
NEAR Foundation · Remote - Global
ABOUT NEAR FOUNDATION NEAR Foundation supports the growth of the NEAR ecosystem — including NEAR AI, NEAR Intents, and the underlying NEAR Protocol — across mu...
NEAR Foundation supports the growth of the NEAR ecosystem — including NEAR AI, NEAR Intents, and the underlying NEAR Protocol —
across multiple entities and product nodes. Strong IT and security underpin everything we do, and we are scaling the function to
match the size and complexity of the ecosystem.
We are hiring a Senior IT Security Engineer to be the deep technical owner of our information security work. This is a senior
individual contributor role for someone who has spent years operating at the engineering edge of IT and security and is now
looking for broad scope and meaningful ownership.
You will bring the technical depth to design, harden, and automate the security systems and controls our team and ecosystem rely
on, and you will lead our information security program end-to-end. You will work alongside our IT Director, who owns the broader
IT function, and partner with our IT Operations team, who handle day-to-day support and provisioning — letting you focus squarely
on security engineering and program leadership. Near-term priorities include leading SOC II Type 2 and ISO 27001 readiness at NEAR
AI, supporting the needs of the NEAR Security Committee (NSC), and partnering with the incoming NEAR Intents Head of Security on
shared standards.
Information Security Program
shared work.
liaison, and remediation.
Security Engineering
privileged access) — partnering with the IT Director and IT Operations team on day-to-day operations.
and workflows that tighten controls and reduce manual work.
technical due diligence.
Cloud and Policy
partnership with infrastructure and product teams.
end-to-end.
Clear mandate, executive sponsorship, and real scope across IT and security in a fast-moving ecosystem. Senior IC role with strong
path to broader security leadership as the program matures.
A competitive compensation aligned with senior-level security engineering roles across leading AI and Web3 organizations,
including a combination of salary and NEAR token incentives. Benefits include comprehensive healthcare coverage, a remote-first
work environment, and a professional development and learning budget.
We value
NEAR is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment
without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran
status, or genetic information. NEAR is committed to providing access, equal opportunity and reasonable accommodation for
individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, please
let your recruiter know during the interview process.
Applications deadline: We are conducting interviews actively and aim to fill this role as soon as we find someone suitable. THE OPPORTUNITY We're looking for a senior Security Engineer to own security at Apollo Research from end to end. You'll be the first dedicated security hire at Apollo. Security at Apollo exists to maintain the trust of our frontier AI lab partners and enable our research mission. This role sits within the engineering team and reports directly to the CEO. YOU HAVE THE OPPORTUNITY TO - Build and own Apollo's security programme. Own the security roadmap, conduct risk assessments, and evolve the programme as the org grows. You decide what Apollo's security posture needs to look like given our size, threat model, and partner relationships. - Maintain the trust of our frontier AI lab partners. Become the primary security point of contact for partner security teams. Build relationships with partner CISOs, produce and maintain technical documentation on Apollo's security practices, and demonstrate that our security posture meets the bar required for our ongoing partnerships. - Set security direction for engineering. Define security principles and AppSec strategy which the engineering team implements. Build paved roads that make the secure path easy for engineers. - Define how Apollo uses AI tools, agents, and integrations. Decide what's approved, what data can go where, and how new tools get vetted. This is a live and evolving challenge, and you'll need to balance security with the fact that researchers need to use cutting-edge tools to do their jobs. - Own the security tooling stack and automate security operations. Select, implement, and manage security controls including EDR/MDR, endpoint management, email protection, and identity management. Automate wherever possible: zero-touch deployments, IaC for security tooling, automated provisioning and deprovisioning. - Drive compliance and certification. Lead certification efforts (ISO 27001, SOC 2) as needed to meet partner requirements. Automate where needed and treat compliance as a byproduct of good security practice. - Own IT administration across the organisation. Manage Google Workspace, define access policies, and build secure onboarding and offboarding processes. WHAT WE'RE LOOKING FOR - Engineering mindset. You treat security operations and GRC as engineering problems. You reach for automation and systems solutions over manual processes. - Pragmatism. You understand that security exists to enable Apollo's mission and maintain partner trust, and you tailor your advice to our risk profile. - Leadership. You are capable of building out our security programme from scratch. - Hands-on. In addition to leading the security programme, you are willing and able to drive implementation yourself. - Speed. You make good-enough decisions quickly and execute fast once a decision is made. - Adaptability to new developments. You have a strong base of knowledge that enables you to make decisions under uncertainty as AI tooling and the threat landscape evolve. - Stakeholder credibility. Non-security people trust you internally, and you can credibly represent Apollo to lab partner security teams externally.
About us: Causaly is redefining how humans acquire knowledge and develop insights in biomedicine. Our AI-powered platform enables researchers and decision-makers to discover and interpret evidence from millions of scientific publications, clinical trials, regulatory documents, and other complex data sources in minutes. We are building the world’s most advanced biomedical knowledge platform, powered by a high-precision Knowledge Graph and GenAI capabilities. Our technology is already used by leading biopharmaceutical organizations to accelerate drug discovery, improve safety, and drive better decision-making. Backed by top-tier investors including ICONIQ, Index Ventures, Pentech, and Marathon, we are scaling rapidly and expanding our product suite and market presence. About the Role We are looking for a Senior or Staff Security Engineer to join our security team and own our vulnerability management program, collaborate with several Engineering and Product teams as a Security advisor and support SecOps. You will operate with a high degree of autonomy — defining strategy, building processes, and acting as a trusted security advisor to our engineering organisation. What You'll Do * Own the vulnerability management program end-to-end: strategy, tooling, prioritisation, and remediation tracking across dependencies, containers, and cloud environments. * Define and maintain a dependency security strategy, including policies for third-party library adoption and update cadence. * Integrate and maintain security tooling in CI/CD pipelines (SAST, SCA, secrets detection, container scanning). * Act as a security consultant to product and engineering squads — supporting design reviews, architecture decisions, and secure coding practices. * Define and maintain security standards and guidelines practical for development teams. * Manage and continuously improve the Security Champions program — growing security awareness and capability across engineering teams. * Support SecOps in incident triage and response, contributing security engineering context where needed. Requirements * Strong knowledge of cloud security — IAM, network security, secure configuration best practices. * Hands-on experience with security tooling in CI/CD pipelines (SAST, SCA, secrets scanning, container scanning). * Proven experience in a vulnerability management role, through the entire lifecycle. * Passionate and knowledgeable about using LLMs for building robust security practices, including triage, secure code review, threat analysis and tooling * In-depth knowledge of secure coding practices in Node.js, TypeScript, Python, and/or React. * Familiarity with security frameworks and standards (e.g. OWASP, NIST, CIS Benchmarks). * Strong communication skills, with the ability to translate risk for both technical and non-technical audiences. Nice to Have * Experience with Semgrep for static analysis and custom rule authoring. * Experience with Wiz for cloud security posture management. * Experience running or contributing to a Security Champions program. * Experience with threat modelling (e.g. STRIDE). * Familiarity with SOC 2 and ISO 27001. * Relevant certifications are considered a plus (e.g. CISSP, IaaS specific certifications, etc..). Benefits UK: 💰 Competitive compensation package 🩺 Private medical insurance 🦷 Private dental insurance 📔 Life insurance (4 x salary) 🤓 Personal development budget 🧘 Individual wellbeing budget 🌴 25 days holiday plus bank holidays 🥳 Your birthday off! 🚀 Potential to have real impact and accelerated career growth as a member of an international team that's building a transformative AI product. We are on a mission to accelerate scientific breakthroughs for ALL humankind, and we are proud to be an equal opportunity employer. We welcome applications from all backgrounds and fairly consider qualified candidates without regard to race, ethnic or national origin, gender, gender identity or expression, sexual orientation, disability, neurodiversity, genetics, age, religion or belief, marital/civil partnership status, domestic / family status, veteran status or any other difference.
The Company Cubic³ provides advanced software-defined vehicle solutions to over 200 countries around the world. Our powerfully smart connectivity enables leading automotive, agriculture, and transportation OEMs to deliver innovative new services and fully compliant in-vehicle experiences that customers desire, regardless of local market requirements. We believe in leadership that supports empowerment and responsibility, while recognising and developing leadership qualities across Our Team. Together we bring out the best in each other. So, whether you’re interested in joining us as an individual contributor, manager, senior leader – or someone who aspires to growing into a leadership role – we look for people who are results focused, empathetic, visionary, empowering, and who ‘champion’ our cultures and values. Role Overview Responsible for leading the design, implementation, and continuous improvement of security engineering practices across cloud, on-premise, and hybrid environments. This role drives security-by-design principles, DevSecOps integration, Cloud and platform hardening, while providing technical leadership across the organisation. Key Responsibilities * Define and implement security-by-design principles across cloud, on-premise, endpoint, and network environments * Embed security into CI/CD pipelines (DevSecOps) in collaboration with engineering and DevOps teams * Conduct and lead security risk assessments, ensuring mitigation strategies are implemented across new applications, platforms, and third-party tools * Own and enhance cloud, platform, and endpoint security posture, including monitoring for configuration drift and vulnerabilities * Develop and enforce hardening standards across endpoints (Windows/macOS), servers, and compute environments * Support and partner with teams across IAM, GRC, DLP, SOC, and Vulnerability Management to strengthen overall security capability * Own and manage security tools related to the role and discipline e.g. SAST Tooling * Drive automation, AI usage and tooling improvements to increase efficiency and reduce risk * Provide support to the business as it relates to solution design, project and change management security. * Provide technical leadership and incident response support during security events * Collaborate with IT, DevOps, Software, Networks and Infra teams to embed security practices * Stay current on emerging threats, vulnerabilities, and security technologies Required Qualifications * Bachelor’s degree in computer science, Cybersecurity, or related field * 8+ years of experience in cybersecurity or information security roles. * Experience designing and implementing enterprise scale security principles * Proven ability to influence and work with cross-functional teams and departments * Hands on experience with end user and cloud security (Azure, AWS, Windows and MAC O/S) * Strong technical knowledge of software development (CI/CD pipeline), cloud and security by design ways of working. * Experience with security frameworks (NIST, ISO/IEC 27001, NIS2 TISAX) Key Skills Required * Security architecture & Zero Trust principles * Cloud security (Azure & AWS) * DevSecOps and CI/CD security integration (SDLC) * Security frameworks & compliance (ISO 27001, NIST, NIS2, TISAX) * Workflow Automation & AI adoption * Stakeholder management & technical leadership Tool Experience * Microsoft Azure (E5 Toolset) - Defender for Cloud, Defender for Endpoint, Defender for Identity, Microsoft Purview * AWS Security Hub (CSPM), Amazon Guard Duty, AWS Inspector, AWS Identity Analyser, AWS Config * SonarCloud (SAST Tooling) * Atlassian Cloud (Confluence / Jira) * Vanta (GRC) * Strong Microsoft Office 365 knowledge Certifications (Desired) * ISC2 - CISSP/CCSP/CSSLP * AWS Certified Security - Specialty * Microsoft Azure Security Engineer Associate (AZ-500) * Microsoft Cybersecurity Architect Expert (SC-100) * GIAC GSSP/ GCSA New hires at Cubic³ are required to work onsite five days a week during their six-month probation period to get to know the company, their team, and our ways of working. After probation, we offer a flexible arrangement of up to eight work-from-home days per month, provided it aligns with business needs and performance standards. This arrangement is not a given for all roles. Cubic³ is an equal opportunities employer and committed to fostering a diverse and inclusive workplace.