Source Job

• Act as the Subject Matter Expert (SME) for Endpoint Detection and Response (EDR) tools/process including optimizing configurations/policies, developing custom threat detection rules, and proactively improving Deel’s overall security posture for remote endpoints.
• Configure, manage, and tune the full suite of security policies within SWG, CASB and ZTNA. Assist our remote colleague with seamless experience through troubleshooting end user issues as needed.
• Continuously improve SaaS security posture with SSPM tools and processes around it. Collaborate with diverse application owners, understand security control and resolve configuration drifts for our wide range of SaaS applications from baseline.

Deel is an all-in-one payroll and HR platform for global teams. As one of the largest globally distributed companies, its team of 7,000 spans more than 100 countries with a connected and dynamic culture that drives continuous learning and innovation.

• Helping define the security operations roadmap by designing and implementing long term strategies
• Improve and maintain processes, tooling, documentation and training to mature and enhance cybersecurity incident response
• Design, implement and maintain security events monitoring systems

Docplanner empowers patients by giving them access to leave and read reviews about their visit and also provides doctors with the technology to manage bookings easily and save time. They are leaders in 13 countries with over 2,500 employees globally, maintaining a startup-mindset.

• Design and implement scalable vulnerability scanning solutions.
• Automate vulnerability ingestion, prioritization, and remediation workflows.
• Partner with Engineering and DevOps teams to remediate vulnerabilities.

Keeper Security is a cybersecurity software company protecting organizations and individuals globally. They are known for zero-knowledge and zero-trust security, securing passwords, infrastructure secrets, and remote connections with role-based enforcement policies.

• Build AI agents that handle vulnerability triage, automated security reviews of PRs, and initial incident forensics at scale.
• Build systems that automatically detect and remediate security gaps across AWS, GCP, and Azure -- configuration drift, IAM misconfigurations, vulnerable dependencies, exposed secrets.
• Lead threat modeling, security reviews, and risk assessments across web applications, APIs, and services.

Atlan is building the missing context layer for data and AI, helping enterprises close the AI value chasm. They connect to every part of the modern data and AI stack to unify this context into a single, shared layer that both humans and AI agents can rely on.

• Support the execution and continuous improvement of Qohash’s security program.
• Support risk assessments, track identified risks, and help coordinate remediation efforts.
• Maintain security policies, standards, awareness materials, and support internal security training initiatives.

Qohash is building a foundational pillar of Canada’s digital sovereignty, believing security must scale differently. They look for bold, mission-driven individuals with technical depth and strategic clarity who collaborate across disciplines to protect sensitive data.

• Design security baselines that can be applied to clients.
• Evaluate and select MSP Stack and automated vulnerability scanners.
• Partner with Product or Sales teams to build new Security-as-a-Service offerings.

Red Cup IT, Inc. is a Managed Service Provider (MSP). They provide IT security, design, oversee, and scale security solutions across diverse client environments.

• Own and drive the company’s security strategy, roadmap, and overall posture
• Lead threat modeling, secure code reviews, and architecture reviews
• Build and maintain security tooling, automation, and infrastructure as code

Seesaw's mission is to provide every elementary student with joyful and connected learning experiences that lay the foundation for success in life. Trusted and loved by 25 million educators, students, and families worldwide, Seesaw is the only elementary learning experience platform.

• Design and maintain secure architectures across AWS, Azure, and GCP environments.
• Collaborate with DevOps and Engineering to integrate security into CI/CD pipelines.
• Monitor alerts, investigate incidents, and coordinate responses with the SOC.

Reveleer provides a cloud-based healthcare SaaS platform. They are an equal opportunity employer that values diversity and does not discriminate based on race, religion, or other protected characteristics.

• Lead the security Capabilities we bring to market, owning the layered defense strategy gained by combining multiple data sources
• Convert application and endpoint vulnerability research + findings into actionable preventive and remediation actions by generating security software engineering requirements
• Translate CVE & vendor hardware/software vulnerability research into security product development

Huntress is a fully remote, global team of passionate experts on a mission to break down the barriers to cybersecurity. Founded in 2015 by former NSA cyber operators, Huntress protects all businesses with enterprise-grade, fully owned, and managed cybersecurity products.

• Lead threat modeling and security architecture reviews for distributed, event-driven systems.
• Integrate security code reviews, SAST/DAST, Software Composition Analysis (SCA), and container scanning into CI/CD and AI/ML pipelines.
• Evangelize secure coding and AI security through training, brown bag sessions, and workshops.

Zeta Global is an AI-Powered Marketing Cloud that helps marketers acquire, grow, and retain customers more efficiently. They unify identity, intelligence, and omnichannel activation into a single platform. Zeta Global is headquartered in New York City with offices around the world.

• Continuously monitor security systems to detect and respond to any security incidents.
• Take the lead in investigating security breaches and developing prevention strategies.
• Conduct assessments of security risks and evaluate third-party vendor security measures.

Numeris is Canada’s trusted source for broadcast measurement and consumer behavior data, and a provider of intelligence to broadcasters, advertisers, and agencies. They have been recognized for 75 years as providing the gold standard in audience intelligence with a collaborative, curious, and dedicated culture.

• Lead security architecture and design reviews across applications, infrastructure, and integrations.
• Conduct and coordinate penetration testing, threat modeling, and security reviews.
• Design and implement security automation within CI/CD pipelines.

Assured modernizes insurance by providing software solutions to large insurers that help them win in a technology-driven world. Their products include self-service claim-filing software to backend fraud detection and are dynamic, collaborative, and rewarding.

• Help scale NerdWallet’s application security program through automation, tooling, and developer enablement.
• Partner with engineering and product teams to identify and remediate security gaps across multiple systems while balancing business priorities.
• Build tools, processes, and automation that improve security posture visibility for engineers and leadership.

NerdWallet aims to bring clarity to life's financial decisions with a team of exceptional Nerds. They foster an inclusive, flexible, and candid culture where employees are empowered to grow and take risks, supporting well-being and development whether working remotely or in-office.

• Own the strategy and execution for the Cloudflare ecosystem to secure the network edge.
• Lead the design of security controls within Google Cloud Platform, specifically for Vertex AI, BigQuery, VPC Service Controls, IAM, and Security Command Center.
• Embed security into CI/CD pipelines (Cloud Build, GitHub Actions) using Infrastructure as Code (Terraform).

Kareo and PatientPop joined forces to become Tebra, the digital backbone for practice well-being, helping independent practices bring modernized care to patients everywhere. Well over 100,000 providers trust them to elevate their patient experience and grow their practice.

• Perform security assessments, control effectiveness review, and cyber incident response
• Build and write scripts/queries to assess the security posture of CIS infrastructure
• Provide regular reporting on the status of the information security program to senior staff

The Center for Internet Security (CIS) makes the connected world a safer place for people, businesses, and governments through collaboration and innovation. CIS is a community-driven nonprofit responsible for industry-leading best practices for securing IT systems and data.

• Design and implement security controls for mobile applications, backend services, and web platforms.
• Conduct threat modelling and risk assessments for new and existing systems.
• Embed secure coding practices across engineering teams, aligned with OWASP standards.

Smart Working connects skilled professionals with outstanding global teams and products for full-time, long-term roles, breaking down geographic barriers. It is a highly-rated workplace on Glassdoor, focused on community, growth, and well-being in a remote-first environment.

• Participate in threat modeling exercises with engineering team members
• Triage SCA/SAST/DAST/CSPM findings by eliminating false positives and providing well-vetted vulnerabilities to engineering teams
• Support vulnerability management efforts for networks and infrastructure

They offer a SaaS-based Global Employment Platform that enables clients to expand into over 180 countries. Their diverse, remote-first teams are essential to their success, fostering innovation and valuing every contribution.

• Plan, develop, implement, and update the company’s information security strategy for infrastructure and software development.
• Develop, execute and track the performance of security measures to protect information and network infrastructure and computer systems.
• Identify, define and document system security requirements and recommend solutions to management.

Stensul is the Governed Creation™ Platform for enterprise marketing teams that need to create campaigns quickly, safely, and at scale. We bring creation, collaboration, and control together in one connected platform. They are a people-first team that values inclusive collaboration, ownership, and continuous learning.

• Embed security into the SDLC by partnering with Engineering to implement secure design patterns, conduct threat modeling, and deliver developer-focused AppSec training.
• Lead and perform application security assessments including SAST, DAST, SCA, and manual code review across web, mobile, and API surfaces.
• Own and mature the vulnerability management program, including prioritization frameworks, SLA tracking, and cross-functional remediation coordination.

Branch is on a mission to empower workers with financial freedom by helping companies accelerate payments and providing working Americans with accessible, free financial services. They are committed to building inclusive and transparent financial products while valuing diversity of opinions and working styles, fostering innovation, and promoting teamwork.

• Own and evolve vulnerability management end-to-end.
• Embed secure design principles across mobile applications, APIs, and microservices.
• Partner closely with engineering teams to remediate security issues.

Smart Working connects skilled professionals with global teams for full-time, long-term roles. They help you discover meaningful work with teams that invest in your success, where you’re empowered to grow personally and professionally.