Play a critical role in strengthening Alpaca’s security, compliance, and AI risk posture across the organization.
Support the identification, assessment, and documentation of cybersecurity and AI-related risks.
Contribute to the design and execution of our risk management framework across traditional cyber domains.
Alpaca is a US-headquartered self-clearing broker-dealer and brokerage infrastructure for stocks, ETFs, options, crypto, fixed income, 24/5 trading, and more. They serve hundreds of financial institutions across 40 countries with institutional-grade APIs and have over 230+ globally distributed members.
Conduct structured interviews with partner organizations, operational teams, and technical stakeholders.
Documents end‑to‑end operational workflows and surface implicit, non‑documented practices.
Identify workflow fragility zones, handoff risks, and transition‑period vulnerabilities.
Element serves as a partner at the intersection of innovation and our clients' needs, efficiently crafting meaningful user experiences for government and commercial customers. Our talented professionals bring unparalleled energy engagement, setting a higher standard for impactful work.
Responsible for managing and growing a comprehensive third-party risk management program across the organization.
Ensuring that Privia Health's information assets are safeguarded against cyber threats originating from third and fourth parties.
Leading the Third Party Access Committee (TPAC), driving compliance with regulations and implementing industry best practices for vendor risk management.
Privia Health is a technology-driven, national physician enablement company that collaborates with medical groups, health plans, and health systems to optimize physician practices, improve patient experiences, and reward doctors for delivering high-value care. The Privia Platform is led by top industry talent and exceptional physician leadership.
Support CapIntel’s Governance, Risk, and Compliance program
Manage third-party risk and customer security reviews
Support operational security, privacy, and security awareness initiatives
CapIntel is a software platform built for wealth management enterprises to help financial advisors explain complex investment strategies to their clients. Since launching in 2019, CapIntel has seen rapid adoption and industry recognition, earning top placements in Deloitte’s Technology Fast 50 Canada and Fast 500 North America in 2025, ranking us among the fastest -growing technology companies.
Perform GRC functions and maintain the Cyber Security Risk register.
Execute third party risk processes for cyber and perform/execute on awareness programs and phishing processes.
Liaise with the vendor management (VM) team to conduct security assessments of existing and prospective vendors.
Warner Music Group is a global collective of music makers and music lovers, tech innovators and inspired entrepreneurs, game-changing creatives and passionate team members. They turn dreams into stardom and audiences into fans. WMG is committed to creating a work environment that actively values, appreciates, and respects everyone and encourages applications from people with a wide variety of backgrounds and experiences.
Oversee third-party and internal risk assessments to support enterprise information security and governance, risk, and compliance (GRC) initiatives.
Manage vendor due diligence, maintains an accurate risk register, partners with internal stakeholders on mitigation strategies.
Drive continuous improvement of the risk and compliance framework.
Concorde Career Colleges is committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee based on race, color, religion, religious creed, national origin, ancestry, sex, age, veteran or military status, or any other legally protected characteristic. Concorde Career Colleges offer short career-focused programs preparing students for the healthcare industry.
Own application, cloud, infrastructure, and data security across Cherry
Be hands-on: design systems, review code and architecture, and contribute directly where needed
Lead incident response, threat modeling, and security reviews
Cherry is a profitable, high-growth fintech ($500M+ revenue, ~3x YoY) building the financial infrastructure for healthcare providers. Security is core to our product, not a support function. They are looking for strong leaders that will help them scale Cherry to be the go-to financial partner for every doctor in the country.
Lead and support a variety of security-related initiatives across both technical and business domains.
Apply strong project and program management discipline, including planning, prioritization, reporting, and cross-functional coordination.
Support program budgets, executive reporting, and ongoing program tracking using modern project management platforms and collaboration tools.
Netflix is a streaming service that offers a wide variety of award-winning TV shows, movies, anime, documentaries, and more on thousands of internet-connected devices. They are known for a dynamic and innovative company culture.
Manage the company's technology infrastructure, including cloud services, networking, and internal application stack.
Develop and execute the long-term IT roadmap to support Zócalo Health’s rapid growth and scalability.
Own and lead the HITRUST certification program, including control implementation, documentation, and audit readiness.
Zócalo Health is a tech-enabled, community-oriented primary care organization serving people who have historically been underserved by the healthcare system. Founded in 2021, Zócalo Health is backed by leading healthcare and mission-aligned investors and is scaling rapidly across states and populations.
Spearhead the strategic development and execution of global payroll risk and incident management.
Lead critical programs to enhance our risk posture and drive resolution of high-impact incidents.
Partner across teams to embed risk-aware thinking into everyday operations.
Remote is solving modern organizations’ biggest challenge – navigating global employment compliantly with ease. They make it possible for businesses of all sizes to recruit, pay, and manage international teams. With their core values at heart and future-focused work culture, their team works tirelessly on ambitious problems, asynchronously, around the world.
Own and lead the end-to-end Security Supply Chain Risk Management program.
Perform detailed third-party security risk assessments aligned with industry frameworks.
Drive cross-functional alignment serving as the subject matter expert on external supply chain risk.
Webflow is building the world’s leading AI-native Digital Experience Platform as a remote-first company built on trust, transparency, and creativity. They empower teams to design, launch, and optimize for the web without barriers and believe the future of the web, and work, is more open, more creative, and more equitable.
Lead and manage the Third Party Findings Management process across key risk impact categories.
Drive the optimization of the Due Diligence and Ongoing Monitoring risk assessment process across regulated and non-regulated Anchorage Digital legal entities.
Lead and manage the TPRM Quality Control process across regulated and non-regulated Anchorage Digital legal entities.
Anchorage Digital is building the world’s most advanced digital asset platform allowing institutions to participate in crypto. The company has over 600 employees and is funded by leading institutions including Andreessen Horowitz, GIC, Goldman Sachs, KKR, and Visa.
Own enterprise security, cloud, and application security, and corporate IT.
Lead security engineering, security operations, and corporate IT.
Partner closely with Engineering, Platform, and Operations to embed security and reliability into how Redox builds and runs software.
Redox aims to accelerate healthcare’s transformation with useful data. Redox Engine connects and powers real-time healthcare data exchange across a network of 12,000+ systems and organizations.
Partner with engineering teams to conduct threat modeling.
Build and maintain automated scanning, penetration testing frameworks, and monitoring tools within our AWS CI/CD pipelines.
Champion a "security-first" mindset and host workshops that empower developers to write secure code.
Panopto is a customer-centric learning technology company and the leader in visual and audio-based learning. They empower organizations to share knowledge effortlessly. Panopto has been adopted by more than 1,600 companies and universities worldwide with over 11 million end users.
Build and operationalize a fintech-grade SOC function
Own incident response end-to-end
Build and scale the SecOps team
OpenFX processes billions of dollars in transaction volume every month across global corridors. Their backend systems power pricing, routing, settlement, reconciliation, compliance, and risk.
Partner with organizations of all sizes and industries
Evaluate IT and security controls for compliance and effectiveness
Advise on security + privacy requirements (state & federal)
Clark Schaefer Hackett provides customized solutions leveraging strategic skills, financial and operational leadership, and technological advances. They are an elite community that includes trusted advisors with Clark Schaefer Hackett, Clark Schaefer Consulting, and Clark Schaefer Strategic HR.
Seek out opportunities to evangelize AuditBoard’s value to partners.
Lead compelling demonstrations and training of AuditBoard’s IT Risk and Compliance (ITRC) solutions to AuditBoard’s strategic partners tailored to a partners GTM approach.
Maintain accurate mapping of partners’ field teams, penetration rates across our practice lines, and identify opportunities to increase our footprint.
AuditBoard is the leading audit, risk, ESG, and InfoSec platform on the market, surpassing $300M ARR and continuing to grow. More than 50% of the Fortune 500 leverage their award-winning technology to move their businesses forward with greater clarity and agility. They are one of the 500 fastest-growing tech companies in North America.
Develop and execute a comprehensive customer success strategy that aligns with the company's overall business objectives.
Lead the Customer Success department and technical support teams
Drive customer retention and growth while ensuring a seamless and positive customer experience.
Xapo Bank is committed to changing the way things are done within the financial sector. They are a fully distributed team of over 130 employees working remotely from 30+ countries around the world, striving to provide economic freedom and wealth protection globally.
Oversee the annual technical roadmap for the Systems and Infrastructure engineering teams, prioritizing projects based on business impact and technical risk.
Act as an operational auditor to identify manual "toil" and guide the team toward API- driven automation for the Joiner-Mover-Leaver (JML) lifecycle.
Collaborate with Security on the internal incident response framework, leading blameless post-mortems and driving long-term corrective actions for system outages.
Outreach is the only complete agentic AI platform for revenue teams. They infuse agentic AI, conversation intelligence, and assistive AI to power hundreds of use cases across revenue motions. The company's success is reliant on building teams that include people from different backgrounds and experiences who can elevate assumptions and ideas with fresh perspectives.
Own the strategy and execution for the Cloudflare ecosystem to secure the network edge.
Lead the design of security controls within Google Cloud Platform, specifically for Vertex AI, BigQuery, VPC Service Controls, IAM, and Security Command Center.
Embed security into CI/CD pipelines (Cloud Build, GitHub Actions) using Infrastructure as Code (Terraform).
Kareo and PatientPop joined forces to become Tebra, the digital backbone for practice well-being, helping independent practices bring modernized care to patients everywhere. Well over 100,000 providers trust them to elevate their patient experience and grow their practice.