Lead the governance, risk, and compliance function across security policies, standards, risk management, audits, and third-party risk.
Own audit readiness and ongoing compliance programs across frameworks such as SOC 2, ISO 27001, GovRAMP, PCI DSS, HIPAA, NIST CSF, and more.
Manage third-party and supply chain risk management, including vendor security reviews, due diligence, and remediation tracking.
Accela provides government software solutions to improve efficiency, increase citizen engagement, and enable thriving communities. They have been an industry leader for nearly 20 years and are committed to diversity, equity, and inclusion.
Drive the continuous maturation of the TPRM program, transforming it into a proactive security partnership.
Architect and govern the security strategy for the BPO and contingent worker ecosystem.
Design and build process automations to optimize and scale the TPRM program for fast-moving priorities.
DoorDash is a technology and logistics company that empowers local economies by enabling door-to-door delivery of goods. They are building a team of great minds to secure a 24x7 global infrastructure and are committed to diversity and inclusion.
Conduct IT and cybersecurity risk assessments across systems, applications, and business processes.
Lead audit readiness activities for frameworks like SOC 2, HIPAA, and NYDFS.
Manage security policies, third-party vendor assessments, and develop risk dashboards.
Jobgether uses an AI-powered matching process to connect candidates with hiring companies. They focus on efficient, objective application review and are a remote-first organization.
Defines program goals, governance frameworks, and measurable objectives for cyber risk and compliance programs.
Manages user attestations, third-party risk, cyber contract negotiation, and coordination of IT audits/assessments.
Implements GRC tooling and monitors program effectiveness through KPIs, QA reviews, and control testing.
Velera is a credit union service organization providing fintech solutions to over 4,000 financial institutions. The company fosters a remote-first, inclusive culture with a focus on employee wellbeing and belonging.
Support cybersecurity operations by monitoring threats, improving security controls, and protecting systems and data.
Respond to security incidents, analyze threats, and assist with vulnerability management and remediation.
Collaborate with technical and business teams to assess risks and implement effective security solutions.
The company is a large, technology-driven organization focused on cybersecurity. It offers a collaborative environment with experienced security professionals and an inclusive workplace culture.
Onboard and manage UpGuard customers, providing success plans, training sessions, and regular check-in calls to ensure they meet their goals.
Monitor customer health and proactively intervene with education to help customers achieve the expected value from UpGuard.
Advocate for customers by providing updates to internal teams on customer perspectives, risks, and expansion opportunities.
UpGuard is a cyber risk management company that provides a Cyber Risk Posture Management (CRPM) platform integrating security ratings, threat intel, and agentic AI to help organizations manage cyber risk. They are a rapidly growing global company with a US$75M Series C funding and a strong culture, certified as a Great Place to Work in multiple countries.
Serve as a strategic advisor to a portfolio of EMEA customers, driving adoption and value realization of the NodeZero platform.
Deliver technical onboarding and enablement, proactively identify customer needs, and collaborate with Sales and Support to drive retention and growth.
Conduct regular check-ins and quarterly business reviews, maintaining detailed records of customer health using Salesforce, Gainsight, and JIRA.
Horizon3.ai is a fast-growing remote cybersecurity company that provides the NodeZero autonomous penetration testing platform to help organizations proactively find and fix exploitable attack vectors. The company is a small startup team of former U.S. Special Operations cyber operators and engineers, committed to a culture of respect, collaboration, and ownership.
Own and manage the compliance program including SOC 2 and ISO 27001 readiness and audits.
Lead risk assessments, control testing, and enterprise risk management processes.
Partner with Engineering, Security, Product, Legal, HR, and Operations to embed compliance into business processes.
Calendly is a scheduling platform used by millions to automate meetings and streamline time management. They are a rapidly growing SaaS company fostering a culture of learning and high performance.
Perform project tasks independently while contributing to cybersecurity assessment engagements and client deliverables.
Collect, organize, and analyze documentation, evidence, and technical artifacts required for security reviews.
Support assessments related to cybersecurity, compliance, and information security programs.
Our partner is a company focused on helping organizations strengthen their security posture and maintain compliance with industry standards. They offer a dynamic and collaborative work environment with career growth opportunities in cybersecurity.
Develop and execute a transformational third-party risk strategy integrating cybersecurity, privacy, resiliency, and AI risks into enterprise goals.
Design policies, standards, and scalable processes to streamline third party intake, risk assessments, and continuous monitoring.
Establish meaningful KRIs, KPIs, dashboards, and management routines to demonstrate program effectiveness and reduce third-party risk.
HealthEquity is a healthcare technology company with a mission to save and improve lives by empowering healthcare consumers. The company is a large, publicly traded organization with a culture of innovation, collaboration, and continuous improvement.
Provide expert cybersecurity advice to hedge funds and family offices.
Implement and maintain security programs, including vulnerability management and incident response.
Conduct best practice reviews and develop actionable security plans.
Arootah is a talent solutions firm purpose-built for the alternative investment industry, covering the full talent spectrum from entry to exit. They have a network of 700+ vetted advisors and 600+ coaches, with a team of experienced operators who have run alternative investment firms at the highest levels.
Manage a portfolio of customers, driving adoption, retention, and long-term success through strategic advisory.
Translate cybersecurity objectives into measurable outcomes and actionable improvement strategies.
Proactively identify risks and opportunities to optimize customer satisfaction and platform value.
The partner company is a cybersecurity firm that helps organizations strengthen their security programs through continuous validation and strategic guidance. It offers a remote-first, innovation-focused culture with a collaborative team.
RainFocus provides an industry-disrupting event management platform for Fortune 500 companies like Adobe, Cisco, and IBM. The company is well-funded, rapidly growing, and fosters a culture of innovation, teamwork, and fun.
Execute the security architecture process for business initiatives, from engagement through to implementation.
Support the Information Security Architect across analysis, reviews, and outputs as needed.
Act as a point of contact for InfoSec queries and use security tooling to identify and analyze risks.
StackAdapt is a leading technology company that provides an AI-powered marketing platform for programmatic advertising. The company has a diverse, remote-first culture with a supportive workplace.
Lead ISSO activities to ensure confidentiality, integrity, availability, and compliance of enterprise applications and information systems.
Manage RMF processes including ATO packages, continuous monitoring, risk assessments, and accreditation documentation within eMASS.
Implement and maintain compliance with DISA STIGs, NIST 800-53 controls, and federal cybersecurity requirements.
Jobgether is a platform that uses AI-powered matching to connect candidates with job opportunities. The company facilitates the hiring process by sharing top-fitting candidate shortlists with partner companies, focusing on efficiency and objectivity.
Monitor security alerts, vulnerabilities, and incidents across enterprise systems and assist in incident response.
Maintain compliance with standards such as NIST CSF, ISO 27001, and SOC 2 through audits and policy development.
Conduct security risk assessments, evaluate controls, and track remediation plans.
Mission Critical Group is an end-to-end power solutions and services provider that accelerates time-to-power for mission critical environments. With over 1.5 million square feet of U.S. manufacturing capacity, they support data centers, healthcare, and industrial facilities.
Own and continuously mature the company risk register, designing AI-assisted workflows for real-time risk posture.
Lead external audit management (SOC 2 Type II) and automate evidence collection pipelines in Vanta.
Engineer the Trust and Assurance program for scale, including automated vendor risk intake and AI-assisted response generation.
ButterflyMX empowers people to open and manage doors & gates from a smartphone, with products installed in over 20,000 properties worldwide. As a distributed, primarily remote workforce, they seek intelligent, passionate, and collaborative individuals driven by shared commitment to excellence and innovation.
Support the lifecycle management of cybersecurity offerings, including ideation, design, and launch.
Partner with leadership to standardize services and create go-to-market sales collateral.
Perform competitive analysis and pricing to inform packaging and growth strategies.
Coalfire is on a mission to make the world a safer place by solving clients' hardest cybersecurity challenges. They are a team of thought leaders and consultants headquartered in Chicago with offices across the U.S. and U.K., supporting clients worldwide.