAC certifications (e.g., GIAC Certified Incident Handler - GCIH or GIAC Security Essentials - GSEC)
What’s in it for you?
Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!
Enjoy NICE-FLEX!
At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere.
About NICE
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud and digital, NICE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.
NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.
Requisition ID: 10993
Reporting into: Director Information
Role Type: Individual Contributor
About NiCE
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.
NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.
Senior Security Engineer designs and deploys security infrastructure changes, builds SIEM detections, investigates incidents, and leads corporate IT security programs across identity, endpoint, and cloud systems.
We are looking for a Senior Security Engineer to join the SecOps team at Doctolib.
Your mission will be to protect the infrastructure, identities, devices and platform that millions of patients and hundreds of thousands of health professionals rely on every day. You will work hands-on across the full corporate IT security perimeter (identity, endpoint, SaaS, network and cloud) in a highly regulated environment (HDS, ISO 27001, C5) where security directly impacts patient safety and trust in the healthcare system.
Working in the tech team at Doctolib means building innovative products and features to improve the daily lives of care teams and patients.
Your responsibilities include but are not limited to:
Before you read on: if you don’t have the exact profile described below, but you feel this job description matches your skill set, we still encourage you to apply.
You’ll be a great fit if you:
It would be fantastic if you:
Want to learn more about our tech culture and environment? Visit the Doctolib Tech site .
We want your experience to be clear, respectful, and transparent. Learn more about our hiring process on our candidate experience page.
At Doctolib, we are committed to improving access to healthcare for everyone. This translates into our recruitment process. We evaluate candidates based solely on qualifications and motivation, without any form of discrimination.
The more diverse ideas are heard, the more our product will truly improve healthcare for all. You are welcome to apply to Doctolib, regardless of your gender, religion, age, sexual orientation, ethnicity, or disability.
To ensure equal opportunities, we invite you to exclude personal information (e.g., pictures, age) from your applications. If you require any accommodation, please let us know for support during the hiring process.
Join us in building the healthcare we all dream of!
All information provided is processed by Doctolib for application management. For data processing details, click here: France . Please contact hr.dataprivacy(at)doctolib.com for inquiries or to exercise your rights.
Implements and administers security initiatives, manages security tools like SIEM and endpoint protection, and responds to security incidents while ensuring compliance with regulatory requirements.
At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
The Information Security Engineer will assist in implementing and administering initiatives implemented by InfoSec, including security initiatives mandated by regulatory and compliance requirements. This position will be responsible for ensuring that regular housekeeping activities are performed to maintain and monitor processes and systems.
The role ensures that both Corporate and Production services are managed according to company policies, processes, and compliance and regulatory requirements.
Learn more about the Benefits at NICE
Join an ever-growing, market-disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime, and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud, and digital, NICE is consistently recognized as the market leader, with over 8,500 employees across 30+ countries.
NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation, or any other category protected by law.
#LI-Hybrid
Requisition ID: 10994 Reporting into: Manager, Information Security, CX
Role Type: Individual Contributor
About NiCE
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.
NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.
Implements and administers security initiatives, manages security tools like SIEM and endpoint protection, responds to incidents, and ensures compliance with regulatory requirements.
At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
The Information Security Engineer will assist in implementing and administering initiatives implemented by InfoSec, including security initiatives mandated by regulatory and compliance requirements. This position will be responsible for ensuring that regular housekeeping activities are performed to maintain and monitor processes and systems.
The role ensures that both Corporate and Production services are managed according to company policies, processes, and compliance and regulatory requirements.
Learn more about the Benefits at NICE
Join an ever-growing, market-disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime, and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud, and digital, NICE is consistently recognized as the market leader, with over 8,500 employees across 30+ countries.
NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation, or any other category protected by law.
#LI-Hybrid
Requisition ID: 10995 Reporting into: Manager, Information Security, CX
Role Type: Individual Contributor
About NiCE
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.
NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.
Conducts internal audits, manages compliance with security frameworks (ISO 27001, GDPR, DORA), and supports incident monitoring and response activities.
At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.
So, what’s the role all about?
The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also contributing to Cybersecurity Operations Center (CSOC) activities, including incident monitoring and response.
How will you make an impact?
Have you got what it takes?
Strong expertise in audit and compliance frameworks, including ISO 27001, ISO 27701, ISO 42001, GDPR, DORA, Cyber Essentials, and Cyber Essentials Plus.
Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions.
Hands-on experience in internal and external audits, compliance assessments, and process improvement.
Basic understanding of incident response frameworks and cybersecurity best practices.
Exceptional analytical, organizational, and communication skills.
Commitment to continuous learning and professional development in audit, compliance, and security.
You will have an advantage if you also have:
A Master’s degree in Cybersecurity, Risk Management, or related fields is a plus.
Certifications (preferred or required):
Certified Information Systems Auditor (CISA)
Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
ISO 27001 Lead Auditor or Implementer
Cyber Essentials Assessor (or equivalent)
GIAC certifications (e.g., GIAC Certified Incident Handler - GCIH or GIAC Security Essentials - GSEC)
What’s in it for you?
Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!
Enjoy NICE-FLEX!
At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere.
About NICE
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud and digital, NICE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.
NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.
Requisition ID: 10993
Reporting into: Director Information
Role Type: Individual Contributor
About NiCE
NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.
Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.
NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.
Designs and develops red team security labs and content, researching offensive security techniques and AI-driven attacks to train users on cyber resilience.
A platform you can believe in: Immersive One is the leading cyber resilience solution across the globe.
Build and scale a best in class platform alongside a team of the brightest minds in cybersecurity! At Immersive, we’re uniquely positioned to future-proof organizations against any cyber challenge. If that excites you, read on!
Immersive helps prove and improve your cyber resilience, by simulating real-world threats, testing your skills, and measuring performance. We put your readiness to the ultimate test. From sharpening technical capabilities to making high-pressure decisions, our platform allows you to assess every angle, pinpoint areas for growth, and prove your ability to tackle evolving threats with unwavering confidence.
https://www.immersivelabs.com/why-immersive-labs
Immersive was founded in 2017, from a cargo container in Bristol, UK we’ve grown to over 300 employees globally, announced funding of more than £150 million and been voted a Best place to work on multiple occasions!
https://www.immersivelabs.com/company/our-story
Cyber Security Engineer - Red Team
Immersive is hiring! Could you be our next Cyber Security Engineer?
Due to customer demand and increasing maturity within our platform we have an exciting and challenging opportunity for an experienced cyber professional within the offensive security sector - with expertise in conducting red team engagements - to join our Product team as Cyber Security Engineer - Red Team.
If successful you will join our Cyber team working closely with our Cyber Team Leads as we embark on this exciting new phase of product development within our market leading cyber resilience platform.
This isn’t an ordinary red team role - we know everyone claims this and will tell you their role is super unique…but this one really is.
You are constantly researching, learning, totally geeking out on all things offensive security related, from red teaming, to the latest AI driven attacks, and then taking that knowledge and creating labs and ranges.
You will be a key player in our Red Team Content team, shaping and influencing the roll out of our offensive security and AI pen test content roadmap, simulating attack paths and helping train our users to counter the latest threats.
You will be educating the world of offensive security professionals on how to make sure they are secure in what they do. Now that is a pretty cool legacy to leave behind.
Your mission (if you choose to accept it) is to evolve and disrupt within the Red Team space by creating emulated environments within our platform that will simulate both hacking and defending in an engaging and intuitive way for our community.
You will design, build and deliver practical and theory content to gamify offensive security and make it engaging and fun for the end user. You’ll shake up traditional training and teach complex concepts in an innovative way.
If you have an interest in and passion for cyber security, are experienced in the area of offensive security, and want to disrupt how employees build their resilience against the latest threats we will appreciate your input and give you the space to innovate within our market leading platform, Immersive One.
Your main responsibilities (we’re scaling fast, so these may change as we grow):
Utilising knowledge of pen test and red teaming engagements and techniques to plan, write and improve offensive security labs, challenges and online learning content on the Immersive One platform.
Produce multi-format content utilising various teaching methods; practical exercises, questions & gamification
Test Red Team labs and ranges to ensure they function as expected
Research vulnerabilities, tools and offensive tactics and compile this research to deliver practical and theory labs to users
Compile technical research into understandable concise content for both technical and non-technical audience
Work with the wider Product team on new projects and product innovations and how best to deploy them
Sounds good? We’d love to hear from you if you have proven experience in the following areas:
A number of years of experience working in offensive security as a penetration tester or as a Offensive Security Consultant
In-depth knowledge of the MITRE ATT&CK framework and how it is used to help enterprises deal with threats to their organisation.
Have a strong technical understanding of networking, computing and cyber security concepts
Have the ability to use examples and analogies to simplify complex subjects - your content will train real world users to identify and combat the latest threats so you need to be able to inhabit the mindset of your target audience to create realistic simulations
Familiarity with Linux, Docker and Python would be beneficial
Attitude and approach is just as important as technical skills for this role - you will be someone who enjoys tackling complex problems and finding the solution. You’ll be a natural problem solver and ‘tinkerer’ who enjoys prototyping and iteration.
Immersive’s growth has been fuelled by our values that underpin everything we do, here’s how they relate to this role:
Driven - We push the boundaries of innovation, acting swiftly to achieve ambitious outcomes. Our drive embodies a culture of ambition, where challenges are stepping stones to excellence.
Inclusive - Our strength lies in diversity, fostering a culture where every individual contributes to our collective strength. We champion open dialogue and empathy, ensuring a collaborative, inclusive workplace.
Customer Centric - We seek to develop deep relationships with our customers to help them achieve their business outcomes. We exceed our customers and partners’ expectations by crafting products, services and experiences that surprise, delight and ensure they feel valued and supported every day.
One Team - We are a talented global team working together to achieve our vision. Central to our ethos, resilience means adapting and thriving in adversity. It guides our innovation, ensuring we and our clients are prepared for the future.
We encourage people of all different backgrounds and identities to apply. We are committed to maintaining an inclusive, supportive place for you to be you and do your very best work. Excited by the above? We’re ready to receive your application!
As well as an inclusive, supportive place for you to be you. We offer an extensive range of benefits so you can do your very best work:
Time off, flexible and remote working so you can work when is best for you, includes 25 days annual leave + 2 volunteering days and your birthday off
The longer you are with Immersive, the more holiday days you get, up to a maximum of 30 days after five years of service
Look after your family and yourself with enhanced parental leave, mindfulness groups, critical illness cover, 7% matched pension, private healthcare plan and more
Career and learning development through the platform, a dedicated professional development fund and our ‘Learn Anything’ fund - which enables you to learn anything that’s not work!
Recognition & Rewards for doing great work and living our values and behaviours
Informal or formal flexible working options, e.g. flexible start and finish times, reduced hours
We have a vibrant team culture with team events throughout the year. Our socials have included everything from pottery painting and paper mask making, to dungeons and dragons!
When you do visit the UK hub, getting there is easy: we’re based in the centre of Bristol, just a 10 minute walk from the train station. We also offer railcard loan and cycle scheme to buy a new bike
Find out more about life at Immersive Labs https://careers.immersivelabs.com
Cyber threats wait for no one and neither should you. Apply now!
If you would like to read more about what you can expect from our recruitment process, you can visit our dedicated interview process page.
Develops offensive security content and red team labs for a cyber resilience platform, researching attack vectors and creating training simulations.
A platform you can believe in: Immersive One is the leading cyber resilience solution across the globe.
Build and scale a best in class platform alongside a team of the brightest minds in cybersecurity! At Immersive, we’re uniquely positioned to future-proof organizations against any cyber challenge. If that excites you, read on!
Immersive helps prove and improve your cyber resilience, by simulating real-world threats, testing your skills, and measuring performance. We put your readiness to the ultimate test. From sharpening technical capabilities to making high-pressure decisions, our platform allows you to assess every angle, pinpoint areas for growth, and prove your ability to tackle evolving threats with unwavering confidence.
https://www.immersivelabs.com/why-immersive-labs
Immersive was founded in 2017, from a cargo container in Bristol, UK we’ve grown to over 300 employees globally, announced funding of more than £150 million and been voted a Best place to work on multiple occasions!
https://www.immersivelabs.com/company/our-story
Cyber Security Engineer - Red Team
Immersive is hiring! Could you be our next Cyber Security Engineer?
Due to customer demand and increasing maturity within our platform we have an exciting and challenging opportunity for an experienced cyber professional within the offensive security sector - with expertise in conducting red team engagements - to join our Product team as Cyber Security Engineer - Red Team.
If successful you will join our Cyber team working closely with our Cyber Team Leads as we embark on this exciting new phase of product development within our market leading cyber resilience platform.
This isn’t an ordinary red team role - we know everyone claims this and will tell you their role is super unique…but this one really is.
You are constantly researching, learning, totally geeking out on all things offensive security related, from red teaming, to the latest AI driven attacks, and then taking that knowledge and creating labs and ranges.
You will be a key player in our Red Team Content team, shaping and influencing the roll out of our offensive security and AI pen test content roadmap, simulating attack paths and helping train our users to counter the latest threats.
You will be educating the world of offensive security professionals on how to make sure they are secure in what they do. Now that is a pretty cool legacy to leave behind.
Your mission (if you choose to accept it) is to evolve and disrupt within the Red Team space by creating emulated environments within our platform that will simulate both hacking and defending in an engaging and intuitive way for our community.
You will design, build and deliver practical and theory content to gamify offensive security and make it engaging and fun for the end user. You’ll shake up traditional training and teach complex concepts in an innovative way.
If you have an interest in and passion for cyber security, are experienced in the area of offensive security, and want to disrupt how employees build their resilience against the latest threats we will appreciate your input and give you the space to innovate within our market leading platform, Immersive One.
Your main responsibilities (we’re scaling fast, so these may change as we grow):
Utilising knowledge of pen test and red teaming engagements and techniques to plan, write and improve offensive security labs, challenges and online learning content on the Immersive One platform.
Produce multi-format content utilising various teaching methods; practical exercises, questions & gamification
Test Red Team labs and ranges to ensure they function as expected
Research vulnerabilities, tools and offensive tactics and compile this research to deliver practical and theory labs to users
Compile technical research into understandable concise content for both technical and non-technical audience
Work with the wider Product team on new projects and product innovations and how best to deploy them
Sounds good? We’d love to hear from you if you have proven experience in the following areas:
A number of years of experience working in offensive security as a penetration tester or as a Offensive Security Consultant
In-depth knowledge of the MITRE ATT&CK framework and how it is used to help enterprises deal with threats to their organisation.
Have a strong technical understanding of networking, computing and cyber security concepts
Have the ability to use examples and analogies to simplify complex subjects - your content will train real world users to identify and combat the latest threats so you need to be able to inhabit the mindset of your target audience to create realistic simulations
Familiarity with Linux, Docker and Python would be beneficial
Attitude and approach is just as important as technical skills for this role - you will be someone who enjoys tackling complex problems and finding the solution. You’ll be a natural problem solver and ‘tinkerer’ who enjoys prototyping and iteration.
Immersive’s growth has been fuelled by our values that underpin everything we do, here’s how they relate to this role:
Driven - We push the boundaries of innovation, acting swiftly to achieve ambitious outcomes. Our drive embodies a culture of ambition, where challenges are stepping stones to excellence.
Inclusive - Our strength lies in diversity, fostering a culture where every individual contributes to our collective strength. We champion open dialogue and empathy, ensuring a collaborative, inclusive workplace.
Customer Centric - We seek to develop deep relationships with our customers to help them achieve their business outcomes. We exceed our customers and partners’ expectations by crafting products, services and experiences that surprise, delight and ensure they feel valued and supported every day.
One Team - We are a talented global team working together to achieve our vision. Central to our ethos, resilience means adapting and thriving in adversity. It guides our innovation, ensuring we and our clients are prepared for the future.
We encourage people of all different backgrounds and identities to apply. We are committed to maintaining an inclusive, supportive place for you to be you and do your very best work. Excited by the above? We’re ready to receive your application!
As well as an inclusive, supportive place for you to be you. We offer an extensive range of benefits so you can do your very best work:
Time off, flexible and remote working so you can work when is best for you, includes 25 days annual leave + 2 volunteering days and your birthday off
The longer you are with Immersive, the more holiday days you get, up to a maximum of 30 days after five years of service
Look after your family and yourself with enhanced parental leave, mindfulness groups, critical illness cover, 7% matched pension, private healthcare plan and more
Career and learning development through the platform, a dedicated professional development fund and our ‘Learn Anything’ fund - which enables you to learn anything that’s not work!
Recognition & Rewards for doing great work and living our values and behaviours
Informal or formal flexible working options, e.g. flexible start and finish times, reduced hours
We have a vibrant team culture with team events throughout the year. Our socials have included everything from pottery painting and paper mask making, to dungeons and dragons!
When you do visit the UK hub, getting there is easy: we’re based in the centre of Bristol, just a 10 minute walk from the train station. We also offer railcard loan and cycle scheme to buy a new bike
Find out more about life at Immersive Labs https://careers.immersivelabs.com
Cyber threats wait for no one and neither should you. Apply now!
If you would like to read more about what you can expect from our recruitment process, you can visit our dedicated interview process page.
Designs and develops red team security labs and simulations, researching offensive security techniques to train users on threat detection and response.
A platform you can believe in: Immersive One is the leading cyber resilience solution across the globe.
Build and scale a best in class platform alongside a team of the brightest minds in cybersecurity! At Immersive, we’re uniquely positioned to future-proof organizations against any cyber challenge. If that excites you, read on!
Immersive helps prove and improve your cyber resilience, by simulating real-world threats, testing your skills, and measuring performance. We put your readiness to the ultimate test. From sharpening technical capabilities to making high-pressure decisions, our platform allows you to assess every angle, pinpoint areas for growth, and prove your ability to tackle evolving threats with unwavering confidence.
https://www.immersivelabs.com/why-immersive-labs
Immersive was founded in 2017, from a cargo container in Bristol, UK we’ve grown to over 300 employees globally, announced funding of more than £150 million and been voted a Best place to work on multiple occasions!
https://www.immersivelabs.com/company/our-story
Cyber Security Engineer - Red Team
Immersive is hiring! Could you be our next Cyber Security Engineer?
Due to customer demand and increasing maturity within our platform we have an exciting and challenging opportunity for an experienced cyber professional within the offensive security sector - with expertise in conducting red team engagements - to join our Product team as Cyber Security Engineer - Red Team.
If successful you will join our Cyber team working closely with our Cyber Team Leads as we embark on this exciting new phase of product development within our market leading cyber resilience platform.
This isn’t an ordinary red team role - we know everyone claims this and will tell you their role is super unique…but this one really is.
You are constantly researching, learning, totally geeking out on all things offensive security related, from red teaming, to the latest AI driven attacks, and then taking that knowledge and creating labs and ranges.
You will be a key player in our Red Team Content team, shaping and influencing the roll out of our offensive security and AI pen test content roadmap, simulating attack paths and helping train our users to counter the latest threats.
You will be educating the world of offensive security professionals on how to make sure they are secure in what they do. Now that is a pretty cool legacy to leave behind.
Your mission (if you choose to accept it) is to evolve and disrupt within the Red Team space by creating emulated environments within our platform that will simulate both hacking and defending in an engaging and intuitive way for our community.
You will design, build and deliver practical and theory content to gamify offensive security and make it engaging and fun for the end user. You’ll shake up traditional training and teach complex concepts in an innovative way.
If you have an interest in and passion for cyber security, are experienced in the area of offensive security, and want to disrupt how employees build their resilience against the latest threats we will appreciate your input and give you the space to innovate within our market leading platform, Immersive One.
Your main responsibilities (we’re scaling fast, so these may change as we grow):
Utilising knowledge of pen test and red teaming engagements and techniques to plan, write and improve offensive security labs, challenges and online learning content on the Immersive One platform.
Produce multi-format content utilising various teaching methods; practical exercises, questions & gamification
Test Red Team labs and ranges to ensure they function as expected
Research vulnerabilities, tools and offensive tactics and compile this research to deliver practical and theory labs to users
Compile technical research into understandable concise content for both technical and non-technical audience
Work with the wider Product team on new projects and product innovations and how best to deploy them
Sounds good? We’d love to hear from you if you have proven experience in the following areas:
A number of years of experience working in offensive security as a penetration tester or as a Offensive Security Consultant
In-depth knowledge of the MITRE ATT&CK framework and how it is used to help enterprises deal with threats to their organisation.
Have a strong technical understanding of networking, computing and cyber security concepts
Have the ability to use examples and analogies to simplify complex subjects - your content will train real world users to identify and combat the latest threats so you need to be able to inhabit the mindset of your target audience to create realistic simulations
Familiarity with Linux, Docker and Python would be beneficial
Attitude and approach is just as important as technical skills for this role - you will be someone who enjoys tackling complex problems and finding the solution. You’ll be a natural problem solver and ‘tinkerer’ who enjoys prototyping and iteration.
Immersive’s growth has been fuelled by our values that underpin everything we do, here’s how they relate to this role:
Driven - We push the boundaries of innovation, acting swiftly to achieve ambitious outcomes. Our drive embodies a culture of ambition, where challenges are stepping stones to excellence.
Inclusive - Our strength lies in diversity, fostering a culture where every individual contributes to our collective strength. We champion open dialogue and empathy, ensuring a collaborative, inclusive workplace.
Customer Centric - We seek to develop deep relationships with our customers to help them achieve their business outcomes. We exceed our customers and partners’ expectations by crafting products, services and experiences that surprise, delight and ensure they feel valued and supported every day.
One Team - We are a talented global team working together to achieve our vision. Central to our ethos, resilience means adapting and thriving in adversity. It guides our innovation, ensuring we and our clients are prepared for the future.
We encourage people of all different backgrounds and identities to apply. We are committed to maintaining an inclusive, supportive place for you to be you and do your very best work. Excited by the above? We’re ready to receive your application!
As well as an inclusive, supportive place for you to be you. We offer an extensive range of benefits so you can do your very best work:
Time off, flexible and remote working so you can work when is best for you, includes 25 days annual leave + 2 volunteering days and your birthday off
The longer you are with Immersive, the more holiday days you get, up to a maximum of 30 days after five years of service
Look after your family and yourself with enhanced parental leave, mindfulness groups, critical illness cover, 7% matched pension, private healthcare plan and more
Career and learning development through the platform, a dedicated professional development fund and our ‘Learn Anything’ fund - which enables you to learn anything that’s not work!
Recognition & Rewards for doing great work and living our values and behaviours
Informal or formal flexible working options, e.g. flexible start and finish times, reduced hours
We have a vibrant team culture with team events throughout the year. Our socials have included everything from pottery painting and paper mask making, to dungeons and dragons!
When you do visit the UK hub, getting there is easy: we’re based in the centre of Bristol, just a 10 minute walk from the train station. We also offer railcard loan and cycle scheme to buy a new bike
Find out more about life at Immersive Labs https://careers.immersivelabs.com
Cyber threats wait for no one and neither should you. Apply now!
If you would like to read more about what you can expect from our recruitment process, you can visit our dedicated interview process page.
Designs, implements, and maintains cloud security infrastructure and strategies for a software platform company.
