
Cloudflare · Hybrid
About Us At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of...
About Us
At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks
that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune
500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software,
or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global
network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in
spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s
Most Innovative Companies by Fast Company.
At Cloudflare, we’re not looking for people who wait for a polished roadmap; we’re looking for the builders who see the cracks in
the Internet that everyone else has simply learned to live with. We value candidates who have the instinct to spot a "normalized"
problem and the AI-native curiosity to create a solution using the latest tools. Our culture is built on iteration, leveraging AI
to ship faster today to make it better tomorrow, while ensuring that every improvement, no matter how small, is shared across the
team to lift everyone up. If you’re the type of person who values curiosity over bureaucracy, and that AI is a partner in solving
tough problems to keep the Internet moving forward, you’ll fit right in.
The Internal Audit (IA) organization is responsible for delivering high-quality objective and independent assurance over the
Company’s key business risks to the Audit Committee and Management in a cost-effective way and consistent with Professional
Standards. Reflecting the Company’s core value of continuous improvement, the function is in the process of moving toward wider
coverage of operational risks, exploring more efficient audit approaches and industry best practices where appropriate. Our
mission is to drive meaningful change in the control environment and risk management capabilities by delivering impactful and
solution-oriented engagement and partnership.
Reporting to the Senior Director of Cybersecurity and Technology Audit, as a Full Stack Engineer in our growing Bengaluru Internal
Audit Engineering team, you will build the applications, platforms, and user interfaces that power our automated assurance
strategy. You will partner closely with our AI/Data Science engineers and Internal Auditors to develop production-ready internal
platforms and automated workflows deployed across our global landscape.
across Cloudflare’s global infrastructure.
data-driven testing throughout the audit lifecycle.Customer Zero Engineering: Build and maintain internal tools and dashboards
using Cloudflare’s stack (e.g., Workers, KV, D1, AI Gateway) to solve complex internal risk and compliance challenges.
security misconfigurations, or compliance deviations.
and production logs to deliver near real-time risk insights.
and continuous auditing.
production deployment.
(high-throughput, distributed systems & globally distributed teams).
like React or TypeScript.
What Makes Cloudflare Special?
We’re not just a highly ambitious, large-scale technology company. We’re a highly ambitious, large-scale technology company with a
soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.
Project Galileo: Since 2014, we've equipped more than 2,400 journalism and civil society organizations in 111 countries with
powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by
Cloudflare’s enterprise customers--at no cost.
Athenian Project: In 2017, we created the Athenian Project to ensure that state and local governments have the highest level of
protection and reliability for free, so that their constituents have access to election information and voter registration. Since
the project, we've provided services to more than 425 local government election websites in 33 states.
1.1.1.1: We released 1.1.1.1 to help fix the foundation of the Internet by building a faster, more secure and privacy-centric
public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever
released. Here’s the deal - we don’t store client IP addresses never, ever. We will continue to abide by our privacy commitment
and ensure that no user data is sold to advertisers or used to target consumers.
Sound like something you’d like to be a part of? We’d love to hear from you!
Please note that applicants who progress to the offer stage of the interview process may be asked to attend an in-person interview
within one of the Cloudflare Offices or Cloudflare Hubs. More details about this will be available at that stage of the interview
process.
This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration
Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology
controlled under these U.S. export laws without sponsorship for an export license.
Cloudflare is proud to be an equal opportunity employer. We are committed to providing equal employment opportunity for all
people and place great value in both diversity and inclusiveness. All qualified applicants will be considered for employment
without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender
expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition,
family care status, or any other basis protected by law. We are an AA/Veterans/Disabled Employer.
Cloudflare provides reasonable accommodations to qualified individuals with disabilities. Please tell us if you require a
reasonable accommodation to apply for a job. Examples of reasonable accommodations include, but are not limited to, changing the
application process, providing documents in an alternate format, using a sign language interpreter, or using specialized
equipment. If you require a reasonable accommodation to apply for a job, please contact us via e-mail at hr@cloudflare.com or via
mail at 101 Townsend St. San Francisco, CA 94107.
Build with us Businesses deserve better from finance. Less friction, more freedom. Since 2004, Mollie has been on a mission to make payments and money management effortless for every business in Europe. Today, more than 250,000 companies trust our all-in-one platform to get paid, manage money and grow on their terms. Simple, scalable and built with real businesses in mind. We're one of Europe's fastest-growing fintechs, with 1000+ Mollies across 12+ locations. Our people make this growth possible. We move fast, build with purpose and care deeply about our customers. Whether you're solving problems, building market-leading products or exploring how AI can make work smarter, you'll have the freedom to create and the trust to deliver. If you're ready to grow, shape the future of fintech and join an ambitious, high-performing team, this is the place for you. Your impact We're building the runtime for Mollie's next generation of internal tools — not just for engineers, but for everyone. When a finance analyst can deploy a fully working app with a single git push, that's infrastructure that creates real organisational leverage. This role is about building that foundation and keeping it running as adoption scales. The Compute & Onboarding team owns the runtime layer of Mollie's internal cloud platform — how workloads get deployed, discovered, and operated across our GCP environment. We're expanding to accelerate the Internal Hosting Platform (IHP): Mollie's answer to the question "what if anyone at Mollie — engineer, analyst, designer — could ship a full-stack internal application without touching Kubernetes or configuring cloud infrastructure?" Early adopters across Finance, Design, and Internal Audit are already building on the platform. We're scaling it to the rest of the company. About the role You'll be a builder and steward of the platform that turns "I have an idea for a tool" into "here's the link — it's running." That means extending the CI/CD layer, hardening the runtime (secret injection, access control, multi-tenant onboarding), and pushing the platform forward from static-file hosting toward full-stack, AI-native internal applications. You'll work closely with the people who use the platform — often non-engineers building with AI assistance — and translate their friction directly into engineering improvements. The feedback loop is tight. The impact is visible. The surface is genuinely greenfield. What you'll ship * Build and maintain the CI/CD integration that turns a commit into a deployed, shareable internal application * Implement self-service tenant onboarding — removing manual provisioning toil from the team * Add runtime capabilities: secure secret and environment variable injection, team-level access control, server-side application hosting * Write and maintain Terraform for platform infrastructure on GCP * Work with internal adopters — from engineers to analysts — to understand blockers and turn them into platform improvements * Contribute to platform reliability, observability, and lifecycle governance What you'll bring * 3–5 years of full-stack engineering experience, comfortable across the stack * Strong command of Terraform for infrastructure-as-code on a major cloud provider — GCP experience is a real advantage * Solid experience with CI/CD pipelines (we run on GitLab CI) * Backend experience in Node.js, Go, or Java — language matters less than engineering rigour and willingness to move in our stack * Frontend proficiency in TypeScript / React for internal UI work * Familiarity with cloud-native primitives: containers, managed databases, secrets management, IAM, access control patterns * Comfort working close to the user — this platform serves internal colleagues; you'll hear feedback directly and often Nice to have * Prior work building developer platforms, internal tooling infrastructure, or DevEx products * Experience with multi-tenant access control or identity integration patterns * Exposure to AI-assisted development workflows — our users increasingly build with AI agents, and understanding that context helps * Familiarity with GCP services (Cloud Run, Cloud SQL, GCS, Secret Manager, IAM) Why is this role different Most platform work is invisible. This isn't. You're building infrastructure for a new way of working at Mollie — one where every team, technical or not, can build and ship internal tools with confidence. The platform already has real users, real momentum, and direct CEO-level attention. You'll build things that your colleagues use every day. You're joining an established, high-trust team — but with a greenfield surface. No legacy to maintain. Real users to serve. A roadmap with clear phases and room to shape the next one. Grow your way At Mollie, growth is personal. We believe everyone should have the chance to develop their skills, explore new challenges and shape their career on their own terms. You'll get regular feedback and performance reviews to support your development, with fair and transparent salary reviews along the way. Many Mollies move into new roles or take on new projects to stretch themselves, and we actively hire from within to help you take the next step. No matter if you're aiming for promotion, exploring a different career path or building new skills, you'll be supported with the tools, trust and opportunities to grow your way. Unlock your full potential and join us to eliminate financial bureaucracy. If you're excited by the idea of building what's next, for yourself and for thousands of businesses across Europe, we'd love to hear from you. AI at Mollie We believe in Always Be Shipping, and AI brings that philosophy to life across every team, every role, every day. AI is core to how we build. It helps us move faster, simplify work and make smarter decisions, creating real impact for the businesses we serve. We're looking for people who are excited to use AI to shape the future of finance with us.
Who we are At Twilio, we’re shaping the future of communications, all from the comfort of our homes. We deliver innovative solutions to hundreds of thousands of businesses and empower millions of developers worldwide to craft personalized customer experiences. Our dedication to remote-first work, and strong culture of connection and global inclusion means that no matter your location, you’re part of a vibrant team with diverse experiences making a global impact each day. As we continue to revolutionize how the world interacts, we’re acquiring new skills and experiences that make work feel truly rewarding. Your career at Twilio is in your hands. We use Artificial Intelligence (AI) to help make our hiring process efficient. That said, every hiring decision is made by real Twilions! . See yourself at Twilio Join the team as Twilio’s next Staff Offensive Security Engineer. About the job The Staff Engineer acts as a Technical Lead. You don't just find bugs; you design complex attack chains that demonstrate systemic risk. You spend as much time writing custom code and researching new bypasses as you do executing tests. Responsibilities In this role, you’ll: * Full-Stack Penetration Testing: Perform manual and automated testing of web applications, APIs, and mobile apps (iOS/Android). * Internal/External Network Audits: Conduct network and cloud level assessments with various tooling * Vulnerability Validation: Triage and validate reports from automated scanners or bug bounty hunters to eliminate false positives and escalate true positives * AI/LLM Probing: Perform initial prompt injection and jailbreak tests on AI prototypes, services, and applications using established checklists (OWASP Top 10 for LLMs). * Technical Reporting: Draft high-quality reports that detail the "path to compromise" with clear, reproducible steps for developers. * Tool Maintenance: Manage and update the team's testing infrastructure (e.g., Burp Suite, and basic C2 listeners). * Remediation Support: Provide direct technical guidance to engineering teams on how to patch vulnerabilities like XSS, SQLi, and IDOR. * Adversary Emulation: Design and lead multi-week Red Team operations that mimic specific threat actors (APTs) to test the SIRT detection capabilities. * Custom Exploit Development: Build custom payloads, droppers, and obfuscated scripts to bypass EDR/AV and maintain stealth. * AI Red Teaming Architecture: Build automated testing frameworks for AI systems (e.g., using PyRIT, Promptfoo, or Garak) to test for models related to sensitive data leakage. * Cloud & Infrastructure Attacks: Execute sophisticated attacks against AWS/Azure/K8s, focusing on IAM misconfigurations and container escapes. * Purple Teaming: Collaborate with SIRT and Detection Engineering to tune SIEM alerts based on the techniques used during an engagement. * Strategic Bug Bounty Management: Oversee the organization's bug bounty program, identifying trends in submissions to suggest broad architectural security changes. Qualifications Twilio values diverse experiences from all kinds of industries, and we encourage everyone who meets the required qualifications to apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table! *Required: * Experience: 7-10 years in offensive security, penetration testing, a high-volume bug bounty background, AppSec, or vulnerability exploitation, and track record of finding high/critical vulnerabilities in complex environments using pentesting commercial or custom tools. * Concepts: Expert Knowledge and solid understanding of the MITRE ATT&CK matrix and the OWASP Top 10 for web applications and top 10 for LLMs, post exploitation (lateral movement, persistence, data exfiltration) and Adversarial ML. * Tooling: Proficient in OffSec popular tools like Burp Suite professional, Nmap, Metasploit, Wireshark etc... and AI security tools such as LangChain, TensorFlow for adversarial testing or, as well as use of C2 frameworks (Cobalt Strike, Sliver, Havoc) or similar tools * Scripting and Coding: Ability to write functional scripts in Python or Bash to automate repetitive testing tasks and proficiency in coding and scripting like Python, C++, and scripting for creating custom offensive exploits that avoids signature-based detection. * Certifications: Possession of advanced industry certifications such as OSCP, OSEP, OSWE, GXPN or similar training in OffSec tracks is highly desirable * Telecom expertise is preferred Desired: * Excellent written and verbal communication skills. * Ability to influence and build effective working relationships with all levels of the organization. * Proficiency in multiple languages applicable to the region. * Familiarity with localization tactics to ensure our content is accessible and inclusive across multiple APJ countries. Location This role will be remote, but is not eligible to be hired in CA, CT, NJ, NY, PA, WA. Travel We prioritize connection and opportunities to build relationships with our customers and each other. For this role, you may be required to travel occasionally to participate in project or team in-person meetings. What We Offer Working at Twilio offers many benefits, including competitive pay, generous time off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location. Compensation *Please note this role is open to candidates outside of California, Colorado, Hawaii, Illinois, Maryland, Massachusetts, Minnesota, New Jersey, New York, Vermont, Washington D.C., and Washington State. The information below is provided for candidates hired in those locations only. The estimated pay ranges for this role are as follows: * Based in Colorado, Hawaii, Illinois, Maryland, Massachusetts, Minnesota, Vermont or Washington D.C. : $155,520.00 - $194,400.00. * Based in New York, New Jersey, Washington State, or California (outside of the San Francisco Bay area): $164,640.00 - $205,800.00. * Based in the San Francisco Bay area, California: $182,960.00 - $228,700.00. * This role may be eligible to participate in Twilio’s equity plan and corporate bonus plan. All roles are generally eligible for the following benefits: health care insurance, 401(k) retirement account, paid sick time, paid personal time off, paid parental leave. The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location. Applications for this role are intended to be accepted until 31st August 2026, but may change based on business needs. Twilio thinks big. Do you? We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts. So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now! If this role isn't what you're looking for, please consider other open positions. Twilio is proud to be an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Additionally, Twilio participates in the E-Verify program in certain locations, as required by law.
YOUR MISSION You'll take over full ownership of infrastructure, security, compliance, and internal IT — domains currently handled directly by our CTO. You'll have complete autonomy and the trust to run these areas as you see fit. This is a hands-on individual contributor role. There is no team to manage — you'll be the person doing the work, not delegating it. We're looking for someone who is sharp, self-directed, and comfortable owning broad responsibility across multiple domains. In your first few months, you might: * Lead our ISO 27001 certification and establish the processes to maintain it going forward * Take ownership of our Terraform configurations across AWS and GCP, improving structure and reliability * Respond to security questionnaires from enterprise customers, helping us close deals faster * Streamline employee IT onboarding and access management across our SaaS tooling stack * Set up and manage MDM, tooling, and IT support for the team HOW WE WORK At Cosuno, we believe in giving people real ownership and trusting them to do their best work. For this role, that means: * High autonomy, high impact: You'll own your domains end to end. You'll be writing Terraform, responding to audits, configuring tooling, and solving problems yourself — with the full support of the CTO and Engineering team when you need it. * DevOps mindset: Our infrastructure is managed as code with Terraform, deployed to AWS and GCP via Kubernetes, with self-hosted CI/CD runners. You'll be working with a modern, well-structured stack. * Compliance as a product: We treat security and compliance seriously — not as a checkbox, but as a genuine part of how we build trust with enterprise customers. * Collaborative by default: You'll work closely with our Full Stack Engineering team, who can support on infrastructure when capacity allows. YOUR PROFILE You'll be a great fit if you have: * Full professional fluency in German and English — a significant part of our compliance and customer-facing security work is conducted in German, and this is a firm requirement * Solid experience with cloud infrastructure (AWS and/or GCP) and infrastructure-as-code (Terraform) * Comfort operating Kubernetes in a production environment * The ability to pick up new domains quickly — whether that's navigating an ISO 27001 audit or setting up an MDM solution, you figure things out by thinking clearly, not by having done it ten times before * A pragmatic, ownership-driven mindset: you're equally comfortable debugging a Kubernetes issue and writing a security policy * The organisational maturity to manage multiple open threads — an audit, an RFI, an infra task — without things slipping Bonus points for: * Experience with ISO 27001 or other security certifications * Experience with compliance automation tooling (Vanta, Drata, Kertos, or similar) * Familiarity with GDPR operational requirements (DPAs, DSARs, vendor reviews) * CI/CD experience, including self-hosted runners * Prior experience at a B2B SaaS startup WHY US? * Competitive Compensation: A competitive salary above the market average. * Work-Life Balance: Choose to work 100% remotely or from our modern office in Berlin. We offer flexible working hours to fit your life. * Top-Notch Equipment: A new MacBook Pro to ensure you have the best tools for the job. * A Great Team: Regular company off-sites and team events that connect us as people, not just colleagues. * Job Security: A permanent contract in a stable, well-funded company. ABOUT US Cosuno – Revolutionizing construction through technology. We are Cosuno – a fast-growing tech startup that is making the construction industry more efficient and transparent with our digital platform for tenders and procurement processes. Our goal: to solve the most complex challenges in the industry with innovation and simplicity. Artificial intelligence is the key to our solution: it analyzes millions of price data points and helps construction companies create precise and efficient bids. This not only saves our customers time but also helps them avoid unnecessary costs. But for us, it's not just about technology – it's about the people who drive it. At Cosuno, you will work with creative minds who are reshaping the construction industry. We believe in diversity because we know that the best ideas come from different perspectives. An integrative and inclusive work environment is a matter of course for us. Join us – Build the future of construction.