Responsabilidades:
\nLead \u201cshift left\u201d security efforts to build security into the software development lifecycle.
\nConduct secure design reviews and threat modeling. Identify and prioritize risks, attack surfaces, and vulnerabilities.
\nPerform security code reviews of source code changes and advise developers on remediating vulnerabilities and following secure coding practices.
\nManage our vulnerability management program. Triage and prioritize vulnerabilities from scans, audits, and bug bounty submissions. Track remediation and validate fixes.
\nOversee our bug bounty program. Set scope, triage submissions, coordinate disclosure with engineering teams, and reward bounties. Cultivate relationships with the ethical hacker community.
\nResearch and recommend security tools and technologies to strengthen defenses against emerging threats targeting machine learning systems.
\nDevelop and document security policies, standards, and playbooks. Conduct security awareness training for engineers.
\nCollaborate closely with product engineers and researchers to instill security best practices. Advocate for secure architecture, design, and development.
\nYou may be a good fit if you:
\nHave 5+ years of hands-on experience in application and infrastructure security, including securing cloud-based and containerized environments.
\nHave empathy, collaboration skills, and a learning mindset to work cross-functionally with engineers of all levels to build security into the product life cycle.
\nCan use creative and strategic thinking to reduce risk through secure design and simplicity, not just controls.
\nPossess broad security knowledge to connect the dots across domains and identify holistic ways to lower the overall threat surface.
\nHave the ability to distill complex security concepts into clear actions and drive consensus without direct authority.
\nHave a proactive mindset to thread security throughout the product lifecycle through activities like threat modeling, secure code review, and education.
\nHave strong grasp of offensive security to anticipate risks from an adversary’s perspective, not just check compliance boxes.
\nHave experience with modern application stacks, infrastructure, and security tools to implement pragmatic defenses.
\nAre passionate for security fundamentals like least privilege, defense-in-depth, and eliminating complexity that could sub-linearly scale security through smart design.
\nStrong candidates may also:
\nHave hands-on technical expertise securing complex cloud environments and microservices architectures leveraging technologies like Kubernetes, Docker, and AWS \/ GCP.
\nHave experience with offensive security techniques like vulnerability testing, pen testing, and red team exercises.
\nHave familiarity with AI\/ML security risks such as data poisoning, model extraction, adversarial examples, etc. and mitigations.
\nHave experience building security tools, scripts, and automations.
\nHave a solid foundational knowledge of security engineering principles and technologies. Keen to continue learning.
\nPossess excellent communication skills, able to distill complex security topics for broad audiences.
\nHave a passion for security and protecting users. Willingness to constructively challenge assumptions to drive security.<\/p>\n
The expected salary range for this position is:
\nAnnual Salary:
\n$300,000\u2014$320,000 USD<\/p>","protected":false},"author":1,"featured_media":0,"template":"","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"pmpro_default_level":"","_promoted":"","_job_location":"San Francisco, CA","_application":"https:\/\/boards.greenhouse.io\/anthropic\/jobs\/4502508008","_company_website":"","_company_tagline":"","_company_twitter":"","_company_video":"","_filled":0,"_featured":0,"_remote_position":0,"_job_salary":"","_job_salary_currency":"","_job_salary_unit":"","_joinchat":[]},"job-types":[398],"class_list":{"0":"post-2378","1":"job_listing","2":"type-job_listing","3":"status-publish","4":"hentry","5":"pmpro-has-access","7":"job-type-h1-b"},"_links":{"self":[{"href":"https:\/\/kick-start.us\/pt-br\/wp-json\/wp\/v2\/job-listings\/2378","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kick-start.us\/pt-br\/wp-json\/wp\/v2\/job-listings"}],"about":[{"href":"https:\/\/kick-start.us\/pt-br\/wp-json\/wp\/v2\/types\/job_listing"}],"author":[{"embeddable":true,"href":"https:\/\/kick-start.us\/pt-br\/wp-json\/wp\/v2\/users\/1"}],"wp:attachment":[{"href":"https:\/\/kick-start.us\/pt-br\/wp-json\/wp\/v2\/media?parent=2378"}],"wp:term":[{"taxonomy":"job_listing_type","embeddable":true,"href":"https:\/\/kick-start.us\/pt-br\/wp-json\/wp\/v2\/job-types?post=2378"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}