This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description We are seeking a seasoned Application Security Engineer to help us secure our products and platform that serve our Fortune 500 customers. In this pivotal role, you will be working in close partnership with our engineering teams, ensuring that everything they build holds up to our security standards. While your primary focus will be application security, you are joining a small, elite team, and as such you will also work cross-domain, including working with MDM, or talking with customers directly. What You'll Do - Stay ahead of engineering: review code, architecture, design, anything that’s being considered for release - Guide features and designs toward security - Provide hands-on manual pentesting on relevant code changes - Build and maintain security tooling to ensure security scales with organization - Advise the DevOps team on infrastructure security best practices - Help out with client-facing security needs, such as client calls Qualifications - Proven experience securing products & platforms, collaborating with development teams - Strong expertise in application security: OWASP Top 10, threat modeling, code reviews, architecture design - Proficiency with AI tooling, as part of your day-to-day activities - Solid understanding of AI itself, including AI threats, adversarial testing - Familiarity with AWS and infrastructure security overall - Be comfortable writing and reviewing Python and TypeScript, with other coding experience a plus - Experience with incident response and SOC processes - Knowledge of compliance frameworks: SOC 2, ISO 27001, NIST - Experience with enterprise security processes, such as security questionnaires and client calls - We don’t expect candidates to have deep expertise in every area; strength in application security with curiosity and adaptability across adjacent domains is key What You'll Get - Ownership & Rapid Growth - Outsized missions from day one, with direct responsibility for company-defining projects - Work alongside the executive team with transparency into strategy and decision-making - Influence on direction through real-time customer feedback and market insights - AI-First Operator - Work directly with cutting-edge AI models and next-generation platforms - Build expertise in enterprise AI implementation across Fortune 500 companies and multiple industries - Establish yourself as a recognized leader among peers in shaping how AI transforms work at a global scale Compensation - Competitive salary including base + bonuses - Comprehensive health coverage (medical, dental, vision) from day one - Generous PTO, company-wide R&R shutdowns, and paid parental leave - Retirement plan support for US and global employees - A WFH stipend, phone stipend and support to work in a We Work or other space as preferred. Equity - Meaningful ownership in a venture-backed company at a growth inflection point - Financial upside that comes from scaling fast - Top-up grants as we scale and you deliver exceptional performance — your compensation grows alongside your impact Location and Work Environment - We’re looking for a candidate that can fully support our team in ET time zone (e.g. Toronto, NYC). - While we’re open to candidates from other areas, they need to be generally available during Eastern Time working hours. - Have valid travel documents without work authorization restrictions in the US. Diversity and Inclusion We are dedicated to creating a diverse and inclusive environment where everyone feels valued and supported. We encourage applications from candidates of all backgrounds and offer accommodations upon request throughout the hiring process. Employment Verification & Commitment We use third-party services to verify employment history, education, and other information relevant to your candidacy. Employment is contingent upon the successful completion of these verification checks. This is a full-time role that requires a high level of focus, availability, and commitment. Employees may not hold concurrent full-time employment with another organization while employed at Valence.

• Serve as an escalation point for SOC/EDR/XDR alerts and suspected security incidents. • Automate and optimize Incident Response procedures with PowerShell, Python, and scripted API calls. • Write custom detection rules in EDR platforms such as CrowdStrike, SentinelOne, and Microsoft Defender. • Test and deploy EDR agent updates. • Evaluate and implement endpoint and endpoint adjacent security solutions. • Document Incident Response procedures and cross-train technical personnel on those procedures. • Participate in penetration testing and tabletop Incident Response exercises. • Produce and improve security dashboards and reports. • Maintain solution and procedure documentation. • Collaborate with IT, Infrastructure, and Cloud teams to implement secure endpoint configurations and controls. • Identify gaps in endpoint security coverage and recommend remediation or enhancements. • Support vulnerability remediation and endpoint hardening initiatives. • Participate in an on-call rotation, being reachable 24/7 during assigned on-call periods, one week per month. • Coordinate with SOC and IT teams to investigate and resolve high-priority endpoint security incidents during on-call periods.

• Design, deliver, and oversee online courses across Business Administration, Information Technology, Cybersecurity, and related disciplines. • Mentor adjunct faculty, staff, and other program stakeholders. • Participate in service to the discipline and the institution, both internally and externally. • Model professional and collegial behavior that cultivates mutual respect, trust, transparent communication, and appropriate confidentiality with faculty peers, staff, and university leadership. • Other projects as agreed with and assigned by the Dean.

• Define and execute enterprise strategies for Log Management, SIEM, and AI-driven automation. • Lead the end-to-end lifecycle (from design to deployment) of automated workflows, SOAR playbooks, and response scripts. • Oversee the testing, validation, and continuous tuning of security controls. • Drive cross-functional collaboration with DevOps and IT teams to embed security automation best practices. • Establish and track Key Performance Indicators (KPIs) and operational metrics to quantify program efficacy.