• Integrate robust security controls directly into CI/CD platforms such as GitHub, GitLab, Jenkins, or Azure DevOps. • Evaluate and implement pipeline-based security Infrastructure as Code (IaC) scanning. • Build and optimize developer feedback loops and automated remediation workflows. • Build and maintain IAM security controls across cloud platforms, assessing policies to enforce the principle of least privilege. • Develop and implement secure infrastructure baselines, vulnerability management processes, and hardening standards across AWS, Azure, or GCP environments. • Guide engineering teams on secure architecture design for cloud apps, microservices, serverless services, and PaaS workloads. • Secure in-house and public AI/ML systems against cyber threats, adversarial attacks, and unauthorized access.

About GitHub GitHub is the world’s leading platform for agentic software development — powered by Copilot to build, scale, and deliver secure software. Over 180 million developers, including more than 90% of the Fortune 100 companies, use GitHub to collaborate, and more than 77,000 organisations have adopted GitHub Copilot. Locations In this role you can work from Remote, United States Overview GitHub is changing the way the world builds software, and we want you to help secure GitHub. We're looking for an Identity & Access Security Operations Engineer to ensure the right Hubbers get the right access at the right time for the right reasons and to strengthen the security and availability of GitHub’s internal systems. As part of Secure Access Engineering – Identity & Access Management, you will enable secure access to GitHub’s internal infrastructure and the sensitive data stored therein. In this position, you will maintain and improve IAM control processes, develop automation to improve efficiency, and collaborate across teams to ensure secure access patterns. Responsibilities ● Provide guidance and support to Hubbers using GitHub’s internal identity and access management platform ● Develop, maintain, and improve services that support identity lifecycle, access workflows, and paved-path processes for Hubbers ● Work with technical and non technical partner teams to drive consistent IAM practices ● Monitor and maintain IAM services, participate in an on-call rotation, respond to incidents, and enhance operational processes ● Manage services and processes that play a critical role in compliance to several audit frameworks Qualifications Required Qualifications: - 2+ years experience in Software Engineering, Computer Science, or related technical discipline with proven experience maintaining production software coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, Go, Ruby, Rust, or Python - OR Associate’s Degree in Computer Science, Electrical Engineering, Electronics Engineering, Math, Physics, Computer Engineering, Computer Science, or related field AND 1+ year(s) experience - OR Bachelor's Degree in Computer Science or related field - OR equivalent experience. - 1+ years of experience in Security Operations, Identity & Access Management, Security Engineering, or a related technical field. - 1+ years experience implementing or operating IAM technologies (e.g., SSO/MFA, directory services, RBAC/ABAC models). - 1+ years professional experience working with Ruby Preferred Qualifications: ● Experience operating identity or access management systems at scale. ● Familiarity with identity directories (e.g., Okta, Azure AD), authentication/authorization protocols (OAuth, SAML, OIDC) ● Experience supporting production services in an on-call capacity. ● Experience with cloud environments such as AWS, Azure, or GCP. ● Experience designing paved-path processes for identity lifecycle, access reviews, or entitlements management. Compensation Range The base salary range for this job is USD $83,400.00 - USD $221,400.00 /Yr. These pay ranges are intended to cover roles based across the United States. An individual's base pay depends on various factors including geographical location and review of experience, knowledge, skills, abilities of the applicant. At GitHub certain roles are eligible for benefits and additional rewards, including annual bonus and stock. These rewards are allocated based on individual impact in role. In addition, certain roles also have the opportunity to earn sales incentives based on revenue or utilization, depending on the terms of the plan and the employee's role. GitHub values - Customer-obsessed - Ship to learn - Growth mindset - Own the outcome - Better together - Diverse and inclusive Manager fundamentals - Model - Coach - Care Leadership principles - Create clarity - Generate energy - Deliver success Who We Are GitHub is the world’s leading AI-powered developer platform with 150 million developers and counting. We’re also home to the biggest open-source community on earth (and 99% of the world’s software has open-source code in its DNA). Many of the apps and programs you use every day are built on GitHub. Our teams are dreamers, doers, and pioneers, leading the way in AI, driving humanitarian efforts around the globe, and even sending open source to Mars (and beyond!). At GitHub, our goal is to create the space you need to do your best work. We’re remote-first and offer competitive pay, generous learning and growth opportunities, and excellent benefits to support you, wherever you are—because we know that people flourish when they can work on their own terms. Join us, and let’s change the world, together. EEO Statement GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!

Come join the company that is reinventing cloud security and empowering businesses to thrive in the cloud. As the fastest-growing startup ever, Wiz is on a mission to help organizations secure cloud environments that will accelerate their businesses. Trusted by security teams all over the world, we have a proven track record of success and a culture that values world-class talent. Our Wizards from over 20 countries work together to protect the infrastructure of our hundreds of customers, including over 50% of the Fortune 100, who trust us to scan and secure over 230 billion files daily. We’re the leading player in a massive and growing market, but it’s still early enough for you to make a significant impact. At Wiz, you’ll have the freedom to think creatively, dream big, and use your full range of skills to contribute to our record growth. Come join our team and help us create secure cloud environments that allow the best companies to move faster. SUMMARY We're seeking a Security Engineer II with a strong focus on automation and SaaS security. This role is ideal for someone who enjoys solving security problems with code — building integrations, automating processes, and improving how security operates at scale. The ideal candidate combines deep SaaS security experience with strong Python development skills and a practical mindset for building durable automation that enables detection, response, and configuration management at scale. You don't need to come from a pure software engineering background, but you should be comfortable writing and maintaining production-quality Python and working directly with APIs. A significant portion of this role involves designing and owning automation that reduces manual effort, improves visibility, and strengthens security controls across our SaaS ecosystem. This is a hands-on, highly collaborative role on a small team that values ownership, technical curiosity, and strong interpersonal skills. WHAT YOU’LL DO - Design, build, and maintain automation and integrations that collect security-relevant telemetry from SaaS applications, identity providers, and internal systems. - Partner with security analysts to enable SaaS detection and response through high-quality log ingestion, normalized data, and reliable integrations. - Assist in building SaaS-specific detection rules and integrations that improve alert attribution and context. - Develop Python-based tooling and services to manage SaaS configurations, permissions, access controls, and third-party connections, including detection and response to configuration drift. - Contribute to our custom automation platform by building integrations, playbooks, and workflows related to SaaS security, identity events, and access lifecycle changes. - Integrate with SaaS application APIs and event streams to support monitoring, alerting, and automated remediation. - Implement and support strong authentication and authorization controls across SaaS and internal systems, including SSO, RBAC, and identity lifecycle automation. - Collaborate with security engineers to design reusable frameworks, contribute to shared libraries and infrastructure, participate in code reviews, and drive improvements that elevate the quality and reliability of security automation across the platform. - Support SaaS onboarding and lifecycle processes by enabling automated security controls rather than manual review. WHAT YOU’LL BRING - 5+ years of experience in security engineering or adjacent engineering roles, with a strong focus on SaaS, identity, and cloud-based environments. - Strong hands-on experience building automation and integrations using Python, including working with REST APIs, webhooks, and event-driven systems. - Experience integrating with and securing SaaS platforms using identity standards such as SAML, OAuth, OIDC, SCIM, and role-based access control. - Background in managing or automating SaaS configuration, permissions, and access, including identifying and addressing configuration drift. - Experience contributing to security automation or SOAR platforms, whether commercial or custom-built. - Working knowledge of security controls, risk management, and compliance concepts, with an emphasis on technical enablement rather than manual assessment. - Ability to independently own projects and drive work to completion while collaborating effectively with the team. - Experience working with globally distributed teams and partnering effectively with analysts, engineers, and business stakeholders. PREFERRED QUALIFICATIONS - Bachelor’s degree in computer science or a related field and / or candidates with equivalent job experience in lieu of a degree - Experience enabling detection and response by designing log collection pipelines, normalizing data, and supporting security analytics. - Strong Python development skills with an emphasis on building reliable, maintainable services and automation. - Proven experience in SaaS application integration and secure configuration management - Familiarity with infrastructure-as-code, configuration management, or policy-as-code approaches applied to SaaS or identity systems. - Experience working in organizations that develop and operate Software as a Service - Experience with workflow orchestration platforms (e.g., Temporal, Airflow, Step Functions) for building reliable, long-running automation with retry logic and state management. - Information Security and Cloud-Relevant certifications are preferred Benefits Wiz offers a competitive package of benefits and programs to support you and your family. Below provides a description of our current benefits for employees in the US. Specific benefits may vary by location. Health & Welfare Benefits - Medical, dental and vision insurance - Home Office Setup reimbursement - Flexible Spending Accounts - Monthly Connectivity reimbursement - Employee Assistance Program (EAP) Financial Benefits - Short- and Long-term Disability Insurance - Life & Accident Insurance - 401(k) Retirement Savings Plan (with employer match) Time Off - Flexible paid time off + 11 paid holidays - Paid leave programs, including parental, pregnancy health, medical and bereavement leave Compensation Starting compensation will be determined based on various factors, including but not limited to, the candidate's job-related experience, skills and geographic location. Your Talent Partner can share more about the specific salary range during the hiring process. This role is eligible to participate in Wiz’s equity plan and may also include incentive compensation. The annual base salary range for this full-time position is listed below. US Base Pay Range $184,000—$253,000 USD Applicants must have the legal right to work in the country where the position is based, without the need for visa sponsorship. This role does not offer visa sponsorship. Wiz is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. By submitting your application, you acknowledge that Wiz will process your personal data in accordance with Wiz's Privacy Policy.

Omilia operates a proprietary, end-to-end conversational AI cloud platform serving enterprise contact centres in regulated industries including banking, utilities, and telecoms. The platform is cloud-native on AWS, Kubernetes-orchestrated, multi-tenant and single-tenant, and holds government-grade certifications including FedRAMP, ISO 27001, SOC 2 Type II, PCI-DSS Level 1, HIPAA, and GDPR. The Director of Cloud Security will own the security posture of this platform end-to-end: from infrastructure hardening and threat modelling through to audit evidence production and customer- facing security assurance. **Key Responsibilities** Cloud Security Ownership • Define and execute Omilia’s cloud security strategy across all deployment models: multi-tenant SaaS, exclusive tenant, private cloud, and hybrid. • Own the AWS security architecture including IAM, VPC design, GuardDuty, Security Hub, CloudTrail, KMS key management, and secrets management. • Lead infrastructure hardening programmes using golden image pipelines, CIS Benchmarks, and automated compliance scanning. • Ensure network segmentation, tenant data isolation, and zero-trust principles are implemented and maintained across all environments. **Compliance & Certification Leadership** • Own the annual renewal and continuous readiness of FedRAMP, SOC 2 Type II, ISO 27001, PCI-DSS Level 1, HIPAA, and GDPR across the cloud platform. • Drive the EU AI Act compliance programme as it applies to high-risk AI system classifications relevant to Omilia’s deployments in regulated sectors. • Produce and maintain the security control evidence pack used in enterprise customer due diligence, RFP responses, and regulatory audits. • Act as primary technical liaison with external auditors, QSAs, and penetration testing firms. **AI & Data Security** • Define data security controls for voice data processing pipelines, including real-time PCI redaction, voice biometric data storage, and training data anonymisation. • Assess security implications of LLM and generative AI integrations (Pathfinder, miniApps, RAG pipelines) and establish guardrails for model input/output security. • Own the subprocessor security assessment programme and ensure DPA/Security Exhibit obligations are met across the third-party supply chain. **Security Engineering & Operations** • Lead vulnerability management: SAST/DAST integration in CI/CD, container image scanning, CVE triage, patch SLAs. • Own incident response for cloud-tier events: detection, containment, eradication, recovery, and post-incident review. • Define and operate security monitoring and SIEM coverage for the OCP platform, ensuring audit logs are immutable, queryable, and exportable. • Collaborate with engineering on secure SDLC practices, threat modelling for new features, and security review gates in the release process. **Stakeholder Engagement** • Support Sales and Customer Success in enterprise security questionnaires, customer security reviews, and contract security exhibit negotiations. • Represent cloud security posture to the CISO, CTO, and executive team; translate technical risk into business impact language. • Engage with CCaaS platform partners (NICE, Five9, Genesys, RingCentral) on integration security requirements and shared responsibility boundaries.