• We are looking for someone passionate about technology and information security, with a technical, investigative profile and a strong desire to learn. • This opportunity is ideal for students interested in working in a **Blue Team** environment, with exposure to both offensive and defensive security topics, as well as activities involving **Linux, development, automation and environment monitoring**. • We seek a curious person who likes to understand how things work, get hands-on, study security, and develop technical solutions. **Main responsibilities** • Support activities related to **Information Security**; • Assist with security analyses in Linux environments; • Support investigations, troubleshooting and log analysis; • Assist with activities related to **security monitoring (SOC)**; • Support **offensive security** initiatives, such as research, validation and security testing; • Develop or support automations, scripts and technical improvements; • Assist with integrations and analyses in security tools; • Participate in studies, tests and continuous improvements of the environments.

About CompaCompa is a venture-backed AI startup revolutionizing the future of compensation. In a dynamic job market with hiring challenges, accountability, and the rise of AI, companies need the best data to stay ahead of industry changes, competition, and costs. Compa has developed the premier real-time compensation data platform, delivering top-tier compensation intelligence to leading enterprise teams. Compa is a compensation intelligence company built to augment enterprise compensation teams in the era of AI. Our customers include the world’s biggest companies: NVIDIA, Stripe, DoorDash, Open AI, TMobile, Moderna, Workday, Ulta, Target, and more. Locations: Compa headquarters are located in Irvine, California, with growing sites in Denver, Colorado and San Francisco, California. We’re a collaborative, curious, and driven team that values transparency, ownership, and continuous learning and prioritizing in person work where possible. The Role We are looking for an Enterprise Security Engineer to help build and operate Compa’s security-first enterprise environment. This is a senior individual contributor role reporting directly to the Head of Security & IT. You'll own the systems that define how employees access, use, and interact with technology at Compa — identity, access, endpoints, and enterprise SaaS — and treat them as core security infrastructure, not traditional IT. This role sits on the Security team and partners closely with the rest of the business to help Compa move fast, securely, all while delivering a world-class employee experience. We're open to candidates earlier in their career who demonstrate strong systems thinking, sound judgment, and the ability to design for scale. We care more about what you can do than how many years you have been doing it. In this role you will - Design, build, and operate Compa’s enterprise security systems, including identity, access control, endpoint management, and enterprise SaaS administration. - Own end-to-end identity and access workflows, including role-based access models, access packages, provisioning, deprovisioning, and ongoing access hygiene. - Support employees by ensuring reliable, secure access to the tools they need, resolving access and device issues with a strong bias toward durable, system-level fixes. - Implement security-first onboarding, offboarding, and access change processes that scale smoothly as the company grows. - Design and maintain integrations across enterprise security systems (identity, devices, SaaS, and supporting tooling) to ensure consistency, reliability, and scalability. - Automate wherever possible, reducing manual work and operational risk while improving reliability, auditability, and employee experience. - Operate and continuously improve endpoint and device management systems (for example: Jamf, Intune), balancing security requirements with usability. - Own the accuracy and consistency of enterprise security sources of truth, including users, devices, and applications. - Collaborate with the Security team on shared security operations responsibilities, helping improve detection, response, and investigation through better system design, signals, and operational readiness. - Continuously raise Compa’s defensive posture by evolving enterprise security controls such as just-in-time access, trusted devices, and zero trust, and by contributing to a strong internal security culture. - Support the security team with access reviews, audits, and investigations by providing high-quality system design, evidence, and operational context. - Maintain clear documentation, runbooks, and operational processes that enable resilience, self-service, and predictable failure modes. - Act as a force multiplier for the Security team by translating security intent into durable, well-designed enterprise systems that allow Compa to move fast, securely. What success looks like - Employees have fast, secure access to the tools they need, with minimal friction and a consistently strong user experience. - Access is clean, role-based, least-privilege, continuously reviewed, and auditable. - Enterprise security systems scale smoothly as the company grows and evolve as new risks emerge. - Manual work is continuously reduced through automation, better system design, and clear sources of truth. - Enterprise systems provide reliable signals that support detection, response, and investigation. - Security, compliance, and operational needs reinforce each other rather than compete, enabling Compa to move fast, securely. Minimum Qualifications - Demonstrated experience owning and operating enterprise systems such as identity providers, access management, endpoint management, or enterprise SaaS platforms. - Strong systems thinking: ability to reason about workflows, failure modes, scale, and operational risk. - Comfort designing access models and operational processes, not just executing tickets. - Ability to automate or significantly reduce manual operational work, and to improve systems over time. - Ability to support users effectively by diagnosing and resolving system issues with a bias toward durable fixes. - Clear written and verbal communication, especially around systems, trade-offs, and security implications. - Low ego, strong ownership mindset, and good judgment in ambiguous environments. - Gumption — experience working in high-growth or resource-constrained environments. Preferred Qualifications - Experience operating identity and access management systems (for example: Microsoft Entra). - Experience designing role-based access control, access reviews, and provisioning workflows. - Familiarity with compliance frameworks such as SOC 2 and supporting audits through system evidence. - Experience contributing to detection, response, or investigation through identity, device, or access signals. - Experience supporting organizations with high security and privacy expectations. - Interest in continuously improving defensive posture through controls such as just-in-time access, trusted devices, or identity-driven security. - Interest in growing into broader ownership over Enterprise Security or IT as the company scales.

Role Description This role focuses on building the access experience layer at Netflix — designing, building, and operating the services that make access control safe and straightforward for hundreds of internal engineering teams. You will be part of the Access Experience Engineering (AXE) team in Warsaw, Poland, focusing on the integration and experience layer that sits on top of Netflix's core access control infrastructure. You will partner closely with ACE and the Security Services Engineering organization, both primarily based in UCAN, as part of a follow-the-sun, async-first model. - Ownership of system design, implementation, partner integration, rollout strategy, and maintenance of access tooling and integration services. - Work on the adoption layer for Turnstile, Netflix's next-generation access management platform. - Develop APIs, SDKs, and self-service workflows that enable internal teams to implement access securely and consistently. - One engineer on this team will serve as an in-time-zone security anchor — a technical lead who brings a pragmatic, risk-aware lens to AXE's designs and implementations. This role is based in Poland and can be performed remotely within the country. Qualifications - Ability to work collaboratively to solve problems, navigate ambiguity, make and communicate self-directed decisions, and weigh trade-offs. - Experience building scalable, reliable, high-availability, and low-latency services. - Proficiency in modern languages (Java preferred, or Kotlin, Go, Python) and an openness to work across the tech stack as needed. - Experience designing and building developer-facing APIs, SDKs, and integration patterns that make complex systems straightforward for other teams to adopt. - Familiarity with access control and IAM concepts — identity, authentication, authorization, roles, groups, attributes, and resource models. - Experience with auth protocols, including OpenID Connect, OAuth, SAML, and SCIM. - Strong software engineering fundamentals with an interest in the domain. - Experience with GraphQL, gRPC, REST, or similar technologies. - Effective written communication skills and a product-focused mindset, with a security-first approach. Requirements - Experience designing complex access control models using industry standards like RBAC, ABAC, or ReBAC. - Experience with continuous integration and continuous deployment in a cloud platform. - Experience with NoSQL technologies such as Hive, Presto, Spark, or Cassandra. - Experience with graph databases. - Experience with React or another modern frontend framework for full-stack work. Inclusion Inclusion is a Netflix value and we strive to host a meaningful interview experience for all candidates. If you want an accommodation/adjustment for a disability or any other reason during the hiring process, please send a request to your recruiting partner. We are an equal-opportunity employer and celebrate diversity, recognizing that diversity builds stronger teams. We approach diversity and inclusion seriously and thoughtfully. We do not discriminate on the basis of race, religion, color, ancestry, national origin, caste, sex, sexual orientation, gender, gender identity or expression, age, disability, medical condition, pregnancy, genetic makeup, marital status, or military service.

Role Description We are excited to be a sponsor of Hiring our Heroes and proud to offer transitioning service members a unique opportunity to gain valuable professional experience through our 12-week fellowship program. During your fellowship with our company, you will have the chance to collaborate with our Veterans Leadership Network and receive support from various stakeholders within the organization. To ensure your success, each fellow is paired with a buddy who will provide guidance, mentorship, and different perspectives. Additionally, you will have access to a career development advisor who will offer support and guidance in managing your career. As a fellow, you will be part of a Cohort consisting of other transitioning service members. This will enable you to engage in weekly touchpoints, attend educational sessions, and receive direction from our Veteran Talent Program Lead throughout the Fellowship. Our primary objective is to provide you with mentoring, networking opportunities, and exposure to help facilitate a successful transition into a full-time position within our company. Offensive Security Operations (OSO) is a global function responsible for validating the effectiveness of enterprise security controls through adversary emulation and red team engagements. The team focuses on identifying real-world attack paths across enterprise, cloud, and operational environments to measure risk exposure and strengthen defensive capabilities. Fellows will work alongside OSO team members to support the planning and coordination of red team and adversary emulation activities. This includes: - Tracking engagement timelines - Supporting execution logistics - Helping develop reporting outputs that clearly communicate risk to stakeholders Fellows will participate in team meetings and complete internal training to build an understanding of how offensive security assessments are planned, executed, and delivered. The role involves working across multiple teams, including cybersecurity, infrastructure, cloud, and operational technology groups, to support engagement objectives. Fellows may interact with both internal stakeholders and partner teams to help coordinate activities and ensure successful execution of engagements. They will gain exposure to project management tools and processes used to track activities, manage dependencies, and deliver outcomes in a fast-paced, results-driven environment. You will be part of a diverse, cross-functional team focused on identifying and validating enterprise risk through real-world attack simulation. The fellowship includes progressive, hands-on training and project-based assignments under the direction of red team leadership, providing practical experience in both offensive security operations and program execution. Your Fellowship Project You will partner with Offensive Security Operations (OSO) team members to learn core tools, processes, and methodologies used to plan, execute, and deliver adversary emulation and red team engagements. You will support project execution activities that are critical to validating enterprise security controls and identifying real-world risk exposure. The fellowship intends to: - Develop an understanding of adversary emulation and red team methodologies - Develop an understanding of attack frameworks (e.g., MITRE ATT&CK) and how they are applied to simulate real-world threats - Develop an understanding of tools, platforms, and environments used to conduct offensive security operations - Participate in project planning, execution tracking, and reporting activities to support red team engagements - Engage with cross-functional teams (security, infrastructure, cloud, OT, and application teams) to understand enterprise attack surfaces and risk Benefits - Mentoring and networking opportunities within Offensive Security Operations and broader cybersecurity teams - Exposure to senior leadership across cybersecurity, risk management, and enterprise technology - Hands-on experience supporting red team and adversary emulation engagements - Development of project management, risk analysis, and communication skills in a high-impact security environment Qualifications - Bachelor’s degree or equivalent practical experience (military, technical, or professional background strongly valued) - Strong communication skills (written, verbal, and interpersonal) - Project management, organization, and coordination skills - Ability to work independently, prioritize tasks, and manage multiple deliverables - Experience working in a results-driven environment - Strategic and critical thinking capabilities - Experience working across cross-functional teams - Interest in cybersecurity, technology, or offensive security operations - Working knowledge of Microsoft Office tools (Word, Excel, PowerPoint, SharePoint) Requirements - This posting is for the Hiring Our Heroes, Corporate Fellowship 2026 - Cohort 3. Candidates must be transitioning service member fellows who will complete the program within the last 180 days of transition from military service. - The fellowship will be 12 weeks long. Primary Work Site/Schedule - On-site work locations: Remote - Monday-Friday (Core hours: 8:30am – 4:00 pm, flexible start and stop)