Title: Offensive Security Engineer Location: US Department: Product and Engineering Remote Job Description: At Staris AI we believe human-based cyber defense is dead and the dream of security automation is finally within reach. Staris AI is a Series A ventured-backed firm that is reinventing application security with its innovative AI-powered penetration testing that continuously validates and remediates real attack paths in running applications. The Staris Total Context Security platform proves exploitable vulnerabilities in hours, not weeks, with zero false positives and 40:1 efficiency gains over traditional methods. We're on a mission to transform the indefensible into the impenetrable, advancing applications into a new era of security. As an Offensive Security Engineer at Staris AI, you'll be at the vanguard of the application security profession. This role goes beyond conventional application security and penetration testing; you'll be instrumental in advancing the field of automated software attack and simulation with your expertise in threat simulation and attack automation. What You'll Do - Own the execution and quality of autonomous security assessments, ensuring results are accurate, validated, and actionable for customers. - Drive the continuous improvement of AI-driven attack simulations and automated exploitation workflows to expand coverage, reliability, and assessment depth. - Apply offensive security expertise to identify realistic attack paths, validate findings, and reduce false positives across modern application and cloud environments. - Partner with engineering and research teams to operationalize new attack techniques and strengthen the platform’s autonomous testing capabilities. - Use insights from diverse target environments and customer feedback to improve assessment logic, remediation quality, and overall platform effectiveness. What You Bring - Minimum of 5 years of experience in application security assessment, source code auditing, bug hunting or similar areas - Knowledge of offensive application security fundamentals - Knowledge of relevant open-source technologies for attack automation (e.g. Tools, Libraries, Frameworks, etc.) - Experience working with relevant software assessment technologies (e.g. SAST, DAST, Fuzzing, etc.). - Prior emphasis on distributed systems and micro-service architectures - Familiarity with prompt engineering, generative AI models, and their APIs - Bachelor's degree in a related field (e.g. Computer Science, Information Technology, Cybersecurity, etc.) - Strong English language communication skills Why Staris - Backed by a founding team with deep pedigree, including alumni of Amazon, Accenture, and Palo Alto Networks, who have solved this problem operationally before. - A genuine category-defining product. Most AppSec tools create noise while Staris eliminates it with AI-driven proof of exploitability and automated, code-level remediation. - Supporting a massive, underserved market. Enterprises invest heavily in AppSec but deeply test only a fraction of their software portfolio. - Competitive base, meaningful equity, full benefits, and a remote-first culture. About Staris AI Staris AI is a Series A ventured-backed firm that is reinventing application security with its innovative AI-powered penetration testing that continuously validates and remediates real attack paths in running applications. Our Total Context Security platform proves exploitable vulnerabilities in hours, not weeks, with zero false positives and 40:1 efficiency gains over traditional methods. We're on a mission to transform the indefensible into the impenetrable, advancing applications into a new era of security.

• Support and maintenance of network infrastructures • Deployment and operation of firewall systems • Planning and design of WLAN and LAN networks • Analysis and resolution of network incidents • Autonomous incident and change management • Technical leadership of projects

• The Principal Cybersecurity Architect is responsible for driving enterprise-wide technology security strategy and providing technical expertise to business areas and project teams with an emphasis on implementation of innovative, leading-edge security technology solutions. • Proven Track Record of accomplishments and experience leading the design and deployment of AI Architectures (both On-Premise and Public Cloud) and driving and deploying Secure Cloud Adoption on an enterprise scale from Foundational Security Controls to Cloud migrations. • Extensive experience migrating from a large scale onprem datacenter to the cloud while maintaining the proper levels of security, compliance and regulatory adherence. • Bridging gaps between data scientists, engineers, AI Architects, Cloud Architects, Data Protection professionals, legal, and executive teams. • Promoting secure-by-design principles across AI and Cloud initiatives. • Leading security teams and establishing governance frameworks for AI and Public Cloud adoption.

Title: Oracle Cloud Security Engineer Location: Remote US Job Description: Bright Vision Technologies is a forward-thinking software development company dedicated to building innovative solutions that help businesses automate and optimize their operations. We leverage cutting-edge technologies to create scalable, secure, and user-friendly applications. As we continue to grow, we’re looking for a skilled Oracle Cloud Security Engineer to join our dynamic team and contribute to our mission of transforming business processes through technology. This is a fantastic opportunity to join an established and well-respected organization offering tremendous career growth potential. Oracle Cloud Security Engineer Job Title: Oracle Cloud Security Engineer Location: 100% Remote (Continental United States) Position Type: In-house Bright Vision Technologies SOW engagement (no third-party client or vendor) Salary: 100 k - 150 k Experience: 5+ years Sponsorship: No new H1B sponsorship available. H1B transfers welcomed for qualified candidates. Employment Type: Full-time, direct W2 with Bright Vision Technologies (no C2C, no 1099, no third-party) Engagement: Long-term, multi-year, aligned to the Bright Vision SOW delivery roadmap Compensation: Competitive base salary commensurate with experience, plus benefits. Employment Terms & Visa Policy This is a 100% remote, full-time, direct W2 position with Bright Vision Technologies. This role is part of Bright Vision Technologies’ in-house Statement of Work (SOW) engagement. The client, end customer, and employer for this position is Bright Vision Technologies — there is no third-party client, vendor, or implementation partner involved. We do not engage in C2C, 1099, or third-party arrangements for this role. BUT STRICTLY NO C2C/1099/3RD PARTY COMPANIES. ALL OUR ROLES ARE W2 AND NO 3RD PARTY BROKERING PLEASE. Candidates must be willing to work directly as a full-time W2 employee of Bright Vision Technologies and contribute to our in-house SOW deliverables. No new H1B sponsorship is available for this role. However, candidates who are currently on a valid H1B visa and require a transfer are welcome to apply. We will support H1B transfers for qualified candidates. For every role, a technical coding assessment is mandatory. Please apply only if you are confident in your technical abilities and hands-on experience. Job Summary We are seeking an experienced Oracle Cloud Security Engineer responsible for designing, implementing, and operating security controls across Oracle Cloud Infrastructure (OCI), Oracle Cloud Applications, and hybrid Oracle environments. In this role you will define security architecture, harden cloud workloads, manage identity and access, lead vulnerability and compliance programs, and respond to security incidents. The ideal candidate will combine deep technical expertise in OCI security services with strong experience in cloud-native security frameworks, regulatory compliance, and threat detection. In this role you will work closely with cross-functional partners — product, design, engineering, operations, and business stakeholders — to translate ambiguous requirements into well-engineered solutions, and will be expected to raise the bar through code review, design review, and mentorship of more junior engineers. The successful candidate brings strong engineering discipline, a clear communication style, and a track record of shipping meaningful work that holds up well in production. Key Responsibilities - Design and implement enterprise security architectures for OCI tenancies, including landing-zone guardrails, security zones, and compartment policies. - Configure and operate OCI Identity Domains, federation with corporate IdPs, and strong RBAC strategies across the tenancy. - Implement strong key management and secrets handling using OCI Vault, including key rotation and HSM integration where appropriate. - Harden OCI compute, networking, and database workloads using CIS benchmarks, OCI Security Zones, and internal security standards. - Operate OCI Cloud Guard for continuous detection and response, tuning detectors and remediating findings. - Configure and operate OCI Logging, OCI Audit, and integration with SIEM platforms for centralized monitoring and forensics. - Implement data security controls using OCI Data Safe, including data masking, sensitive data discovery, and privileged user analysis. - Lead vulnerability management programs, including image scanning, patching, and remediation tracking. - Drive compliance with regulatory frameworks such as PCI-DSS, HIPAA, SOC 2, ISO 27001, or FedRAMP. - Conduct threat modeling and architecture reviews for new OCI workloads. - Lead security incident response on OCI, including containment, investigation, and post-incident review. - Develop security automation tooling using Python, Terraform, and OCI CLI/SDK. - Maintain comprehensive, current technical documentation — including architecture diagrams, design decisions, configuration references, runbooks, and operational procedures — so that the system remains supportable, auditable, and easy to onboard new engineers onto over time. - Provide mentorship and security guidance across application and infrastructure teams. Required Qualifications - Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or a related discipline. - Five or more years of cloud security experience, with strong hands-on time on OCI. - Deep experience with OCI Identity, IAM policies, and identity federation. - Hands-on experience with OCI Cloud Guard, Security Zones, Vault, and Data Safe. - Solid understanding of cloud-native security frameworks and CIS benchmarks. - Experience with vulnerability management and patching tooling. - Working knowledge of regulatory frameworks (PCI-DSS, HIPAA, SOC 2, ISO 27001). - Strong scripting skills (Python, Bash) and Terraform. - Experience integrating cloud workloads with SIEM platforms. - Excellent troubleshooting, communication, and documentation skills. Preferred Qualifications - Oracle Cloud Security Professional certification. - CISSP, CCSP, or equivalent industry security certifications. - Experience with multi-cloud security architectures. - Familiarity with SOAR platforms and automated incident response. - Exposure to zero-trust architecture patterns. -