Mapbox is the leading real-time location platform for a new generation of location-aware businesses. Mapbox is the only platform that equips organizations with the full set of tools to power the navigation of people, packages, and vehicles everywhere. More than 4 million registered developers have chosen Mapbox because of the platform’s flexibility, security and privacy compliance. Organizations use Mapbox applications, data, SDKs and APIs to create customized and immersive experiences that delight their customers. What We Do Mapbox is looking for a Staff Cloud Security Engineer to join our Security & Compliance team. As a member of our diverse and globally distributed team, you’ll help all Mapbox engineers build secure-by-default systems. Engineers on the Security & Compliance team build scanning and threat detection systems to monitor Mapbox’s cloud deployment (AWS-native, mainly container-based, 7 global regions including China) and other digital assets. They conduct risk assessments of new vendor integrations and product launches, and facilitate a bug bounty program that leverages the diverse expertise of a global community of security researchers. Lastly, they build and maintain core standards around security, quality, and privacy—reflected in our compliance certifications—and the automation to monitor and enforce these standards across Mapbox. What We Do We’re excited to share our passion for scalable, engineering-driven, security with you, and for your perspective to help shape our team’s goals. You will be responsible for contributing to, operating, and improving all things related to our security and compliance services. In this role, you can expect to: - Conduct AWS security reviews (deep dive into our AWS environment to validate security best practices are being followed). - Make security improvements recommendations and work with our production support teams to implement security improvement in AWS. - Partner with the Lead Security Architect in fixing custom-built security tools bots. - Conduct in-depth security reviews of application code, working closely with developers to code securely from the outset and address issues early during coding and testing phases. - Partner with internal product teams to implement a secure-by-default design into their own products. What We Believe are Important Traits for This Role - Bachelor’s or higher degree in Computer Science or similar - 5+ years of experience in product or application security and related software engineering roles - Experience with AWS services like GuardDuty, CloudTrail log review, IAM, Security Groups, CloudFront, CloudFormation, S3, ECS, Lambda, DynamoDB and RDS. - Proficiency in a programming language (e.g. Python, JavaScript or Node.js or TypeScript), testing practices, and documentation. - Subject matter expertise in security best practices and the ability to quickly make correct risk assessments that prioritize the overall benefit to the company. Preferred Qualifications - Additional experience with AWS services like API Gateway, CodeBuild, VPCs, Inspector, Advanced Shield, Athena, and Glue. - Strong proficiency in a programming language (e.g. JavaScript or Node.js or Python), testing practices, and thorough documentation. - Experience with SOC 2, GDPR, and ISO 9001 or ISO 27001 compliance standards a plus What We Value In addition to our core values, which are not unique to this position and are necessary for Mapbox leaders: - We value high-performing creative individuals who dig into problems and opportunities. - We believe in individuals being their whole selves at work. We commit to this through supportive health care, parental leave, flexibility for the things that come up in life, and innovating on how we think about supporting our people. - We emphasize an environment of teaching and learning to equip employees with the tools needed to be successful in their function and the company. - We strongly believe in the value of growing a diverse team and encourage people of all backgrounds, genders, ethnicities, abilities, and sexual orientations to apply. Our annual base compensation for this role ranges from $197,000 - $266,800 for most US locations and 5% to 10% higher for US locations with a higher cost of labor. Job level and actual compensation will be decided based on factors including, but not limited to, individual qualifications objectively assessed during the interview process (including skills and prior relevant experience, potential impact, and scope of role), market demands, and specific work location. Please discuss your specific work location with your recruiter for more information. By applying for this position, you acknowledge that you agree to the Mapbox Privacy Policy which is linked here. Mapbox participates in E-Verify to confirm employee work authorization. Please refer to the Notice of E-Verify Participation and Right to Work posters for more information. We are committed to a fair and equitable hiring process. We do not discriminate against any protected class. #LI-Remote

Role Description Du suchst eine Aufgabe mit echtem Mehrwert, bei der der Mensch im Mittelpunkt steht, und keine klassische Sales-Rolle? Als Medizinprodukteberater (m/w/d) bist du die wichtigste Schnittstelle zwischen medizinischem Fachpersonal, Patient:innen und unseren therapeutischen Lösungen. Begleite Menschen individuell auf ihrem Therapieweg und sorge mit deiner empathischen Beratung für ein spürbares Plus an Lebensqualität. Was erwartet dich? - Du berätst Patient:innen und deren Angehörige empathisch, diskret und bedarfsgerecht zur optimalen Auswahl unserer medizinischen Hilfsmittel. - Du begleitest die laufende Therapie, stehst als feste Ansprechperson bei allen Anwendungsfragen zur Verfügung und passt die Versorgung bei Bedarf an. - Du führst professionelle Produktschulungen und Einweisungen für medizinisches Fachpersonal in Kliniken und Praxen durch. - Du pflegst den engen, vertrauensvollen Austausch mit behandelnden Ärzt:innen und Pflegeteams, um eine ganzheitliche Betreuung sicherzustellen. - Du dokumentierst den Therapieverlauf sowie die Versorgungsdaten sorgfältig und selbstständig in unserem System. Benefits - Unbefristeter Arbeitsvertrag. - 28 Urlaubstage, welche sich mit entsprechender Betriebszugehörigkeit erhöhen. - Firmenwagen zur beruflichen und privaten Nutzung inkl. Tankkarte. - Ergebnisorientierte Vergütung mit attraktivem Provisionsanteil - abhängig von Leistung und Betriebszugehörigkeit. - Selbstständiges und eigenverantwortliches Arbeiten. - Bereitstellung eines Firmenhandys. - Intensive Einarbeitung in die Produkte und Beratungsprozesse. - Regelmäßige Teamevents und Weihnachtsfeiern. Qualifications - Du bringst idealerweise eine abgeschlossene Ausbildung oder einschlägige Berufserfahrung im medizinischen oder pflegerischen Bereich mit (z. B. als Pflegefachkraft, MFA oder im Sanitätshaus). - Quereinsteiger:innen mit starker Affinität zur Medizin sind ebenfalls willkommen. - Du zeichnest dich durch ein hohes Maß an Empathie, Geduld und ehrlicher Freude an der Arbeit mit Patient:innen aus. - Du besitzt das Talent, technische und medizinische Zusammenhänge verständlich, ruhig und anschaulich zu erklären. - Du arbeitest gerne eigenverantwortlich und bringst die nötige Reisebereitschaft für die täglichen Besuche in deinem regionalen Betreuungsgebiet mit. - Du verfügst über sichere Deutschkenntnisse sowie einen gültigen Pkw-Führerschein (Klasse B).

• Act as the Subject Matter Expert (SME) for Endpoint Detection and Response (EDR) tools/process including optimizing configurations/policies, developing custom threat detection rules, and proactively improving Deel’s overall security posture for remote endpoints (Mac and Windows) and cloud assets (Eg, VMs). • Configure, manage, and tune the full suite of security policies within SWG, CASB and ZTNA. Assist our remote colleague with seamless experience through troubleshooting end user issues as needed. • Continuously improve SaaS security posture with SSPM tools and processes around it. Collaborate with diverse application owners, understand security control and resolve configuration drifts for our wide range of SaaS applications from baseline. • Develop a rigorous review, approval, policy enforcement and auditing for browser extensions, third party OAuth applications for SaaS applications such as Google Workspace, GitHub, Jira etc to meet security and privacy standards. • Design, implement, and audit security policies related to enterprise browsers (Eg, Island, Chrome Enterprise etc) including controlling access to sensitive web apps, and data loss prevention (DLP) configuration, ZTNA, secure web browsing experience but not limited to. • Manage DLP policies across Endpoint, Network, SaaS Applications and Cloud assets, directly supporting the "Crawl-Walk-Run" program phases. Ensure DLP policies meet diverse data sovereignty, privacy (GDPR, CCPA, etc.), and national regulatory requirements. • Run vulnerability management programs for endpoints and servers and ensure they are patched according to the policy in collaboration with stakeholders.

• Assist with security design reviews and threat modeling under the guidance of senior engineers • Help build and maintain automated security testing tools integrated into CI/CD pipelines • Support the creation of security education and training materials for engineering teams • Research and document secure architecture patterns and best practices • Assist in proof of concept evaluations for application security solutions • Contribute to the day-to-day operations of the Product Security Team