Runpod logo
Runpod

Runpod is pioneering the future of AI and machine learning, offering cutting-edge cloud infrastructure for full-stack AI applications. Founded in 2022, we are a rapidly growing, well-funded company with a remote-first organization spread globally. Our mission is to empower innovators and enterprises to unlock AI's true potential, driving technology and transforming industries. Join us as we shape the future of AI. We are building Cloud services focused on accelerating AI adoption. Whether you're an experienced ML developer training a large language model, or an enthusiast tinkering with stable diffusion, we strive to make GPU compute as seamless and affordable as possible.

Full Stack Security Engineer

Security EngineerSecurity EngineerFull TimeRemoteMid LevelTeam 80Since 2022

Location

United States

Posted

4 days ago

Salary

$152K - $175K / year

Seniority

Mid Level

Job Description

Full Stack Security Engineer

Runpod

Role Description As RunPod continues to revolutionize the GPU cloud computing landscape, we are seeking a Full Stack Security Engineer to secure our customer-facing products, APIs, and internal services. This critical position will ensure the security of the software that powers our platform, enabling continued growth while protecting user data, billing systems, and web interfaces. The ideal candidate possesses strong software development abilities coupled with deep experience in application security, DevSecOps, and modern web architectures. You will embed directly with our engineering teams to ensure our product is secure by design. RunPod is seeking a proactive AppSec professional who believes in Integrated Security. You won't just toss PDF reports over the fence; you will write code to fix vulnerabilities, build automated security guardrails into our CI/CD pipelines, and foster a security-first culture among our developers. Responsibilities - Product Security: Lead threat modeling, architecture reviews, and code reviews for our web applications, APIs, and microservices. - Vulnerability Remediation: Actively develop and commit code to fix security flaws in our Python, Go, or JavaScript/TypeScript codebases alongside the engineering team. - DevSecOps: Implement, tune, and manage security testing tools (SAST, DAST, SCA) within our CI/CD pipelines to catch vulnerabilities early in the SDLC. - Edge & Application Defense: Configure and manage application-layer security controls, including Web Application Firewalls (WAF), bot protection, and API gateways. - Security Championing: Provide security guidance, secure coding training, and standard operating procedures to development teams. - Compliance & Operations: Collaborate with operations to ensure product-level adherence to relevant frameworks (e.g., SOC 2, ISO 27001, GDPR) and participate in bug bounty triage. Qualifications - 5+ years of experience in application security, product security, or as a software engineer with a heavy security focus. - Strong programming and code-review skills in languages like Python, Go, JavaScript/TypeScript, or similar modern stacks. - Deep understanding of web application vulnerabilities (OWASP Top 10), API security (REST/GraphQL), and modern authentication flows (OAuth, OIDC, JWT). - Hands-on experience with offensive web security testing tools (e.g., Burp Suite, ZAP). - Experience building and maintaining automated security pipelines (DevSecOps). - Ability to translate complex security risks into actionable engineering tasks. Preferred Qualifications - Relevant application security certifications (e.g., OSWE, GWAPT, CISSP). - Experience securing cloud-native applications running on Kubernetes/Docker environments. - Background in managing bug bounty programs or coordinated vulnerability disclosures. Benefits - The competitive base pay for this position ranges from ($152,000 - $175,000). This salary range may be inclusive of several career levels at Runpod and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location. - Meaningful equity in a fast-growing company - everyone on the team receives stock options — your impact drives our growth, and you share in the upside. - Generous medical, dental & vision plans. - Flexible PTO - take the time you need to recharge. - Most roles are remote work first with an inclusive, collaborative teams utilizing slack as the main form of internal communication. - Join a passionate team on the cutting edge of AI infrastructure — where culture, learning, and ownership are at the heart of how we scale. - $1,200 Home Office & Equipment Stipend - We set you up for success from day one with gear and support to create your ideal workspace.

Related Categories

Related Job Pages

More Security Engineer Jobs

Full TimeRemoteTeam 10,001+Since 1900H1B No Sponsor

• Lead large-scale development projects, initiatives and activities in your specialty area • Advise clients and partners to help position, plan, develop, select solutions for, execute and monitor projects and initiatives • Develop and update policies, standards, models, methodologies, tools and programs • Conduct strategic monitoring in your area of expertise to identify emerging security issues • Analyze, map and explain threats to guide test activities • Represent your unit before decision-making bodies • Represent Desjardins when making agreements with external partners and organizations

Canada
Full TimeRemoteTeam 1,001-5,000

Role Description The Information Security Engineer will be responsible for the security of the organization’s Azure and Office 365 services, network, and endpoints. The Information Security Engineer will also support and execute on project tasks and deliverables in support of the organization’s information security roadmap/strategy. - Ensure the organization’s cloud infrastructure and data is secure and protected by implementing appropriate security controls in Azure and Office 365 based upon industry best practices. - Monitor the M365 and Azure Security Score, follow and implement Microsoft’s recommendations and deviate where necessary to continue to strengthen the organization's security posture in Azure and Office 365. - Lead efforts in remediating vulnerabilities and identifying gaps or security deficiencies on all network and endpoint devices using vulnerability management tools and risk assessments. - Manage and maintain Privileged Access Management (PAM) system. - Perform risk assessments and reviews for onboarding practices, third-party vendors, and self-assessments for the organization. - Assist in updating and executing the security awareness program. - Keep abreast of security trends and threats and ensure that the organization’s security practices are updated and aligned. - Serve as the lead and point of contact for all security related events and breaches, coordinating efforts across all technology teams. - Proactively search, detect, and respond to security events and incidents utilizing EDR and SIEM security monitoring tools. - Act as the SME for the organization’s security tools and applications including the evaluation, implementation, and maintenance of such tools. - Support a variety of security initiatives and projects that align with the organization’s information security roadmap. - Other duties as assigned. Qualifications - Expert knowledge and proven experience with cloud and cyber security principles, technologies, and best practices. - Experience with leading and responding to security incidents and events. - Demonstrates professionalism, confidentiality, and diplomacy and can serve a wide range of employees with equity and tact. - Thorough knowledge and understanding of security functions within Azure and Office 365 services. - Thorough knowledge and understanding of network and endpoint security. - Ability to work independently with minimal supervision. - Excellent customer service skills. - Effective verbal and written communication skills. - Ability to establish and maintain effective working relationships with a diverse group of people at all levels of the organization. - Commitment to excellence and high standards. - Detail oriented with strong follow-up initiative. - Versatility, flexibility, and a willingness to work within constantly changing priorities with enthusiasm. Requirements - Bachelor’s degree in cyber security, information technology, and/or equivalent experience. - 3-5 years of experience working as a cyber security analyst or engineer. - ITIL Foundations Certification or willingness to obtain it within one year of hire date. - Knowledge and experience working in a cloud-based infrastructure. Preferred Education and Experience - Healthcare industry experience. - Azure and Office 365 support experience. - CISSP, CCSP or CompTIA Security+ certification. - Knowledge of Cybersecurity Frameworks (NIST CSF, ISO27001, HITRUST, HIPAA). - Strong knowledge and experience with the following: Azure and Office 365 security technologies (Microsoft Defender, Azure Security Center, Azure Sentinel, Microsoft Cloud App Security, Microsoft ATP), EPP and EDR solutions, Email Security and Encryption Services, Data Loss Prevention tools. Benefits - Multiple medical and prescription coverage options. - Dental and vision care plans. - Health Savings Accounts (HSAs), where applicable. - Flexible Spending Accounts (FSAs). - Voluntary critical illness, cancer, and accident insurance. - Voluntary hospital indemnity coverage. - Voluntary short-term and long-term disability insurance. - Voluntary term life insurance and AD&D (Accidental Death & Dismemberment). - 401(k) retirement savings plan. - Paid time off (PTO). - Commuter benefits. - Group auto and homeowners' insurance. Part-time Benefits - Vision. - Flexible Spending Accounts. - MetLife Auto/Vehicle & Home Insurance Discounts.

United States
$100K - $140K / year
Job Closed
DraftKings Inc. logo

Staff Security Engineer, AI

DraftKings Inc.

Defining what it means to build and deliver the most extraordinary sports & entertainment experiences.The Crown is Yours

Full TimeRemoteTeam 1,001-5,000Since 2012

• Set the security standards and guardrails for the AI platform. • Define the principles, reference architectures, and policy-as-code that all AI tooling at DraftKings adheres to. • Focus on specifying the environment, infrastructure, and authentication methods agents rely on. • Review and build the architecture of AI gateways and tooling. • Provide security review, sign-off, and possibly pair on implementation of these systems. • Streamline how AI services move through InfoSec review. • Reduce AI-driven security noise. • Drive remediation efforts of complex, cross-functional security issues. • Coach and raise the bar by mentoring security and platform engineers.

United States
$160.7K - $200.9K / year
Anomali logo

Technical Account Manager, SIEM / Security Analytics

Anomali

Intelligence-Driven Extended Detection and Response (XDR)

Full TimeRemoteTeam 201-500Since 2013H1B Sponsor

• Serve as an Anomali Platform power user; help our customers achieve success with the technology • Build strong customer relationships, especially with key customer stakeholders • Address customer’s technical requests; proactively identify and resolve issues • Provide advice, guidance, and technical know-how to ensure successful usage and adoption • Manage customer expectations while holding them accountable • Be your customer’s advocate and internal champion • Promote advocacy • Track key account metrics; communicate progress to internal and external stakeholders • Engage with the Onboarding Engineers to ensure a smooth transition • Engage with Technical Support to ensure speedy resolution of customer issues • Engage with Engineering to resolve customer reported issues • Partner with Sales to ensure an exceptional customer experience • Engage with Product Management to promote customer feature requests

Saudi Arabia