What you can expect We are seeking a Senior AI Security Assurance Engineer to lead the offensive verification of our AI systems and pipelines. This role will serve as the dedicated AI security lead within the Security Assurance organization, reporting directly to the Head of Security Assurance. While not a traditional covert red team position, the role requires similar deep adversarial thinking and the ability to evaluate AI systems with the mindset of a determined skeptic. Your mission: verify and innovate. You’ll be responsible for independently evaluating, challenging, and validating the security, safety, and integrity of all AI initiatives across the company, including AI embedded in products, internal AI use cases, training pipelines, model lifecycle management, and supporting infrastructure. This is not a compliance role, it’s a hands-on, experimental one. At Zoom, Security Assurance encompasses Offensive Security (product, infrastructure, hardware, red team), PSIRT, Product Vulnerability Management, and Bug Bounty. This role will also operate across all of these domains as the organization’s primary authority on AI-related risk and capabilities/implementation. You will be the AI expert in efforts to develop scalable, intelligent systems that automate and amplify Security Assurance at Zoom. You’ll both break and build, challenging assumptions in our AI infrastructure, features, and tools while creating tools to continuously expose and mitigate critical risk. About the Team The Security Assurance team at Zoom is an adversarial, high-leverage group focused on finding and reducing the company’s most critical security risks. We work from an attacker’s mindset and operate well beyond checklists, audits, and standard SDLC gates, targeting the vulnerabilities and systemic failures that escape existing controls. The team covers offensive security (vulnerability research, red teaming, hardware security), PSIRT, product vulnerability management, bug bounty, and emerging AI security. We apply deep technical rigor and clear risk judgment to drive concrete product and platform changes. We value evidence over assumptions and curiosity over comfort. This team is for truth-seekers who want their work to measurably reduce risk at global scale. Responsibilities - Leading adversarial verification of AI systems: Design and execute deep, unconstrained assessments of AI models, pipelines, and agents, testing guardrails, safety layers, and data boundaries through offensive experimentation. - Uncovering gaps between promise and practice: Identify where AI security, safety, or privacy controls fail under pressure. Surface the mismatch between claims and reality. - Assessing the full AI lifecycle: Evaluate data, training, and deployment pipelines for risks like model poisoning, prompt injection, or fine-tuning abuse. - Developing AI-powered security discovery systems: Research, prototype, and operationalize machine learning–driven approaches to automatically detect, predict, and prioritize vulnerabilities and behavioral deviations in Zoom’s products and platform. - Automating and scaling offensive operations: Build AI-based frameworks to scale red teaming, vulnerability discovery, and bug bounty triage. Use LLMs, anomaly detection, and pattern learning to enhance automation and coverage. - Adapting cutting-edge research: Integrate the latest findings from offensive security research, autonomous agents, and AI-driven vulnerability analysis into Zoom’s security assurance programs. - Shaping AI security methodologies: Build frameworks for continuous AI-driven adversarial testing, automated validation, and system monitoring that scale across teams and products. - Translating findings into impact: Communicate verified risks and systemic weaknesses clearly to engineering and leadership, pairing technical insight with strategic direction. - Staying ahead of the curve: Track evolving AI architectures, attack vectors, and defenses, turning new research into offensive and defensive capability. What we’re looking for - Have deep understanding of generative AI systems (transformers, diffusion models, multi-agent frameworks) and their security failure modes. - Have experience building or adapting novel AI/ML methods to real-world security problems. - Demonstrate proficiency in Python, ML frameworks (PyTorch, TensorFlow, Hugging Face, LangChain), and modern cloud/data environments. - Be skilled at uncovering the true behavior and limitations of AI and platform systems through experimentation, code review, and automated adversarial techniques. - Be skilled at setting direction, advising peers, and communicating high-impact risks to executives. - Be unafraid to challenge assumptions or expose uncomfortable truths in service of user and system safety. - Demonstrate experience in red teaming, exploit development, or vulnerability research. Salary Range or On Target Earnings: Minimum: $124 000,00 Maximum: $271 200,00 In addition to the base salary and/or OTE listed Zoom has a Total Direct Compensation philosophy that takes into consideration; base salary, bonus and equity value. Note: Starting pay will be based on a number of factors and commensurate with qualifications & experience. We also have a location based compensation structure; there may be a different range for candidates in this and other locations At Zoom, we offer a window of at least 5 days for you to apply because we believe in giving you every opportunity. Below is the potential closing date, just in case you want to mark it on your calendar. We look forward to receiving your application! Anticipated Position Close Date: 03/30/26 Ways of Working Our structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In-Person is indicated in the job description/posting. Benefits As part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. Click Learn for more information. About Us Zoomies help people stay connected so they can get more done together. We set out to build the best collaboration platform for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars. We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Find room to grow with opportunities to stretch your skills and advance your career in a collaborative, growth-focused environment. Our Commitment​ At Zoom, we believe great work happens when people feel supported and empowered. We’re committed to fair hiring practices that ensure every candidate is evaluated based on skills, experience, and potential. If you require an accommodation during the hiring process, let us know—we’re here to support you at every step. If you need assistance navigating the interview process due to a medical disability, please submit an Accommodations Request Form and someone from our team will reach out soon. This form is solely for applicants who require an accommodation due to a qualifying medical disability. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed. #LI-Remote

Overview LMI is seeking a skilled Information System Security Engineer (ISSE) with hands-on experience in AWS cloud security to provide advanced cybersecurity engineering and Risk Management Framework (RMF) support for Department of Defense (DoD) cloud-based systems. This position focuses on designing, implementing, and maintaining secure AWS environments aligned with DoD Cloud Computing Security Requirements Guide (CC SRG), NIST SP 800-53, and DISA STIGs/SRGs to support Authorization to Operate (ATO) efforts. LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed. Leveraging our mission-ready technology and solutions, proven expertise in federal deployment, and strategic relationships, we enhance outcomes for the government, efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors—helping agencies navigate complexity and outpace change. Headquartered in Tysons, Virginia, LMI is committed to delivering impactful results that strengthen missions and drive lasting value. This position can be remote but requires quarterly travel for planning increments. This position requires an active SECRET clearance; TS/SCI preferred. Responsibilities - Architect and manage robust access control strategies using AWS Identity and Access Management (IAM), enforcing the principle of Least Privilege across all roles and users. - Implement encryption and key management solutions using AWS Key Management Service (KMS) and related tools to protect data at rest and in transit, aligning with DoD data classification standards. - Deploy and configure native AWS security services (e.g. GuardDuty, Security Hub, Inspector, and Config) to provide continuous threat detection, compliance monitoring, and automated remediation. - Collaborate with network teams to secure VPCs using AWS Network Firewall, WAF, and hybrid connectivity solutions (Direct Connect, VPN) within a GovCloud environment. - Lead technical implementation and validation of NIST SP 800-53 and DoD CC SRG controls to achieve and maintain ATO. - Serve as a technical SME for RMF documentation and artifact generation within eMASSor other DoD compliance systems. - Design, test, and implement DISA STIG/SRG-based configuration hardening across AWS services, operating systems, and containerized workloads. - Conduct continuous vulnerability scanning and monitoring using DoD-approved tools (ACAS/Nessus), coordinating remediation and risk mitigation activities. - Integrate security into CI/CD pipelines using Infrastructure-as-Code (IaC) tools such as Terraform or CloudFormation to automate compliance and security controls. - Build and maintain centralized, compliant logging architectures using Splunk, Elastic, or equivalent SIEM platformsto ensure event visibility and retention per DoD policy. - Participate in incident response activities for cloud-based threats, performing forensic analysis and recommending corrective actions. - Collaborate with DoD stakeholders, system owners, and developers to embed security throughout the system lifecycle and support RMF accreditation efforts. Qualifications - Active SECRET clearance required; TS/SCI preferred - Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience) - 3–5+ years of experience in information security, with at least 3 years focused on AWS cloud security engineering - Deep experience with DoD RMF, NIST SP 800-53, DoD CC SRG, and DISA STIG/SRG compliance frameworks - Strong hands-on expertise with AWS security services (IAM, KMS, GuardDuty, Security Hub, Config) - Experience with Docker, Kubernetes, and system hardening for Linux/Windows environments - Proficiency in IaC tools (Terraform, CloudFormation) for managing and enforcing security policies - Familiarity with ACAS/Nessus, continuous monitoring, and vulnerability management processes - Experience integrating security within DevSecOps and CI/CD workflows - Certifications: - DoD 8570/8140-M compliant (e.g., CISSP, CASP+, CISM) – required - AWS Certified Security – Specialty – highly preferred - Kubernetes certification (CKS/CKA) – a plus Target Salary Range: $90,270.00 - $155,037.00 Disclaimer: The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Individual salaries are determined by various factors including, but not limited to location, internal equity, business considerations, client contract requirements, and candidate qualifications, such as education, experience, skills, and security clearances.

Role Description We are hiring a Cybersecurity Engineer to support customer deployments in classified environments, ensuring Istari’s platform operates securely, compliantly, and reliably in real-world mission systems. This role sits within Customer Success and focuses on hands-on system and infrastructure security—not just documentation or policy. Depending on your background, you may lean more toward: - System hardening (Windows/Linux) - Secure network infrastructure (classified environments) In this role, YOU will be the difference between a platform that looks secure on paper, and one that actually works inside real classified mission environments. What You'll Do - Deploy and secure Istari’s platform in: - SIPR, JWICS, and air-gapped environments - Implement and validate: - DISA STIGs - NIST 800-53 / 800-171 controls - Perform hands-on security work, including: - System hardening (Windows & Linux) - Vulnerability scanning (ACAS/Nessus) - STIG validation and remediation - POA&M management - Design, configure, or support secure network architectures, including: - Segmentation, boundary defense, and routing in classified environments - Troubleshoot and resolve: - Security configuration issues - Connectivity and compliance blockers - Work directly with: - Customer security teams (ISSO, ISSM, AO, SCA) - Program and infrastructure teams - Provide feedback to engineering on: - Real-world deployment constraints - Security gaps and improvements Qualifications - Active TS clearance with SCI eligibility - Security+ (required) — CISSP, CISM, or CASP+ preferred - 4+ years of hands-on experience in cybersecurity, system administration, or network engineering - Direct experience with: - NIST 800-53 / 800-171 - DISA STIGs - Experience operating in: - Classified environments (SIPR, JWICS, SAP) Requirements - Experience Profile A: System Hardening (System Administration) - Strong experience securing Windows and/or Linux systems - Hands-on System Patching, STIG implementation and validation - Experience running scans, remediating findings, and managing POA&Ms - Experience Profile B: Secure Infrastructure (Network Engineering) - Experience designing or supporting secure network architectures in classified environments - Knowledge of network segmentation, boundary defense, and secure connectivity - Familiarity with STIGs for network devices and infrastructure Benefits - $116,000 - $174,000 a year (may be additionally eligible for stipend, one-time incentive, or % differential for clearance)

Ever since we started in 2007, Sunrun has been at the forefront of connecting people to the cleanest energy on Earth. It’s why we’ve become the #1 home solar and battery company in America. Today, we’re on a mission to change the way the world interacts with energy, and we’re building a company and brand that puts power at the center of life. And we’re doing it by designing a dynamic culture where employee development, well-being, and safety come first. We’re unlike any other solar company. Our vertically integrated model gives us total control over every part of the energy lifecycle – from sale through installation and beyond – so you can find endless opportunities for growth. Come join a career you can grow in and a culture you can run with. This position is primarily remote, with occasional visits to a local office or our corporate headquarters for team-building, training, and collaborative project work. These on-site sessions are designed to strengthen connections, share insights, and ensure a seamless experience for our team and customers. Equipment pick-up from a local branch will be required. We will provide advance notice whenever on-site attendance is required, making these times purposeful and rewarding. Position Overview: The Application Security Engineer at Sunrun plays a pivotal role in protecting the applications that power our business. This position requires expertise across identity systems, and software development lifecycle. You will be responsible for driving the identification, assessment, and mitigation of security risks from the initial design phase through deployment and beyond. You will collaborate closely with developers and IT teams to integrate robust security practices, implement advanced protective measures for both applications and identities, and foster a comprehensive culture of security across the organization. Key Responsibilities - Threat Modeling & Security Design: Assess potential attack vectors and design defense-in-depth strategies that address gaps across infrastructure, 1st and 3rd party applications, and identity management. - Secure Software Development Life Cycle (SSDLC): Partner with application development teams to integrate security into every stage of the development lifecycle. Champion secure coding standards, conduct security code reviews, and provide expert guidance to minimize vulnerabilities before production. - Identity & Access Management (IAM): Design, implement, and manage identity security solutions across 1st and 3rd party applications. Showcase hands-on experience in implementing strategies like Zero Trust architecture and modern authentication standards like WebAuthn. - Implement & Manage Security Controls: Design, implement, and fine-tune application security controls like SAST/DAST vulnerability scanning andand standardizing secure coding practices. Establish and improve operational processes to ensure their continued effectiveness. - Guidance, Training & Compliance: Develop and maintain security policies and standards for both application and identity security. Provide ongoing training to developers to elevate secure coding practices. - Stakeholder Collaboration: Use strong critical thinking and communication skills to present complex technical concepts to business stakeholders, gain alignment, and independently drive security initiatives forward. Qualifications - 7+ years of combined experience in application security and identity & access management (IAM), with a proven track record of supporting application development teams. - Deep knowledge of application security principles, secure coding practices, common vulnerabilities (e.g., OWASP Top 10), and zero-trust architecture. - Hands-on experience with security testing tools (SAST, DAST), Web Application Firewalls (WAF), and IAM platforms (e.g., Okta, AWS IAM). - Proficiency in programming languages such as Java, Python, or JavaScript. - Strong familiarity with cloud environments (AWS, GCP) and their native security and identity controls. - Demonstrated expertise in threat modeling and designing defense-in-depth strategies for complex applications. - Solid understanding of modern identity standards and technologies, including MFA, SSO, and WebAuthn. - Excellent communication and collaboration skills, with the ability to articulate technical findings and security risks to diverse audiences. - Strong critical thinking and creative problem-solving skills, with the ability to analyze systems from an attacker's perspective and devise effective countermeasures. Preferred Qualifications - Experience with Okta and Salesforce security principles and best practices. - Certifications (preferred): Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE), or similar credentials. Recruiter: Kristina Sedjo (kristina.sedjo@sunrun.com) Please note that the compensation information is made in good faith for this position only. It assumes that the successful candidate will be located in markets within the United States that warrant the compensation. Please speak with your recruiter to learn more. Starting salary/wage for this opportunity: 154,799.31 to 185,759.18 Compensation decisions will not be based on a candidate's salary history. You can learn more here. This job description outlines the primary responsibilities, some essential job functions, and qualifications for the role. It may not include all essential functions, tasks, or requirements. If you are a qualified individual with a disability and you need reasonable accommodation during the hiring process or to perform this role, please contact us at candidateaccommodations@sunrun.com. Sunrun is proud to be an equal opportunity employer that does not tolerate discrimination or harassment of any kind. We believe that empowering people and valuing their differences are essential for our mission of connecting people to the cleanest energy on earth. Learn more here: EEO | Sunrun