PackageX is an enterprise logistics platform that powers modern logistics operations in warehouses, stores, and final-mile buildings. Leveraging advanced AI scanning, bolt-on apps, and APIs,…
PackageX is an enterprise logistics platform that powers modern logistics operations in warehouses, stores, and final-mile buildings. Leveraging advanced AI scanning, bolt-on apps, and APIs,…
Data and AnalyticsDeepTechHardwareInformation TechnologyMediaMobile, Platforms, and AppsMusicSoftware
-
Wobot Intelligence
🇺🇸San Mateo, US
Information TechnologySoftware
$6M
Pandas
🇬🇧GB
Consumer ProductsHardwareInformation TechnologyMobile, Platforms, and AppsSoftwareSustainability
-
BOT Consulting
🇮🇳Jaipur, IN
Data and AnalyticsDeepTechInformation TechnologyProfessional ServicesSoftware
-
About PackageX
:
PackageX is the execution layer for physical AI in enterprise logistics. We enable enterprises to see, understand, and execute real-world logistics operations in real time using Vision-Language-Action intelligence.
We sit between systems of record (ERP, WMS, TMS) and the physical world, turning cameras, people, and automation into deterministic, auditable workflows. Rather than replacing existing systems, PackageX makes them operationally intelligent.
We start with inbound receiving, the highest-friction choke point in logistics, and expand across adjacent workflows, sites, and automation modes. This creates a workflow-led enterprise expansion motion that compounds inside complex operations.
We're a fast-growing pre-Series A stage startup in New York City with a distributed global team backed by Bullpen Capital, Pritzker Group, Sierra Ventures, Ludlow Ventures, MXV Capital, and NSV Wolf Capital.
What We Are Looking For
We’re looking for a security engineer who is serious about their craft and genuinely curious about where the field is heading. This role sits at the intersection of traditional application security and the new challenges that come with building AI-powered products. You’ll own security end-to-end, from hardening our cloud infrastructure and reviewing code, to thinking through what it means to secure systems that use large language models. You don’t need to have done this exact job before, but you should be the kind of engineer who stays curious, learns fast, and cares deeply about getting things right.
You will:
Skills and Qualification:
What can you expect from the application process?
All applications will be looked at by the People team, who will reach out to shortlisted candidates. Across various interview rounds, you'll speak with the hiring manager and other functional heads. We want to have an open discussion about your work and how we can be a great fit. The process may also involve an assessment or presentation relevant to the role. You can expect an offer after three rounds of interviews. All offers are subject to satisfactory reference and background checks.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
Startup jobs. A lot of them.
Your next opportunity is in here somewhere. Sign up to explore 70,000+ startups and their open roles. No spam. No gamification. Just jobs.
70,000+
Startups
83,000+
Open Roles
4,800+
New This Week
Frontend Developer
Full-timeTel Aviv
Full-time • Tel Aviv
Mobile Developer
Part-timeNiš, RS
Part-time • Niš, RS
Data Scientist
Full-timeRotterdam, NL
Full-time • Rotterdam, NL
DevOps Engineer
Part-timeManchester, GB
Part-time • Manchester, GB
Software Engineer
ContractNew York, US
Contract • New York, US
Frontend Developer
Part-timeBelgrade, RS
Part-time • Belgrade, RS
Own security across the SDLC from threat modeling during design, to security reviews during development, to vulnerability scanning in CI/CD. You’ll use modern tooling (including AI-powered scanners where they genuinely help) to keep pace with a fast-moving engineering team
Conduct vulnerability assessments and penetration tests across our web applications, APIs, and infrastructure. You’ll identify issues before attackers do, document findings clearly, and work directly with developers to get them fixed
Write and maintain security policies that engineers will actually follow, clear, practical, and grounded in how the team actually works, not copied from a compliance template
Think carefully about the security risks that come with AI-powered products, such as prompt injection, sensitive data leaking through model outputs, and how to keep our LLM integrations safe for customers. This is a newer area, and you’ll be helping us figure it out as we go
Report on security posture to engineering leadership, tracking gaps, trends, and open issues in a way that helps the team prioritize and act, not just tick compliance boxes
Review code for security issues and work closely with developers to fix them, building habits and processes so security feedback becomes a normal part of how the team ships, not a last-minute blocker
Define and maintain security standards for how we build and deploy software, writing clear guidelines, putting automated checks in place, and making it easy for engineers to do the right thing by default
Build automation that makes security work scale — whether that’s smarter alerting, faster triage, or tooling that helps developers catch and fix issues without needing a security engineer in every conversation
Participate in product and engineering design discussions — raising security concerns early, helping the team understand the risks, and finding solutions that don’t slow down shipping
Embed security into our CI/CD pipelines and development workflows — reducing the time between finding a vulnerability and getting it fixed, and making security a shared responsibility across the engineering team
Keep up with how the security landscape is evolving — particularly as AI becomes a bigger part of how software is built and attacked. You’ll bring that knowledge back to the team and help us stay ahead of new threats
A degree in Computer Science, Information Security, or a related field
3+ years of hands-on experience in application security or security engineering.
Proven ability to build, manage, and monitor security in production environments where reliability matters — you’ve operated under pressure, handled incidents, and know what it takes to keep systems safe at scale
Solid experience securing web applications, APIs, and cloud infrastructure — covering areas like intrusion detection, access control design, incident response, and security policy development. You know the fundamentals well and can apply them in a real product context
Experience with static and dynamic code analysis, you’ve worked with SAST and DAST tools, know their limitations, and can help developers actually act on what those tools surface rather than just generating noise
Familiarity with modern cloud architectures, serverless, microservices, and API-first designs. Bonus if you’ve thought about what it means to secure systems that call LLM APIs or handle AI-generated outputs as part of their core workflow
Strong understanding of OWASP Top 10 vulnerabilities and how to defend against them. Familiarity with the OWASP Top 10 for LLMs is a plus; we’re building AI-powered products and need someone who can think through what that means for security
Good understanding of RESTful API security, authentication, authorization, rate limiting, and input validation. Our platform is API-heavy, and we need someone who can spot the common mistakes and knows how to prevent them
Strong experience in penetration testing and vulnerability analysis. You can run an assessment end-to-end, write up findings that people actually read, and follow through until issues are resolved — not just hand over a report and move on
Experience working with AWS and/or GCP, securing cloud infrastructure, managing IAM policies, and understanding how cloud-native services introduce their own security considerations. We run primarily on AWS
