Role Description Sungrow Americas is seeking a Product and Application Security Engineer to execute security across the full product ecosystem, spanning firmware, embedded systems, hardware-integrated applications, cloud services, and connected platforms. This role is responsible for deep technical security execution across the entire product lifecycle, ensuring that security is embedded from device to cloud to application layer. You will serve as the hands-on technical authority, working directly with engineering teams to identify, validate, and remediate vulnerabilities across software, firmware, hardware interfaces, and system integrations. This is a high-depth, cross-domain role, ideal for an engineer who can move fluidly between code, devices, protocols, and cloud architectures. Key Responsibilities - Full-Stack Product Security - Perform security assessments across: - Applications (web, APIs, backend services) - Firmware and embedded systems - Hardware interfaces and device communications - Cloud-connected platforms and IoT ecosystems - Conduct code review, firmware analysis, and system-level security testing - Identify and validate vulnerabilities across the entire product attack surface - Secure Development & System Hardening - Embed security into SDLC across software, firmware, and device-integrated systems - Define and implement secure design patterns across: - Application layers - Device firmware - Communication protocols - Partner with engineering to ensure secure-by-design architecture decisions - Offensive Security & Validation - Perform and support penetration testing, firmware analysis, and device-level assessments - Validate findings from internal testing, third-party assessments, and teardowns - Simulate real-world attack paths across device → network → cloud → application - Vulnerability Management - Triage and validate vulnerabilities across software, firmware, and hardware layers - Provide clear, actionable remediation guidance tailored to engineering teams - Track and drive remediation aligned to risk and customer impact - Software & Hardware Supply Chain Security - Support SBOM/HBOM analysis and validation - Identify risks in third-party libraries, firmware components, and hardware dependencies - Assist in mitigation strategies across supplier-integrated components - Emerging Technology & Advanced Systems Security - Evaluate security risks in: - IoT architectures and edge devices - Cloud-native and distributed systems - Agentic / autonomous system behaviors (where applicable) - Help define guardrails for secure adoption of new technologies - Engineering Integration & Enablement - Act as a trusted technical partner to software, firmware, and hardware teams - Translate security findings into practical engineering fixes - Provide real-time guidance during development, not just post-testing - Contribute to a culture of security ownership within engineering - AI & Automation - Experience leveraging AI/ML-assisted tools to improve security engineering outcomes, including: - Code analysis and vulnerability detection - Secure code generation and review validation - Automation of repetitive security testing and triage tasks - Ability to integrate AI capabilities into engineering workflows, including: - API-based integrations with development and security tooling - Automation of security processes within CI/CD pipelines - Working understanding of security risks associated with AI-enabled systems, including: - Prompt injection and model misuse - Data exposure and model leakage risks - Secure handling of sensitive data in AI workflows - Practical ability to build lightweight automation and tooling (scripts, integrations, or pipelines) to scale security operations Qualifications - 6–10+ years of experience in product security, embedded security, application security, or IoT security - Hands-on experience across multiple layers of the stack, including: - Application security (OWASP, API security) - Firmware or embedded systems - Network protocols and device communications - Strong ability to perform: - Manual code review - Firmware analysis (static/dynamic) - System-level threat analysis - Experience with security tooling across SAST, DAST, SCA, firmware analysis, and network testing - Working knowledge of modern architectures (cloud, microservices, device-cloud integration) - Ability to leverage AI. Preferred - Experience with industrial systems, energy, or OT environments - Familiarity with hardware security concepts (secure boot, TPM, hardware roots of trust) - Experience with reverse engineering or low-level debugging - Exposure to SBOM/HBOM frameworks and supply chain security models (SLSA, etc.) - Certifications such as OSCP, OSCE, OSWE, GXPN, or similar Competencies - Cross-Domain Depth: Comfortable moving between firmware, hardware interfaces, applications, and cloud - Hands-On Operator: Executes, tests, breaks, and fixes—not just advises - Systems Thinker: Understands how components interact across the full product lifecycle - Engineering Credibility: Earns trust through technical accuracy and practical solutions - Adaptable Problem Solver: Effective in complex, evolving product environments Travel - Up to 10% Work Location and Status - Full-time position - Remote - No visa sponsorship Sungrow is an equal opportunity employer. Due to strong interests in this position, Sungrow will only reach out to those candidates who best meet the requirements. Thank you for your interest in Sungrow.

Role Description We are looking for a hands-on security leader and subject matter expert in application security and AI security, responsible for defining the architectural security goals and implementation strategy for WebPT’s cloud-native SaaS environments. This engineer serves as the security team’s technical anchor—performing deep dives into complex application and system designs, evaluating AI/ML platform risks, and translating security requirements into practical engineering guidance that enables the business rather than slowing it down. Working closely with engineering leadership, product managers, and third-party development partners, this leader will be the voice of security in architecture reviews, design sessions, and vendor evaluations, ensuring that security and compliance are built in from the start. What You’ll Be Doing As A Part of Our Team - Application Security Architecture - Lead application security architecture reviews for WebPT’s SaaS platforms, including new feature designs, third-party integrations, and major platform changes submitted through the change management process. - Own and facilitate threat modeling sessions with product and engineering stakeholders, translating findings into actionable developer guidance, architectural guardrails, and risk-accepted documentation. - Help define and evolve WebPT’s Secure Software Development Lifecycle (SDLC), embedding security checkpoints into GitLab CI/CD pipelines and development workflows without creating unnecessary friction. - Oversee application security testing tooling, triage findings by risk, and drive remediation with engineering teams—balancing thoroughness with the pace of a lean environment. - Serve as the internal authority on API security, secrets management, authentication and authorization patterns (OAuth 2.0, SAML, OIDC), and input validation across microservices and legacy systems. - AI Security & Governance - Serve as the primary security resource for AI/ML integration decisions, including agentic AI workflows, LLM-based features, ambient listening, and third-party AI platform technologies. - Define and maintain WebPT’s AI security standards and AI vendor risk assessment criteria, including evaluation of AI/ML platforms for HIPAA BAA compliance, data residency, prompt injection risk, and model confidentiality. - Partner with engineering and product to design security guardrails for AI feature development: input/output validation, audit logging, human-in-the-loop controls, and AI supply chain integrity. - Drive AI Shadow IT discovery and governance initiatives, analyzing telemetry from Wiz, CrowdStrike, and network/DNS sources to identify unauthorized AI tool usage across the environment. - Stay current with AI threat vectors and regulatory guidance (NIST AI RMF, OWASP LLM Top 10, HHS AI policy) and translate these into WebPT-specific controls and policy updates. - Cloud & Infrastructure Security - Partner with Cloud Operations to maintain and continuously improve WebPT’s security posture across cloud environments, leveraging Wiz for cloud security assessment and misconfiguration detection. - Provide security architecture input for infrastructure-as-code pipelines, container security, and CI/CD pipeline hardening in GitLab. - Contribute to vulnerability management strategy including EOL technology remediation, CVE triage, and risk-based prioritization in partnership with Cloud Operations and the broader security team. - Provide security guidance on WAF configuration (F5), network segmentation, and secrets management across the production environment. - Security Leadership & Cross-Functional Partnership - Participate actively in change management and security review processes, providing timely, risk-calibrated assessments and serving as a trusted partner to engineering—not a gatekeeper. - Mentor other engineers on the Security team, providing technical coaching on application security concepts, tool usage, and security investigation techniques. - Produce clear security architecture decision records, threat model summaries, risk assessments, and remediation roadmaps; evangelize secure development practices across the engineering organization. - Represent security in cross-functional forums with engineering, product, and operations leadership; translate complex security risks into business-relevant language for board- and investor-ready reporting. - Contribute to external penetration test scoping, coordination, and remediation, and support SOC 2 Type II and HIPAA compliance audit cycles as a technical subject matter expert. Qualifications - 8+ years of progressive security engineering experience, including at least 4 years in a senior or principal application security or product security role. - Deep technical proficiency in OWASP Top 10, threat modeling, SAST/DAST tooling, secure code review, API security, and authentication/authorization patterns. - Demonstrated understanding of AI/ML security risks including prompt injection, model supply chain attacks, data leakage in LLM integrations, and agentic AI trust boundaries. - Hands-on experience securing cloud-native SaaS applications, preferably on AWS with containerized and Kubernetes workloads, IaC pipelines, and microservices architectures. - Proven experience evaluating third-party AI/ML platforms and vendors for security and compliance risk in HIPAA-regulated or similarly regulated environments. - Proven ability to operate independently in a fast-paced, lean environment and influence engineering outcomes without direct authority. - Excellent written and verbal communication skills; able to translate technical risk into business impact for executive and non-technical stakeholders. - Strong working knowledge of HIPAA Security Rule requirements as applied to a cloud SaaS architecture. Ideally, You Would Also Have These - Bachelor’s degree in Computer Science, Information Security, or a related technical field. - One or more industry certifications: OSCP, CSSLP, AWS Security Specialty, CISSP, or equivalent security practitioner credential. - Familiarity with clinical documentation standards, EMR data sets, and the nuances of HIPAA compliance in a SaaS product context. - Hands-on experience with Wiz, CrowdStrike Falcon, Rapid7 InsightIDR/InsightVM, or comparable enterprise cloud and endpoint security platforms. - Exposure to agentic AI development frameworks and an understanding of how these architectures introduce novel security challenges. - Experience with GitLab CI/CD pipeline security, dependency scanning, and software supply chain security controls. - Familiarity with privileged access management solutions (Teleport, BeyondTrust, CyberArk) and certificate-based access control models. - Previous experience providing technical leadership in a hybrid internal/external team environment. Culture is at our Core - Service: Create Raving Fans - Accountability: F Up; Own Up - Attitude: Possess True Grit - Personality: Be Minty - Work Ethic: Be Rock Solid - Community Outreach: Give Back - Health and Wellness: Live Better - Resource Efficiency: Do Más With Menos About Us Here, we work hard—but we have lots of fun doing it. We believe in equal opportunity for all, autonomy, trailblazing, and always doing right by our Members. Most importantly, though, we believe in empowering rehab therapy professionals to achieve greatness in practice. So, if you’re a can-do kinda person who loves to help Members win and enjoys working from just about anywhere—then you’ll fit right in. We’ve got big plans, but we can’t achieve them without you. Join us, and let’s achieve greatness.

Join Kainos and Shape the Future At Kainos, we’re problem solvers, innovators, and collaborators - driven by a shared mission to create real impact. Whether we’re transforming digital services for millions, delivering cutting-edge Workday solutions, or pushing the boundaries of technology, we do it together. We believe in a people-first culture, where your ideas are valued, your growth is supported, and your contributions truly make a difference. Here, you’ll be part of a diverse, ambitious team that celebrates creativity and collaboration. Ready to make your mark? Join us and be part of something bigger. MAIN PURPOSE OF THE ROLE & RESPONSIBILITIES IN THE BUSINESS: As a Security Architect (Consultant) in Kainos, you’ll be responsible for the design and application of good security practices in the platforms and services we build for our customers. You’ll work with Agile delivery teams to develop good security practices throughout the software development journey. You’ll learn about and apply new technologies and approaches, with talented colleagues who will help you develop and grow.  You’ll share knowledge and help educate people – both customers and Kainos team members.  You’ll manage, coach and develop a small number of staff, with a focus on managing employee performance and assisting in their career development. You’ll also provide direction and leadership for your team as you solve challenging problems together. MINIMUM (ESSENTIAL) REQUIREMENTS • Experience in the secure design and delivery of new cloud services and solutions.  • Experience in identifying security issues in existing system designs or products, including recommending sensible mitigations that balance cost, risk and usability.  • Knowledge of security standards and regulations (e.g. NCSC, ISO, SoC, NIST, PCI, GDPR). • Deep architectural experience in one of the following specialisms: AI/ML Security/Cloud/M365/DevSecOps Security Architecture • Experience in application architecture, software development and/or infrastructure architecture.  • Clear communication with technical and non-technical audiences • Experience mentoring engineers and architects • Experience testing the security of software and infrastructure using appropriate security tools. • Experience with Continuous Security, Continuous Integration and Continuous Delivery techniques. • Experience of network security (e.g. OSI, TCP/IP), web application security (e.g. OWASP) and cryptographic controls (e.g. PKI, TLS). • We are passionate about developing people – a demonstrated ability in managing, mentoring and coaching members of your team and wider community is important • Excellent communication skills, with the ability to convey security complexities to audiences of various technical abilities (e.g. senior stakeholders, development teams). DESIRABLE • Experience of Identity management and authentication/authorisation products and patterns.  • Specialism in a sector (we're currently focused on Health, Gov, Defence) • End-to-end security involvement, including governance, risk and compliance, operational security, supply chain security and secure user management. • Penetration testing qualifications (e.g. OSCP, CREST, TIGER or equivalent) • Experience leading security engineers and other junior members of staff • Involvement across the full security lifecycle Embracing our differences   At Kainos, we believe in the power of diversity, equity and inclusion. We are committed to building a team that is as diverse as the world we live in, where everyone is valued, respected, and given an equal chance to thrive.   We actively seek out talented people from all backgrounds, regardless of age, race, ethnicity, gender, sexual orientation, religion, disability, or any other characteristic that makes them who they are.   We also believe every candidate deserves a level playing field. Our friendly talent acquisition team is here to support you every step of the way, so if you require any accommodations or adjustments, we encourage you to reach out. We understand that everyone's journey is different, and by having a private conversation we can ensure that our recruitment process is tailored to your needs.

Job Title: Cyber Security Compliance Engineer Job Category: Information Technology Time Type: Full time Minimum Clearance Required to Start: None Employee Type: Regular Percentage of Travel Required: None Type of Travel: None * * * The Opportunity: CACI's Corporate Enterprise Services Cyber Security Team is seeking a Cyber Security Compliance Engineer. As a member of the Cyber Security Team, you will work to create and maintain a DFARS compliant operating environment for CACI’s users by protecting network boundaries, designing hardened computer and network devices, and providing security services to protect highly sensitive data. Designs and implements remediation and milestones to mitigate findings from vulnerability and risk assessments. Provides information assurance for digital information, ensuring its confidentiality, integrity, and availability. Responsibilities include the granting of authorization to operate IT systems at acceptable levels of risk, testing and validation of IT systems for vulnerabilities and indicative of compromise, incident response and remediation. Will develop appropriate policy and compliant technology to meet or exceed applicable government and compliance requirements. Responsibilities: - Work with a broad range of internal teams to assess the security risk and compliance levels of their system(s) - Research trends in cybersecurity threats and NIST 800 standards in support of the CMMC standard - Creation of mitigation strategies and follow up with stakeholders to ensure risk levels are documented at the appropriate levels and follow through with report writing as appropriate - Work to create and a secure and compliant environment for CACI’s users by conducting assessments to determine risk and compliance levels of various systems and helping to develop mitigation strategies. - Possess a strong knowledge of technologies to actively monitor systems to actively monitors systems for attacks and intrusions - Use data aggregation and analysis techniques and tools to provide valuable insight into the security posture of CACI’s infrastructure - Work within CACI and third-parties to ensure that all technologies are designed with security in mind follow industry best practices and are compliant with applicable guidelines. - Ability to work in a team-centric environment - Analyze security reports and reviews and documents process documentation, and assess test results and remediation plans - Ability to work with internal and external stakeholders at all business levels - Strong presentation, written, and oral communication skills required - Performs duties in support of in-house and external customers. - Designs, develops, and recommends solutions ensuring proprietary/confidential data and systems are protected in accordance with mandated standards. - Participates with the client in the strategic design process to translate security and business requirements into technical designs. - Configures and validates secure systems, tests security products/systems to detect computer and information security weakness. - Generates security architecture documentation. - Provides critical written and verbal analyses of previously generated security architecture documentation and vulnerability and risk assessments. - Designs and implements plans of action and milestones to remediate findings from vulnerability and risk assessments. - Provides information assurance for digital information, ensuring its confidentiality, integrity, and availability. - Responsibilities include the granting of authorization to operate IT systems at acceptable levels of risk, monitoring and testing of IT systems for vulnerabilities and indicia of compromise, incident response and remediation, the development of appropriate policy, relevant user security awareness and training, and compliance with applicable government and other external standards. Qualifications: Required: - Bachelor's Degree and 1-2 years’ experience with Cyber Security or compliance - Ability to obtain a security clearance Desired: - CYSA+, CISSP, CEH, Security+ - Secret or Top-Secret clearance - Previous experience with the design or implementation of cybersecurity governance, risk, and compliance activities - Established and productive individual contributor - Works independently with little general supervision - Ability to work with internal and external stakeholders at all business levels - Strong presentation, written, and oral communication skills - Experience with DFARS, CMMC, NIST 800-series, ISO, SSDF, and other RMFs - What You Can Expect: A culture of integrity. At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation. An environment of trust. CACI values the unique contributions that every employee brings to our company and our customers - every day. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality. A focus on continuous growth. Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy. Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Since this position can be worked in more than one location, the range shown is the national average for the position. The proposed salary range for this position is: $53,100-$106,300 CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.