Cloud Security Engineer
Secures multi-cloud infrastructure (AWS, Azure, GCP, OCI) with emphasis on Kubernetes hardening, IAM enforcement, CSPM using Wiz, and IaC security. Requires 5+ years experience, deep AWS and Kubernetes security expertise.
Threat Analyst
Analyzes software supply chain threats using AI scanners, conducts malware analysis and threat hunting, builds automation tools, and integrates research into products to protect open source ecosystems. Requires 3+ years in security operations and master's degree.
126k – 170kUnited StatesSecurity EngineeringRemote3+ YOE
About the role
What You'll Do
- Analyze numerous unique threats daily, maintaining a standard of quality that sets the industry benchmark for supply chain security.
- Author high-impact technical blog posts on malicious open source code packages and extensions, and publish deep-dive research pieces on malicious campaigns, threat actor profiles, novel attack vectors, and ecosystem-wide trends.
- Design and build automated scripts and tools to streamline malware analysis, enhancing our data collection, threat analysis, and threat hunting workflows.
- Partner with our engineering team to integrate your research into our core product, turning manual insights into scalable, real-time protection.
- Leverage expertise in open source software ecosystems to enhance security across package registries, browser extensions (Chrome/VS Code), and proactively monitor GitHub/GitLab for emerging malicious campaigns.
- Track APT (Advanced Persistent Threat) adversaries, characterizing various TTPs (Tactics, Techniques, and Procedures), capabilities, infrastructure, and campaigns.
What You'll Bring
Required:
- 3+ years of work experience and a master’s degree in computer science, engineering, or a related field (or equivalent experience).
- Technical experience across several areas of security operations, including investigations, incident response and management, digital forensics, malware analysis, reverse engineering, threat intelligence, threat hunting, and detection engineering.
- Excellent communication skills and the ability to assess the relevance and impact of threats.
- Experience building tools for automation, data collection, and threat hunting.
- Passion for open source and code.
Preferred:
- Familiarity with TypeScript/JavaScript and/or other programming languages and ecosystems protected by Socket.
- Experience leveraging LLMs or AI-based tools for threat detection.
Benefits
- Market competitive salary bands
- Meaningful equity program
- Comprehensive health benefits for you and your family
- Flexible time-off, holidays, and winter shutdown to rest & recharge
- Paid parental leave
- Remote-first, with quarterly team off-sites
Skills
Malware AnalysisReverse EngineeringThreat IntelligenceThreat HuntingDigital ForensicsIncident ResponseDetection EngineeringTypeScriptJavaScriptLLMsAi-Based ToolsAutomation ScriptingGitHubGitLab
Similar roles
Security Engineering jobsProduct Security Engineer
Embeds security into product design and development lifecycle by analyzing architectures, conducting threat modeling and assessments, maturing vulnerability management, and guiding developers on secure practices. Requires 5+ years in product/application security with expertise in cloud, containers, and automation tools.
Security Engineer, Research & Engineering
Designs and builds security tools and frameworks in Rust, C++, Python for AI/ML, compilers, and low-level systems. Contributes to open-source, performs code reviews, and communicates findings via blogs and presentations.
Corporate Security Lead
Builds and leads corporate IT security operations including helpdesk, endpoint management, SIEM deployment, and team hiring for a space communications company. Requires 5+ years in IT/security/DevSecOps, hands-on tools like Okta and AWS, and compliance knowledge.
Security Software Engineer II, Security Operations
Builds and improves security tooling, automations, and workflows for Security Operations at Pinterest. Partners with engineering teams on cloud security, access management, and infrastructure using AWS, Terraform, and AI-assisted development. Requires cloud/security engineering experience and bachelor's degree.