
Cloudflare · Hybrid
About Us At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of...
About Us
At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks
that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune
500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software,
or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global
network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in
spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s
Most Innovative Companies by Fast Company.
At Cloudflare, we’re not looking for people who wait for a polished roadmap; we’re looking for the builders who see the cracks in
the Internet that everyone else has simply learned to live with. We value candidates who have the instinct to spot a "normalized"
problem and the AI-native curiosity to create a solution using the latest tools. Our culture is built on iteration, leveraging AI
to ship faster today to make it better tomorrow, while ensuring that every improvement, no matter how small, is shared across the
team to lift everyone up. If you’re the type of person who values curiosity over bureaucracy, and that AI is a partner in solving
tough problems to keep the Internet moving forward, you’ll fit right in.
Available Locations: Austin
About the role
We are seeking a highly skilled and experienced Insider Threat Tech Lead to join our dynamic and growing Security Threat
Detection, Response and Emulation team. This is a critical role that will be at the forefront of protecting our company from
malicious and negligent insider activities. You will be responsible for leading the technical aspects of our Insider Threat
program, including investigations, threat hunting, and the development of cutting-edge detections and responses.
This role requires a unique blend of technical expertise, regulatory and legal knowledge, investigative skills, and strong
interpersonal communication. You will be a key point of contact and collaborator with our Privacy, Legal, GRC and HR teams,
ensuring that all activities are conducted with the utmost care, in accordance with company policy, and in compliance with legal
and ethical standards.
insider threat incidents, including data exfiltration, intellectual property theft, unauthorized access, and other
malicious activities.
(e.g., endpoints, network logs, cloud services, email, etc.).
manner.
company's unique environment.
insider threat detection capabilities.
indicators.
HR, and Privacy teams.
privacy, and within legal and ethical guidelines.
security investigations.
EnCase, FTK, X-Ways, or open-source alternatives).
UEBA like data sources.
non-technical audiences.
What Makes Cloudflare Special?
We’re not just a highly ambitious, large-scale technology company. We’re a highly ambitious, large-scale technology company with a
soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.
Project Galileo: Since 2014, we've equipped more than 2,400 journalism and civil society organizations in 111 countries with
powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by
Cloudflare’s enterprise customers--at no cost.
Athenian Project: In 2017, we created the Athenian Project to ensure that state and local governments have the highest level of
protection and reliability for free, so that their constituents have access to election information and voter registration. Since
the project, we've provided services to more than 425 local government election websites in 33 states.
1.1.1.1: We released 1.1.1.1 to help fix the foundation of the Internet by building a faster, more secure and privacy-centric
public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever
released. Here’s the deal - we don’t store client IP addresses never, ever. We will continue to abide by our privacy commitment
and ensure that no user data is sold to advertisers or used to target consumers.
Sound like something you’d like to be a part of? We’d love to hear from you!
Please note that applicants who progress to the offer stage of the interview process may be asked to attend an in-person interview
within one of the Cloudflare Offices or Cloudflare Hubs. More details about this will be available at that stage of the interview
process.
This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration
Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology
controlled under these U.S. export laws without sponsorship for an export license.
Cloudflare is proud to be an equal opportunity employer. We are committed to providing equal employment opportunity for all
people and place great value in both diversity and inclusiveness. All qualified applicants will be considered for employment
without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender
expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition,
family care status, or any other basis protected by law. We are an AA/Veterans/Disabled Employer.
Cloudflare provides reasonable accommodations to qualified individuals with disabilities. Please tell us if you require a
reasonable accommodation to apply for a job. Examples of reasonable accommodations include, but are not limited to, changing the
application process, providing documents in an alternate format, using a sign language interpreter, or using specialized
equipment. If you require a reasonable accommodation to apply for a job, please contact us via e-mail at hr@cloudflare.com or via
mail at 101 Townsend St. San Francisco, CA 94107.
About Us At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s Most Innovative Companies by Fast Company. At Cloudflare, we’re not looking for people who wait for a polished roadmap; we’re looking for the builders who see the cracks in the Internet that everyone else has simply learned to live with. We value candidates who have the instinct to spot a "normalized" problem and the AI-native curiosity to create a solution using the latest tools. Our culture is built on iteration, leveraging AI to ship faster today to make it better tomorrow, while ensuring that every improvement, no matter how small, is shared across the team to lift everyone up. If you’re the type of person who values curiosity over bureaucracy, and that AI is a partner in solving tough problems to keep the Internet moving forward, you’ll fit right in. Location: Austin, TX ABOUT THE DEPARTMENT Cloudforce One is Cloudflare's threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state sponsored advanced persistent threats (APTs). Cloudforce One works in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever-growing sources of threat intelligence to enable expedited threat hunting and remediation. Members of Cloudforce One are at the helm of leveraging an incredibly vast and varied set of data points that only one of the world's largest global networks can provide. The team analyzes these unique data points at massive scale and efficiency, synthesizing findings into actionable threat intelligence to better protect our customers. ABOUT INTERDICT I.N.T.E.R.D.I.C.T. (Identify, Neutralize, Triage, Engage, Respond, Disrupt, Integrate, Contain, Threat Hunting) is Cloudforce One's unified operational security organization responsible for identifying, analyzing, and responding to threats targeting Cloudflare and its customers. INTERDICT encompasses three main sub-functions: * PhishGuard: Managed email threat detection and response service * Cloudflare Managed Defense (CMD): Network and application security monitoring for 'Under Attack' mitigation support. * Detection Engineering: ML model development and detection optimization Together, INTERDICT provides comprehensive 24×7×365 protection across email, application, and network threat surfaces. ROLE SUMMARY As a Response Engineer for PhishGuard, you will serve as the essential human intelligence layer responsible for identifying, tracking, and defeating sophisticated email-borne cyber threats like Business Email Compromise (BEC) and vendor fraud. You will operate within the INTERDICT organization, collaborating closely with internal teams like Detection Engineering, PREDICT (Threat Intelligence), and SIRT to hunt down adversaries and refine global security models. Our ideal candidate possesses deep forensic thoroughness, exceptional nuance detection, and a growth-minded curiosity to protect global organizations using one of the world's largest networks. ROLE RESPONSIBILITIES * Conduct continuous, real-time monitoring of email threat queues to review and analyze sophisticated attacks flagged by Cloudflare Email Security automated systems. * Investigate customer-reported submissions, execute proactive threat hunts targeting emerging patterns, and perform manual retraction or quarantine of verified malicious emails. * Provide critical feedback to Detection Engineering to update machine learning models and contribute novel campaign data to global intelligence repositories. * Identify nuanced threat patterns by correlating technical telemetry with behavioral indicators, generating detailed threat dossiers for impending organizational risks. * Deliver direct crisis intervention and proactive phone notifications to customers regarding high-dollar BEC threats and active insider risks. * Lead technical onboarding sessions for new customers, configuring internal system instances with bespoke detection rules, thresholds, and custom allow/block lists. * Guide customers through their multi-year DMARC implementation journey toward strict "Reject" policy enforcement by conducting SPF and DKIM alignment audits. ROLE REQUIREMENTS (MUST-HAVE SKILLS) * Undergraduate degree in Computer Science, Information Security, Information Systems, or equivalent practical experience. * 5+ years of experience tracking and analyzing complex cyber campaigns utilizing technical indicators such as Domains, IP Addresses, and email headers. * Proven expertise analyzing, investigating, and defending against highly targeted phishing, invoice fraud, and Business Email Compromise (BEC) attacks. * Deep working knowledge of core email authentication protocols (SPF, DKIM, DMARC) and aggregate/forensic data interpretation. * Hands-on experience utilizing AI LLM tools (such as OpenCode or Windsurf) to develop automations for daily analysis and productivity workflows. * Excellent verbal and written English communication skills, with a strong ability to translate complex technical threats into actionable business intelligence for executive stakeholders. NICE-TO-HAVE SKILLS * Relevant industry certifications such as GCIH, GCIA, CEH, Security+, or equivalent. * Technical familiarity with regular expressions, YARA rules, SQL query formulation, and malicious file format analysis (e.g., Microsoft Office Documents, Adobe PDFs). * Prior experience working within managed security services (MSSP) or customer-facing security consulting environments. * Familiarity with the broader Cloudflare ecosystem, including Cloudflare Email Security, WAF, and Zero Trust architectures. What Makes Cloudflare Special? We’re not just a highly ambitious, large-scale technology company. We’re a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet. Project Galileo: Since 2014, we've equipped more than 2,400 journalism and civil society organizations in 111 countries with powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by Cloudflare’s enterprise customers--at no cost. Athenian Project: In 2017, we created the Athenian Project to ensure that state and local governments have the highest level of protection and reliability for free, so that their constituents have access to election information and voter registration. Since the project, we've provided services to more than 425 local government election websites in 33 states. 1.1.1.1: We released 1.1.1.1 to help fix the foundation of the Internet by building a faster, more secure and privacy-centric public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever released. Here’s the deal - we don’t store client IP addresses never, ever. We will continue to abide by our privacy commitment and ensure that no user data is sold to advertisers or used to target consumers. Sound like something you’d like to be a part of? We’d love to hear from you! Please note that applicants who progress to the offer stage of the interview process may be asked to attend an in-person interview within one of the Cloudflare Offices or Cloudflare Hubs. More details about this will be available at that stage of the interview process. This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology controlled under these U.S. export laws without sponsorship for an export license. Cloudflare is proud to be an equal opportunity employer. We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness. All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law. We are an AA/Veterans/Disabled Employer. Cloudflare provides reasonable accommodations to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job. Examples of reasonable accommodations include, but are not limited to, changing the application process, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. If you require a reasonable accommodation to apply for a job, please contact us via e-mail at hr@cloudflare.com or via mail at 101 Townsend St. San Francisco, CA 94107.
About Us At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s Most Innovative Companies by Fast Company. At Cloudflare, we’re not looking for people who wait for a polished roadmap; we’re looking for the builders who see the cracks in the Internet that everyone else has simply learned to live with. We value candidates who have the instinct to spot a "normalized" problem and the AI-native curiosity to create a solution using the latest tools. Our culture is built on iteration, leveraging AI to ship faster today to make it better tomorrow, while ensuring that every improvement, no matter how small, is shared across the team to lift everyone up. If you’re the type of person who values curiosity over bureaucracy, and that AI is a partner in solving tough problems to keep the Internet moving forward, you’ll fit right in. Available Locations: Lisbon, Portugal ABOUT THE ROLE Cloudflare is a system spanning the globe, on a mission to make the internet safer and more powerful everyday. To help fulfill this mission, we are seeking a talented REACT Analyst / Consultant to join us in growing our Cloudforce One REACT organization. In this role, you will be instrumental in building a proactive and threat intelligence-driven approach to protecting Cloudflare and its customers from sophisticated and evolving threat actors. As a REACT Consultant, you will respond to customer security incidents across on-premises, cloud, and hybrid environments. This position requires an innovative, self-starting, and detail-oriented problem solver with a passion for analyzing, tracking, and triaging malicious activity. You will engage with customers at all levels—including Executive, VP, Director, and engineering levels—serving an integral role alongside forensic analysts, threat researchers, detection engineers, and malware analysts to detect, isolate, and mitigate threats. KEY RESPONSIBILITIES 1. INCIDENT RESPONSE & ACTIVE EDGE MITIGATION * Active Edge Mitigation: Execute immediate defensive maneuvers at the Cloudflare edge to protect customer availability. This includes deploying custom WAF rules, implementing L3/L4 DDoS shunning, and performing real-time traffic filtering to neutralize attacks before they reach the customer's origin. * Support Full IR Lifecycle Management: Support and execute the end-to-end incident response process for clients (investigation, containment, remediation, and recovery). Review technical deliverables and coordinate sessions with customer stakeholders to ensure high-quality service and resolution. * Incident Remediation: Build a strong understanding of targeted attacks to create and execute customized tactical and strategic remediation plans for compromised organizations. 2. DIRECT CUSTOMER CONTAINMENT & THREAT ISOLATION * Ransomware & BEC: Identify and isolate infected hosts, revoke compromised sessions/identities, and stop data exfiltration within the customer's infrastructure. * Insider Threats & Nation-State Attacks: Track unauthorized lateral movement, identify sophisticated persistent backdoors, correlate threat actor activity across the environment, and execute containment to preserve evidence while neutralizing the adversary. 3. FORENSICS, ENGINEERING & AI ANALYSIS * Forensic Evidence & Chain of Custody: Conduct initial evidence preservation (logs, volatile memory, disk images) within customer environments according to forensic standards to support legal, regulatory, or insurance requirements. * Crisis Solution Development: Create and enhance client-facing Crisis & Incident Response solutions based on industry standards (ISO 27001, NIST, CIS). Advance customer cyber readiness by identifying opportunities for process optimization in monitoring, detection, and response. * AI-Leveraged Analysis: Utilize AI-powered security platforms to synthesize massive telemetry sets, automate log summarization, and accelerate the identification of emerging threat patterns during active customer engagements. * Technical Documentation & Reporting: Prepare high-fidelity incident reports, forensic findings, and client communications. Maintain rigorous standards for clarity and accuracy to ensure customer executives and engineers understand both the threat and the resolution. DESIRABLE SKILLS, KNOWLEDGE, AND EXPERIENCE * Education: Bachelor's degree in Computer Science, Information Systems, Cybersecurity, a related technical field, or equivalent training/practical experience. * Experience: 3+ years of overall experience in cybersecurity, including 2+ years of dedicated Incident Response / Digital Forensics experience, and 1+ years in a customer-facing role. * OS & Cloud Environments: In-depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac environments. Familiarity with cloud environments (AWS, Azure, O365, Google Cloud, Cloudflare) and cloud IR methodologies. * Network Forensic Analysis: Strong technical knowledge of common network protocols and design patterns (TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS). Experience with network analysis tools like Bro/Zeek or Suricata, and analyzing associated network logs. * Industry Standards: Solid understanding of MITRE ATT&CK and NIST Cyber Security Frameworks. * Communications: Excellent verbal and written communication skills with a proven ability to establish relationships and clearly explain tasks, guidance, and complex technical findings to executive and technical clients. BONUS POINTS * Proficient in Python or Golang, capable of writing modular code or simple scripts that can be installed on a remote system. * Proficient with Yara and writing rules to detect similar malware samples. * Understanding of source code, hex, binary, regular expressions, data correlation, and analysis (such as network flow and system logs). * Practical malware analysis experience with static, dynamic, and automated techniques, including the ability to reverse engineer various file formats and analyze complex samples. * Reverse engineering experience with APT malware with an understanding of common infection vectors, infrastructure enumeration, malware attribution, and current evasion tactics. * Familiarity with bash command-line executables to conduct static analysis and investigate Indicators of Compromise (IOCs). COMPENSATION ● For Portugal based hires: Estimated annual salary is between €54,000 - €75,000. * The final offer will be inclusive of time exemption, in alignment with the applicable law and collective bargaining agreements. EQUITY This role is eligible to participate in Cloudflare’s equity plan. What Makes Cloudflare Special? We’re not just a highly ambitious, large-scale technology company. We’re a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet. Project Galileo: Since 2014, we've equipped more than 2,400 journalism and civil society organizations in 111 countries with powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by Cloudflare’s enterprise customers--at no cost. Athenian Project: In 2017, we created the Athenian Project to ensure that state and local governments have the highest level of protection and reliability for free, so that their constituents have access to election information and voter registration. Since the project, we've provided services to more than 425 local government election websites in 33 states. 1.1.1.1: We released 1.1.1.1 to help fix the foundation of the Internet by building a faster, more secure and privacy-centric public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever released. Here’s the deal - we don’t store client IP addresses never, ever. We will continue to abide by our privacy commitment and ensure that no user data is sold to advertisers or used to target consumers. Sound like something you’d like to be a part of? We’d love to hear from you! Please note that applicants who progress to the offer stage of the interview process may be asked to attend an in-person interview within one of the Cloudflare Offices or Cloudflare Hubs. More details about this will be available at that stage of the interview process. This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology controlled under these U.S. export laws without sponsorship for an export license. Cloudflare is proud to be an equal opportunity employer. We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness. All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law. We are an AA/Veterans/Disabled Employer. Cloudflare provides reasonable accommodations to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job. Examples of reasonable accommodations include, but are not limited to, changing the application process, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. If you require a reasonable accommodation to apply for a job, please contact us via e-mail at hr@cloudflare.com or via mail at 101 Townsend St. San Francisco, CA 94107.
EQT is looking for an Application & AI Cyber Security Engineer to join our Cyber Security Engineering team, owning the security posture of our hosted applications, container platforms, and AI environments. This is a hands-on engineering role where you will build automated guardrails and real-time visibility — making the secure path the easy path across a modern, globally distributed technology landscape. ABOUT THE TEAM The Cyber Security Engineering team defines and validates security standards across EQT's technology landscape. Operating as a trusted security function, the team works closely with platform engineering, cloud infrastructure, identity, and technology assurance teams to strengthen controls while enabling innovation. This role sits within a small, high-trust team where collaboration, curiosity, and technical depth are core to how we work. The team supports both traditional application environments and emerging AI and agentic platforms, helping EQT navigate a rapidly evolving threat landscape with practical, engineering-led security standards. You will report to the Head of Digital Employee Experience and partner closely with the CISO function, contributing engineering depth directly to governance and policy decisions. ABOUT THE ROLE This role brings together application security, container security, and AI security into one evolving discipline — giving you the scope to influence standards, technical controls, and governance frameworks across a global technology environment. The mandate is to build automated guardrails and observability at scale, not to review individual applications by hand. * Design and deploy automated controls for container platforms and application deployments — admission controllers, policy-as-code, and pre-configured scanning — that enforce standards at the point of deployment rather than after the fact. * A growing part of the job is enabling citizen development — making sure non-technical teams can use AI coding tools like Claude Code and CoWork without needing to come through security first, because the guardrails are already there. * Curate internal security tooling, automation, and AI skills for cost, reliability, and security posture — favouring deterministic, scripted components that run fast and cheap over token-intensive approaches, and tracking cost-per-outcome across security controls as a core operating discipline. * Own container security standards as enforceable controls: image scanning policy, runtime baselines, and registry governance across all deployment paths, including workloads outside formal pipelines. * Manage software supply chain risk end-to-end, including dependency scanning, build-time and runtime composition analysis, and identifying high-propagation risk junctions. * Build application security observability that goes beyond static inventories — a live picture of what is deployed, what it is composed of, and where risk is concentrated — and provide actionable dashboards for engineering leadership and the CISO function. * Own the security configuration of EQT's AI platforms, including hardening, access controls, data flow governance, and defences against prompt injection and data exfiltration. * Assess MCP connector risk — API call patterns, data processing terms, allowlist maintenance, and dependency chains — and evaluate new AI tools with enough technical depth to inform CISO-level approval decisions. * Define behavioural baselines for agentic execution environments and close AI-specific insider threat gaps, ensuring monitoring tools can see into AI data flows. * Collaborate with Detection & Insider Threat Engineers on container runtime telemetry, and with Identity & Cloud Security Engineers on service identity, workload access, and secrets management. TOOLS YOU'LL WORK WITH Kubernetes, CI/CD platforms, SBOM tooling, Aikido, Claude Enterprise, Claude Code, MCP, CoWork, DTEX, Datadog, policy-as-code frameworks. ABOUT YOU You are a technically grounded security engineer who cares deeply about developer experience and approaches security friction as a design problem to solve, not a trade-off to accept. You work with clarity and ownership, communicate technical findings to senior stakeholders with confidence, and are actively building your knowledge of AI and agentic security. What you'll bring (must-have): * Proven hands-on experience with container security — Kubernetes, image scanning, admission control, runtime protection, and policy-as-code. * A track record of building automated security controls that scale, with an instinct for making the right path easy and the wrong path hard rather than relying on manual review. * Solid application security fundamentals, including familiarity with OWASP Top 10, secure development lifecycle, and software supply chain risk, with an orientation toward enforcement over assessment. * Experience building security visibility into running systems through instrumentation, runtime analysis, or operational dashboards — understanding the difference between knowing what was shipped and knowing what is actually executing in production. * Active use of AI-assisted development tools in your own engineering work (such as Claude Code, GitHub Copilot, or equivalent); this role is designed around that way of working. * Early or growing experience in AI and LLM security — including prompt injection, data exfiltration, model API security, or agentic system controls — and a clear appetite to develop expertise in this space. * The ability to communicate complex technical findings clearly and concisely to senior stakeholders who will translate them into policy and governance decisions. Nice to have: * Familiarity with tools such as CrowdStrike, Aikido, Bold Security, Nightfall, Zscaler, or Lakera Guard. * Experience with MCP (Model Context Protocol), agentic frameworks, or AI platform administration. * Background working in private equity, financial services, or other environments where non-public information is a primary asset requiring protection. * Experience measuring and optimising the operational cost of security controls. * Comfort deploying and working with local open-source LLMs for automation use cases. HOW WE THINK ABOUT THIS ROLE Application security and AI security share a common threat model — data exfiltration, supply chain compromise, and the boundary between trusted and untrusted code. AI connectors that interact with hosted services sit squarely in both domains. Splitting them into separate roles at a five-person team would create seams in exactly the places attackers exploit. The role is also shaped by a bet on AI-augmented engineering. An engineer with good tooling, a real token budget, and the discipline to automate before they assess can cover ground that would have required a larger team not long ago. We've designed the headcount around that — not to cut corners, but because the best security engineering now looks like one person building excellent guardrails with AI, not several people reviewing things by hand. WHAT WE OFFER At EQT, you will work in an environment that combines high impact with high trust, contributing to security challenges that matter at a global scale. You will help shape practices in areas that are rapidly evolving across the industry — AI security, software supply chain security, and modern application platforms — with direct influence on governance decisions and engineering standards. We offer meaningful and complex work with global reach, close collaboration with experienced colleagues across security, engineering, and technology, and genuine exposure to emerging AI technologies and cloud-native platforms. EQT has a culture that values curiosity, ownership, and continuous learning, with real opportunities for professional development in a fast-moving environment. COMPENSATION & BENEFITS NOTICE We offer a competitive total rewards package including base salary, determined based on the role, experience, skill set, and location. Eligible employees may also receive discretionary incentive compensation, awarded in recognition of individual performance and company results. EQT provides a comprehensive benefits offering designed to support employee wellbeing, development, and work-life balance. Benefits include paid time off, parental leave, wellbeing and wellness support, flexible working arrangements, and learning and development opportunities. Benefits are effective from the first day of employment and may vary by location and role. Inclusion at EQT Our vision for EQT employees is to build high performing & engaged teams. Our competitive edge comes from fostering an environment where every individual feels valued, empowered, and motivated to drive business impact. Our commitment to inclusion is not just about fairness; We understand and believe that being a great place to work drives the best performance.At EQT, inclusion is a business imperative and it's embedded into our talent strategy, decision-making, and culture to ensure that every individual and team operates at their full potential. By doing so, we unlock better collaboration, stronger innovation, and superior investment outcomes. About EQT EQT is a purpose-driven global investment organization focused on active ownership strategies. With a Nordic heritage and a global mindset, EQT has a track record of over three decades of developing companies across multiple geographies, sectors and strategies. EQT has investment strategies covering all phases of a business’ development, from start-up to maturity. EQT has EUR 270 billion in total assets under management (EUR 141 billion in fee-generating assets under management), within two business segments – Private Capital and Real Assets. With its roots in the Wallenberg family’s entrepreneurial mindset and philosophy of long-term ownership, EQT is guided by a set of strong values and a distinct corporate culture. EQT manages and advises funds and vehicles that invest across the world with the mission to future-proof companies, generate attractive returns and make a positive impact with everything EQT does. EQT has offices in more than 25 countries across Europe, Asia and the Americas and has more than 1,900 employees. More info: www.eqtgroup.com Follow EQT on LinkedIn, X, YouTube and Instagram