Source Job

As an Information Security Officer at Form3, you'll play a pivotal role in strengthening and evolving our information security governance, risk, and compliance practices. Work closely with teams across the organization to embed security into business and technology decisions. Combine strategic oversight with practical execution, ensuring our controls, frameworks, and awareness initiatives remain industry leading as we scale globally.

Form3 is a company that offers a cloud-native, environment while helping define how security scales with the business.

Lead and support customer security audits and respond to security questionnaires. Prepare, coordinate, and manage ISO 27001 audits. Ensure ongoing compliance with HIPAA, NIST CSF, and other regulatory requirements.

OneStudyTeam specializes in speeding up clinical trials and increasing the chance of new therapies being approved with the ultimate goal of improving patient outcomes.

• Analyze system and application security.
• Make recommendations to optimize the protection of computer systems and information resources.
• Develop, test, implement, and maintain security policies and programs.

Enterprise Mobility is a leading provider of mobility solutions, owning and operating the Enterprise Rent-A-Car, National Car Rental and Alamo Rent A Car brands.

Maintain and improve documentation for ISO 9001 and ISO/IEC 27001. Support internal audits, track findings, and monitor corrective and preventive actions. Collaborate with cross-functional teams to enhance quality, security, and operational excellence.

Miratech is a global IT services and consulting company that brings together enterprise and start-up innovation to support digital transformation.

• Lead and mature LiveKit’s security and privacy compliance programs.
• Own the day-to-day operations of compliance workflows.
• Partner closely with Security and IT Engineers on controls design, documentation, governance, and audits.

LiveKit is revolutionizing the AI landscape by providing the network infrastructure that powers multimodal AI interfaces.

Analyzes and defines security requirements for computer systems. Designs, develops, engineers, and implements solutions that meet security requirements. Leads the strategic design, implementation, and continuous improvement of enterprise-wide DevSecOps practices, tools, and pipelines.

9th Way Insignia is a service-disabled, veteran-owned small business bringing transformative technology to our government customers so they can achieve their missions.

• Design and implement scalable infrastructure supporting HIPAA, SOC 2, and ISO 27001 compliance.
• Create self-service security tools integrating with developer workflows (GitLab CI/CD, Terraform).
• Lead threat modeling and security architecture reviews for new products and services.

Maven is the world's largest virtual clinic for women and families on a mission to make healthcare work for all of us.

The Security Manager will support the InfoSec team to deliver its objectives. Ensure compliance with relevant security standards, service management procedures, regulations, and industry best practices. Will produce the required security assurance documentation that is required for the accreditation of our customers, together with the Security Architects.

NEC Software Solutions helps dispatch ambulances, support families, keep trains on the move, locate missing people and even test the hearing of newborn babies.

• Comprehend a client's compliance/risk/InfoSec environment and convey a high-value proposition.
• Facilitate product demonstrations and answer product questions.
• Consult clients on industry best practices as they learn about AuditBoard.

AuditBoard is the leading audit, risk, ESG, and InfoSec platform on the market, with more than 50% of the Fortune 500 leveraging their technology.

• Lead the Cybersecurity Policy Program by overseeing the policy portfolio and identifying opportunities to enhance policy coverage.
• Review submissions, supervise evaluations, and provide contract input within the third-party risk assessment process.
• Support continuous compliance with PCI DSS and periodic user access recertification for critical systems and applications.

The New York Times is committed to being the world’s best source of independent, reliable and quality journalism that seeks the truth.

• Drive the implementation of technical controls and evidence gathering in collaboration with engineering for compliance standards.
• Manage the daily operational reality of audits, customer questionnaires, and internal IT/Security support requests.
• Rapidly prototype and ship internal tools, custom Vanta integrations, and scripts using AI-assisted development to close automation gaps.

Sayari is a risk intelligence provider equipping public and private sectors with visibility into complex commercial relationships. They deliver corporate and trade data from over 250 jurisdictions and are headquartered in Washington, D.C. They were also featured as one of Inc.’s “Best Workplaces” for 2025.

• Implement and maintain security measures to protect the organization's information assets and infrastructure.
• Support product and development teams on application security challenges, including threat modeling and architecture reviews.
• Support security incident response, perform root cause analysis, and drive remediation strategies.

insightsoftware is a global provider of comprehensive solutions for the Office of the CFO, transforming how teams operate and empowering leaders.

• Implement secure software development practices and champion them across the entire development lifecycle.
• Collaborate with cross-functional teams to define software requirements, system architecture, and hardware/software integration.
• Conduct vulnerability analyses, security code reviews, and risk assessments to identify and mitigate potential security issues.

This position is posted by Jobgether on behalf of a partner company; they use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly.

• Use security and compliance tools (GRC tools) to help the company stay audit-ready
• Manage IT assets and access permissions for team members and internal systems
• Support daily security operations related to ISO 27001 / SOC 2

Hopae is building the world’s most trusted digital identity platform — private, secure, and built for real life. Backed by top global investors, Hopae operates across Seoul, Paris, and San Francisco, bringing together exceptional talent from over 10 nationalities.

As a Compliance and Risk Specialist, you will support the Compliance and Risk team by leading compliance initiatives. You will conduct risk assessments and remediation activities. You will contribute to the development of security strategies for systems deployed globally.

Canadian Bank Note Company (CBN) is a trusted leader in secure technology solutions for governments and businesses worldwide.

• Define Canonical's security risk management standards and playbooks
• Analyse and improve Canonical's security risk practices
• Evaluate, select and implement new security requirements, tools and practices

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects, they recruit on a global basis and set a very high standard for people joining the company.

The Senior Director, Product Security will define and lead the product security strategy for the medical device portfolio. Key responsibilities include developing and executing a comprehensive product security strategy aligned with business and regulatory objectives. This role requires overseeing end-to-end product security management, ensuring compliance with regulations and standards.

iRhythm is a leading digital healthcare company that creates trusted solutions that detect, predict, and prevent disease.

Perform security audits based on published standards such as PCI, HIPAA, and NIST. Identify security weaknesses and gaps in compliance. Develop mitigation strategies for keeping our clients safe.

Strata Information Group (SIG) Solves Problems and has been a trusted partner to over 1,000 higher education institutions globally since their inception in 1988.

• Provide guidance to teams on the application of compliance requirements.
• Maintain subject matter expertise on U.S. federal and state consumer protection and privacy laws and regulations.
• Conduct and document assessments of compliance and privacy risks and controls for targeted processes, products and regulatory changes.

Experian is a global data and technology company, powering opportunities for people and businesses around the world. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), they have a team of 22,500 people across 32 countries.

• Oversee security, compliance, and risk management of network infrastructure, ensuring the protection of critical assets and alignment with DoD standards.
• Design and implement security measures that safeguard the network from unauthorized access, vulnerabilities, and advanced threats.
• Manage the Risk Management Framework (RMF) process, ensuring systems remain secure and compliant with DoD requirements throughout their lifecycle.

TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well-planned information management environment. They focus on nimbly utilizing the best that information technology offers to meet the business needs of Federal Government customers.