• Own the end-to-end 'agentic' product security roadmap, defining clear milestones for transitioning from traditional to autonomous security operations • Present quarterly AI transformation scorecards to the VP of Product Cybersecurity and senior leadership • Partner with the CISO and Advanced Research Center to align strategies with enterprise risk frameworks and explore frontier technologies • Embed security capabilities into business unit engineering workflows through proactive stakeholder collaboration • Lead the evaluation and selection of LLM providers, agentic tooling, and AI security platforms • Manage unit economics, including token cost management and per-application budgeting • Enforce rigorous 'shadow mode' validation—requiring 95%+ parity before retiring any legacy security tools • Integrate security agents into CI/CD pipelines to achieve 100% repository coverage for code review and threat modeling by FY2027 • Build autonomous vulnerability response capabilities; map all supported product versions to CVE exposure agents by FY2027 and reduce PSIRT advisory SLAs • Define and govern role-based identities, permissions, and behavioral profiles for all autonomous agents • Manage multi-vendor contractor programs and ensure GE Vernova ownership of all agent code/IP • Build a resilient AI security team through strategic hiring, reskilling, and a dual-vendor strategy to mitigate single-vendor dependency

• Lead PSIRT efforts across the business, reporting directly to the VP of Product Cybersecurity. • Manage externally identified product vulnerabilities and incidents across GE Vernova’s business units. • Coordinate remediation and disclosure across multiple product lines. • Run the company’s CVE Numbering Authority (CNA) program. • Ensure compliance with EU CRA and other applicable regulatory reporting obligations. • Partner with the CISO’s CERT and business unit security teams. • Coordinate with law enforcement and E-ISAC as circumstances require. • Deploy AI-powered tooling to accelerate triage, automate vulnerability scoring, and scale PSIRT capacity.

Role Description This is a remote position that can be hired in NC, AZ, VA, NJ, and TX. This person should possess strong analytical and technical problem-solving skills as well as experience in the different phases of the system life cycle, to support multiple projects, develop standard operating procedures, and perform day-to-day functional administration and support for Privileged Access Management (PAM). The engineer should have in-depth experience in the management of passwords/credentials (such as default accounts, service accounts, keys, etc.) in PAM solutions. - Support the deployment and integration of privileged account security solutions. - Ability to discuss technical concepts and interdependencies with customers. - Experience gathering high-level functional and operational requirements. - Experience developing and managing multiple system designs concurrently. - Provide operation and maintenance of existing PAM solutions. - Develop design documentation, standard operating procedures (SOPs), and implementation/deployment plans for privileged account security solutions and identity governance solutions. - Provide after-hours and on-call production support when required. - Develop diagrams and documentation to support infrastructure configuration changes. - Provide security tool enhancements and performance tuning to increase capability to support new requirements. - Plan, test, and deploy firmware, software upgrades, and security fixes. Qualifications - Bachelor's Degree and 8 years of experience in Systems Engineering, Network, or Information Security OR High School Diploma or GED and 12 years of experience in Systems Engineering, Network, or Information Security. Requirements - Experience supporting PAM solutions (CyberArk, HashiCorp, Delinea, etc.) in an enterprise environment. - Hands-on PowerShell/Python or similar scripting experience. - Ability to proficiently utilize SailPoint identity management system is a plus. - Proficiency with MS Visio, PowerPoint, Word, and Excel. - Background in information security systems with specific knowledge around access control. - Background in role-based access control for privileged access. - Hands-on Windows 2019 or later Server administration experience. - Hands-on Active Directory and LDAP query experience. - Functional understanding of TCP/IP networks and firewalls. - Functional understanding of the following protocols: TCP, UDP, DNS, NetBIOS, HTTP, HTTPS, SMTP, SNMP, SSH, SSL. - Strong UNIX/Linux system administration experience. Benefits Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at https://jobs.firstcitizens.com/benefits .

Role Description As a Staff Product Security Engineer, you will play a critical role in safeguarding Okta’s products by: - Conducting comprehensive security reviews. - Guiding engineering teams in secure development practices. - Handling externally reported vulnerabilities. - Engaging in code reviews, penetration testing, and architectural security assessments. This role is not suited for individuals who rely solely on automated vulnerability scanning. Instead, you must possess a deep technical understanding of: - Web applications. - Backend services. - Penetration testing methodologies. - Secure design principles. A successful candidate will have: - Expertise in authentication protocols (SAML, OAuth, OIDC). - Threat modeling experience. - A strong desire to automate security processes by building tools that proactively identify vulnerabilities. - Ability to communicate risks, impact, and remediation strategies to developers, leadership, and external audiences. - A deep technical background in assessing AI-integrated software architectures and securing Large Language Models (LLMs). - An attacker mindset—thinking critically, creatively, and like an adversary when solving security challenges. We actively support public disclosure of research and findings through white papers, blog posts, and conference presentations. Qualifications - Expertise in identifying OWASP Top 10 / CWE Top 25 vulnerabilities through manual code review. - Strong experience in penetration testing and secure development practices. - Deep technical background in assessing Large Language Models (LLMs) and securing AI-integrated software architectures. - Proficiency in multiple programming languages (e.g., Java, Go, Python, C/C++). - Deep understanding of authentication & authorization protocols (OIDC, SAML, OAuth). - Strong communication skills to explain risks and remediation to developers and leadership. - Ability to automate security testing using LLMs and scripting (Python, Bash, etc.). - Experience leading security incidents and risk assessments. Requirements - Experience in mobile (iOS/Android) and desktop (Windows/macOS) security testing. - Familiarity with SAST, DAST, SCA, and fuzzing tools. - Strong cryptographic knowledge and secure implementation practices. - Experience analyzing network protocols and traffic security. - Ability to develop proof-of-concept exploits to demonstrate vulnerabilities. Benefits - Annual base salary range for this position for candidates located in Spain is between €74.000 and €101.000 EUR. - Equity (where applicable) and bonus. - Comprehensive healthcare coverage and financial benefits including paid time off and parental leave.