Airbnb was born in 2007 when two hosts welcomed three guests to their San Francisco home, and has since grown to over 5 million hosts who have welcomed over 2 billion guest arrivals in almost every country across the globe. Every day, hosts offer unique stays and experiences that make it possible for guests to connect with communities in a more authentic way. The Community You Will Join: The Threat Detection and Response team (TDR) at Airbnb is focused on automating security detection, responding to security incidents, and working with partner teams to build capabilities that support the incident lifecycle. This is the front-line team that detects, investigates, and responds to security threats and malicious activity. We are seeking an Engineering Manager to lead our Investigations & Incident Response team within a mature Threat Detection & Response organization. This is a key role that combines incident response leadership, strategic ownership, and engineering-informed scale. The Difference You Will Make: - You will define and execute new approaches to detecting, containing, and mitigating security threats and incidents, while driving the next stage of maturity for our investigations and response capabilities. - You will own incident response and investigation outcomes, leading end-to-end response across identification, containment, eradication, and recovery. - You’ll shape how the team operates—evolving operating models, guiding execution during incidents, and scaling through thoughtful use of automation and engineering. - You will define and drive the strategy for a modern incident response function, ensuring high-quality investigations and that every incident leads to meaningful improvements in our detection and response capabilities. - You’ll assess current capabilities and chart the path forward across people, process, and technology, evolving the operating model to support effective global response. - You will scale the function through automation, tooling, and improved workflows—solving repeatable problems with systems, not manual effort. - You will serve as a key voice to senior leadership, communicating incident trends, risks, and strategic direction, and partner across the company to turn incident learnings into durable security improvements resulting in removal of entire classes of problems. A Typical Day: - Lead and mentor a diverse team of ~5+ senior engineers - Partner with Security Platform and Detection Engineering teams to enhance telemetry, context, and response capabilities, and collaborate closely with key teams in Infrastructure Security, Application Security, Infrastructure teams, Legal, Privacy, Global Safety and Security, and Engineering teams across the organization. - Coach and develop team members, help them grow their careers, technical expertise, and collaboration skills. - Act as a senior escalation point during high-severity or complex incidents - Ensure consistent, high-quality investigations with strong root cause analysis - Establish clear priorities that balance speed, depth, and risk reduction - Improve escalation paths, ownership clarity, and cross-functional coordination - Use incident data to influence security priorities and investment decisions - Partner closely with partner teams within Information Security to ensure incident learnings are shared and added to roadmaps for security risk reduction - Work with infrastructure, product, and engineering teams to drive effective remediation - Define and track key metrics such as MTTD, MTTR, incident severity, and recurrence - Ensure clear communication during incidents to senior and executive leadership including updates on insights from incident patterns, trends, and emerging risks Your Expertise: - 9+ years of industry experience in threat detection and incident response, with a minimum of 3-5 years in engineering management. - Experience shaping or evolving incident response programs in complex environments - Exceptional people management and mentorship skills, with a history of recruiting, developing and retaining top talent - Strong understanding of attacker behavior and frameworks such as MITRE ATT&CK - Experience and understanding of technologies such as EDR, SIEM, cloud environments, and investigation workflows - Experience in cloud-native environments (AWS, GCP, Azure) - Ability to analyze ambiguous situations and make sound, timely decisions - Comfort partnering with engineering teams to build scalable solutions - Ability to operate at both strategic and tactical levels, from executive communication to incident leadership - Experience defining team strategy, priorities, and operating models - Strong judgment in risk assessment, escalation, and trade-offs - Excellent communication skills across technical and executive audiences Your Location: This position is US - Remote Eligible. The role may include occasional work at an Airbnb office or attendance at offsites, as agreed to with your manager. While the position is Remote Eligible, you must live in a state where Airbnb, Inc. has a registered entity. Click here for the up-to-date list of excluded states. This list is continuously evolving, so please check back with us if the state you live in is on the exclusion list. If your position is employed by another Airbnb entity, your recruiter will inform you what states you are eligible to work from. Our Commitment To Inclusion & Belonging: Airbnb is committed to working with the broadest talent pool possible. We believe diverse ideas foster innovation and engagement, and allow us to attract creatively-led people, and to develop the best products, services and solutions. All qualified individuals are encouraged to apply. We strive to also provide a disability inclusive application and interview process. If you are a candidate with a disability and require reasonable accommodation in order to submit an application, please contact us at: reasonableaccommodations@airbnb.com. Please include your full name, the role you’re applying for and the accommodation necessary to assist you with the recruiting process. We ask that you only reach out to us if you are a candidate whose disability prevents you from being able to complete our online application. How We'll Take Care of You: Our job titles may span more than one career level. The actual base pay is dependent upon many factors, such as: training, transferable skills, work experience, business needs and market demands. The base pay range is subject to change and may be modified in the future. This role may also be eligible for bonus, equity, benefits, and Employee Travel Credits. Pay Range $204,000—$255,000 USD

Are you ready to open a world of opportunity in human resources services and talent mobility? Our clients include some of the largest and most recognized brands in the world. They’re innovators and leaders in their industries, making life-enhancing breakthroughs every day. We help them tap into those opportunities by placing their exceptional people where they need to be, anywhere in the world. When it comes to service, we set the bar for exceptional … and then we raise it with fresh ideas, leading tools and innovative approaches, and it’s all grounded in our values of truth, love, and integrity. We’re looking for exceptional people who share those values along with our passion for delivering the highest levels of service. If that sounds like you, and if you’re ready for a new career opportunity, we’d like to hear from you! Here’s to the world ahead.   We are seeking a visionary and business-aligned Chief Information Security Officer (CISO) to serve as a key member of the Graebel and IT leadership team. The CISO will provide the strategic roadmap and executive leadership for a world-class Enterprise Security Program that enables business innovation while aggressively mitigating risk. This role directs the end-to-end planning, implementation, and governance of a resilient information security strategy. The CISO architects a culture of security that protects our global reputation, digital assets, and competitive advantage. The CISO is the primary authority for enterprise-wide cyber risk evaluations, regulatory compliance alignment, and security incident management. Part of our Graebel Senior Leadership Team and reporting to the CIO, with direct advisory access to the Executive Committee and Board, this leader must be an expert communicator capable of translating complex technical threats into financial and operational impact for all levels of leadership throughout the organization. We are committed to fair and transparent compensation. The salary range for this role is based on several factors including experience, skills, and qualifications and is $245,000 to $275,000. Essential Duties and Responsibilities - Strategic Leadership: Oversight of Enterprise Information and cyber security policy, strategy, and execution driving a risk-based resilience model. - Executive Influence: Interfaces with senior leadership and the Board of Directors to ensure information security is quantified in financial and business impact terms and aligned with strategic priorities. - Stakeholder Communication: Develop and communicate security strategies and plans to executive team, staff, partners, customers, and stakeholders, serving as a primary advocate for digital trust. - Talent Cultivation: Supervise recruitment, development, retention, engagement, and organization of security staff, fostering a high-performance culture of continuous learning. - Environment Management: Oversight of core security and infrastructure systems, managed security providers, and the security posture of the end-to-end supply chain. - Policy & Governance: Develop, implement, maintain, and oversee enforcement of IT policies, procedures, and associated plans for system security administration and user system access based on Zero Trust architecture and industry-standard frameworks (e.g., NIST, ISO). - Incident Orchestration: Accountable for security operations, incident oversight, identification, and response, focusing on rapid recovery and business continuity. - Revenue Enablement & Customer Trust: Partner with Sales and Product teams to serve as an executive-level security advocate during the sales cycle; directly engage with key customers and prospects to articulate the company’s security posture and build the "Digital Trust" necessary to accelerate contract closures. - Cross-Functional Collaboration: Collaborate with the wider IT department and business unit leaders on embedding security-by-design into enterprise and end-user processing technology. - Cultural Transformation: Create a culture of cyber security awareness both within the IT organization and driving measurable behavioral changes for the business; proactively evaluates security trends, emerging AI-driven threats, and vulnerabilities to mitigate risk. - Awareness & Advocacy: Oversees, develops, and delivers dynamic, role-specific security awareness training. Initiates, facilitates, and promotes activities to foster a shared responsibility model within the organization and related entities. - Strategic Partnerships: Promote and oversee strategic security relationships between internal resources and external entities, including suppliers, partner organizations, and industry peer groups. - Third-Party Risk Management (TPRM): Participates in the development, implementation, and ongoing compliance monitoring of all business associate, client, and supplier agreements to ensure rigorous security concerns, requirements, and responsibilities are addressed legally and technically. - Market Intelligence: Remain informed on cyber risk trends and issues; advise, counsel, and educate executive and management teams on their potential impact to brand equity and shareholder value. - Privacy & Compliance Integration: Works closely with Data Privacy leadership to ensure alignment between security and Global Data Privacy programs (e.g., GDPR, CCPA) including policies, practices, and investigations; acts as a strategic liaison to the Compliance and Legal departments. - Risk Quantification: Responsible for periodic information security risk assessment, analysis, mitigation, and remediation utilizing data-driven risk modeling. Responsible for development and implementation of an integrated security enterprise risk management plan. - Executive Communication: Interact with excellent written and communication skills, able to operate at both a visionary strategic level and high-impact operational level.

Transform healthcare with us. At Qualified Health, we’re redefining what’s possible with Generative AI in healthcare. Our infrastructure provides the guardrails for safe AI governance, healthcare-specific agent creation, and real-time algorithm monitoring—working alongside leading health systems to drive real change. This is more than just a job. It’s an opportunity to build the future of AI in healthcare, solve complex challenges, and make a lasting impact on patient care. If you’re ambitious, innovative, and ready to move fast, we’d love to have you on board. Join us in shaping the future of healthcare. Job Summary: The IT / Security Operations Analyst owns the operational engine of security, compliance, and IT at Qualified Health. You're the person who keeps the day-to-day running: vendor intakes, IAM administration, device management, IT vendor coordination, compliance evidence collection, and the security questionnaires that our health system partners send us as part of their due diligence. This is a foundational role in a rapidly growing company. We handle protected health information for 15+ major health systems, and the security operational work is real, growing, and critically important. Today, some of it is being absorbed by our data integration team — people who should be deploying AI workflows, not resetting passwords and reviewing vendor SOC 2 reports. You'll take that operational burden off their plate and give it the dedicated attention it deserves. You'll work alongside the Director of Security & Compliance and a security engineer, forming a team that owns the company's entire security and IT operations posture. Key Responsibilities: - Manage vendor security intakes and assessments — evaluating new vendors against our security requirements and maintaining the vendor inventory - Administer IAM (identity and access management) across company systems — user provisioning, access reviews, role management - Manage device enrollment, MDM policies, and endpoint compliance - Coordinate with our outsourced IT support vendor for employee onboarding/offboarding and support escalations - Support ongoing HITRUST compliance maintenance and evidence collection - Complete client security questionnaire responses — lifting this from the integration team - Maintain security documentation, policies, and procedures - Support security scan report preparation and remediation tracking Required Qualifications: - 3-5 years in IT operations, security operations, or GRC roles - Experience with IAM platforms (Okta, Azure AD/Entra, or similar) - Familiarity with MDM solutions and endpoint management - Understanding of compliance frameworks (HITRUST, SOC 2, HIPAA) - Bachelor's degree in Information Technology, Cybersecurity, Computer Science or a related field Desirable Skills: - Vendor management experience — assessing third-party security posture and managing remediation - Healthcare industry experience — understanding of HIPAA requirements and health system security expectations - Experience with compliance automation tools (Vanta, Drata, or similar) - Background managing outsourced IT support relationships - Experience at a fast-growing startup where operational processes were being built alongside daily execution - Organizational Mastery: You manage dozens of concurrent operational tasks — vendor reviews, access requests, device enrollments, questionnaire responses — without dropping any of them - Documentation Rigor: You keep processes documented, evidence organized, and compliance records audit-ready at all times - Responsiveness: When someone needs access provisioned, a vendor reviewed, or a security questionnaire completed, you handle it promptly and accurately - Process Improvement: You don't just run the operational playbook — you improve it. You look for ways to automate, streamline, and reduce manual effort - Discretion: You handle sensitive information (access credentials, security findings, vendor assessments) with the appropriate level of confidentiality and professionalism Technical Environment: You'll work with healthcare data from diverse sources including: - Epic (Clarity, Chronicles, FHIR APIs) - Cerner, AllScripts, and other major EHR platforms - Claims data (CMS, commercial payers) - Clinical registries and specialty systems - FHIR R4 and legacy HL7 formats Why Join Qualified Health? This is an opportunity to join a fast-growing company and a world-class team, that is poised to change the healthcare industry. We are a passionate, mission-driven team that is building a category-defining product. We are backed by premier investors and are looking for founding team members who are excited to do the best work of their careers. Our employees are integral to achieving our goals so we are proud to offer competitive salaries with equity packages, robust medical/dental/vision insurance, flexible working hours, hybrid work options and an inclusive environment that fosters creativity and innovation. Our Commitment to Diversity Qualified Health is an equal opportunity employer. We believe that a diverse and inclusive workplace is essential to our success, and we are committed to building a team that reflects the world we live in. We encourage applications from all qualified individuals, regardless of race, color, religion, gender, sexual orientation, gender identity or expression, age, national origin, marital status, disability, or veteran status. Pay & Benefits: The pay range for this role is between $120,000 and $145,000, and will depend on your skills, qualifications, experience, and location. This role is also eligible for equity and benefits. Join our mission to revolutionize healthcare with AI. To apply, please send your resume through the application below.

• Manage vendor security intakes and assessments — evaluating new vendors against our security requirements and maintaining the vendor inventory • Administer IAM (identity and access management) across company systems — user provisioning, access reviews, role management • Manage device enrollment, MDM policies, and endpoint compliance • Coordinate with our outsourced IT support vendor for employee onboarding/offboarding and support escalations • Support ongoing HITRUST compliance maintenance and evidence collection • Complete client security questionnaire responses — lifting this from the integration team • Maintain security documentation, policies, and procedures • Support security scan report preparation and remediation tracking