
Camunda · Remote
Camunda is the enterprise platform for agentic orchestration, enabling organizations to coordinate AI agents, people, and systems across complex, end-to-end bus...
Camunda is the enterprise platform for agentic orchestration, enabling organizations to coordinate AI agents, people, and systems
across complex, end-to-end business processes. With built-in governance, auditability, and human oversight, Camunda gives
enterprises the control they need to move AI from pilots to production — safely and at scale. Trusted by over 700 organizations
worldwide, including 9 of top 10 US banks, Camunda helps enterprises boost operational efficiency, accelerate time-to-value, and
deliver better customer experiences.
Fully remote and global, we are in the middle of something bigger: transforming into an AI-first organisation, built on our own
platform. We use Agentic AI to automate, orchestrate intelligent processes, and elevate human contribution across every team.
Named GP Bullhound’s Top 100 Next Unicorn list, 2025 Great Place to Work certified. Visionary in 2025 Gartner® Magic Quadrant™ for
Business Orchestration and Automation Technologies. ranked 3rd in Flexa's 2026 Most Flexible Companies, We’re growing fast and
looking for top talent to join our team. If you want meaningful work, visible impact and put something genuinely rare on your CV,
keep reading.
As a Senior Information Security Engineer (AppSec) at Camunda, you’ll join a small, senior, and highly collaborative InfoSec team
that lives our FAITH values – Focus, Ambition, Integrity, Talent and Humor – every day. You’ll work hand-in-hand with our product
and engineering teams across the entire SDLC to make sure our platform is designed, built, and shipped securely as we continue to
grow. This is a technical, hands-on, developer-centric, developer-centric role where you’ll shape how we build secure Java
services in a modern CI/CD, SaaS environment, strengthen our AppSec tooling and practices, and directly influence how customers
trust and adopt Camunda. You can be based anywhere that allows you to collaborate effectively within CET to Eastern Time working
hours.
testing, to deployment – to embed security by design in our products.
scanning into CI/CD pipelines, and making sure findings are actionable for developers.
with teams on fix/mitigate/accept decisions, and ensuring we continuously improve our security posture.
helping teams understand security trade-offs and make sound, risk-based decisions.
and other stakeholders to investigate, contain, and learn from issues.
(Java) services, working in CI/CD environments, and shipping SaaS or other cloud-based applications securely.
distributed/API/microservices systems, and performing risk assessments on product changes or new features.
container/image scanning, evaluating and triaging findings (including false positives), and driving fix/mitigate/accept
decisions with engineering teams.
stakeholders while explaining complex security issues and trade-offs in a clear, pragmatic way to both technical and
non-technical audiences.
escalations, you see yourself as an enabler (not a gatekeeper), and you influence teams toward risk-based, practical security
improvements.
This role is an existing vacancy
#LI-SG1 #LI-Remote #C1
Compensation
We offer competitive, fair, and transparent compensation. Salary ranges are location-based, with Standard and Major markets
(global tech hubs) reflecting local competition.
The Annual Total Target Cash (base salary + 100% variable target, where applicable) shown below spans from the minimum in a
Standard market to the maximum in a Major market. Final offers depend on skills, experience, and location, and we typically hire
If you’re based elsewhere, you’ll be hired via Remote.com (our global employer partner), and your Talent Acquisition Partner will
provide a personalized Total Rewards Calculator after your first interview.
Equity: We also offer equity (where applicable) through our Virtual Stock Option Plan (VSOP).
Benefits & Perks
We invest in your wellbeing, growth, and ability to connect, along with perks that support you no matter where you’re based. Our
benefits are globally designed and locally delivered where applicable.
time off to recharge when you need it.
offsites, and Camundi Connection Budgets, including contributing to meetups while travelling,, and local gatherings with fellow
Camundi.
Spending Account (LSA), a flexible, global benefit that puts you in control of your whole life, not just work, from: staying
active, to caring for family, exploring personal passions, meaningful experiences, and investing in your financial wellbeing.
The Live Well program launches in 2026 and scales to €1,000 annually from 2027.
relevant.
”Everyone is welcome at Camunda” — it’s a celebrated component of our culture. We strive to create an inclusive environment that
empowers our people. At Camunda, we honour diverse cultures and backgrounds and are proud to be an equal opportunity employer. All
qualified applicants will receive consideration without regard to gender, race, ethnicity, religion, belief, sexual orientation,
age, disability or any other protected characteristics under applicable law. We are looking forward to your application!
Come join us and be part of Camunda’s incredible journey: Make an impact at a pivotal moment in our story!
AI in our hiring process: Camunda may use AI tools to aid the screening of applications and during the interview process. You can
learn more here
ABOUT US Parity is one of the world’s most experienced companies building the core infrastructure behind blockchain — the system that allows information and value to be shared securely without needing an intermediary. We’re laying the foundation for a better web which respects the freedom and data of individuals, and empowers developers to build better, more trustworthy online services. Our remote-first, global team develop open-source software that anyone can use or improve. This includes Polkadot, Polkadot SDK, and Kusama — key parts of the Web3 tech stack, the next generation of the internet. Our mission is to make Polkadot the most active and innovative community in blockchain, powering a new era of connected and decentralised applications. ABOUT THE TEAM Parity’s Security Engineering team is at the forefront of protecting the Polkadot ecosystem by designing and implementing secure software, auditing code for vulnerabilities, and building cutting-edge ML tools to automate security analysis. We work closely with development teams to embed security best practices across our open-source stack, ensuring that our blockchain infrastructure is robust, resilient, and secure by design. ABOUT THE ROLE As a security-focused software engineer, you will go beyond traditional application security - you’ll audit and ideally write secure Rust code where needed, conduct deep manual and automated code audits, and leverage machine learning to enhance security across our ecosystem. This is an opportunity to shape the security landscape of the next generation of decentralized applications and protocols. * Assist in developing Secure Software – Write and optimise Rust code to build security-critical components and tools. * Code Auditing & Vulnerability Analysis – Perform deep manual and automated code reviews to identify and mitigate security vulnerabilities. * ML-Powered Security – Design and implement machine learning models for automated security analysis, anomaly detection, and threat mitigation. * Bug Bounty & Vulnerability Management – Manage bug bounty submissions, triage security reports, and collaborate with ethical hackers to resolve issues. * Secure Development Best Practices – Work with engineering teams to integrate security best practices into the software development lifecycle. * Threat Modeling & Risk Assessment – Identify and assess security risks in our blockchain infrastructure, smart contracts, and core software. * Stay Cutting-Edge – Research and implement the latest advancements in secure coding, ML-driven security, and blockchain security. WHAT WE'RE LOOKING FOR * Experience with secure coding practices and memory safety concepts. * Background in code auditing, vulnerability analysis, or exploit development. * Experience triaging and resolving bug bounty reports. * Knowledge of machine learning techniques applied to security (e.g., anomaly detection, fuzzing, automated threat detection). * Familiarity with cryptographic principles, blockchain security, or decentralized systems. * Strong problem-solving skills and an offensive security mindset. If you're excited about writing secure software, auditing code, and pioneering ML-driven security solutions for Web3, we’d love to hear from you! ABOUT WORKING WITH US Joining Parity means joining team mates who are genuinely excited about the impact their projects are having, and the opportunity to grow alongside some of the brightest minds in the Web3 space! You’ll work remotely and flexibly, while still getting to meet your team mates throughout the year at team and company-wide retreats. Upon receiving an offer, all candidates undergo a background check through Zinc, our trusted third-party provider. Team members will be taken on as a contractor via our UK entity. View our Applicant Notice to see how we use your data. Parity is an Equal Opportunity Employer. We welcome diversity in our global team and care about everyone in our collective feeling included and welcome. Is this position not quite your match? Browse our other open roles.
SENIOR SECURITY ENGINEER Prolific Prolific is not just another player in the AI space – we are the architects of the human data infrastructure that's reshaping the landscape of AI development. In a world where foundational AI technologies are increasingly commoditized, it's the quality and diversity of human-generated data that truly differentiates products and models. The role Security at Prolific isn't an afterthought, it's foundational to how we build. As a company trusted by world-leading research institutions and AI labs to handle sensitive data at scale, the security of our application layer is critical. We handle participant data, researcher credentials, payment flows, and API integrations that demand rigorous protection at the code level. As a Senior Security Engineer, you'll be the technical authority on application security at Prolific. You'll work hands-on with our engineering teams to find and fix vulnerabilities in our codebase, perform security testing, build security tooling, and embed secure development practices into how we ship software. This isn't a governance or policy role, you'll be in the code, reviewing pull requests, threat modeling new features, and building the automation that keeps our platform secure as we scale. You'll report to the Head of Engineering/Platform and work cross-functionally with product engineering, platform, data, and TechOps teams. What you’ll bring to the role * Several years in application/product security and a background in software engineering * Strong knowledge of OWASP Top 10 (Web & API) and modern attack paths (e.g. auth flaws, SSRF, injection, business logic abuse, supply chain) * Experience working with complex, large-scale systems and modern architectures * Hands-on security testing experience (especially Burp Suite) across web apps and APIs * Python for security tooling, automation, or custom detection (Django a plus) * Experience implementing and tuning SAST, SCA, DAST, and secret scanning in CI/CD * Practical threat modelling experience, including leading lightweight sessions * Strong collaboration skills, able to clearly explain issues and drive remediation * Builder mindset, you automate wherever possible Nice to haves * Experience with Django, Vue.js, MongoDB, GCP * Security champions or bug bounty programmes * Supply chain security (SCA, SBOMs, dependency review) * IaC security (e.g. Terraform, policy-as-code) * Hands-on certifications (OSCP, GWAPT, BSCP) * Experience in scaling environments building out security practices What you’ll be doing in the role You'll help secure Prolific’s applications end-to-end, from hands-on testing and code review to threat modeling and CI/CD security. You’ll partner closely with engineers to identify and fix vulnerabilities, build and tune security tooling, and embed secure development practices across the SDLC. This includes running penetration tests, improving detection coverage, and staying ahead of emerging threats to continuously strengthen our security posture. Why is Prolific a great place to work We've built a unique platform that connects researchers and companies with a global pool of participants, enabling the collection of high-quality, ethically sourced human behavioral data and feedback. This data is the cornerstone of developing more accurate, nuanced, and aligned AI systems. We believe that the next leap in AI capabilities won't come solely from scaling existing models but from integrating diverse human perspectives and behaviors into AI development. By providing this crucial human data infrastructure, Prolific is positioning itself at the forefront of the next wave of AI innovation—one that reflects the breadth and the best of humanity. Working for us will place you at the forefront of AI innovation, providing access to our unique human data platform and opportunities for groundbreaking research. Join us to enjoy a competitive salary, benefits, and remote working within our impactful, mission-driven culture. Links to more information on Prolific Benefits External Handbook Website Youtube Privacy Statement By submitting your application, you agree that Prolific may collect your personal data for recruiting and global organization planning. Prolific's Candidate Privacy Notice explains what personal information Prolific may process, where Prolific may process your personal information, its purposes for processing your personal information, and the rights you can exercise over Prolific's use of your personal information.
GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster. The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software. *Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab. An overview of this role As a Senior Security Engineer on GitLab’s Security Incident Response Team (SIRT), you will play a critical role in defending GitLab.com and the broader GitLab environment against evolving security threats. You will lead high-impact incidents and investigations, drive continuous improvements in defense, detection and response capabilities, and help scale security operations through automation and intelligent workflows. Operating within a 24/7 global environment (follow the sun model), you will own incidents end-to-end - from detection and triage through containment, eradication, and recovery - while partnering cross-functionally to strengthen GitLab’s overall security posture. A key aspect of this role is leveraging automation and AI-driven approaches to improve detection fidelity, accelerate investigations, and reduce response times. You will help shape how modern tooling and data are applied to stay ahead of evolving adversary tactics. This role is ideal for someone who thrives in high-tempo environments, brings strong DFIR expertise, and is equally passionate about operational excellence and building scalable detection and response systems and workflows. WHAT YOU’LL DO * Lead and coordinate end-to-end incident response for high-severity security events within a 24/7 global on-call model, with this role operating during EMEA business hours * Prepare clear executive communications that keep stakeholders informed during incidents * Investigate complex security incidents across cloud environments, applying strong Digital Forensics and Incident Response (DFIR) methodologies * Partnering with Signals Engineering to design and implement detection capabilities, including SIEM use cases, alerting strategies, and telemetry pipelines * Build and enhance automation and AI-assisted workflows to improve triage, investigation speed, and response consistency * Partner with Threat Intelligence to contextualize threats and improve detection coverage * Conduct root cause analysis (RCA) and lead post-incident reviews to drive continuous improvement and risk reduction * Develop and maintain runbooks, playbooks, and operational documentation * Collaborate cross-functionally (Engineering, Infrastructure, Legal, Product, Communications, etc) during incidents and lead proactive initiatives (e.g. tabletops) * Mentor other engineers and help elevate the team’s overall incident response maturity WHAT YOU’LL BRING * Strong experience in security incident response and investigations in cloud-first environments * Experience using or administering Git/GitLab in a security or engineering context * Hands-on experience with SIEM, EDR, and/or detection engineering * Experience with cloud platforms (AWS & GCP) * Familiarity with threat intelligence and adversary tactics (e.g., MITRE ATT&CK) * Experience building or working with automation (e.g., Python, scripting, SOAR platforms) * Interest or experience in applying AI/ML or data-driven techniques to detection, triage, or response workflows * Strong analytical and problem-solving skills; ability to operate effectively during high-severity incidents * Excellent written communication skills with a passion for clear, actionable documentation * Growth mindset with a proactive approach to identifying and mitigating security risks ABOUT THE TEAM The Security Incident Response Team (SIRT) is a globally distributed team of engineers split across 3 core regions; AMER, APAC and EMEA, and is at the forefront of security events that impact both GitLab.com and GitLab cloud and corporate environments. We are both reactive and proactive, leading security investigations, incident response support and response resolution, through to cyber threat analysis and detection and response engineering. Even though we’re a global team, we work together in a cross-regional manner and have automation and processes to facilitate collaboration when resolving incidents, handovers, and general collaboration for project work as well. HOW GITLAB SUPPORTS FULL-TIME EMPLOYEES * Benefits to support your health, finances, and well-being * Flexible Paid Time Off * Team Member Resource Groups * Equity Compensation & Employee Stock Purchase Plan * Growth and Development Fund * Parental Leave Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application. ---------------------------------------------------------------------------------------------------------------------------------- Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process. Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us. GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.