• Lead and grow a team of the best security engineers in the world, with a view of security that is engineering-driven, human-centric, and trust-based. • Help define the strategy for Vanta’s application security program, and empower the team to implement robust security protocols and stay ahead of emerging threats. • Leverage AI to improve efficiency of team processes, and improve the maturity of the overall security program. • Work with the Engineering and Product Development team to assess and communicate acceptable levels of risk, mitigate that risk, and help ensure that Vanta products are developed with security in mind. • Provide, both individually and through your team, expert feedback to Vanta’s Product, Engineering, and Design teams on our product offerings and serve as a strong customer voice in product development. • Represent Vanta’s products, vision, and voice as a trusted security thought leader in public security forums.

Microsoft Cloud Security Consultant - Remote US Only Department: Blue Mantis Employment Type: Full Time Location: Remote Compensation: $120,000 - $170,000 / year Description Are you ready to elevate your cybersecurity career to new heights while enjoying the flexibility of remote work? We are seeking an experienced Cloud Security Consultant with a specialized focus on Microsoft Azure, Microsoft 365 (M365), Entra ID, Sentinel, and the Defender suite of products. This also includes a comprehensive knowledge of the full suite of Microsoft Security solutions, including Cloud Security and Data Loss Prevention (DLP). The ideal candidate will also bring extensive experience in AWS Security, with the capability to assess, remediate, and provide expert consulting on all security aspects of both cloud environments. This role requires someone with hands-on skills in cloud security architecture, risk management, and incident response and business email compromise, supported by relevant industry certifications and vendor-specific qualifications. An understanding of exploitation of misconfigurations within the cloud platform will also be important. In this role, you will work closely with clients to assess their cloud security posture, recommend and implement improvements, and ensure compliance with industry standards. Your deep understanding of Azure, M365, Entra ID, AWS, and other Microsoft security tools will allow you to provide holistic security guidance and solutions that safeguard critical data, prevent unauthorized access, and optimize cloud security operations. So, if you're ready to make your mark in the ever-exciting world of cybersecurity, if you're driven to push boundaries and pioneer novel solutions, and if you're seeking a role that transcends the ordinary, then we invite you to join us on this exhilarating journey at Blue Mantis. Key Responsibilities - Advanced Cloud Security Assessment: Conduct in-depth security assessments across Azure, M365, Entra ID, and AWS environments, utilizing advanced security tools to evaluate cloud configurations, data protection strategies, and access controls. Analyze and mitigate risks by identifying misconfigurations, data exposures, and security weaknesses specific to cloud infrastructure. - Cloud Engineering and Architecture Design: Design and implement secure cloud architectures tailored to clients’ specific business needs across Azure, M365, and AWS environments. Develop and optimize infrastructure to ensure security, scalability, and resilience, integrating security controls throughout the architecture to protect data and minimize attack surfaces. - Risk Detection and Vulnerability Management: Detect and remediate vulnerabilities within cloud security architectures, such as Identity and Access Management (IAM), MFA, M365 weaknesses, unsecured endpoints, and data loss risks. Utilize both manual techniques and automation to uncover hidden risks and enhance data protection of client environments. - Data Classification, Management, and DLP Implementation: Assess, Design, and implement data classification and Data Loss Prevention (DLP) strategies across Microsoft, AWS, and on-premises environments to protect sensitive data and ensure compliance. Assist clients in categorizing and managing data according to sensitivity, regulatory requirements, and business needs, applying DLP policies to prevent unauthorized access and data leaks. - Strategic Threat Simulation: Develop and execute cloud-focused threat simulations to evaluate clients’ defenses against advanced cyberattacks. Utilize Microsoft and AWS security tools, as well as OSINT techniques, to simulate real-world cyber threats and identify potential attack vectors within cloud and hybrid environments. - Detailed Security Reporting: Prepare comprehensive reports detailing identified vulnerabilities, potential exploitation methods, and prioritized remediation recommendations. Clearly communicate risks and mitigation strategies related to Azure, M365, Entra ID, and AWS to support informed decision-making by clients and stakeholders. - Technical Insight Communication: Translate complex cloud security findings into actionable insights. Document and present advanced cloud-specific vulnerabilities and their implications, equipping clients with the knowledge and providing a roadmap to strengthen their security posture to align with regulatory requirements. - Remediation Guidance and Implementation: Provide expert guidance to clients, turning security recommendations into actionable plans. Support the implementation of security best practices, identity management, access controls, and DLP strategies within Microsoft and AWS environments to enhance overall security. - Continuous Skill Development and Certifications: Stay updated on certifications, emerging cloud security threats, vulnerabilities, and best practices, with a particular focus on Zero Trust architecture. Deepen knowledge of Microsoft and AWS security solutions to deliver cutting-edge security strategies to clients. Skills, Knowledge & Expertise - 3-5 years of experience in cloud security, with a focus on Microsoft Azure, M365, and AWS security. - Deep understanding of Microsoft Entra ID, Azure AD, Microsoft Defender Suite, Microsoft Sentinel, and DLP strategies. - Strong knowledge of AWS security services, including IAM, Security Hub, GuardDuty, and VPC security configurations. - Experience conducting security assessments, risk analysis, and remediation in M365, Azure, and AWS cloud environments. - Relevant certifications such as Microsoft AZ-500, MS-500, SC-100, SC-200, SC-400, and industry standards like CISSP, or CCSP is a plus. - Bachelor’s degree in Computer Science, Information Security or a related field. - Uphold ethical standards, ensuring engagements and client interactions are conducted with the utmost integrity. Maintain strict confidentiality, showcasing the company's dedication to ethical excellence. - This role delves into the heart of technical mastery, harnessing tools, and techniques to uncover vulnerabilities that may elude casual observers. Your skills will not only enhance our clients' defenses but will also contribute to the advancement of clients cybersecurity programs. Blue Mantis is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other legally protected characteristic. Agencies/3 Parties may not solicit to any employee of Blue Mantis. Any candidate information received from any Agency/3 Party will be considered a gift and property of Blue Mantis, unless the Agency/3 Party is an Authorized Vendor of Blue Mantis with an up-to-date Blue Mantis Contract in hand signed by Blue Mantis Talent Acquisition. No payment will be made to any Agency/3 Party who is not an Authorized Vendor, nor has specific approval in writing from Blue Mantis Talent Acquisition to engage in recruitment efforts for Blue Mantis. At this time we have no interest in onboarding any new staffing partners.

About Pinterest: Millions of people around the world come to our platform to find creative ideas, dream about new possibilities and plan for memories that will last a lifetime. At Pinterest, we’re on a mission to bring everyone the inspiration to create a life they love, and that starts with the people behind the product. Discover a career where you ignite innovation for millions, transform passion into growth opportunities, celebrate each other’s unique experiences and embrace the flexibility to do your best work. Creating a career you love? It’s Possible. At Pinterest, AI isn't just a feature, it's a powerful partner that augments our creativity and amplifies our impact, and we’re looking for candidates who are excited to be a part of that. To get a complete picture of your experience and abilities, we’ll explore your foundational skills and how you collaborate with AI. Through our interview process, what matters most is that you can always explain your approach, showing us not just what you know, but how you think. You can read more about our AI interview philosophy and how we use AI in our recruiting process here. The Internal Identity & Access Management (I2AM) team is responsible for critical production infrastructure that provides a foundational notion of Identity and strong authentication and authorization controls across Pinterest. Our backend is primarily written in Golang, Python with some C++ while our frontend tools are written in React and TypeScript. We’re looking for a software engineer who will help us build robust tooling to define and evaluate access controls across production infrastructure. A security background is not necessary but ideal candidates will have familiarity with the problems or related spaces, such as Infrastructure or Identity. What you’ll do: - Contribute to the technical roadmap for identity and authorization controls for users, services and AI Agents. - Design, implement, and maintain mission-critical features that will help us deliver robust IAM infrastructure and libraries to our customers. - Leverage Agentic AI to improve systems and least privilege, while applying judgment and verification to ensure correctness and quality. Improve code quality and system performance using AI Coding Agents. - As member of the Infrastructure Security team, build performant and resilient AAA (Authentication, Authorization, Auditing) platform controls into various high-traffic services including our AI Agents, online/offline data platforms, databases, service mesh. (Envoy) and other critical infrastructure components. What we're looking for: - Bachelor’s degree in Computer Science, Engineering, or a related field, or equivalent experience. - 2+ years of software development experience. - Experienced in developing features end to end, with preferred experience developing them in distributed systems. - Experience with critical evaluation and verification of AI-assisted work (e.g., testing, source-checking, data validation, peer review). - Demonstrated ability to prototype and use AI tooling to improve reliability and quality of day-to-day workflow and system performance. - High integrity and ownership: you protect sensitive data, avoid over-reliance on AI, and remain accountable for final decisions and deliverables. - Experience in some of the following areas is a strong plus: - Identity, Account Security, Authentication/Authorization (OAuth, SAML, RBAC) protocols - AWS or other public cloud infrastructure, containerization such as Kubernetes - Infrastructure provisioning tools (Terraform, Puppet, etc.) - Familiarity with networking protocols (Application layer) In-Office Requirement Statement: - We recognize that the ideal environment for work is situational and may differ across departments. What this looks like day-to-day can vary based on the needs of each organization or role. - This role will need to be in the office for in-person collaboration 1-2 times every 6-months and therefore can be situated anywhere in the country. Relocation Statement: - This position is not eligible for relocation assistance. Visit our PinFlex page to learn more about our working model. #LI-REMOTE #LI-JT1 At Pinterest we believe the workplace should be equitable, inclusive, and inspiring for every employee. In an effort to provide greater transparency, we are sharing the base salary range for this position. The position is also eligible for equity. Final salary is based on a number of factors including location, travel, relevant prior experience, or particular skills and expertise. Information regarding the culture at Pinterest and benefits available for this position can be found here. US based applicants only $123,696—$254,667 USD Our Commitment to Inclusion: Pinterest is an equal opportunity employer and makes employment decisions on the basis of merit. We want to have the best qualified people in every job. All qualified applicants will receive consideration for employment without regard to race, color, ancestry, national origin, religion or religious creed, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, age, marital status, status as a protected veteran, physical or mental disability, medical condition, genetic information or characteristics (or those of a family member) or any other consideration made unlawful by applicable federal, state or local laws. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you require a medical or religious accommodation during the job application process, please complete this form for support.

Role Description Plaid is looking for a Product Security Engineer who is fundamentally a builder. Unlike traditional product security roles, this position is designed for a software engineer who wants to solve security challenges at scale by developing production-grade services, libraries, and frameworks. In this role, you’ll build and maintain Plaid’s vulnerability management orchestration service, automate workflows to reduce operational toil, and create solutions that eliminate entire classes of vulnerabilities. You’ll also partner closely with product engineers to ensure services meet security standards, support incident response and security awareness efforts, and collaborate across the security platform organization to deliver the engineering foundations that make secure development the default at Plaid. Responsibilities - Build the secure engineering foundations that secure the future of digital finance. - Develop maintainable and secure software to enhance Plaid's security posture and create paved roads for developers for easy and default integration of security controls. - Design, develop, and maintain security-critical services and components. - Develop internal tooling to automate vulnerability detection, dependency management, and remediation workflows within the CI/CD pipeline. - Replace manual security gates with engineered solutions that allow product teams to ship faster and more securely. - Communicate effectively with managers and team members regarding project deliverables and progress. - Design and implement technical solutions that align with the evolving needs of the business. - Proactively identify and address security vulnerabilities in products and services. - Actively participate in incident response and security awareness initiatives. Qualifications - 2 + years of professional experience building and scaling production services. - Ability to architect software systems to meet security, privacy, usability, scalability and cost requirements. - Experience building systems or services related to vulnerability management, data encryption, key management, secret management, user authentication, service authentication, authorization systems, and security policy enforcement (not prerequisites). - Experience designing distributed systems and microservices with a focus on performance and reliability (not prerequisites). - Familiarity with modern cloud infrastructure (AWS, Kubernetes, Terraform) and how to integrate security controls into them (not prerequisites). - A passion for creating tools and libraries that other engineers love to use (not prerequisites). - Passionate about educating others on security and privacy (not prerequisites). Company Description Plaid's mission is to unlock financial freedom for everyone. To support that mission, we seek to build a diverse team of driven individuals who care deeply about making the financial ecosystem more equitable. We recognize that strong qualifications can come from both prior work experiences and lived experiences. We encourage you to apply to a role even if your experience doesn't fully match the job description. We are always looking for team members that will bring something unique to Plaid! Plaid is proud to be an equal opportunity employer and values diversity at our company. We do not discriminate based on race, color, national origin, ethnicity, religion or religious belief, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, military or veteran status, disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state, and local laws. Plaid is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance with your application or interviews due to a disability, please let us know at accommodations@plaid.com.