Top Security Engineer Jobs in San Francisco, CA

The Enterprise Security Engineer will focus on establishing a security program centered on zero trust, identity management, and automation while ensuring compliance and protecting sensitive data.

Lead and scale the product security program by embedding security into the SDLC, performing threat modeling and architecture reviews, building security-as-code tooling and CI integrations, conducting application/cloud/mobile testing, mentoring engineers, and driving remediation and security ownership across product teams.

As a Staff Security Engineer, you will design and manage CoreWeave's cryptographic infrastructure, including PKI, secrets management, and HSMs, while collaborating with engineering teams to integrate these services.

Detect, investigate and respond to malware, phishing and other incidents across corporate IT. Perform digital forensics and threat hunting, design and deploy corporate security controls, alerts and workflows, secure identity providers, endpoints, networks and cloud platforms, and operate/configure security tooling to prevent and remediate incidents.

Design, build, and operationalise product and infrastructure security controls; develop detection and incident response workflows; leverage endpoint, network, and cloud telemetry for threat hunting; conduct forensic analysis and remediation; embed security across engineering teams and improve resilience and secure scale of services.

Lead detection, investigation and response to malware, phishing, and corporate incidents. Design and deploy corporate security controls, alerts, and tooling. Perform digital forensics, hunting across logs, secure identity, endpoints and networks, and remediate issues across corporate platforms.

Detect, investigate, and prevent threats across corporate IT by performing incident response, digital forensics, threat hunting, designing security controls and alerts, and deploying and operating security tooling across identity, endpoints, networks and cloud.

As an Enterprise Security Engineer, you'll secure endpoints, identity systems, and cloud services, focusing on automation and proactive security measures. You'll collaborate with IT and engineering teams to enforce security controls and develop AI-assisted workflows for improved threat detection.

The Security Engineer will enhance corporate security controls, develop policies, manage AI security, and assess risks while ensuring secure employee operations.

Responsible for ensuring security and integrity in technology operations, providing expertise in security engineering, and collaborating with teams to embed security measures in API design and deployment.

The Staff Security Engineer will lead technical security initiatives, own architectural security decisions, mentor engineers, and align teams on security strategy while ensuring system integrity and compliance.

The Senior Product Security Engineer will manage security intelligence across platforms, identify vulnerabilities, improve developer tools, and assist incident response teams, focusing on security and fraud in application design.

As a Senior Offensive Security Engineer, you'll assess Huntress' defenses, execute red team engagements, conduct penetration tests, and enhance security protocols while collaborating with internal teams.

Build and operate high-signal detections across cloud, identity, endpoints, and SaaS. Improve detection platforms, automation, and triage tooling (including LLM-based workflows). Translate threat TTPs into telemetry and detections, participate in incident response/on-call, track metrics like MTTD and alert quality, and drive detection engineering improvements across the org.

As a Sr. Product Security Engineer, you will focus on network security, identifying gaps, architecting solutions, and leading cross-functional security initiatives.

The Staff Product Security Engineer will enhance security in product development, conduct threat modeling, review code, automate processes, and advise on security requirements.

Build and maintain corporate security controls across identity, endpoints, and SaaS. Harden IAM (Okta, Google Workspace), run endpoint security for a macOS-first fleet, secure AI tool usage, reduce SaaS risk with SSPM and automation, and write Python/Terraform to automate access reviews, onboarding/offboarding, and audit evidence. Partner with Detection & Response and support SOC 2/ISO 27001 compliance and corporate incident response.

Join the Product Security team as an early-career Security Engineer to develop automation, track vulnerabilities, and enhance security measures, gaining exposure to diverse security challenges.

Lead the Offensive Security program, manage red team exercises, identify weaknesses in services, and collaborate on security improvements across the organization.

The Staff Security Engineer will lead technical security design, ensure data protection standards, mentor engineering teams, and improve security infrastructure.

Manage and improve vulnerability management, asset visibility, and cloud security across hybrid and multi-cloud environments. Operate tools (Wiz, Rapid7), maintain asset inventories, triage and track vulnerabilities, coordinate remediation with Engineering/SRE/IT, support incident investigations and on-call rotation, maintain compliance evidence and runbooks, and contribute to program improvements and reporting.

As a Security Engineer, safeguard Runpod's GPU cloud platform, conduct security assessments, implement fixes, and foster a security-first culture with development teams.

The Senior Embedded Security Engineer will enhance the security of the flight software for space vehicles, ensuring high standards for safety and secure coding practices throughout the development lifecycle.

The Data Security Engineer will develop and implement data protection strategies, ensuring compliance with regulations like GDPR and HIPAA while securing sensitive data and collaborating with various teams.

The Security Engineer will manage Liftoff's SIEM, lead the adoption of AI-augmented SOC tools, triage alerts, and improve incident response processes while collaborating on various security functions.