
Parity · Remote
ABOUT US Parity is one of the world’s most experienced companies building the core infrastructure behind blockchain — the system that allows information and va...
Parity is one of the world’s most experienced companies building the core infrastructure behind blockchain — the system that
allows information and value to be shared securely without needing an intermediary. We’re laying the foundation for a better web
which respects the freedom and data of individuals, and empowers developers to build better, more trustworthy online services.
Our remote-first, global team develop open-source software that anyone can use or improve. This includes Polkadot, Polkadot SDK,
and Kusama — key parts of the Web3 tech stack, the next generation of the internet. Our mission is to make Polkadot the most
active and innovative community in blockchain, powering a new era of connected and decentralised applications.
Parity’s Security Engineering team is at the forefront of protecting the Polkadot ecosystem by designing and implementing secure
software, auditing code for vulnerabilities, and building cutting-edge ML tools to automate security analysis. We work closely
with development teams to embed security best practices across our open-source stack, ensuring that our blockchain infrastructure
is robust, resilient, and secure by design.
As a security-focused software engineer, you will go beyond traditional application security - you’ll audit and ideally write
secure Rust code where needed, conduct deep manual and automated code audits, and leverage machine learning to enhance security
across our ecosystem. This is an opportunity to shape the security landscape of the next generation of decentralized applications
and protocols.
vulnerabilities.
threat mitigation.
hackers to resolve issues.
development lifecycle.
core software.
security.
If you're excited about writing secure software, auditing code, and pioneering ML-driven security solutions for Web3, we’d love to
hear from you!
Joining Parity means joining team mates who are genuinely excited about the impact their projects are having, and the opportunity
to grow alongside some of the brightest minds in the Web3 space! You’ll work remotely and flexibly, while still getting to meet
your team mates throughout the year at team and company-wide retreats.
Upon receiving an offer, all candidates undergo a background check through Zinc, our trusted third-party provider. Team members
will be taken on as a contractor via our UK entity. View our Applicant Notice to see how we use your data.
Parity is an Equal Opportunity Employer. We welcome diversity in our global team and care about everyone in our collective feeling
included and welcome.
Is this position not quite your match? Browse our other open roles.
SENIOR SECURITY ENGINEER Remote ABOUT BRAVE Brave is on a mission to protect the human right to privacy online. We’ve built a free web browser that blocks creepy third-party ads and trackers by default, a private search engine with a truly independent index, a browser-native crypto wallet, and a private ad network (opt-in!) that directly rewards you for your attention. And we’re just getting started. Already 110+ million people have switched to Brave for a faster, more private web. Millions more switch every month. The internet is a sea of privacy-harmful ads, hackers, and echo chambers. Big Tech makes huge profits off our data, and tells us what’s true and what’s not. Brave is fighting back. Join us! SUMMARY We are hiring a staff engineer on the Brave security and privacy team! You will help keep our users safe across Brave’s products, including Brave browser and Brave Search. Responsibilities include: 1. Security reviews of Brave products 2. Triaging and fixing security reports 3. Designing and implementing security-relevant code 4. Penetration tests of Brave products and infrastructure Brave is widely-recognized as one of the best browsers for security and privacy, doing industry-leading work with a team that’s a fraction of the size of Big Tech-supported browsers. REQUIRED QUALIFICATIONS * At least 5 years experience (or equivalent) in security engineering * Experience in penetration testing and/or security auditing * Proficiency in C++, both implementing and reviewing * Strong familiarity with the Web security model * Experience securing AWS infrastructure * Very comfortable working and communicating async with a geographically-distributed software development team * Be comfortable diving into an extremely large, unfamiliar and complex codebase * Be comfortable with Git and collaborating on GitHub PREFERRED QUALIFICATIONS * Experience contributing to large open source codebases and/or participating in open source communities * Proficiency in Web technologies (HTML, CSS, JavaScript) * Proficiency in Go and Rust * DevOps experience * Contributions to other Web browsers * Familiarity with Chromium's architecture, especially security * Ability to write clear technical documentation and less technical writing for blog posts or public communication. * Be excited about privacy, anonymity, and censorship resistance!
GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster. The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software. *Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab. An overview of this role As a Senior Security Engineer on GitLab’s Security Incident Response Team (SIRT), you will play a critical role in defending GitLab.com and the broader GitLab environment against evolving security threats. You will lead high-impact incidents and investigations, drive continuous improvements in defense, detection and response capabilities, and help scale security operations through automation and intelligent workflows. Operating within a 24/7 global environment (follow the sun model), you will own incidents end-to-end - from detection and triage through containment, eradication, and recovery - while partnering cross-functionally to strengthen GitLab’s overall security posture. A key aspect of this role is leveraging automation and AI-driven approaches to improve detection fidelity, accelerate investigations, and reduce response times. You will help shape how modern tooling and data are applied to stay ahead of evolving adversary tactics. This role is ideal for someone who thrives in high-tempo environments, brings strong DFIR expertise, and is equally passionate about operational excellence and building scalable detection and response systems and workflows. WHAT YOU’LL DO * Lead and coordinate end-to-end incident response for high-severity security events within a 24/7 global on-call model, with this role operating during EMEA business hours * Prepare clear executive communications that keep stakeholders informed during incidents * Investigate complex security incidents across cloud environments, applying strong Digital Forensics and Incident Response (DFIR) methodologies * Partnering with Signals Engineering to design and implement detection capabilities, including SIEM use cases, alerting strategies, and telemetry pipelines * Build and enhance automation and AI-assisted workflows to improve triage, investigation speed, and response consistency * Partner with Threat Intelligence to contextualize threats and improve detection coverage * Conduct root cause analysis (RCA) and lead post-incident reviews to drive continuous improvement and risk reduction * Develop and maintain runbooks, playbooks, and operational documentation * Collaborate cross-functionally (Engineering, Infrastructure, Legal, Product, Communications, etc) during incidents and lead proactive initiatives (e.g. tabletops) * Mentor other engineers and help elevate the team’s overall incident response maturity WHAT YOU’LL BRING * Strong experience in security incident response and investigations in cloud-first environments * Experience using or administering Git/GitLab in a security or engineering context * Hands-on experience with SIEM, EDR, and/or detection engineering * Experience with cloud platforms (AWS & GCP) * Familiarity with threat intelligence and adversary tactics (e.g., MITRE ATT&CK) * Experience building or working with automation (e.g., Python, scripting, SOAR platforms) * Interest or experience in applying AI/ML or data-driven techniques to detection, triage, or response workflows * Strong analytical and problem-solving skills; ability to operate effectively during high-severity incidents * Excellent written communication skills with a passion for clear, actionable documentation * Growth mindset with a proactive approach to identifying and mitigating security risks ABOUT THE TEAM The Security Incident Response Team (SIRT) is a globally distributed team of engineers split across 3 core regions; AMER, APAC and EMEA, and is at the forefront of security events that impact both GitLab.com and GitLab cloud and corporate environments. We are both reactive and proactive, leading security investigations, incident response support and response resolution, through to cyber threat analysis and detection and response engineering. Even though we’re a global team, we work together in a cross-regional manner and have automation and processes to facilitate collaboration when resolving incidents, handovers, and general collaboration for project work as well. HOW GITLAB SUPPORTS FULL-TIME EMPLOYEES * Benefits to support your health, finances, and well-being * Flexible Paid Time Off * Team Member Resource Groups * Equity Compensation & Employee Stock Purchase Plan * Growth and Development Fund * Parental Leave Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application. ---------------------------------------------------------------------------------------------------------------------------------- Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process. Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us. GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.
SENIOR SECURITY ENGINEER Prolific Prolific is not just another player in the AI space – we are the architects of the human data infrastructure that's reshaping the landscape of AI development. In a world where foundational AI technologies are increasingly commoditized, it's the quality and diversity of human-generated data that truly differentiates products and models. The role Security at Prolific isn't an afterthought, it's foundational to how we build. As a company trusted by world-leading research institutions and AI labs to handle sensitive data at scale, the security of our application layer is critical. We handle participant data, researcher credentials, payment flows, and API integrations that demand rigorous protection at the code level. As a Senior Security Engineer, you'll be the technical authority on application security at Prolific. You'll work hands-on with our engineering teams to find and fix vulnerabilities in our codebase, perform security testing, build security tooling, and embed secure development practices into how we ship software. This isn't a governance or policy role, you'll be in the code, reviewing pull requests, threat modeling new features, and building the automation that keeps our platform secure as we scale. You'll report to the Head of Engineering/Platform and work cross-functionally with product engineering, platform, data, and TechOps teams. What you’ll bring to the role * Several years in application/product security and a background in software engineering * Strong knowledge of OWASP Top 10 (Web & API) and modern attack paths (e.g. auth flaws, SSRF, injection, business logic abuse, supply chain) * Experience working with complex, large-scale systems and modern architectures * Hands-on security testing experience (especially Burp Suite) across web apps and APIs * Python for security tooling, automation, or custom detection (Django a plus) * Experience implementing and tuning SAST, SCA, DAST, and secret scanning in CI/CD * Practical threat modelling experience, including leading lightweight sessions * Strong collaboration skills, able to clearly explain issues and drive remediation * Builder mindset, you automate wherever possible Nice to haves * Experience with Django, Vue.js, MongoDB, GCP * Security champions or bug bounty programmes * Supply chain security (SCA, SBOMs, dependency review) * IaC security (e.g. Terraform, policy-as-code) * Hands-on certifications (OSCP, GWAPT, BSCP) * Experience in scaling environments building out security practices What you’ll be doing in the role You'll help secure Prolific’s applications end-to-end, from hands-on testing and code review to threat modeling and CI/CD security. You’ll partner closely with engineers to identify and fix vulnerabilities, build and tune security tooling, and embed secure development practices across the SDLC. This includes running penetration tests, improving detection coverage, and staying ahead of emerging threats to continuously strengthen our security posture. Why is Prolific a great place to work We've built a unique platform that connects researchers and companies with a global pool of participants, enabling the collection of high-quality, ethically sourced human behavioral data and feedback. This data is the cornerstone of developing more accurate, nuanced, and aligned AI systems. We believe that the next leap in AI capabilities won't come solely from scaling existing models but from integrating diverse human perspectives and behaviors into AI development. By providing this crucial human data infrastructure, Prolific is positioning itself at the forefront of the next wave of AI innovation—one that reflects the breadth and the best of humanity. Working for us will place you at the forefront of AI innovation, providing access to our unique human data platform and opportunities for groundbreaking research. Join us to enjoy a competitive salary, benefits, and remote working within our impactful, mission-driven culture. Links to more information on Prolific Benefits External Handbook Website Youtube Privacy Statement By submitting your application, you agree that Prolific may collect your personal data for recruiting and global organization planning. Prolific's Candidate Privacy Notice explains what personal information Prolific may process, where Prolific may process your personal information, its purposes for processing your personal information, and the rights you can exercise over Prolific's use of your personal information.