Embed security into the SDLC by partnering with Engineering to implement secure design patterns, conduct threat modeling, and deliver developer-focused AppSec training.
Lead and perform application security assessments including SAST, DAST, SCA, and manual code review across web, mobile, and API surfaces.
Own and mature the vulnerability management program, including prioritization frameworks, SLA tracking, and cross-functional remediation coordination.
Branch is on a mission to empower workers with financial freedom by helping companies accelerate payments and providing working Americans with accessible, free financial services. They are committed to building inclusive and transparent financial products while valuing diversity of opinions and working styles, fostering innovation, and promoting teamwork.
Integrate security activities across all SDLC phases.
Partner closely with engineering teams to ensure secure development practices.
Review security controls for new features, services, and architectural changes.
Infiterra simplifies subscription service delivery, enabling IT distributors, Managed Service Providers (MSPs), and telcos to succeed in the subscription economy. They are recognized as a global leader in subscription commerce, combining innovation, performance excellence, and trusted expertise to help partners transform and grow.
Implementing and maintaining Application Security Testing tools to identify code and dependency vulnerabilities during the software development lifecycle.
Implementing and maintaining Application Security Posture Management tools to centralize findings from multiple solutions and integrate into software development processes.
Acting as the first line of support for users helping resolve false positives, providing guidance on finding remediation, and evaluating security exception requests.
AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. They strive to have a remarkable impact on people's lives across several key therapeutic areas including immunology, oncology and neuroscience.
Collaborate with internal teams to define the scope of application security testing activities.
Plan and carry out application security testing in all phases of the software development life cycle to identify vulnerabilities.
Assess discovered vulnerabilities and recommend solutions to reduce risk and mitigate security impacts to the application environment.
Clear Capital is a national real estate analytics, data solutions and valuation technology company with a simple purpose: to build confidence in real estate decisions to strengthen communities and improve lives. They value commitment, integrity, kindness, and attention to detail, providing a mission-driven environment where work makes a measurable impact.
Support the design and implementation of secure application architectures under guidance from senior engineers.
Apply secure coding practices and assist in threat modeling and vulnerability assessments.
Conduct and support application security testing (SAST, DAST, SCA, and manual reviews).
Edgesource Corporation is an innovative technology service provider for the Department of Defense (DOD), Department of Homeland Security (DHS), Department of State (DOS), the U.S. Intelligence Community, Law Enforcement, and other federal, state, and commercial clients locally, nationally, and abroad. They are an ISO 9001:2015 certified and CMMI Level 3 appraised small business specializing in providing a variety of technical solutions.
Participate in threat modeling exercises with engineering team members
Triage SCA/SAST/DAST/CSPM findings by eliminating false positives and providing well-vetted vulnerabilities to engineering teams
Support vulnerability management efforts for networks and infrastructure
They offer a SaaS-based Global Employment Platform that enables clients to expand into over 180 countries. Their diverse, remote-first teams are essential to their success, fostering innovation and valuing every contribution.
Own and lead Limble’s application security program, partnering with the Head of Information Security and key stakeholders to define strategy and roadmap.
Perform hands-on security work including threat modeling and secure design reviews, using engagements as opportunities to educate and influence engineering decisions.
Partner with engineering teams to triage, prioritize, and remediate vulnerabilities across the platform.
Limble empowers the unsung heroes who support the world by revolutionizing how businesses manage their maintenance operations. They provide a comprehensive suite of software solutions to optimize asset performance and drive operational excellence; their CMMS platform features streamline operations and enhance productivity.
Own and evolve vulnerability management end-to-end.
Embed secure design principles across mobile applications, APIs, and microservices.
Partner closely with engineering teams to remediate security issues.
Smart Working connects skilled professionals with global teams for full-time, long-term roles. They help you discover meaningful work with teams that invest in your success, where you’re empowered to grow personally and professionally.
Support the ISSM in managing security requirements and documentation throughout the SDLC.
Review Merge/Pull Requests for security implications and adherence to secure coding standards.
Analyze CI/CD pipeline security outputs, including SAST, DAST, SBOM findings, and CVSS scoring.
CommIT Enterprises, Inc. is a Certified Veteran-Owned Small Business (CVOSB) providing innovative technical engineering and data science services. Established in 2001, our enterprise systems support includes the Department of Defense’s (DoD) GCSS-MC, CAC2S, TBMCS-MC, and the Department of Veteran’s Affairs’ (VA) telehealth communications.
Bridge Security and Development, empowering engineering teams to deliver secure code.
Integrate security into the Software Development Life Cycle (SDLC) for AI-driven applications.
Conduct penetration tests and monitor application resilience.
EcoVadis is the leading provider of business sustainability ratings. Their solutions are backed by an international team of experts and powerful technology that analyzes data and builds sustainability scorecards, giving companies actionable insights into their environmental, social, and ethical risks.
Assist with the delivery of Application Security services.
Contribute to Application Security research projects.
Maintain a strong desire to learn, adapt, and improve along with a rapidly-growing company
GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make better decisions and minimize risk. Since its inception in 2011, GuidePoint has grown to over 1,200 employees and established strategic partnerships with leading security vendors.
Own and enforce DevSecOps practices across CI/CD pipelines.
Drive vulnerability identification, triage, and remediation across infrastructure and applications.
Act as the primary security SME for the engineering organization.
Teramind is pioneering a predictive, AI-driven approach to safeguarding organizations' people, data, and operations. As a global leader in user behavior analytics, insider risk management, and workforce intelligence, we empower businesses to transform data into a strategic asset.
Build AI agents that handle vulnerability triage, automated security reviews of PRs, and initial incident forensics at scale.
Build systems that automatically detect and remediate security gaps across AWS, GCP, and Azure -- configuration drift, IAM misconfigurations, vulnerable dependencies, exposed secrets.
Lead threat modeling, security reviews, and risk assessments across web applications, APIs, and services.
Atlan is building the missing context layer for data and AI, helping enterprises close the AI value chasm. They connect to every part of the modern data and AI stack to unify this context into a single, shared layer that both humans and AI agents can rely on.
Work cross-functionally with the InfoSec, SRE, and Engineering teams.
Check code and repositories for insecure coding practices and work with Engineering teams to remediate.
Implement security checks and practices within CI/CD pipelines to ensure secure code deployment and infrastructure.
Roadie, a UPS Company, is a logistics management and crowdsourced delivery platform. Founded in 2014, Roadie offers businesses fast, flexible and asset-light logistics solutions for last-mile delivery.
Design, implement, and manage the integration of security tooling into CI/CD pipelines.
Develop and maintain automation scripts to streamline security processes and workflows.
Own the vulnerability management lifecycle: identification, triage, prioritization, and reporting.
MoonPay is a unified payments platform for digital currency, making it easy for anyone to buy, sell, swap, and pay in digital currencies. Trusted by over 30 million customers and over 500 ecosystem partners, MoonPay's secure, enterprise-grade platform is driving mainstream crypto adoption worldwide.
Own product-level security across backend services, infrastructure, and CI/CD pipelines.
Lead threat modeling and security reviews for new features and architectural changes.
Identify high-impact, systemic security risks and drive long-term, preventive solutions.
Solflare is a fast-growing crypto wallet that aims to build a powerful gateway to Web3. Founded in 2021, Solflare has nearly 140 employees with offices in Zagreb, Belgrade, and Novi Sad, and it takes on bold challenges with curiosity, grit, and a deep sense of accountability in its culture.
Perform security reviews of our current and future product and service portfolio.
Be the security subject matter expert for product architects and engineers for threat modeling.
Find new and novel ways to identify and resolve security vulnerabilities in our products.
Palantir builds software for data-driven decisions and operations, empowering partners to develop lifesaving drugs, forecast supply chain disruptions, and locate missing children. They value excellence and encourage employees to work from their offices to foster connectivity and innovation.
Conduct threat models and train engineers on threat modeling techniques to identify and prioritize risks of potential vulnerabilities and define possible mitigations.
Develop, document and maintain the security standards and design patterns used by engineers to deliver consistent, secure code and features.
Research the threat landscape, regulatory considerations, and customer requirements relevant to Outreach’s business, and recommend solutions to address known and potential threats by defining and applying appropriate security requirements.
Outreach, founded in 2014, is the only complete agentic AI platform for revenue teams that infuses agentic AI, conversation intelligence, and assistive AI to power hundreds of use cases across revenue motions. World leading enterprise organizations use Outreach to power their revenue teams.
Helping define the security operations roadmap by designing and implementing long term strategies
Improve and maintain processes, tooling, documentation and training to mature and enhance cybersecurity incident response
Design, implement and maintain security events monitoring systems
Docplanner empowers patients by giving them access to leave and read reviews about their visit and also provides doctors with the technology to manage bookings easily and save time. They are leaders in 13 countries with over 2,500 employees globally, maintaining a startup-mindset.
Lead security efforts across infrastructure, applications, internal systems, and employee devices
Identify risks and vulnerabilities across the organisation and ensure they are addressed
Establish scalable security processes and best practices across teams
LI.FI is dedicated to fostering a workplace that values and respects each team member's unique contributions. They value differences and encourage individuals of all backgrounds to apply.