• Serve as the security architecture authority within the architecture organization, partnering with product architects, principal engineers, cloud partners (AWS, Azure, GCP), and business leaders to embed secure-by-design principles into hardware appliances, multi-tenant SaaS platforms, and globally distributed cloud infrastructure. • Coach and support developers in writing secure code, including secure patterns, common vulnerability classes, and secure use of frameworks and libraries. • Provide timely consulting on “how to do it right” (architecture, implementation details, and operational considerations) and help teams choose secure-by-default approaches. • Triage findings from SAST, SCA, DAST, container and IaC scanning; investigate, validate, and resolve false positives; and help teams prioritize true risk. • Partner with teams to tune security tools, reduce noise, and improve signal quality (rules, suppressions, baselines, and exception processes) while maintaining strong security posture. • Drive adoption of CNAPP, CWPP, WAF, service mesh security, API gateways, SIEM/SOAR, and cloud-native telemetry for protective monitoring, runtime defense, and incident-ready detection. • Conduct Secure by Design reviews for new applications and material changes to existing applications, validating security requirements and design decisions early. • Lead and facilitate threat modeling workshops; identify abuse cases, trust boundaries, and attack paths; and document mitigations and residual risk. • Review authentication/authorization design, data flows, secrets handling, logging/monitoring, and resiliency controls to ensure secure architectures. • Provide clear, actionable recommendations and track follow-through with engineering teams. • Translate regulatory and compliance requirements (FedRAMP, SOC2, ISO 27001, NIST SP 800-53, CSA CCM, SOX) into actionable, measurable, and auditable security architecture control objectives—shifting from audit-driven to architecture-driven alignment.

Role Description In this role, you will have the opportunity to: - Design, build, and maintain security measures to protect LivePerson's computer systems, networks, and information. - Identify and define security needs for our systems, following industry best practices and rules. - Create detailed security plans for our computer systems, both our own and those we use in cloud services. - Collaborate with other teams to find, fix, and reduce security issues in our cloud systems, software, and processes. - Write clear instructions and procedures for our security practices. - Set up and fix problems with security tools and services. - Develop technical solutions to make our systems more secure and automate repetitive security tasks. - Serve as a key expert to help Security Analysts and external security partners with complex issues. - Ensure the security of all IT and operations areas so our systems work well, and our data stays private, accurate, and available. - Document, monitor, and report on various security systems and processes to make sure our systems and data are secure and working correctly. - Help choose the best security tools with other teams to meet the company's needs. - Test, maintain, and improve our security solutions to meet the highest security standards. - Work closely with IT and System teams to strengthen the security of our cloud and infrastructure tools, following security rules and best practices. - Analyze data from systems to find any unusual or potentially harmful activity. - Be available to respond to urgent security issues outside of regular work hours (on-call rotation). Qualifications - Hands-on experience working with multiple cloud services. - Practical experience with networking, and systems like Elastic, OKTA, IDM, AD, JAMF, Windows, Linux, and MacOS. - Experience in responding to security incidents and analyzing system logs. - Familiarity with Python or other scripting languages. - At least 3 years of experience in IT or System teams within a software or cloud-based company. - Experience creating and working with procedures, reports, service level agreements (SLAs), and escalation processes. - Ability to perform well under pressure in fast-changing environments. - Strong communication and teamwork skills, including excellent written and spoken English skills. - Good problem-solving skills and the ability to stay calm under pressure. - A valid Comptia CySA+ certification. Requirements - You need to be available to provide support during US business hours. - This job includes being part of an on-call rotation for after-hours support. - Strong interpersonal skills are important. - Critical thinking abilities are necessary. - Attention to detail is required. - You should be able to manage your tasks and meet deadlines. - The ability to work independently with minimal supervision is important. Benefits - Your entrepreneurial spirit will be supported. - We love team members who chase down their big ideas, become experts, help colleagues, and own their work. - We are proud to be on Fast Company's list of Most Innovative Companies and Newsweek's list of most-loved workplaces. - The option to work remotely has helped shape who we are today. - Employees choose the environments that work best for them from anywhere in North America.

• Ejecutar pruebas de penetración (pentesting) y ethical hacking sobre aplicaciones, APIs e infraestructura. • Identificar, analizar y priorizar vulnerabilidades siguiendo OWASP Top 10 y el estándar ASVS. • Realizar security assessments y revisiones de seguridad sobre el ciclo de desarrollo. • Trabajar junto a los equipos de ingeniería para remediar hallazgos y elevar el nivel de seguridad. • Documentar hallazgos y comunicar riesgos de forma clara a perfiles técnicos y de negocio.

Role Description Apple's Security Engineering & Architecture organization is responsible for the security of all Apple products. Passionate about safeguarding our users, we take an offensive approach to defense — finding and fixing vulnerabilities before they can be exploited. When it comes to securing more than a billion devices running the world's most sophisticated operating systems, that means finding vulnerabilities first. In this role, your primary focus will be on the kernel and embedded layers of Apple platforms but extends to all parts of the platforms. You will: - Partner with vulnerability researchers to understand attacks found by others. - Propose architecture changes/mitigation in partnership with other experts in the field. - Drive these changes into the products by partnering with engineering teams. - Work in cross-functional teams alongside other researchers and engineering teams to evaluate and strengthen the most privileged layers of our products. - Develop proof of concept to validate some approaches. This job is for individuals with outstanding technical skills and a genuine passion for building things. If this is you, we'd love to hear from you. In-office roles in Paris, and other locations. Remote considered for experienced candidates. Qualifications - Proven experience in code development and product development. - Deep understanding of operating system kernels, firmware, or embedded components. - Ability to apply AI techniques and tools, such as LLMs or Machine Learning, for security research. - Understanding and experience in shipping products. Requirements - Deep knowledge of kernel internals, including virtual memory management, system call interfaces, and driver frameworks. - Experience with firmware and boot ROM security analysis, including secure boot chains and hardware trust anchors. - Familiarity with embedded processors and coprocessors security (e.g., Secure Enclave, DMA-capable peripherals, baseband). - Fluency with tool development, using programming languages such as C, C++, Python, Swift, or Objective-C. - Ability to propose and drive architecture changes. - Knowledge of Apple operating systems like iOS or macOS is nice-to-have, but not required. - Outstanding collaboration skills.