Conduct security assessments using SAST, DAST, and SCA tools to identify vulnerabilities.
Perform code reviews and provide secure coding guidance to development teams.
Evaluate AI/ML model security and implement protections against prompt injection.
Hims & Hers is a health and wellness platform focused on providing affordable and personalized care. They are a public company traded on the NYSE, committed to a talent-first flexible/remote work approach featuring outstanding benefits and a strong culture.
Identify, analyze, and reduce application-layer security risk.
Triage, validate, and prioritize findings from automated security tools and external researchers.
Work with engineering, vulnerability management, and security operations teams to address findings.
Upwork is the world’s work marketplace, serving startups to Fortune 100 companies. They provide a platform that enables companies and talent to work together to unlock their potential, with over $3.8 billion of work done through Upwork last year.
Create, manage, and maintain the application security strategy and roadmap.
Develop, execute, and track the performance of security measures to protect Alma’s data, applications, and systems.
Build and provide high-quality application security documentation and training to engineers.
Alma simplifies access to high-quality, affordable mental health care by making it easy and financially rewarding for therapists to accept insurance. Alma has over 20,000 therapists in their growing network and was named one of Inc’s Best Workplaces in 2022 and 2023.
Own and operate n8n’s vulnerability intake and triage process, including the [email protected] inbox
Define and maintain security policies, standards, and public-facing disclosure documentation
Embed security into the software development lifecycle through threat modeling, design reviews, and pragmatic guardrails
n8n is the open workflow orchestration platform built for the new era of AI. They give technical teams the freedom of code with the speed of no-code, so they can automate faster, smarter, and without limits. Since their founding in 2019, they’ve grown into a diverse team of over 160.
Integrate security activities across all SDLC phases: requirements, design, implementation, testing, deployment, and maintenance.
Run threat modeling sessions (e.g. STRIDE) for new and existing systems; identify threats, attack paths, misconfigurations, and insecure design patterns.
Perform security-focused code reviews to identify vulnerabilities and risky implementations; provide clear, actionable guidance on secure coding patterns and best practices.
Infiterra's B2B SaaS platform helps IT Distributors and Managed Service Providers (MSPs) automate and grow their subscription business. With 100+ customers in 75 countries, they're recognized for innovation and global impact. Infiterra fosters a collaborative and growth-oriented culture, allowing you to be part of a dynamic, forward-thinking team.
Drive and enable proactive identification, analysis, and remediation of security vulnerabilities.
Respond to manage pen testing and bug bounty programs.
Work in partnership with Software Architecture, Risk/Compliance, the SRE team, and other partners, to integrate security capabilities into the SDLC.
Subsplash builds The Ultimate Engagement Platform™ for churches, Christian ministries, non-profits, and businesses around the world. They are a family-owned and operated company of 290+ mission-driven people.
Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem.
Bring security best practices to the software development lifecycle.
Work to find security vulnerabilities through grey-box techniques, and propose solutions at the architecture and code level to mitigate findings.
Webflow is building the world’s leading AI-native Digital Experience Platform as a remote-first company. They empower teams to design, launch, and optimize for the web without barriers, with trust, transparency and creativity as their core values.
Drive security of systems at scale and influence security strategy.
Integrate security into our SDLC with a shift-left approach.
Build a culture where security empowers developers through best practices.
Boulevard provides a client experience platform for appointment-based, self-care businesses, empowering customers to enhance client experiences. They are a team that values diverse backgrounds and believes in equal opportunity, fostering an inclusive culture where employees can excel.
Design, build, and maintain security tools, scripts, and automations.
Partner with Engineering teams to manage and drive remediation of security vulnerabilities.
Evaluate and prioritize security risks based on industry standards and business context.
Weedmaps is a global leader in the cannabis industry. They are dedicated to transparency, education, and community, serving cannabis to consumers and businesses in the U.S. and worldwide.
Support the sales team by running demos for prospective customers
Run Proof-of-Value (PoV) engagements to demonstrate the value of the XBOW platform
Conduct technical discovery and requirements gathering during the sales process
XBOW is redefining the future of cybersecurity by building the world's first autonomous pentester, powered by AI. Backed by Sequoia Capital and Altimeter, and a team that includes the creators of GitHub Copilot and GitHub Advanced Security, XBOW is shaping the future of cybersecurity.
Analyze and assess security issues via design reviews, code audits, and penetration tests.
Design and build security tools, and develop mitigations and hardening strategies.
Review and develop secure operational practices, and provide security guidance for engineers.
Aptos Labs is building a people-first blockchain that aims to provide universal and fair access to decentralized assets in a safe and scalable way. Founded by original creators/maintainers of the Diem blockchain, they value diversity and are an Equal Opportunity Employer.
Own and lead the delivery of large, multi-quarter Application Security and Engineering initiatives.
Improve existing complex application security architectures and provide guidance for securing AI-based workflows.
Proactively identify emerging industry threats and act as Incident Commander for large-scale security incidents.
Wrapbook provides a unified payroll platform that seamlessly connects your entire team in one place. It empowers production teams to manage projects, pay cast and crew, track expenses, and generate data-driven insights. With a growing team of 250+ people across the USA and Canada, Wrapbook is backed by top-tier investors and has raised $130M.
Implement security automation, maintain monitoring systems, and enable engineering teams with security tooling.
Ensure high availability, providing security tooling/dashboards and aiding developers with findings.
ThriveCart is the leading no-code sales platform for digital course creators, coaches, entrepreneurs, and online businesses looking to boost revenue, drive conversions, and scale audiences. ThriveCart powers over 65,000 businesses and 12 million enrolled students, generating over $2 billion in annual sales.
Partner with Enterprise AEs and AMs to secure the technical win on Vanta’s most complex, strategic deals.
Own and execute the Solution Validation (Managed Pilot) process to prove technical feasibility and eliminate risk.
Act as the ‘Voice of the CISO’ by consolidating strategic product gaps and collaborating with Product and Engineering teams to influence product enhancements.
Vanta helps businesses earn and prove trust by enabling companies to practice better security and prove it with ease. They have a kind and talented team, and while some have prior security experience, many have been successful without it.