About GitHub GitHub is the world’s leading platform for agentic software development — powered by Copilot to build, scale, and deliver secure software. Over 180 million developers, including more than 90% of the Fortune 100 companies, use GitHub to collaborate, and more than 77,000 organisations have adopted GitHub Copilot. Locations In this role you can work from Remote, United States Overview GitHub is changing the way the world builds software, and we want you to help secure GitHub. We're looking for an Identity & Access Security Operations Engineer to ensure the right Hubbers get the right access at the right time for the right reasons and to strengthen the security and availability of GitHub’s internal systems. As part of Secure Access Engineering – Identity & Access Management, you will enable secure access to GitHub’s internal infrastructure and the sensitive data stored therein. In this position, you will maintain and improve IAM control processes, develop automation to improve efficiency, and collaborate across teams to ensure secure access patterns. Responsibilities ● Provide guidance and support to Hubbers using GitHub’s internal identity and access management platform ● Develop, maintain, and improve services that support identity lifecycle, access workflows, and paved-path processes for Hubbers ● Work with technical and non technical partner teams to drive consistent IAM practices ● Monitor and maintain IAM services, participate in an on-call rotation, respond to incidents, and enhance operational processes ● Manage services and processes that play a critical role in compliance to several audit frameworks Qualifications Required Qualifications: - 2+ years experience in Software Engineering, Computer Science, or related technical discipline with proven experience maintaining production software coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, Go, Ruby, Rust, or Python - OR Associate’s Degree in Computer Science, Electrical Engineering, Electronics Engineering, Math, Physics, Computer Engineering, Computer Science, or related field AND 1+ year(s) experience - OR Bachelor's Degree in Computer Science or related field - OR equivalent experience. - 1+ years of experience in Security Operations, Identity & Access Management, Security Engineering, or a related technical field. - 1+ years experience implementing or operating IAM technologies (e.g., SSO/MFA, directory services, RBAC/ABAC models). - 1+ years professional experience working with Ruby Preferred Qualifications: ● Experience operating identity or access management systems at scale. ● Familiarity with identity directories (e.g., Okta, Azure AD), authentication/authorization protocols (OAuth, SAML, OIDC) ● Experience supporting production services in an on-call capacity. ● Experience with cloud environments such as AWS, Azure, or GCP. ● Experience designing paved-path processes for identity lifecycle, access reviews, or entitlements management. Compensation Range The base salary range for this job is USD $83,400.00 - USD $221,400.00 /Yr. These pay ranges are intended to cover roles based across the United States. An individual's base pay depends on various factors including geographical location and review of experience, knowledge, skills, abilities of the applicant. At GitHub certain roles are eligible for benefits and additional rewards, including annual bonus and stock. These rewards are allocated based on individual impact in role. In addition, certain roles also have the opportunity to earn sales incentives based on revenue or utilization, depending on the terms of the plan and the employee's role. GitHub values - Customer-obsessed - Ship to learn - Growth mindset - Own the outcome - Better together - Diverse and inclusive Manager fundamentals - Model - Coach - Care Leadership principles - Create clarity - Generate energy - Deliver success Who We Are GitHub is the world’s leading AI-powered developer platform with 150 million developers and counting. We’re also home to the biggest open-source community on earth (and 99% of the world’s software has open-source code in its DNA). Many of the apps and programs you use every day are built on GitHub. Our teams are dreamers, doers, and pioneers, leading the way in AI, driving humanitarian efforts around the globe, and even sending open source to Mars (and beyond!). At GitHub, our goal is to create the space you need to do your best work. We’re remote-first and offer competitive pay, generous learning and growth opportunities, and excellent benefits to support you, wherever you are—because we know that people flourish when they can work on their own terms. Join us, and let’s change the world, together. EEO Statement GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!

Come join the company that is reinventing cloud security and empowering businesses to thrive in the cloud. As the fastest-growing startup ever, Wiz is on a mission to help organizations secure cloud environments that will accelerate their businesses. Trusted by security teams all over the world, we have a proven track record of success and a culture that values world-class talent. Our Wizards from over 20 countries work together to protect the infrastructure of our hundreds of customers, including over 50% of the Fortune 100, who trust us to scan and secure over 230 billion files daily. We’re the leading player in a massive and growing market, but it’s still early enough for you to make a significant impact. At Wiz, you’ll have the freedom to think creatively, dream big, and use your full range of skills to contribute to our record growth. Come join our team and help us create secure cloud environments that allow the best companies to move faster. SUMMARY We're seeking a Security Engineer II with a strong focus on automation and SaaS security. This role is ideal for someone who enjoys solving security problems with code — building integrations, automating processes, and improving how security operates at scale. The ideal candidate combines deep SaaS security experience with strong Python development skills and a practical mindset for building durable automation that enables detection, response, and configuration management at scale. You don't need to come from a pure software engineering background, but you should be comfortable writing and maintaining production-quality Python and working directly with APIs. A significant portion of this role involves designing and owning automation that reduces manual effort, improves visibility, and strengthens security controls across our SaaS ecosystem. This is a hands-on, highly collaborative role on a small team that values ownership, technical curiosity, and strong interpersonal skills. WHAT YOU’LL DO - Design, build, and maintain automation and integrations that collect security-relevant telemetry from SaaS applications, identity providers, and internal systems. - Partner with security analysts to enable SaaS detection and response through high-quality log ingestion, normalized data, and reliable integrations. - Assist in building SaaS-specific detection rules and integrations that improve alert attribution and context. - Develop Python-based tooling and services to manage SaaS configurations, permissions, access controls, and third-party connections, including detection and response to configuration drift. - Contribute to our custom automation platform by building integrations, playbooks, and workflows related to SaaS security, identity events, and access lifecycle changes. - Integrate with SaaS application APIs and event streams to support monitoring, alerting, and automated remediation. - Implement and support strong authentication and authorization controls across SaaS and internal systems, including SSO, RBAC, and identity lifecycle automation. - Collaborate with security engineers to design reusable frameworks, contribute to shared libraries and infrastructure, participate in code reviews, and drive improvements that elevate the quality and reliability of security automation across the platform. - Support SaaS onboarding and lifecycle processes by enabling automated security controls rather than manual review. WHAT YOU’LL BRING - 5+ years of experience in security engineering or adjacent engineering roles, with a strong focus on SaaS, identity, and cloud-based environments. - Strong hands-on experience building automation and integrations using Python, including working with REST APIs, webhooks, and event-driven systems. - Experience integrating with and securing SaaS platforms using identity standards such as SAML, OAuth, OIDC, SCIM, and role-based access control. - Background in managing or automating SaaS configuration, permissions, and access, including identifying and addressing configuration drift. - Experience contributing to security automation or SOAR platforms, whether commercial or custom-built. - Working knowledge of security controls, risk management, and compliance concepts, with an emphasis on technical enablement rather than manual assessment. - Ability to independently own projects and drive work to completion while collaborating effectively with the team. - Experience working with globally distributed teams and partnering effectively with analysts, engineers, and business stakeholders. PREFERRED QUALIFICATIONS - Bachelor’s degree in computer science or a related field and / or candidates with equivalent job experience in lieu of a degree - Experience enabling detection and response by designing log collection pipelines, normalizing data, and supporting security analytics. - Strong Python development skills with an emphasis on building reliable, maintainable services and automation. - Proven experience in SaaS application integration and secure configuration management - Familiarity with infrastructure-as-code, configuration management, or policy-as-code approaches applied to SaaS or identity systems. - Experience working in organizations that develop and operate Software as a Service - Experience with workflow orchestration platforms (e.g., Temporal, Airflow, Step Functions) for building reliable, long-running automation with retry logic and state management. - Information Security and Cloud-Relevant certifications are preferred Benefits Wiz offers a competitive package of benefits and programs to support you and your family. Below provides a description of our current benefits for employees in the US. Specific benefits may vary by location. Health & Welfare Benefits - Medical, dental and vision insurance - Home Office Setup reimbursement - Flexible Spending Accounts - Monthly Connectivity reimbursement - Employee Assistance Program (EAP) Financial Benefits - Short- and Long-term Disability Insurance - Life & Accident Insurance - 401(k) Retirement Savings Plan (with employer match) Time Off - Flexible paid time off + 11 paid holidays - Paid leave programs, including parental, pregnancy health, medical and bereavement leave Compensation Starting compensation will be determined based on various factors, including but not limited to, the candidate's job-related experience, skills and geographic location. Your Talent Partner can share more about the specific salary range during the hiring process. This role is eligible to participate in Wiz’s equity plan and may also include incentive compensation. The annual base salary range for this full-time position is listed below. US Base Pay Range $184,000—$253,000 USD Applicants must have the legal right to work in the country where the position is based, without the need for visa sponsorship. This role does not offer visa sponsorship. Wiz is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. By submitting your application, you acknowledge that Wiz will process your personal data in accordance with Wiz's Privacy Policy.

Omilia operates a proprietary, end-to-end conversational AI cloud platform serving enterprise contact centres in regulated industries including banking, utilities, and telecoms. The platform is cloud-native on AWS, Kubernetes-orchestrated, multi-tenant and single-tenant, and holds government-grade certifications including FedRAMP, ISO 27001, SOC 2 Type II, PCI-DSS Level 1, HIPAA, and GDPR. The Director of Cloud Security will own the security posture of this platform end-to-end: from infrastructure hardening and threat modelling through to audit evidence production and customer- facing security assurance. **Key Responsibilities** Cloud Security Ownership • Define and execute Omilia’s cloud security strategy across all deployment models: multi-tenant SaaS, exclusive tenant, private cloud, and hybrid. • Own the AWS security architecture including IAM, VPC design, GuardDuty, Security Hub, CloudTrail, KMS key management, and secrets management. • Lead infrastructure hardening programmes using golden image pipelines, CIS Benchmarks, and automated compliance scanning. • Ensure network segmentation, tenant data isolation, and zero-trust principles are implemented and maintained across all environments. **Compliance & Certification Leadership** • Own the annual renewal and continuous readiness of FedRAMP, SOC 2 Type II, ISO 27001, PCI-DSS Level 1, HIPAA, and GDPR across the cloud platform. • Drive the EU AI Act compliance programme as it applies to high-risk AI system classifications relevant to Omilia’s deployments in regulated sectors. • Produce and maintain the security control evidence pack used in enterprise customer due diligence, RFP responses, and regulatory audits. • Act as primary technical liaison with external auditors, QSAs, and penetration testing firms. **AI & Data Security** • Define data security controls for voice data processing pipelines, including real-time PCI redaction, voice biometric data storage, and training data anonymisation. • Assess security implications of LLM and generative AI integrations (Pathfinder, miniApps, RAG pipelines) and establish guardrails for model input/output security. • Own the subprocessor security assessment programme and ensure DPA/Security Exhibit obligations are met across the third-party supply chain. **Security Engineering & Operations** • Lead vulnerability management: SAST/DAST integration in CI/CD, container image scanning, CVE triage, patch SLAs. • Own incident response for cloud-tier events: detection, containment, eradication, recovery, and post-incident review. • Define and operate security monitoring and SIEM coverage for the OCP platform, ensuring audit logs are immutable, queryable, and exportable. • Collaborate with engineering on secure SDLC practices, threat modelling for new features, and security review gates in the release process. **Stakeholder Engagement** • Support Sales and Customer Success in enterprise security questionnaires, customer security reviews, and contract security exhibit negotiations. • Represent cloud security posture to the CISO, CTO, and executive team; translate technical risk into business impact language. • Engage with CCaaS platform partners (NICE, Five9, Genesys, RingCentral) on integration security requirements and shared responsibility boundaries.

Role Description Owns and manages the development of InfoSec engineering designs and implementation. Identifies security issues and risks, and develops mitigation plans for cloud implementations. Architect, design, implement, support, and evaluate security-focused tools and services. Oversee assessment and mitigation of system security threats/risks throughout the program life cycle; validation of system security requirements definition and analysis; establishing system security designs; implementing security designs in hardware, software, data, and procedures; verification of security requirements; performing system certification and accreditation planning and testing and liaison activities, and supporting secure systems operations and maintenance. In this role, you will support the implementation and maintenance of secure cloud environments while working closely with engineering, development, and program teams. You will contribute to strengthening the overall security posture of cloud-based systems by supporting security engineering activities, implementing security controls, and ensuring compliance with applicable federal and DoD cybersecurity standards. Responsibilities - Support the design, implementation, and maintenance of secure cloud architectures in accordance with program and security requirements. - Assist in the development, integration, and testing of security controls across cloud infrastructure, applications, and data environments. - Conduct risk and vulnerability assessments and assist with developing mitigation strategies. - Implement and maintain security configurations to ensure the confidentiality, integrity, and availability of systems. - Support development and maintenance of security documentation including System Security Plans (SSPs), security control assessments, and contingency plans. - Assist with system security engineering activities throughout the system lifecycle including requirements analysis, design validation, and security testing. - Perform security scans and vulnerability assessments using approved tools and document findings and remediation recommendations. - Support security compliance activities in accordance with federal and DoD cybersecurity frameworks. - Participate in incident response activities and assist in investigation and remediation of security events. - Collaborate with cloud engineers, system administrators, and program stakeholders to ensure security requirements are implemented effectively. - Monitor systems and environments for potential security risks and assist in remediation efforts. - Support certification and authorization activities and processes. - Provide technical support to operational strategies aligned with program initiatives to optimize processes, enhance productivity, and ensure quality across program functions. - Ensure 100% of planned hours are worked and recorded. - Identify and forward to leadership any opportunities that could lead to growth within your work area. - Participate in growth efforts as requested. - Ensure all contractual deliverables are met or exceeded to the customer's satisfaction. - Complete personal PDP and attend Staff Meeting and Storytime (with camera on). - Build productive and positive professional relationships with clients within the program. - Execute all contract requirements as assigned in accordance with the contract-specific LCAT and requirements. - Maintain active status of all required DoD 8570/8140 industry certifications in good standing through required Continuing Education (CE) units. - Perform other related duties as assigned. Qualifications - Active Secret Clearance. - Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field with at least 4 years of relevant experience. - Knowledge of cybersecurity principles, frameworks, and best practices. - Experience with risk assessment methodologies and security compliance standards. - Familiarity with security testing tools such as vulnerability scanners and SIEM solutions. - Basic understanding of network protocols, firewalls, and system security configurations. - Ability to analyze security policies and develop recommendations for improvement. - DoD 8570 / 8140 IAT Level II certification. - At least one cloud certification. Preferred Additional Qualifications - Experience with NIST, FISMA, or DoD security frameworks. - Familiarity with cloud security best practices and secure software development. - Hands-on experience with security incident response and threat detection tools. - Strong analytical and problem-solving skills with attention to detail. - Experience with Agile development methodologies. Benefits - Competitive compensation. - Health and wellness programs. - Income protection. - Paid leave. - Retirement and savings. - Learning and development opportunities.