Lead investigations and remediation efforts, champion AI and automation in SecOps, develop detection engineering and threat hunting capabilities, and operationalize threat intelligence to identify emerging threats across the attack surface.

• Your main goal will be to strengthen n8n’s product and platform security by driving hands-on security work that helps engineering teams reduce risk, ship securely, and build a growing security practice from an early stage. • Vulnerability management and disclosure • Own day-to-day vulnerability intake and triage workflows, including the security inbox and bug bounty submissions. • Coordinate remediation with engineering teams and help track issues through to resolution with clear priorities and follow-through. • Support coordinated disclosures, GitHub Security Advisories, and researcher communication in a timely and structured way. • Security tooling and technical assessments • Operate and improve security tooling across the SDLC, including scanning, alert triage, and workflow tuning. • Run practical security assessments such as targeted reviews, validation of findings, and remediation tracking from internal or external testing. • Help improve visibility into product and platform risk through actionable findings, documentation, and technical recommendations. • Secure product development support • Partner with engineers to embed security into design, development, and release processes in pragmatic ways. • Support threat modeling, secure coding guidance, and lightweight security reviews across product and platform areas. • Create clear, useful documentation that helps teams understand risks and apply secure development practices. • Security operations and team foundations • Support the coordination of security incidents by helping with investigation, tracking, communication, and follow-up actions. • Contribute to playbooks, runbooks, and internal processes that improve security readiness over time. • Help shape how the security function works in practice as the team grows, together with the Head of Security and future hires.

• Support development and documentation of physical security, technical security, life safety, and guard force program elements. • Assist with onsite risk assessments, gap analyses, security audits, and facility reviews at offices, retail branches, campuses, and data centers. • Help analyze security risks and prepare mitigation recommendations. • Participate in client meetings to gather information and understand requirements. • Build working relationships with client security teams, property management, and law enforcement under senior guidance. • Assist with preparing reports, executive summaries, presentations, and status updates. • Collect and organize security-related data to support program improvements. • Support internal and external security training activities. • Stay informed on emerging security technologies and industry trends.

• Provide expert-level technical guidance and analysis to support cybersecurity and risk assessment initiatives, including supply chain risk management. • Develop, enhance, and maintain standard operating procedures (SOPs) to support assessment execution and implementation. • Conduct security assessments and hands-on testing, analyze results, document risks, and recommend appropriate countermeasures. • Identify, evaluate, and report on system vulnerabilities, threats, and security gaps. • Review and provide recommendations on program-level documentation, including: o Requirements specifications o System architecture and design documents o Test plans and security plans • Develop and document security evaluation test plans and procedures. • Support the development and implementation of information security policies, standards, and guidance. • Ensure compliance with applicable frameworks and regulations (e.g., FISMA, NIST, OMB). • Perform risk assessments, including analyzing threats, vulnerabilities, and potential impacts. • Coordinate with cross-functional teams and stakeholders to support security testing and program objectives. • Lead or participate in technical exchange meetings, documenting outcomes and action items. • Prepare and deliver briefings to leadership on project status, risks, and key findings. • Analyze and synthesize data from multiple sources to produce clear, actionable insights for both technical and non-technical audiences. • Provide oversight for the design, development, and implementation of security support systems. • Collaborate with stakeholders to map system functionality to security controls and compliance requirements.