Participate in threat modeling exercises with engineering team members
Triage SCA/SAST/DAST/CSPM findings by eliminating false positives and providing well-vetted vulnerabilities to engineering teams
Support vulnerability management efforts for networks and infrastructure
They offer a SaaS-based Global Employment Platform that enables clients to expand into over 180 countries. Their diverse, remote-first teams are essential to their success, fostering innovation and valuing every contribution.
Own and evolve vulnerability management end-to-end.
Embed secure design principles across mobile applications, APIs, and microservices.
Partner closely with engineering teams to remediate security issues.
Smart Working connects skilled professionals with global teams for full-time, long-term roles. They help you discover meaningful work with teams that invest in your success, where you’re empowered to grow personally and professionally.
Implementing and maintaining Application Security Testing tools to identify code and dependency vulnerabilities during the software development lifecycle.
Implementing and maintaining Application Security Posture Management tools to centralize findings from multiple solutions and integrate into software development processes.
Acting as the first line of support for users helping resolve false positives, providing guidance on finding remediation, and evaluating security exception requests.
AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. They strive to have a remarkable impact on people's lives across several key therapeutic areas including immunology, oncology and neuroscience.
Own and evolve Prolific's application security strategy, from hands-on testing to scaling secure development practices.
Act as the go-to application security expert, partnering with engineering leadership to balance risk and velocity while building tooling and processes.
Mentor an AppSec engineer, lead security reviews, manage vulnerabilities, and ensure the platform stays ahead of modern threats.
Prolific is building the human data infrastructure that provides high-quality, ethically sourced human behavioral data for AI development. The company is mission-driven, at the forefront of AI innovation, and fosters a remote, impactful culture.
Partner with engineering teams to identify and fix vulnerabilities through hands-on testing, code review, and threat modeling.
Build, implement, and tune security tooling and automation (SAST, SCA, DAST) within the CI/CD pipeline to embed secure development practices.
Perform security testing, including penetration tests using tools like Burp Suite, and stay ahead of emerging threats to continuously strengthen the platform's security posture.
Prolific builds the human data infrastructure, connecting researchers and companies with a global participant pool to collect high-quality, ethically sourced human behavioral data for AI development. The company operates in a mission-driven, collaborative culture focused on impactful work in the AI innovation space.
Build AI agents that handle vulnerability triage, automated security reviews of PRs, and initial incident forensics at scale.
Build systems that automatically detect and remediate security gaps across AWS, GCP, and Azure -- configuration drift, IAM misconfigurations, vulnerable dependencies, exposed secrets.
Lead threat modeling, security reviews, and risk assessments across web applications, APIs, and services.
Atlan is building the missing context layer for data and AI, helping enterprises close the AI value chasm. They connect to every part of the modern data and AI stack to unify this context into a single, shared layer that both humans and AI agents can rely on.
Own and drive the company’s security strategy, roadmap, and overall posture
Lead threat modeling, secure code reviews, and architecture reviews
Build and maintain security tooling, automation, and infrastructure as code
Seesaw's mission is to provide every elementary student with joyful and connected learning experiences that lay the foundation for success in life. Trusted and loved by 25 million educators, students, and families worldwide, Seesaw is the only elementary learning experience platform.
Embed security into CI/CD pipelines by building automated tooling and security checks.
Establish security guardrails within AI-assisted development and agent workflows to maintain developer velocity.
Lead threat modeling, security assessments, and vulnerability management processes to strengthen application security posture.
Workleap is a tech company that builds AI-powered HR solutions and Microsoft 365 migration and governance tools for businesses. It has over 20,000 customer companies and fosters a fast-paced, collaborative, and experimental culture focused on making work simpler.
Collaborate with internal teams to define the scope of application security testing activities.
Plan and carry out application security testing in all phases of the software development life cycle to identify vulnerabilities.
Assess discovered vulnerabilities and recommend solutions to reduce risk and mitigate security impacts to the application environment.
Clear Capital is a national real estate analytics, data solutions and valuation technology company with a simple purpose: to build confidence in real estate decisions to strengthen communities and improve lives. They value commitment, integrity, kindness, and attention to detail, providing a mission-driven environment where work makes a measurable impact.
Support the design and implementation of secure application architectures under guidance from senior engineers.
Apply secure coding practices and assist in threat modeling and vulnerability assessments.
Conduct and support application security testing (SAST, DAST, SCA, and manual reviews).
Edgesource Corporation is an innovative technology service provider for the Department of Defense (DOD), Department of Homeland Security (DHS), Department of State (DOS), the U.S. Intelligence Community, Law Enforcement, and other federal, state, and commercial clients locally, nationally, and abroad. They are an ISO 9001:2015 certified and CMMI Level 3 appraised small business specializing in providing a variety of technical solutions.
Help to discover and triage vulnerabilities from various sources.
Design, configure, deploy, and maintain secure configurations across JUMO’s cloud and endpoint estate.
Work with engineering teams to complete threat modeling exercises.
JUMO is dedicated to financial inclusion and operates with a remote-first approach. They foster innovation and enable collaboration, valuing online facetime for collaboration at JUMO.
Perform threat modeling, security architecture review, and design analysis for web applications and APIs.
Conduct manual and automated security testing during development and pre-release stages.
Implement and manage SBOM generation and consumption processes across the SDLC.
Constructor's mission is to enable all educational organizations to provide high-quality digital education. With expertise in machine intelligence and data science, they offer an all-in-one platform for education and research, addressing educational challenges.
Embed security into the SDLC by partnering with Engineering to implement secure design patterns, conduct threat modeling, and deliver developer-focused AppSec training.
Lead and perform application security assessments including SAST, DAST, SCA, and manual code review across web, mobile, and API surfaces.
Own and mature the vulnerability management program, including prioritization frameworks, SLA tracking, and cross-functional remediation coordination.
Branch is on a mission to empower workers with financial freedom by helping companies accelerate payments and providing working Americans with accessible, free financial services. They are committed to building inclusive and transparent financial products while valuing diversity of opinions and working styles, fostering innovation, and promoting teamwork.
Design and maintain secure architectures across AWS, Azure, and GCP environments.
Collaborate with DevOps and Engineering to integrate security into CI/CD pipelines.
Monitor alerts, investigate incidents, and coordinate responses with the SOC.
Reveleer provides a cloud-based healthcare SaaS platform. They are an equal opportunity employer that values diversity and does not discriminate based on race, religion, or other protected characteristics.
Perform threat modeling, security architecture reviews, and design analysis for web applications and APIs.
Conduct manual and automated security testing, and design and implement security pipelines integrated into the SDLC.
Implement and manage SBOM generation processes and collaborate with development teams on vulnerability remediation.
Constructor Knowledge is a technology company focused on providing search and discovery solutions. Based on the posting's professional tone and mention of teams, it appears to be an established company with a collaborative and security-focused culture.
Bridge Security and Development, empowering engineering teams to deliver secure code.
Integrate security into the Software Development Life Cycle (SDLC) for AI-driven applications.
Conduct penetration tests and monitor application resilience.
EcoVadis is the leading provider of business sustainability ratings. Their solutions are backed by an international team of experts and powerful technology that analyzes data and builds sustainability scorecards, giving companies actionable insights into their environmental, social, and ethical risks.
Conduct threat models and train engineers on threat modeling techniques to identify and prioritize risks of potential vulnerabilities and define possible mitigations.
Develop, document and maintain the security standards and design patterns used by engineers to deliver consistent, secure code and features.
Research the threat landscape, regulatory considerations, and customer requirements relevant to Outreach’s business, and recommend solutions to address known and potential threats by defining and applying appropriate security requirements.
Outreach, founded in 2014, is the only complete agentic AI platform for revenue teams that infuses agentic AI, conversation intelligence, and assistive AI to power hundreds of use cases across revenue motions. World leading enterprise organizations use Outreach to power their revenue teams.
Own edge governance and traffic analysis using Cloudflare, monitoring for threats and implementing real-time countermeasures.
Lead the vulnerability management program, including triaging third-party researcher reports and coordinating fixes between external researchers and internal engineering teams.
Design and execute proactive offensive security strategies, including internal penetration tests focused on real-world attack paths and business logic flaws.
Donorbox is a leading fundraising platform and donor management system for nonprofit organizations. The company is a profitable, bootstrapped, and fully distributed team of about 150 people based in over 16 states and 23 countries, known for building trusted products and being recognized as a great place to work.
Lead the ongoing maintenance and operation of secure cloud infrastructures, focusing on AWS and cloud-native technologies.
Secure applications built for cloud environments by automating security assessments, monitoring runtime environments, and integrating security practices into the development lifecycle.
Implement robust security controls for cloud workloads and data, including containers, virtual machines, and serverless architectures.
Ro is a direct-to-patient healthcare company with a mission of helping patients achieve their health goals by delivering the easiest, most effective care possible. Ro is the only company to offer nationwide telehealth, labs, and pharmacy services and is recognized as a top workplace, earning more than 20 honors since 2021.
Own and enforce DevSecOps practices across CI/CD pipelines.
Drive vulnerability identification, triage, and remediation across infrastructure and applications.
Act as the primary security SME for the engineering organization.
Teramind is pioneering a predictive, AI-driven approach to safeguarding organizations' people, data, and operations. As a global leader in user behavior analytics, insider risk management, and workforce intelligence, we empower businesses to transform data into a strategic asset.