Embed security into Firefox, Mozilla VPN, and other mission-critical products.
Anticipate, prioritize and mitigate risks through proactive threat modeling, security assessments, security testing, and automation.
Partner with engineers to integrate security throughout the software development lifecycle as a core design principle.
Mozilla Corporation shapes the internet for the better and makes privacy-minded brands like Firefox. They have over 225 million people around the world using their products each month and are focused on making the internet better for people.
Integrate security activities across all SDLC phases: requirements, design, implementation, testing, deployment, and maintenance.
Run threat modeling sessions (e.g. STRIDE) for new and existing systems; identify threats, attack paths, misconfigurations, and insecure design patterns.
Perform security-focused code reviews to identify vulnerabilities and risky implementations; provide clear, actionable guidance on secure coding patterns and best practices.
Infiterra's B2B SaaS platform helps IT Distributors and Managed Service Providers (MSPs) automate and grow their subscription business. With 100+ customers in 75 countries, they're recognized for innovation and global impact. Infiterra fosters a collaborative and growth-oriented culture, allowing you to be part of a dynamic, forward-thinking team.
Own and lead the delivery of large, multi-quarter Application Security and Engineering initiatives.
Improve existing complex application security architectures and provide guidance for securing AI-based workflows.
Proactively identify emerging industry threats and act as Incident Commander for large-scale security incidents.
Wrapbook provides a unified payroll platform that seamlessly connects your entire team in one place. It empowers production teams to manage projects, pay cast and crew, track expenses, and generate data-driven insights. With a growing team of 250+ people across the USA and Canada, Wrapbook is backed by top-tier investors and has raised $130M.
Conduct regular security assessments, vulnerability scanning, and penetration testing of Veeam products and services
Work with development teams to integrate secure development practices into the software development lifecycle
Collaborate on the design and implementation of security within public cloud environments
Veeam is the #1 global market leader in data resilience, believing businesses should control all their data whenever and wherever they need it. Based in Seattle, Veeam protects over 550,000 customers worldwide who trust Veeam to keep their businesses running.
Define and drive the strategic roadmap for proactive security vulnerability analysis.
Establish the technical vision and program for integrating robust security controls at every stage of the SDLC.
Lead collaborative and cross-functional threat modeling initiatives for core systems, new features, and evolving services.
Modern Health is a mental health benefits platform for employers, offering access to resources for emotional, professional, social, financial, and physical well-being. They are a fully remote workforce known for their culture centered around empathy and accountability, with a drive to win.
Partner with Product teams to ensure that products are designed, built, and operated securely.
Conduct threat modeling activities with Product teams to ensure product threats are understood, documented, and mitigated.
Review and analyze product source code to identify security vulnerabilities and providing recommendations for secure implementation.
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm is a remote-first company and offers competitive benefits anchored to their core value of people come first.
Own and operate n8n’s vulnerability intake and triage process, including the [email protected] inbox
Define and maintain security policies, standards, and public-facing disclosure documentation
Embed security into the software development lifecycle through threat modeling, design reviews, and pragmatic guardrails
n8n is the open workflow orchestration platform built for the new era of AI. They give technical teams the freedom of code with the speed of no-code, so they can automate faster, smarter, and without limits. Since their founding in 2019, they’ve grown into a diverse team of over 160.
Own the technical roadmap for deploying key product suites to government environments.
Design and harden product suites within compliant cloud infrastructures.
Collaborate with product teams to align development timelines and meet security controls.
Jobgether helps partner companies find the best candidates. They use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements.
Develop automated security testing for centralized security libraries which scale directly with developer needs and enable them to write secure code more easily.
Participate in the review and improvement of secure software development lifecycle (SDLC) processes.
Have significant ownership in and evangelize security training with development teams.
ATPCO is the world's primary source for air fare content, holding over 200 million fares across 160 countries. Every day, the travel industry relies on ATPCO's technology and data solutions to help millions of travelers reach their destinations efficiently. They have a remote-first culture rooted in trust, transparency, and belonging where your wellbeing comes first.
Design, develop, and deliver security-focused features.
Collaborate with engineering teams for secure decisions.
Maintain and enhance security-critical components.
Jobgether is a platform connecting job seekers with partner companies. They foster a remote, collaborative environment that encourages transparency, continuous learning, and innovation.
Implement disciplined software engineering practices to design, develop, and maintain secure, scalable application components.
Contribute to technical design and documentation, maintain source code, and execute enhancements with clear acceptance criteria.
Perform testing and quality activities, supporting defect resolution, and partnering with security and operations stakeholders.
9th Way Insignia is a service-disabled, veteran-owned small business bringing transformative technology to our government customers so they can achieve their missions. Their specialties include cybersecurity, cloud modernization, software development, and data analytics.
Lead the design and implementation of secure architectures for Built’s applications, services, and AI/ML initiatives.
Embed security throughout the development lifecycle by partnering with engineering teams on threat modeling, secure coding best practices, and design reviews.
Perform internal penetration testing of applications, networks, and features to uncover weaknesses before attackers do.
Built is an AI-powered platform transforming how real estate is financed, developed, and managed. They started by fixing construction draw management for lenders and have grown into a comprehensive operating system. Built brings together passionate people who are driven in a variety of disciplines, each bringing their unique perspective to everything they do.
Concevoir et piloter des solutions de sécurité pour les produits et les applications internes
Réaliser des exercices de modélisation des menaces pour les systèmes existants et les nouvelles initiatives produit
Collaborer avec les équipes d’ingénierie afin d’intégrer la sécurité dans les flux de développement et de livraison
Shakepay aims to reimagine financial services and give every Canadian their fair share by introducing the golden age of Bitcoin. They have built their culture around doing work that matters, winning as a team, and celebrating successes.
Responsible for designing and implementing security best practices at each stage of the system development lifecycle.
Works in partnership with cross-functional teams to act as a security subject matter expert, while supporting and advancing the security of ConnectWise applications.
Conducts security assessments, threat modeling, and vulnerability reporting and develops security architecture patterns for implementing new solutions and products.
ConnectWise is a community-driven software company dedicated to the success of technology solution providers, with a suite that helps over 45,000 of their partners manage their businesses better. The company has over 3,000 colleagues in North America, EMEA and APAC and has an inclusive and positive culture.
Lead secure design reviews and threat modeling for AI-driven products.
Build and maintain security automation and governance frameworks.
Drive software supply chain security and vulnerability reduction.
AlphaSense empowers companies to make smarter decisions by providing market intelligence and search functionality driven by AI. With over 2,000 employees globally and offices in multiple countries, they foster a collaborative and innovative environment.
Respond to customer and prospect security questions.
Maintain knowledge repository and artifacts for customer due diligence.
Improve security content with a customer-first mindset.
Webflow is building the world’s leading AI-native Digital Experience Platform as a remote-first company built on trust, transparency, and creativity. From entrepreneurs to global enterprises, they empower teams to design, launch, and optimize for the web without barriers.
Engineer and deploy clever controls so security incidents stay rare.
Lead incident response efforts and security tool deployments.
Embrace AI and automation to protect the enterprise at machine speed.
Chainguard provides a secure foundation for software development and deployment. By providing guarded open source software, built from source and updated continuously, Chainguard helps organizations eliminate threats in their software supply chains. They value customer obsession, prioritize intentional action, and trust each other.
Architect and implement secure AWS configurations.
Embed security into CI/CD pipelines and repos using policy-as-code tools.
Conduct threat modeling sessions and risk‑driven design reviews early in development.
OnePay is an all-in-one financial platform driven by a simple mission: better money makes life better. They are backed by Walmart and Ribbit Capital, and deeply embedded with the distribution of the world’s largest omnichannel retailer.
Lead a high-performing engineering team, managing hiring, performance, and career growth while fostering an inclusive culture.
Build the security modular platform, driving architecture, design, and implementation with emphasis on scalability, reliability, and low latency.
Execute technical strategy, partnering with architects and principal engineers to shape long-term vision, modernization, AI integration, and security best practices.
Experian is a global data and technology company, powering opportunities for people and businesses around the world. They operate across a range of markets and invest in new advanced technologies to unlock the power of data and to innovate. A FTSE 100 Index company, they have a team of 23,300 people across 32 countries.
Elevate awareness about Application Security and Software Supply Chain Security, making security engaging and accessible.
Deep dive into our supply chain security product suite and emerge as the go-to expert and evangelist.
Showcase our solutions in a way that speaks directly to the needs and challenges of our customers.
Endor Labs is building the Application Security platform for the software development revolution. Modern software is complex and dependency-rich, making it increasingly difficult to pinpoint the risks that truly matter. Endor Labs is backed by leading VC firms and secures code whether it was written by humans or AI.