• Partner with engineers to identify, triage, and remediate security issues in product features and services • Participate in security reviews and threat modeling for new features and systems • Perform security-focused code reviews and help identify common vulnerabilities • Contribute to secure-by-default patterns, libraries, and tooling in our TypeScript-based stack • Help implement and operate security tooling (SAST, DAST, dependency scanning, etc.) • Support vulnerability management workflows, including internal findings and bug bounty reports • Assist in investigating security issues and assessing risk and impact • Collaborate with platform and infrastructure teams to improve application and cloud security posture • Assist in identifying and mitigating risks in AI/LLM-powered features • Contribute to security guidance, documentation, and training for engineering teams

Role Description Seeking a development & cloud focused Senior Security Engineer to join our expanding security team. The ideal candidate will have passion for AppSec, Cloud and AI. They will be a skilled communicator and relationship builder capable of promoting and building security practices across the organization and into our development processes. What You’ll Own: - Partner with different areas within Karbon - Ensure security is embedded from feature design and development to participating in design reviews and threat modelling. - Balance Security and Delivery - Communicate security risks and issues to non-technical stakeholders, understanding when to push back and when to compromise. - Keep up to date on the latest technologies and approaches - Understand the importance of foundational security practices while being excited by new developments. - Identify and assess security risks introduced by AI tools - Assist with reviewing the risks of AI tooling usage & integration and AI-generated code. - Apply AI-assisted tooling to accelerate security work - Utilize AI across areas including triage, threat detection, code review, and documentation. - Flexibility and confidence to work across multiple security domains - Gain exposure to various security domains within a fast-moving company. - Work effectively as part of a team - Build relationships and trust across the organization to enhance Karbon’s security posture. - Own your work - Take pride in your work and ensure customer data security. - Bring your passion and personality - Contribute creativity, curiosity, and authenticity to the team. - Help us measure improvement and steer our roadmap - Contribute to Security Metrics to track progress and feedback into our roadmap. Qualifications - 4+ years experience in a security or development role across most of the following: - Collaborating with teams to review designs & implementations for security issues. - Triaging issues and reports, assisting teams to remedy items and testing fixes. - Working with external penetration test companies to validate and prioritize findings. - Conducting risk and vulnerability assessments of web applications and APIs. - Configuring and tuning SAST, SCA and DAST Tooling. - Working with build/deployment pipelines to incorporate security tooling. - Assisting with implementing security-focused alerting and detections. - Conducting and facilitating organizational & developer-focused security training. - Assisting with operational security items such as EDR alerts and MDM. - Contributing to our security roadmap. - Strong communication skills (spoken and written). - Some of the following Languages/Frameworks: Microsoft .NET/C#, JavaScript (React and EmberJS), Python. - At least one cloud platform: Azure, AWS or GCP (predominantly Azure). - Working knowledge of PowerShell or Bash and Python. - Working knowledge of at least one AI development tool (e.g., Claude Code, GitHub Co-Pilot). - Portswigger Burp or similar. - Certifications such as Offsec OSCP & AWAE, GIAC, Burp Practitioner, PJPT, Microsoft/AWS development and cloud related are nice to have. - Experience with securing AI applications, systems, and AI tooling would be highly regarded. Benefits - Gain global experience across Australia, New Zealand, UK, and Canada. - Strong benefits package including: - Flexible Time Off with an encouraged 4 weeks use per year. - Company paid medical for you and eligible spouse/partner and dependents. - Paid dental and vision for you and eligible spouse/partner and dependents. - 401(k) with company matching. - Flexible Spending Account. - Up to 8 weeks paid parental leave. - Work-from-home stipend. - Work with (and learn from) an experienced, high-performing team. - A collaborative, team-oriented culture that embraces diversity, invests in development, and provides consistent feedback. - Be part of a fast-growing company that promotes high performers from within.

Role Description This is a contractual role. At Amazon, we're working to be the most customer-centric company on earth. To get there, we need exceptionally talented, bright and driven people. Amazon is one of the most recognizable brand names in the world and we distribute millions of products each year to our loyal customers. You will join a leadership team with responsibilities that require creativity, technical expertise and business sense. If you thrive in a dynamic environment with demanding business partners and enjoy finding solutions to meaningful design challenges at scale this position is for you. The DLS Trust and Integrity Program (TIP) investigates potential fraud and abuse for the Disability and Leave Services (DLS) organization. The team offers our internal customers a single threaded point of contact for investigating fraud, abuse and analyzing trends related to disability, leave or accommodation, and clinical cases. The team provides data driven and innovative results yielding company savings, and compliant use of DLS programs. This individual contributor position will investigate and manage a block of cases deemed suspect of fraudulent activity or cases that require additional inspection ensuring the utmost case integrity as it aligns to the Amazon Leadership Principles. The selected candidate will manage a scalable workload to compliantly manage these cases, producing measurable results from investigative findings. The ideal candidate will dive deep and proactively look for opportunities to increase service quality, customer obsession, and drive efficiencies. The selected candidate will collaborate and work cross-functionally within DLS and across the organization from a DLS Investigations standpoint. The successful candidate will have proven experience with investigations, with preferred qualifications in leadership, compliance, providing top quality written investigation summaries and the ability to articulate all aspects of the investigations they were responsible for. Qualifications - 1+ years of human resources experience - Knowledge of HR systems - Currently has, or is in the process of obtaining, a Bachelor's degree - Speak, write, and read fluently in English - Experience that has required the exercise of tact, initiative, ingenuity, resourcefulness, and judgment in collecting, assembling, and developing facts, evidence and other pertinent data through investigative techniques - Knowledge of federal and state disability laws regarding employees with disabilities, specifically ADA/ADAAA and FMLA - Adept at interpretation and administration of leave and disability programs and policies in accordance with applicable federal and state laws - Proven ability to build strong relationships and influence others while working cross functionally with varying levels of the organization Benefits - Our inclusive culture empowers Amazonians to deliver the best results for our customers. - If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit this link for more information. - If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Title: Sr Cybersecurity Engineer Location: USA.VA.Reston USA, CO, Boulder Job Description: Your work days are brighter here. We're obsessed with making hard work pay off, for our people, our customers, and the world around us. As a Fortune 500 company and a leading AI platform for managing people, money, and agents, we're shaping the future of work so teams can reach their potential and focus on what matters most. The minute you join, you'll feel it. Not just in the products we build, but in how we show up for each other. Our culture is rooted in integrity, empathy, and shared enthusiasm. We're in this together, tackling big challenges with bold ideas and genuine care. We look for curious minds and courageous collaborators who bring sun-drenched optimism and drive. Whether you're building smarter solutions, supporting customers, or creating a space where everyone belongs, you'll do meaningful work with Workmates who've got your back. In return, we'll give you the trust to take risks, the tools to grow, the skills to develop and the support of a company invested in you for the long haul. So, if you want to inspire a brighter work day for everyone, including yourself, you've found a match in Workday, and we hope to be a match for you too. About the Team Workday's Offensive Security Team is full of skilled cybersecurity engineers who are passionate about product security...and occasionally breaking things, so they can be fixed again! We are tasked to proactively secure Workday's products, infrastructure, and internal applications. Not only do we regularly assess for security issues through manual and automated penetration testing across all levels of the application stack, but we also conduct advanced offensive security operations including red teaming, purple teaming, vulnerability research, and credentials auditing to simulate real-world threats and identify weaknesses. We collaborate with dedicated Workmates globally and manage Workday's external and internal bug bounty programs, fostering partnerships with our developers and external researchers to uncover and responsibly disclose vulnerabilities. Ultimately, we're driven by a desire to continuously improve Workday's security posture and ensure the highest level of protection for our users. About the Role As a Sr. Cybersecurity Engineer, you will be part of an elite team of security professionals and ethical hackers with deep experience in security engineering. The Workday Offensive Security is looking for a seasoned penetration tester to help us perform security assessments and scale security at Workday. On our team, you will be performing vulnerability assessments against Workday applications, services, and networks, as well as developing security automation and tools. You will be researching new threats and executing creative exploits. If you are a passionate learner, an advocate for security, and are a highly skilled offensive security engineer, then this is the right job for you! About You You will be a great fit for this role if you have - Basic Qualifications - 8+ years of progressive experience in a similar role - 3+ yrs of experience leading PenTests in one or more areas such as public cloud infrastructure (AWS, Google Cloud), modern web applications, enterprise network assessments, API testing, AI Agentic Redteaming - 3+ yrs of experience with one or more scripting languages for automation (python, Go, Bash, Ruby, etc.) - Understanding of modern security best practices such as OWASP Top 10 & MITRE ATT&CK framework - Knowledge of networking & technology fundamentals and how to attack their weaknesses (TCP/IP stack, Linux, Docker, Kubernetes, Microservice architectures) - Must have experience with Web Proxy such as BurpSuite, Zap or others Other Qualifications - Have one or more industry leading certifications (OSCP, CRTE, CRTO, ARTE, CPTS, etc.) - Have Bug Bounty submissions experience or have independent research e.g. GitHub projects - The ability to triage findings and work on remediation plans with partner teams - Excellent written & verbal communication skills Workday Pay Transparency Statement The annualized base salary ranges for the primary location and any additional locations are listed below. Workday pay ranges vary based on work location. As a part of the total compensation package, this role may be eligible for the Workday Bonus Plan or a role-specific commission/bonus, as well as annual refresh stock grants. Recruiters can share more detail during the hiring process. Each candidate's compensation offer will be based on multiple factors including, but not limited to, geography, experience, skills, job duties, and business need, among other things. For more information regarding Workday's comprehensive benefits, please click here. Primary Location: USA.VA.Reston Primary Location Base Pay Range: $159,600 USD - $239,400 USD Additional US Location(s) Base Pay Range: $144,400 USD - $258,000 USD Additional Considerations: If performed in Colorado, the pay range for this job is $152,000 - $228,000 USD based on min and max pay range for that role if performed in CO. Our Approach to Flexible Work With Flex Work, we're combining the best of both worlds: in-person time and remote. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. We know that flexibility can take shape in many ways, so rather than a number of required days in-office each week, we simply spend at least half (50%) of our time each quarter in the office or in the field with our customers, prospects, and partners (depending on role). This means you'll have the freedom to create a flexible schedule that caters to your business, team, and personal needs, while being intentional to make the most of time spent together. Those in our remote "home office" roles also have the opportunity to come together in our offices for important moments that matter. Pursuant to applicable Fair Chance law, Workday will consider for employment qualified applicants with arrest and conviction records. Workday is an Equal Opportunity Employer including individuals with disabilities and protected veterans. At Workday, we are committed to providing an accessible and inclusive hiring experience where all candidates can fully demonstrate their skills. If you require assistance or an accommodation at any point, please email accommodations@workday.com. Are you being referred to one of our roles? If so, ask your connection at Workday about our Employee Referral process! At Workday, we value our candidates' privacy and data security. Workday will never ask candidates to apply to jobs through websites that are not Workday Careers. Please be aware of sites that may ask for you to input your data in connection with a job posting that appears to be from Workday but is not. In addition, Workday will never ask candidates to pay a recruiting fee, or pay for consulting or coaching services, in order to apply for a job at Workday.