Define and evangelize requirements and guidance for secure by design principles.
Implement automation to prevent and detect security flaws during development.
Conduct design reviews and manual security assessments.
Yubico is the creator of the most secure passkeys and leading provider of hardware authentication security keys with a mission to make secure login easy and available for everyone. They are a global company with a strong company culture and employees located in over 14 countries; Yubico’s headquarters are based in Stockholm, Sweden and Santa Clara, CA.
Lead Application Security testing projects and drive remediation of identified vulnerabilities.
Design and run adversarial testing campaigns across the full Buildkite environment.
Build automation for both AppSec and adversarial testing workflows.
Buildkite's mission is to unblock every developer on the planet with their CI/CD platform. They are a remote-first company since 2013 with a small team, high standards, and real ownership distributed across 60+ cities, built around async communication and genuine autonomy.
Serve as trusted advisor to team’s leadership and partner teams by clearly articulating business risks associated with security issues
Lead security operation functions – including vulnerability management, SAST, DAST, detection engineering, and incident response – in CI/CD and cloud-native production environments
Integrate security into our applications throughout the software development lifecycle
They are scaling intelligence to serve humanity by training and deploying frontier models for developers and enterprises, building AI systems to power magical experiences. Cohere is composed of researchers, engineers, and designers who are passionate about their craft, and believes that a diverse range of perspectives is a requirement for building great products.
Create, manage, and maintain the application security strategy and roadmap.
Develop, execute, and track the performance of security measures to protect Alma’s data, applications, and systems.
Build and provide high-quality application security documentation and training to engineers.
Alma simplifies access to high-quality, affordable mental health care by making it easy and financially rewarding for therapists to accept insurance. Alma has over 20,000 therapists in their growing network and was named one of Inc’s Best Workplaces in 2022 and 2023.
Partner with engineering teams throughout the SDLC to embed security by design in our products.
Lead and evolve our AppSec tooling and workflows by implementing, tuning, and integrating SAST, DAST, SCA, and container/image scanning into CI/CD pipelines.
Drive vulnerability management for our applications and supply chain, including triaging and prioritizing issues, coordinating with teams on fix/mitigate/accept decisions.
Camunda is the leader in enterprise agentic automation, orchestrating complex business processes across agents, people, and systems. They were named a Visionary in the inaugural 2025 Gartner Magic Quadrant for Business Orchestration and Automation Technologies (BOAT).
Define and evolve product security architecture and strategy for Valon’s multi-tenant SaaS platform
Architect and guide secure implementation of customer-facing security capabilities in conjunction with Engineering
Lead threat modeling, security design and code reviews for new features, services, and major architectural changes
Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing. They're a Series C company backed by a16z, transforming industries that others have written off as too complex to innovate.
Analyze security vulnerabilities and drive remediations.
Integrate security at every stage of the SDLC.
Deploy and manage security tooling.
Modern Health is a mental health benefits platform for employers, offering access to various resources for emotional, professional, social, financial, and physical well-being. They are the fastest entirely female-founded company in the U.S. to reach Unicorn status, with a unique culture centered around high empathy and accountability.
Conduct regular security assessments, vulnerability scanning, and penetration testing of Veeam products and services
Work with development teams to integrate secure development practices into the software development lifecycle
Collaborate on the design and implementation of security within Veeam products
Veeam specializes in helping organizations ensure their data and AI are fully understood, secured, and resilient to enable the acceleration of safe AI at scale. They are headquartered in Seattle with offices in more than 30 countries, protecting over 550,000 customers worldwide.
Lead and grow a high-performing security engineering team.
Own cloud security architecture for AWS.
Embed security into the SDLC: threat modeling, secure coding guidance, code scanning, dependency controls, build-time checks, and release gates.
Keyrock is a leading change-maker in the digital asset space, known for partnerships and innovation. They have over 180 team members around the world from 42 nationalities, with backgrounds ranging from DeFi natives to PhDs, with hubs in London, Brussels, Singapore and Paris.
Design and implement security controls across cloud infrastructure, applications, and data systems.
Identify, assess, and mitigate security risks through threat modeling, reviews, and testing.
Build and maintain monitoring, alerting, and incident response capabilities.
BlockchainUnmasked aims to streamline cryptocurrency forensic investigations through advanced automation combined with cutting-edge solutions. They work with investigative partners to dramatically accelerate investigation times and boost success rates in interdiction, recovery, and deterrence.
Lead secure design reviews, threat modeling, and security-focused code reviews across the product and platform.
Build and run Fieldguide’s vulnerability management program: scanning, triage, SLA-driven remediation tracking, and engineering coordination.
Partner with Compliance to ensure technical controls satisfy framework requirements (SOC 2, ISO 27001, ISO 42001, FedRAMP).
Fieldguide is establishing a new state of trust for global commerce and capital markets through automating and streamlining the work of assurance and audit practitioners. They are based in San Francisco, CA, and built as a remote-first company that enables you to do your best work from anywhere.
Establish and communicate a shared vision for product security excellence.
Embed security by design through the entire product lifecycle.
Coordinate global product incident response and vulnerability management to reduce risk and accelerate remediation.
They are a partner company working with Jobgether. They are looking for someone to lead the global product security vision focused on safeguarding critical assets within the power sector, including embedded systems and SaaS solutions.
Own end-to-end application security for all Self products
Partner closely with engineering and product teams to remediate critical security findings
Support SOC 2 and PCI compliance efforts, including audit preparation and evidence collection
Self Financial is a venture-backed, high-growth FinTech company with a mission to increase economic inclusion and financial resilience by empowering people to build credit and build savings. They are passionate about challenging the status quo of the credit industry by providing people accessible tools to take control of their credit.
Lead and execute offensive engagements, including red and purple team exercises.
Author comprehensive assessment deliverables detailing technical execution and remediation.
Contribute to thought leadership through research, conference speaking, and tool development.
GuidePoint Security delivers cybersecurity expertise, solutions, and services to help organizations make better decisions and minimize risk. With over 1,200 employees and strategic partnerships, they serve as a trusted advisor to more than 6,200 customers.
Design, implement, and manage application and cloud security tooling across AWS.
Lead the deployment and configuration of Wiz CSPM, collaborating with infrastructure and DevOps teams.
Manage secure code scanning processes, integrating SAST and DAST to identify and remediate vulnerabilities early in the SDLC.
Twin Health aims to empower people to improve and prevent chronic metabolic diseases with AI Digital Twin technology. It is recognized for innovation and culture, with recent funding to scale rapidly across the U.S. and globally.
Accountable for designing and engineering strategic security solutions.
Developing Zero Trust Architecture design requirements through sound design methodology.
Reviewing current system security measures and recommending and implementing enhancements.
BitMEX is a leading global exchange for crypto derivatives, offering a professional-grade trading platform. Since 2014, BitMEX has maintained an impeccable security record, offering over 100 derivatives contracts and 16 pairs for spot trading.
Drive adoption of a Secure Software Development Lifecycle (SSDLC) across engineering teams.
Implement and integrate application security tooling into CI/CD pipelines, improving vulnerability detection and remediation.
Establish consistent threat modelling and secure design practices across new features and products.
Neko Health's mission is to deliver proactive healthcare for all, empowering members to take control of their health via technology and compassionate care. They have nearly 100 full-time engineers working across Berlin, Chamonix, Hamburg, Lisbon, Marseille, Vilnius, and Stockholm and they support a flexible workplace that prioritizes work-life balance.
Actively partner on the Cloud Security strategy and implementation.
Evolve and expand our current Cloud Security posture across multiple platforms.
Recommend and validate Security controls and improvements across our infrastructure stack
Circle is a global financial technology firm building the foundation for a more open financial system through digital assets, payment applications, and blockchain infrastructure. They value their employees and foster a culture of collaboration and excellence, with a flexible work enviornment.
Conduct security assessments, code reviews, and penetration testing to identify vulnerabilities.
Plan and execute security testing for LLM-enabled applications, including prompt injection testing.
Design, develop, and implement security tools and automation to prevent and detect vulnerabilities.
Granicus provides technology that transforms the Govtech industry by connecting governments and constituents. They are a remote-first company with a globally distributed workforce across the United States, Canada, United Kingdom, India, Armenia, Australia, and New Zealand.
Perform infrastructure security reviews across cloud services, network design, IAM, and platform components.
Design and build internal security services, APIs, and tools that automate infrastructure vulnerability detection, triage, reporting, and remediation.
Develop security automation that integrates with CI/CD, cloud control planes, and developer workflows to shift detection and remediation earlier in the lifecycle.
Webflow is building the world’s leading AI-native Digital Experience Platform as a remote-first company. They empower teams to design, launch, and optimize for the web without barriers, from entrepreneurs to global enterprises, and believe the future of the web, and work, is more open, more creative, and more equitable.