About Us Turnkey is developer-first infrastructure for private key management, making it simple to create wallets, sign transactions, and automate on-chain actions through one elegant API, without ever exposing sensitive key material. Founded by the team who scaled Coinbase Custody from zero to a $100M+ ARR business and helped protect over $100B in crypto assets, Turnkey is tackling crypto security at its foundational level. Our mission is to make strong cryptography the default across the open internet the same way AWS made scalable computing the default for software. Our team is low-ego, high-agency, and high-autonomy, with a significant amount of combined experience in cryptography, security, and low-level systems. We're building the trustless, programmable infrastructure that will power the next wave of mass-market crypto applications and we're looking for people who want to shape what that future looks like. Role Overview We are hiring a Senior Application Security Engineer to join Turnkey's team and help ensure our systems, pipelines, and runtime environments are secure by design and resilient at scale. You'll embed directly with product and infrastructure engineering teams, shaping how security is integrated into every aspect of our architecture. This is a hands-on, builder role ideal for someone who enjoys building secure systems from the ground up. What You’ll Do You will partner with Product and Engineering at both the design and development stage to ensure that we implement new features securely, including (but not limited to): - Participating in the implementation efforts - Doing security reviews - Helping with product design decisions - Auditing and surfacing vulnerabilities in our current products - Conducting threat modeling and security assessments for new features and systems, identifying risks early and shaping secure architectural decisions. - Developing and improving our Automated Tooling: further enhancing our automated tooling to scale our product security capabilities and find potential code problems both before and after we deploy - Making the safe way, the easy way: work on defining and building application guardrails so that developers can build securely by default - Investigating and remediating security issues, including vulnerabilities and incidents, and drive long-term improvements to prevent recurrence - Embedding a culture of secure development across engineering, defining practices that influence how Turnkey builds, deploys, and maintains systems at scale. What We're Looking For - Bachelors degree in Computer Science, Engineering, or a related field - 5+ years of experience in application or product security, ideally in fast-moving, high-impact or crypto-native environments - Strong understanding of web, mobile, and cryptographic security fundamentals (e.g. OWASP Top Ten, SANS/CWE Top 25) - Proficiency in programming and scripting languages (Typescript/Javascript, Go, Rust) and experience building secure systems from the code up - Hands-on experience with security testing tools and methodologies (static/dynamic analysis, pen testing, etc.) - Strong understanding of cloud, containerized, and runtime environments (AWS, GCP, Docker, Kubernetes), with the ability to embed security early in the SDLC - Excellent analytical, problem-solving, and communication skills, with a collaborative mindset for partnering across product and infrastructure teams - Curious, proactive, and passionate about building secure, reliable systems in a fast moving startup environment - A builder mentality; comfortable operating with ambiguity, tackling incomplete systems, and applying hands-on engineering experience to security challenges. Style Points - Familiarity with crypto or DeFi systems and their unique security challenges - Familiarity with threat modeling frameworks and cloud-native security tooling What We Offer - Full benefits, including medical, dental, vision, life, disability, HSA/FSA, 401(k) - detailed benefits overview available as we get further in the process - Paid parental leave - Unlimited PTO - $3,000/yr learning and development budget to attend industry conferences - Multiple team offsites per year - Lunch stipend Turnkey is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other characteristic protected by law. We encourage individuals of all backgrounds to apply. Compensation range $175,000—$275,000 USD

About Us Turnkey is developer-first infrastructure for private key management, making it simple to create wallets, sign transactions, and automate on-chain actions through one elegant API, without ever exposing sensitive key material. Founded by the team who scaled Coinbase Custody from zero to a $100M+ ARR business and helped protect over $100B in crypto assets, Turnkey is tackling crypto security at its foundational level. Our mission is to make strong cryptography the default across the open internet the same way AWS made scalable computing the default for software. Our team is low-ego, high-agency, and high-autonomy, with a significant amount of combined experience in cryptography, security, and low-level systems. We're building the trustless, programmable infrastructure that will power the next wave of mass-market crypto applications and we're looking for people who want to shape what that future looks like. Role Overview We are hiring a Senior Corporate Security Engineer to own and scale the security of Turnkey's corporate infrastructure. This is a foundational role - you'll be the first dedicated corporate security hire, working diectly with the security lead to build enterprise security capabilities from the ground up. In this role, you’ll protect Turnkey’s people, endpoints, SaaS, identity systems, and internal infrastructure, securing our distributed workforce while enabling the team to move quickly without compromising safety. Sitting at the intersection of security engineering, IT operations, and risk management, you’ll design and build security controls that are both robust and user-friendly, ensuring the company remains secure as it scales What You’ll Do - Build & Secure Corporate Infrastructure - Design, implement, and manage security for endpoints and distributed systems; deploy and operate our security stack (MDM, EDR/XDR, ZTNA, SSO); enforce zero-trust principles, least-privilege access, and hardening standards - Drive Security Initiatives & Risk Reduction - Lead initiatives around endpoint hardening, access controls, and vendor risk; conduct security design reviews, risk assessments, and vulnerability remediation; develop and enforce security policies and best practices. - Detection, Response & Automation - Respond to security incidents with urgency and technical depth; collaborate on detection rules, alerts, and monitoring; automate workflows and create runbooks and playbooks to scale security operations efficiently. - Foster Security Culture & Education - Evangelize security best practices, build awareness programs, and partner with teams to embed “secure by default” principles into workflows; serve as a trusted security advisor across the organization. What We're Looking For - 5+ years of experience in corporate and/or enterprise security, IT security, or endpoint security engineering - Hands-on experience with: - MDM Platforms (JAMF, Kandji, Intune, or similar) - EDR/XDR solutions (Cloudstrike, SentinelOne, Microsoft Defender, etc.) - Identity and Access Management (Okta, Azure AD/Entra ID, etc.) - Authentication Protocols (SAML, OAuth, OIDC, SCIM, etc.) - Zero-trust principles (device trust, conditional access, least-privilege models) - Cloud security experience (AWS, GCP) - macOS security expertise (architecture, hardening, and fleet management) - Security-first mindset with practical knowledge of defense-in-depth and risk-based security Style Points - Crypto/web3 or FinTech experience - Detection/response experience: SIEM, log analysis, threat hunting, or SOC operations - Knowledge of modern threat landscape: Adversary TTPs, phishing, insider threats, etc. - Security compliance experience: SOC 2, ISO 27001, or similar frameworks What We Offer - Full benefits, including medical, dental, vision, life, disability, HSA/FSA, 401(k) - detailed benefits overview available as we get further in the process - Paid parental leave - Unlimited PTO - $3,000/yr learning and development budget to attend industry conferences - Multiple team offsites per year - Lunch stipend Turnkey is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other characteristic protected by law. We encourage individuals of all backgrounds to apply. Compensation range $175,000—$275,000 USD

Wraithwatch was founded by security engineers from SpaceX, Palantir, and Anduril to build the next generation of AI-powered cyber defense systems for the United States and its allies. We are deployed today to customers spanning Fortune 500, US Federal Government, commercial nuclear, aerospace, defense, maritime, and other emerging technology companies. Our core product is a cyber defense platform utilizing generative artificial intelligence agents to autonomously model a digital twin of an organization's entire IT and cybersecurity environment and analyze it for weaknesses, misconfigurations, and chains of possible attack. As an offensive security engineer you will not only continuously harden Wraithwatch (the company and product) against advanced threats, you will also teach the system your expert attack tradecraft and have it evolve to execute it on its own. Note: This is not a research position. You will be building and shipping things on the daily with the core product engineers. Basic Qualifications - 5+ years professional experience conducting complex penetration testing assessments in commercial or government environments. - Deep, hands-on understanding of the current landscape of offensive cyber tradecraft (in memory, fileless attacks, beacon object files, malleable C2, modern initial access vectors, emerging EDR bypasses, etc). - Experience implementing or assisting with the implementation of enterprise / corporate security controls such as anti-malware policies, identity and access controls, detection engineering, device management, or similar. - Interest in adapting AI to red teaming / penetration testing use cases. This is a hard requirement. Preferred Qualifications - Interest in modern machine learning or artificial intelligence capabilities, especially emerging subsets of Generative AI such as agentic behavior, tool calling, knowledge graph integration, retrieval augmented generation, etc. - Ability to deal with ambiguity and learn new technologies quickly. Additional Requirements: - Willingness to work extended hours and weekends as needed.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description We are seeking an experienced Palo Alto Network Security Consultant to lead and support critical network security efforts in our client's transition to public cloud infrastructure. This role is a key contributor to two main initiatives: - Migrating Zscaler security policies to Palo Alto firewalls with an emphasis on URL category optimization. - Collaborating with infrastructure and application teams to implement data-center-extension wave rules. Key Responsibilities - Zscaler to Palo Alto Policy Migration - Lead efforts to migrate existing security policies from Zscaler to Palo Alto firewalls, ensuring a seamless transition before the end of the year. - Analyze current URL filtering policies and implement strategies to optimize and conserve URL category usage, specifically to remain within the 500 URL category limit per vsys. - Collaborate with network, security, and cloud teams to align policies with organizational security standards and cloud migration goals. - Develop and maintain detailed documentation of migration processes, configurations, and adjustments. - Data Center Extension Wave Rules Implementation - Partner with infrastructure teams to identify, develop, and implement necessary wave rules required for data center extension to the cloud. - Work closely with application teams to test and validate wave rules, ensuring minimal disruption and performance impact. - Maintain ongoing management and tuning of Palo Alto firewall policies based on application requirements and evolving threat landscape. - General Palo Alto Firewall Policy Management - Manage, optimize, and troubleshoot Palo Alto firewall policies across on-premises and cloud environments. - Provide technical guidance to security and network teams regarding Palo Alto best practices, performance, and feature utilization. Qualifications - Extensive hands-on experience (5+ years) with Palo Alto Networks firewall administration and policy management in enterprise environments. - Proven experience in migrating security policies from Zscaler to Palo Alto or similar firewall migration projects. - Strong understanding of Palo Alto URL Filtering capabilities and constraints, especially managing URL categories and vsys limits. - Experience working with data center security extension concepts including wave rules or similar traffic segmentation controls. - Solid knowledge of network security architecture, VPNs, routing, and cloud network integration, preferably with AWS or other public clouds. - Ability to collaborate effectively with application teams and other stakeholders during rule implementation and testing phases. - Excellent troubleshooting and problem-solving skills in firewall policy conflicts and rule optimization. - Strong communication skills and ability to produce clear technical documentation. Preferred Qualifications - Palo Alto Networks certifications such as PCNSE (Palo Alto Networks Certified Network Security Engineer). - Experience in financial services or similarly regulated environments. - Familiarity with Infrastructure as Code (IaC) tools for automating firewall policy deployment. - Exposure to cloud network security frameworks supporting public cloud migrations. Company Description CC Pace is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, or any other protected characteristic under federal, state, or local laws. CC Pace is committed to employing only candidates who are legally authorized to work in the United States. For us to comply with the Immigration Reform and Control Act of 1986, all new employees, as a condition of employment, must complete the Employment Eligibility Verification Form I-9 and provide documentation that establishes identity and authorization to work. E-Verify will be used for employment verification as part of your onboarding process. CC Pace values integrity throughout our hiring process. As part of our standard verification procedures, candidates will be asked to provide documentation confirming employment history, education, and work authorization.