At Wipfli, people count. At Wipfli, our people are core to everything we do-the catalyst behind our ability to create exceptional impact and extraordinary results. We believe in flexibility. We focus on relationships. We encourage each individual to follow their own path. People truly matter and they feel it. For those looking to make a difference and find a professional home, Wipfli offers a career-defining opportunity. Position Overview: Under the direction of the Senior Manager, Director, and Partner leading the respective service area, region, or industry, the Manager, Cybersecurity and Managed Services will lead a significant product or solution. They are acknowledged internally and externally as an expert and are responsible for developing cybersecurity and IT infrastructure solutions that align with client needs. Essential Responsibilities: - Drive business development activities for Cybersecurity and Technology services in two primary focuses: - 1) Construction and Real Estate industry pursuits nationally, and - 2) Collaborating with partners and senior managers on opportunities across industries in the local market. - Work with Sales leader and practice partners to identify and pursue new business relationships and ensure engagement pricing meets guidelines and aligns with profitability targets. - Ensure client satisfaction through onboarding, quarterly business reviews, lead development of technology roadmaps and oversee execution, perform profitability reviews and manage renewals for all assigned accounts. - Advise clients on matters related to infrastructure and cybersecurity management; coordinate with associates to bring all relevant areas of expertise to address client challenges. - Maintain expert-level awareness and understanding of Microsoft Modern Workplace (Microsoft 365, Security, and Microsoft Teams), Microsoft Azure, and managed service solutions to identify leads, qualify opportunities, and propose Wipfli services. - Owns the development and architecture of solutions (either individually or working with others) to develop a clear statement of work based on client requirements and in-depth knowledge of standard applications. - Oversees multiple project plans, sets targets for milestones, and identifies and mitigates risk to ensure projects are completed on time and within budget. - Leads data collection and analysis efforts, guides the team in client interviews, and collaborates as a subject matter expert (SME) to develop and deliver solutions. - Actively participates with opportunity leaders or regional teams in business development activities as subject matter experts. - Creates awareness through whitepapers and presentations to align industry or market needs with firm's service offerings. - Collaborate with leadership team to ensure continuous process improvement of service delivery in the region. Required Qualifications: - Bachelor' of Science Degree in Business or Technology or an equivalent combination of education and experience. - 7+ years' experience in a professional services firm or 10+ years of private industry experience focused on appropriate technical area with 1+ years in professional services. - Works towards obtaining additional appropriate advanced certifications. Preferred Qualifications: - Bachelor's Degree in related field - Training, support or consulting advisory experience. - Experience with compliance or professional standards associated with area of expertise desired Benjamin Dzanic, from our recruiting team, will be guiding you through this process. Visit his LinkedIn page to connect! #LI-Hybrid #LI-BD1 Additional Details: Wipfli is an equal opportunity/affirmative action employer. All candidates will receive consideration for employment without regards to race, creed, color, religion, national origin, sex, age, marital status, sexual orientation, gender identity, veteran status, disability, or any other characteristics protected by federal, state, or local laws. Wipfli is committed to providing reasonable accommodations for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or participate in our recruiting process, please send us an email at hr@wipfli.com. "Wipfli" is the brand name under which Wipfli LLP and Wipfli Advisory LLC and its respective subsidiary entities provide professional services. Wipfli LLP and Wipfli Advisory LLC (and its respective subsidiary entities) practice in an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations, and professional standards. Wipfli LLP is a licensed independent CPA firm that provides attest services to its clients, and Wipfli Advisory LLC provides tax and business consulting services to its clients. Wipfli Advisory LLC and its subsidiary entities are not licensed CPA firms.

Role Description We’re looking for a Staff Security Engineer to help shape and scale security across Buildkite’s platform, infrastructure, and developer workflows. This is a hands-on technical leadership role. You’ll drive security architecture, influence engineering standards, and help embed secure-by-default thinking into how we build and ship software. You’ll operate across Application Security, Adversarial Security, and Cloud & Platform Security - setting technical direction while remaining close to implementation. Staff Engineers at Buildkite are force multipliers. In this role, you’ll raise the security bar across the organisation, partner deeply with Engineering and Product leaders, and design security systems that scale with our growth. What You’ll Do - Build and Improve Security Across the Platform - Lead threat modeling and architectural security reviews for all parts of the organisation - Conduct Adversary Simulations and Penetrations Tests against key parts of the Application and business (attack simulation, exploit validation, abuse-case testing) - Drive the technical strategy for Application Security, adversarial testing, and cloud security - Design scalable security guardrails across CI/CD, infrastructure-as-code, and developer tooling - Improve vulnerability discovery, triage, remediation workflows, and ownership models - Strengthen supply chain and dependency security across build systems and artifacts - Design security controls that are embedded into product and infrastructure - Lead and Unblock at the Org Level - Act as a trusted security partner to engineering leaders and senior ICs - Drive alignment on security trade-offs across product velocity, reliability, and risk - Lead high-impact security initiatives end-to-end (discovery → prioritisation → implementation → rollout) - Shape incident readiness, detection improvements, and post-incident hardening - Mentor engineers to elevate secure design and implementation practices - Contribute to cross-team technical direction beyond immediate security scope when needed - Raise the Bar Through Systems Thinking - Identify structural risks and design long-term solutions rather than point fixes - Introduce automation, tooling, and policy-as-code to reduce recurring classes of issues - Improve how we measure security posture and communicate risk at leadership levels - Ensure security scales with Buildkite’s infrastructure, customer growth, and product expansion Qualifications - 7+ years of experience in security engineering, with strong depth in application security and adversarial testing - Extensive knowledge of common web and API vulnerabilities (OWASP Top 10 and beyond) and practical remediation patterns - Experience designing and reviewing secure architectures for distributed systems - Hands-on adversarial security experience (offensive testing, exploit validation, abuse-case modeling, red teaming) - Strong understanding of cloud security fundamentals, ideally in AWS environment - Experience securing CI/CD pipelines and modern developer platforms - Familiarity with Terraform or other infrastructure-as-code systems - Experience working with Kubernetes security patterns and workload controls - Strong understanding of identity, secrets management, and access control systems - Comfortable reading and writing production code (Ruby, Go, or similar) Benefits - Competitive compensation, including salary, equity, and benefits package - Flexible, remote-first culture - Meaningful technical challenges at scale - Opportunities for professional growth and company-wide technical influence - A collaborative, inclusive, and innovative culture where your ideas make a real impact Equal Opportunity Employer At Buildkite, we value diversity and celebrate all types of skills, backgrounds, and experiences. We’re dedicated to fostering an inclusive environment and providing reasonable accommodations throughout our recruitment process. If you need any accommodations or support during the application or interview process, please reach out to us at accommodations@buildkite.com.

Own and develop the IT Governance and Information Security Framework, lead security operations, coordinate audits, and ensure alignment with governance functions while establishing best practices across technology and processes.

Title: Offensive Security Engineer Location: US Department: Product and Engineering Remote Job Description: At Staris AI we believe human-based cyber defense is dead and the dream of security automation is finally within reach. Staris AI is a Series A ventured-backed firm that is reinventing application security with its innovative AI-powered penetration testing that continuously validates and remediates real attack paths in running applications. The Staris Total Context Security platform proves exploitable vulnerabilities in hours, not weeks, with zero false positives and 40:1 efficiency gains over traditional methods. We're on a mission to transform the indefensible into the impenetrable, advancing applications into a new era of security. As an Offensive Security Engineer at Staris AI, you'll be at the vanguard of the application security profession. This role goes beyond conventional application security and penetration testing; you'll be instrumental in advancing the field of automated software attack and simulation with your expertise in threat simulation and attack automation. What You'll Do - Own the execution and quality of autonomous security assessments, ensuring results are accurate, validated, and actionable for customers. - Drive the continuous improvement of AI-driven attack simulations and automated exploitation workflows to expand coverage, reliability, and assessment depth. - Apply offensive security expertise to identify realistic attack paths, validate findings, and reduce false positives across modern application and cloud environments. - Partner with engineering and research teams to operationalize new attack techniques and strengthen the platform’s autonomous testing capabilities. - Use insights from diverse target environments and customer feedback to improve assessment logic, remediation quality, and overall platform effectiveness. What You Bring - Minimum of 5 years of experience in application security assessment, source code auditing, bug hunting or similar areas - Knowledge of offensive application security fundamentals - Knowledge of relevant open-source technologies for attack automation (e.g. Tools, Libraries, Frameworks, etc.) - Experience working with relevant software assessment technologies (e.g. SAST, DAST, Fuzzing, etc.). - Prior emphasis on distributed systems and micro-service architectures - Familiarity with prompt engineering, generative AI models, and their APIs - Bachelor's degree in a related field (e.g. Computer Science, Information Technology, Cybersecurity, etc.) - Strong English language communication skills Why Staris - Backed by a founding team with deep pedigree, including alumni of Amazon, Accenture, and Palo Alto Networks, who have solved this problem operationally before. - A genuine category-defining product. Most AppSec tools create noise while Staris eliminates it with AI-driven proof of exploitability and automated, code-level remediation. - Supporting a massive, underserved market. Enterprises invest heavily in AppSec but deeply test only a fraction of their software portfolio. - Competitive base, meaningful equity, full benefits, and a remote-first culture. About Staris AI Staris AI is a Series A ventured-backed firm that is reinventing application security with its innovative AI-powered penetration testing that continuously validates and remediates real attack paths in running applications. Our Total Context Security platform proves exploitable vulnerabilities in hours, not weeks, with zero false positives and 40:1 efficiency gains over traditional methods. We're on a mission to transform the indefensible into the impenetrable, advancing applications into a new era of security.