Lead the configuration and management of GRC tools to ensure integration with security systems.
Manage the main dashboard for SOC 2 reporting, ensuring accuracy and compliance.
Develop and maintain a comprehensive risk management program and conduct risk assessments.
Engine is transforming business travel into something personalized, rewarding, and simple. They have over 20,000 companies relying on Engine to support over 1 million travelers and billions in annual bookings each year and have been recognized as one of the fastest-growing travel and fintech platforms in North America.
Lead development of security strategy aligned to client business goals.
Guide risk management practices including risk registers and threat modeling.
Provide executive-level oversight of regulatory compliance programs.
Jobgether uses an AI-powered matching process to ensure applications are reviewed fairly. Their system identifies the top-fitting candidates and shares this shortlist with the hiring company.
Play a critical role in the technical development, implementation, and maintenance of the GRC platform.
Drive integration strategies between GRC platforms and enterprise systems for automated data sharing and reporting.
Provide expert guidance and leadership on GRC technical matters to senior leadership and business stakeholders.
Jobgether is a platform helping candidates find jobs. They use AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements.
Design and test prompts to shape AI behavior and review outputs.
Build and maintain the “truth layer” for real-world GRC answers.
Evaluate and improve AI quality, ensuring responsible AI use.
Vanta helps businesses earn and prove trust by continuously monitoring and verifying their security. They empower companies to practice better security and prove it with ease, with a kind and talented team that consists of both people with and without prior security experience.
Own our information security strategy and build our security roadmap.
Maintain our ISO 27001 certification, preparing for SOC 2 readiness.
Operate strategically and tactically, developing policy and reviewing cloud configurations.
ApprovalMax is redefining how finance teams manage the Money Out cycle — from purchase orders and supplier bills to employee expense management and payroll. Trusted by 18,000+ businesses worldwide, our platform empowers companies to automate financial controls, ensure compliance, and scale efficiently.
Mentor and develop security engineers and analysts.
Define and own the security strategy and roadmap.
Lead and scale the security function across vulnerability management.
Attentive is the AI marketing platform for 1:1 personalization redefining the way brands and people connect. They combine technology with human expertise to build authentic customer relationships, partnering with more than 8,000 customers across 70+ industries.
Lead customer due diligence questionnaire (DDQ) and RFP response process and third-party risk management process.
Support enterprise sales with technical customer security discussions.
Lead SOC 2 Type II audit preparation, evidence collection, and remediation.
Vanilla is an AI-powered estate advisory platform that aims to modernize estate planning. They are a startup distributed across the U.S. with a mix of fully remote and hybrid roles that embraces flexibility and values curious builders and problem-solvers.
Lead, mentor, and grow a team of international and domestic risk analysts.
Conduct and oversee complex risk assessments across cloud environments and on-premise telecommunications systems.
Develop and deliver high-impact, executive-level risk reporting.
At Twilio, they're shaping the future of communications. They deliver innovative solutions to hundreds of thousands of businesses and empower millions of developers worldwide to craft personalized customer experiences, with a strong culture of connection and global inclusion.
Deliver world-class cyber security assessment and advisory services across multiple Compliance offerings.
Work effectively as a team member on large engagements and remain current on technical knowledge.
Demonstrate GuidePoint’s Core Values at all times and achieve and maintain relevant cyber security and audit certifications.
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. Since its inception in 2011, GuidePoint has grown to over 1000 employees and firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere.
Lead comprehensive security audits of client security operations programs.
Analyze security monitoring and alerting to perform a gap analysis.
Conduct cyber risk assessments using industry frameworks.
They build cybersecurity software and solutions. Palo Alto Networks challenges the status quo, and they are looking for innovators who are as committed to shaping the future of cybersecurity as they are.
Collaborate with cross-functional teams to maintain and improve the company's comprehensive compliance program.
Manage the end-to-end audit process for SOC 2 compliance, ensuring timely and accurate completion.
Oversee the Information Security Risk Management Program, documenting identified risks, coordinating mitigation efforts.
airSlate is a global SaaS technology company that develops no-code workflow automation, electronic signature, and document management solutions. They have teammates in more than 20 countries across three continents and main hubs in the United States, Poland, Romania, Ukraine and Philippines.
Lead execution of the enterprise information security program.
Oversee threat detection/response, vulnerability management, and incident response processes.
Partner with Engineering and Infrastructure teams to secure cloud environments and CI/CD pipelines.
bswift transforms benefits administration, making it simpler and smarter. They serve thousands of companies and millions of people nationwide, reducing administrative burdens and freeing HR teams to focus on creating thriving, people-first workplaces.
Perform internal audits and vulnerability testing, ensuring security controls are monitored.
Lead security architecture governance for internal IT and projects, using Unified Architecture Framework.
Maintain compliance with security requirements and develop roadmaps to address evolving threats.
Jobgether is a platform connecting job seekers with companies. It uses AI-powered matching to ensure applications are reviewed quickly and fairly, identifying top candidates for employers.
Own the 24‑month global security roadmap developed with an external partner; drive planning, resource allocation, cross‑region rollout, milestone tracking, and KPI delivery.
Lead the cybersecurity transformation: redesign the security operating model, establish regional capability hubs, hire and upskill teams, and integrate security into engineering and product lifecycles.
Modernize security tooling and architecture: define global architecture for IAM, cloud security, vulnerability management, SIEM/XDR, DLP, and secure SDLC integrations; manage vendor selection and lifecycle.
Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. With a combination of industry-leading tools, services, and expertise, Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
Own and drive the GRC project portfolio, defining project goals and execution plans.
Support audit and certification efforts, translating complex technical requirements into clear project plans.
Leverage AI tools to automate reporting and enhance visibility, maintaining consistent communication with stakeholders.
Jobgether is a platform that connects job seekers with companies. They use an AI-powered matching process to ensure applications are reviewed quickly and fairly.
Lead and mature Material Bank’s enterprise information security program.
Own the security risk management framework, including risk identification, scoring, tracking, and executive reporting.
Own detection, incident response, and resilience strategy.
Material Bank operates the world’s largest material marketplace for the architecture and design industry, connecting designers with materials from leading brands. They operate in 37 countries and their platform is the standard for design professionals around the globe.
Contribute to the cybersecurity governance framework, aligned with international standards.
Perform security audits, gap analyses, and cyber risk assessments.
Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities.
Prima uses data and tech to rethink motor insurance, offering a great experience at a great price. They are a trusted provider for over 4 million drivers and are expanding in the UK and Spain, with over 300 engineers in the Engineering Department.
Define security detection program strategy and roadmap.
Oversee development, testing, and maintenance of detection logic.
Lead and mentor a high-performing team of security operators.
Cribl helps solve IT and Security's data needs. They foster a collaborative, curious, and motivated team environment where employees are passionate about putting customers first and believe in empowering our employees to do their best work, wherever they are.
Partner with key customers to understand and help achieve their business, objectives, cybersecurity initiatives, and desired outcomes
Establish strategies and roadmaps to drive cyber workforce resilience through a programmatic approach
Engage C-level executives, technical cyber security professionals, and major lines of business through delivering routine Executive Business Reviews
Immersive One is the leading cyber resilience solution across the globe. They help prove and improve your cyber resilience, by simulating real-world threats, testing your skills, and measuring performance. Founded in 2017, they have grown to over 300 employees globally and have been voted a Best place to work on multiple occasions.
Own day-to-day execution of SOC 1, SOC 2, PCI DSS, and ISO 27001 readiness and audit cycles.
Develop and maintain policies, procedures, risk assessments, control narratives, and supporting documentation.
Facilitate risk assessments for systems, vendors, products, and business initiatives.
Astra is building mission-critical infrastructure for moving money at scale. Their platform processes billions in annual transaction volume with 99.9%+ uptime, powering real-time transfers, bank debits, card disbursements, and complex financial compliance systems.