Drive and enable proactive identification, analysis, and remediation of security vulnerabilities.
Respond to manage pen testing and bug bounty programs.
Work in partnership with Software Architecture, Risk/Compliance, the SRE team, and other partners, to integrate security capabilities into the SDLC.
Subsplash builds The Ultimate Engagement Platform™ for churches, Christian ministries, non-profits, and businesses around the world. They are a family-owned and operated company of 290+ mission-driven people.
Implement and maintain security controls across multi-cloud environments (primarily AWS and Azure, with some GCP and AliCloud) and on-prem infrastructure
Own IAM strategy and implementation: design and enforce identity, access, and permissions models that are secure, scalable, and practical
Design and operate key management and custody security controls such as HSMs, secrets management, and secure key handling for trading operations
Auros is a global digital asset liquidity provider operating 24/7 across centralised and decentralised markets. They run high-availability, low-latency systems where resilience and risk discipline matter and treat security as a core engineering and risk function, with direct engagement from senior leadership.
Utilising knowledge of cloud technology to plan, write and improve cloud security labs, challenges and online learning content on the Immersive platform.
Produce multi-format content utilising various teaching methods; practical exercises, questions & gamification
Test Cloud Security labs to ensure they function as expected
Immersive One is the leading cyber resilience solution across the globe, helping organizations future-proof against cyber challenges. Founded in 2017, they've grown to over 300 global employees and have been voted a Best place to work on multiple occasions.
Take ownership of securing high-availability, low-latency systems.
Implement and automate security controls across cloud and on-prem infrastructure.
Enhance resilience, reduce risk, and enable business operations to run safely and efficiently.
Jobgether is a platform that helps candidates find jobs and companies find candidates. They use AI-powered matching to connect talent with opportunities, ensuring a quick, objective, and fair review process.
Lead cross-team infrastructure security initiatives from design through delivery, owning technical outcomes and stakeholder communication
Design and implement security solutions for cloud infrastructure, container platforms, and orchestration systems
Partner with SRE, Infrastructure, and Engineering teams to integrate security into platform services and deployment pipelines
GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Their mission is to enable everyone to contribute to and co-create the software that powers our world.
Xapo Bank is a fully distributed team of over 130 Xapiens that work remotely from 30+ countries around the world. They aim to provide economic freedom and wealth protection, searching the world for the best people and inspiring each other to learn and grow.
Work alongside DevOps and engineering teams to ensure our platforms, repositories and CI/CD pipelines are secure by default while remaining easy to build, test, and deploy against
Identify security risks through tools, audits, and monitoring, and drive them to resolution — whether that means changing a policy, updating infrastructure, or improving a pipeline
Take ownership of the security posture across multiple AWS accounts and continuously improve it over time
Versaterm is a global public safety solutions company helping agencies transform how they serve their communities. Since 1977, they’ve been building an ecosystem of intuitive tools designed for public safety agencies, forensic labs, court systems, schools and other institutions.
Partner with engineering to drive technical implementation of controls throughout the product and infrastructure
Design, implement, and continuously improve security controls across AWS infrastructure and application architecture
Enhance and tune monitoring and detection capabilities in support of customer security and incident response capabilities
AlertMedia helps organizations protect their people and businesses through all phases of an emergency. Their award-winning threat intelligence, emergency communication, and travel risk management solutions help companies of all sizes identify, respond to, and recover from critical events faster and more confidently. They support essential communication for thousands of leading businesses in more than 150 countries.
Design and implement security controls across cloud infrastructure, applications, and data systems.
Identify, assess, and mitigate security risks through threat modeling, reviews, and testing.
Build and maintain monitoring, alerting, and incident response capabilities.
BlockchainUnmasked aims to streamline cryptocurrency forensic investigations through advanced automation combined with cutting-edge solutions. They work with investigative partners to dramatically accelerate investigation times and boost success rates in interdiction, recovery, and deterrence.
Conducting a comprehensive threat model of our application and infrastructure layers.
Hardening our AWS infrastructure while keeping developer workflows frictionless.
Integrating security tooling into our CI/CD pipeline.
Loancrate simplifies home-buying for lenders and borrowers by building AI-native tooling to automate mortgage workflows. Since 2020, their remote team has enabled customers to power >$85 billion in new home loans and they value collaboration and open communication.
Lead Application Security testing projects and drive remediation of identified vulnerabilities.
Design and run adversarial testing campaigns across the full Buildkite environment.
Build automation for both AppSec and adversarial testing workflows.
Buildkite's mission is to unblock every developer on the planet with their CI/CD platform. They are a remote-first company since 2013 with a small team, high standards, and real ownership distributed across 60+ cities, built around async communication and genuine autonomy.
Collaborate with engineering teams to design and build cloud-native applications and infrastructure that are secure by default.
Use CSPM tools (like Wiz) to discover cloud security findings and provide clear, practical guidance to teams on how to remediate those risks.
Create new security alerts and dashboards within our infosec stack and perform threat hunting across log feeds to identify emerging risks.
KnowBe4 is a cybersecurity company that puts security first. Their AI-driven Human Risk Management platform empowers over 70,000 organizations worldwide to strengthen their security culture.
Own detection, response, and cloud security at PostHog.
Take the reins of our security operations, build out our detection pipelines, and ensure that when something goes bump in the night, we have the observability to know exactly what happened.
Shape the security team, culture and tooling for a high-growth, open-source company.
PostHog is shipping every product that companies need to run their business from their first day, to the day they IPO, and beyond. They are the operating system for folks who build software. They've raised more than $100m from some of the world's top investors and are set up for a long, ambitious journey.
Embed security into CI/CD pipelines and repos using policy-as-code tools (pre-commit hooks, SAST/SCA, IDE tool integrations)
Conduct threat modeling sessions and risk‑driven design reviews early in development
OnePay is a consumer fintech company trusted by millions of Americans to make money better by providing an all-in-one financial services platform. They are backed by Walmart and Ribbit Capital, allowing them rare scale and distribution to build something truly category-defining.
Designing and developing technical integrations that connect Chainguard products to partner platforms.
Building and maintaining our security advisory system, including schemas, APIs, and data feeds.
Owning integrations with major cloud platforms, including GCP, AWS, and Azure.
Chainguard is the secure foundation for software development and deployment. They help organizations eliminate threats in their software supply chains by providing guarded open source software. Chainguard is founded by industry's leading experts on open source software, security and cloud native development and they built the largest library of open source software that is secure by default.
Design and implement cloud security guardrails across AWS and GCP
Embed policy enforcement and compliance checks directly into Terraform modules
Conduct architecture reviews and continuously harden multi-cloud environments
Beast Industries is a multifaceted media and entertainment company founded by Jimmy Donaldson, popularly known as MrBeast. We are known for revolutionizing digital content creation, encompassing ventures that extend far beyond YouTube.
Lead and grow a high-performing security engineering team.
Own cloud security architecture for AWS.
Embed security into the SDLC: threat modeling, secure coding guidance, code scanning, dependency controls, build-time checks, and release gates.
Keyrock is a leading change-maker in the digital asset space, known for partnerships and innovation. They have over 180 team members around the world from 42 nationalities, with backgrounds ranging from DeFi natives to PhDs, with hubs in London, Brussels, Singapore and Paris.
Secure AI-specific attack surfaces: prompt injection defenses, PII handling in LLM pipelines, model interaction data leakage
Kiefer Tech leverages over 20 years of engineering heritage from the Green Energy sector to deliver cutting-edge AI, robotics, and enterprise solutions across Greece and the EU. They build sovereign AI infrastructure that keeps data within EU borders, respect privacy, and delivers tangible business impact.
Own and drive remediation of security vulnerability tickets across environments
Analyze vulnerability trends to identify process gaps and recommend improvements
Track remediation progress and provide weekly status updates to management
ItD is a consulting and software development company blending diversity, innovation, and integrity with real business results. They are a woman- and minority-led firm that rejects strong hierarchies, empowering them to deliver great results with Fortune 500 companies and high-performance teams.
Perform systems administration and maintenance including patching, vulnerability scanning and remediation for cloud workloads.
Support multi‑cloud environments (AWS, Azure, GCP), including Windows and Linux EC2 instances and container workloads.
Configure, update, and maintain security tools for endpoint protection, log collection, vulnerability scanning, and compliance monitoring.
Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation. With over 50 years of experience, they foster a collaborative, innovative, and mission-driven environment.