• Lead and mentor a team of Security Control assessors in conducting comprehensive audits, identifying gaps and providing recommendations • Assess and document security and compliance risks and deficiencies within business operations, focusing on gaps in security controls • Develop, communicate, and oversee remediation plans to address compliance gaps and reduce organizational risk • Collaborate with internal teams and external assessors to communicate, educate, and demonstrate various security standards (PCI, ISO, etc.) requirements effectively • Design and implement standardized processes or templates to enhance automation and efficiency in audit deliverables

At Danaher, our work saves lives. And each of us plays a part. Fueled by our culture of continuous improvement, we turn ideas into impact – innovating at the speed of life. Our 63,000+ associates work across the globe at more than 15 unique businesses within life sciences, diagnostics, and biotechnology. Are you ready to accelerate your potential and make a real difference? At Danaher, you can build an incredible career at a leading science and technology company, where we’re committed to hiring and developing from within. You’ll thrive in a culture of belonging where you and your unique viewpoint matter. Learn about the Danaher Business System which makes everything possible. The Cyber security Engineer at Danaher will be responsible for deploying, managing, and maintaining security tools, ensuring they meet evolving business and security requirements. This role will also focus on developing, monitoring, and improving key performance indicators (KPIs) to measure effectiveness and drive continuous improvement across the security program. This position reports to the Director of Architecture, Engineering and Operations and is part of the Cybersecurity Engineering team working remotely to cover global operations. In this role, you will have the opportunity to: - Design, develop, and maintain the CrowdStrike Falcon platform and all associated modules, including Falcon, FEM and Identity. - Collaborate efficiently with Danaher cross-functional teams to ensure seamless integration and optimal functionality. - Implement new features and enhance existing functionalities to improve platform performance and security. - Address complex technical challenges by delivering robust and scalable solutions. - Partner with stakeholders to uphold Zero Trust security principles, securing identity, device, and access management. The essential requirements of the job include: - Possess 5+ years of engineering experience with demonstrated expertise in architecting, designing, and deploying high-performance cybersecurity platforms. - Advanced expertise in scripting for networking and cybersecurity tools, including performance optimization, repository management, and API automation, with strong knowledge of core networking and systems fundamentals (TCP/IP, packet inspection, DNS, DHCP, and configuration management). - Possesses extensive experience with SaaS deployments managed by MSSPs, including successfully handling projects involving more than 50,000 assets. - Proficient in CrowdStrike Falcon EDR or Identity solution. - Experienced in managing large-scale environments comprising over 50,000 assets and multiple policy configurations. Travel, Motor Vehicle Record & Physical/Environment Requirements: - Ability to travel – Around 15%, overnight, within territory or locations - Must have a valid driver’s license with an acceptable driving record It would be a plus if you also possess previous experience in: - CrowdStrike Falcon Exposure Management certifications. - Bachelor’s degree in computer science, Information Technology, or related field. - Strong written and verbal communication skills. Danaher offers a broad array of comprehensive, competitive benefit programs that add value to our lives. Whether it’s a health care program or paid time off, our programs contribute to life beyond the job. Check out our benefits at Danaher Benefits Info. At Danaher, we believe in designing a better, more sustainable workforce. We recognize the benefits of flexible, remote working arrangements for eligible roles and are committed to providing enriching careers, no matter the work arrangement. This position is eligible for a remote work arrangement in which you can work remotely from your home. Additional information about this remote work arrangement will be provided by your interview team. Explore the flexibility and challenge that working for Danaher can provide. The annual salary range for this role is $130k-$145k.This is the range that we in good faith believe is the range of possible compensation for this role at the time of this posting. This range may be modified in the future. This job is also eligible for bonus/incentive pay. #LI-Remote We offer comprehensive package of benefits including paid time off, medical/dental/vision insurance and 401(k) to eligible employees. Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company’s sole discretion, consistent with the law. Join our winning team today. Together, we’ll accelerate the real-life impact of tomorrow’s science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life. For more information, visit www.danaher.com. Danaher Corporation and all Danaher Companies are committed to equal opportunity regardless of race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity, or other characteristics protected by law. The U.S. EEO posters are available here. We comply with federal and state disability laws and make reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact:1-202-419-7762 or applyassistance@danaher.com.

Who We AreFounded in 2012 by 3 expert hackers with no investment capital, Trail of Bits is the premier place for security experts to boldly advance security and address technology’s newest and most challenging risks. It has helped secure some of the world's most targeted organizations and devices. Our combination of novel research with practical solutions reduces the security risks that our clients face from emerging technologies. Our work helps drive the security industry and the public understanding of the technology underlying our world. Cybersecurity preparedness is a moving target. Companies like ours are the tip of the spear in the fight against attackers. Our research-based and custom-engineering approach ensures that our client’s capabilities are at the forefront of what’s available. For companies and technologies that live and die by their security, a proactive, tailored approach is required to keep one step ahead of attackers. Democratizing security information is essential. As part of our business, we provide ongoing informational support through blogs, whitepapers, newsletters, meetups, and open-source tools. The more the community understands security, the more they’ll understand why a company like ours is so unique and valuable. Role Trail of Bits seeks a Senior Security Engineer specializing in Application Security for Agentic AI systems, within our growing Software Assurance team. You will conduct comprehensive security assessments of large language model systems, examining software across the AI supply chain and application stack — such as LLM web applications, agentic coding tools, training data and inference pipelines, and guardrail mechanisms. Additionally, this role will be responsible for development, and operationalization of prompt injection techniques, for use in end-to-end application security reviews. You will identify and analyze novel attack vectors and vulnerabilities specific to AI and agentic environments, focusing on real-world failure modes, system integration issues, and unauthorized access vectors. This role allows you to apply application security experience and adversarial thinking to the latest agentic systems and buisness integrations. In addition to performing technical assessments, you will contribute to threat modeling, adoption risk frameworks for generative AI tooling, and delivering specialized training to clients on Agentic AI security concepts, including prompt injection, ML-specific attacks, and data pipeline threats. What You'll Achieve - Agentic AI Security Assessments: Conduct comprehensive application security assessments of agentic AI pipelines, tools, and frameworks for leading companies and labs. Examine vulnerabilities in model architectures, guardrails, and deployment infrastructure while developing mitigation strategies. - Prompt Injection Research & Development: Develop and share novel prompt injection techniques targeting agentic workflows, including indirect injection via tool outputs, multi-turn manipulation, and cross-agent exploitation. Produce actionable attack libraries and defensive countermeasures for client engagements. - Application Security Assessment: Conduct security assessments of client code bases using a combination of static analysis, dynamic testing, and manual code review, identifying vulnerabilities and developing mitigation strategies, with a focus on findings at the intersection of application security and Agentic AI security. - Threat Modeling: Conduct threat modeling and risk assessments to proactively identify potential risks for clients and develop mitigation strategies for future prevention, with particular attention to prompt injection attack surfaces in agentic orchestration layers. - Client Engagement: Work with leading industry teams to review system code and architecture, and help assure their products through system analysis and modeling. - AI Policy & Compliance Initiatives: Develop and contribute to AI regulatory frameworks, establishing assurance methods and auditing processes for mission-critical AI applications while ensuring alignment with emerging industry standards and safety requirements. What You'll Bring - AI Security Expertise: Demonstrated interest and experience in agentic AI security, with demonstrated ability to identify and mitigate AI-specific vulnerabilities across complex systems, including hands-on experience with prompt injection attacks and defenses. - Technical AI Knowledge: Deep understanding of AI/ML architectures, frameworks (PyTorch, Jax, LangChain, RAG systems, etc.), and MLOps practices, combined with robust security engineering expertise. - Application Security Skills: Track record of conducting technical security assessments of software, including software and system hardening, security policy analysis, and implementing effective security measures. - Prompt Injection Proficiency: Practical experience designing and executing prompt injection workflows against production LLM systems, agentic pipelines, and tool-use environments, including familiarity with emerging taxonomies and mitigation approaches. - Programming Proficiency: Strong knowledge of multiple programming languages such as Rust, Golang, Kotlin, Swift, Objective-C, JavaScript/TypeScript, Python, Ruby, C and/or C++ for both security analysis and tool development. - Hacker Mindset: A creative and adversarial mindset, with a passion for discovering novel attack vectors and understanding how systems work across many layers of abstraction. - Communication Skills: Ability to effectively communicate complex security concepts to diverse stakeholders and deliver clear, actionable recommendations. The base salary for this full-time position ranges from $100,000 to $200,000 excluding benefits and potential bonuses. Various factors influence our salary ranges, including the specific role, level of seniority, geographic location, and the nature of the employment contract. An individual's specific work location, unique skills, experience, and relevant educational background will determine the final offer within this range. The presented salary range encompasses the starting salaries for all U.S. locations. For a precise salary estimate tailored to your preferred location, please discuss it with your recruiter during the hiring process. Trail of Bits, Inc. participates in E-Verify, the US federal electronic employment eligibility verification program. Learn more. Only applications completed via our Careers page will be considered for further review. When you apply, you'll be added to our newsletter so you can stay updated on company news and opportunities. You can opt out anytime. BenefitsBenefits, Perks & WellnessTrail of Bits is our people, not a place. With over 100+ employees working from every time zone across the globe, our remote-first culture is built on autonomy and trust (and backed by smile-worthy benefits) for full-time employees: Empowered Living: - Competitive salary complemented by performance-based bonuses. - Fully company-paid insurance packages, including health, dental, vision, disability, and life. - A solid 401(k) plan with a 5% match of your base salary. - 20 days of paid vacation with flexibility for more, adhering to jurisdictional regulations. Nurturing New Beginnings: - 4 months of parental leave to cherish the arrival of new family members. - Our team is global and remote-first. However, if you are interested in moving to NYC, we offer $10,000 in relocation assistance to support your transition. Work & Life Enrichment: - $1,000 Working-from-Home stipend to create a comfortable and productive home office. - Annual $750 Learning & Development stipend for continuous personal and professional growth. - Company-sponsored all-team celebrations, including travel and accommodation, to foster community and recognize achievements. Community Impact: - Philanthropic contribution matching up to $2,000 annually.

• Establish and execute a comprehensive long-term vision and strategy for Product Security, AppSec, and Privacy Engineering across all product lines. • Lead the Product Security Review process, including threat modeling, security architecture reviews, and penetration testing oversight for new and existing features. • Define and enforce Security and Privacy standards and policies within the Software Development Lifecycle (SDLC) and CI/CD pipelines. • Partner with Legal and GRC teams to translate evolving privacy regulations (e.g., GDPR, CCPA) into engineering requirements and best practices. • Drive incident response and vulnerability management processes for all product-related issues. • Mentor and develop a team of high-performing security and privacy engineers.