Lead end-to-end audit execution across SOC 2, ISO 27001, ISO 42001, ISO 27701, HIPAA, and GDPR and maintain year-round audit readiness.
Build and mature Atlan's risk management program and turn abstract risk conversations into measurable metrics with clear ownership and quarterly leadership reviews.
Integrate our GRC platform with cloud infrastructure, CI/CD pipelines, HR systems, and product engineering tooling to automate evidence collection and continuous control testing.
Atlan is building the missing context layer for data and AI, helping enterprises close the AI value chasm and finally move AI pilots into production. We are backed by world-class investors including GIC, Insight Partners, Meritech, Peak XV, and Salesforce Ventures and trusted by global enterprises like Mastercard, Workday, General Motors, Unilever and others.
Support CapIntel’s Governance, Risk, and Compliance program
Manage third-party risk and customer security reviews
Support operational security, privacy, and security awareness initiatives
CapIntel is a software platform built for wealth management enterprises to help financial advisors explain complex investment strategies to their clients. Since launching in 2019, CapIntel has seen rapid adoption and industry recognition, earning top placements in Deloitte’s Technology Fast 50 Canada and Fast 500 North America in 2025, ranking us among the fastest -growing technology companies.
Vendor and contractor risk assessment process during onboarding, adhering to a defined Service Level Agreement (SLA).
Conduct annual vendor monitoring and re-assessment processes for existing vendors.
Maintain the vendor inventory and collaborate with vendors on an ongoing basis to reduce identified risks.
Juniper Square's mission is to unlock the full potential of private markets by digitizing them and bringing efficiency, transparency, and access. They have a values-driven organization that offers employees a variety of ways to work, ranging from a fully remote experience to working full-time in one of their physical offices.
Collaborate with business leadership, Legal, Procurement, and Cyber to review terms and conditions.
Track status of risk remediations in the risk register with business stakeholders.
Contribute to overall program enhancements and drive automation with various IT and Cybersecurity stakeholders.
NBCUniversal is a leading global media and entertainment company creating content across film, television, and streaming. They operate theme parks and own brands like NBC, Telemundo, and Universal Pictures. The company values improving communities and promotes an inclusive culture to reflect the diversity of the world.
Perform GRC functions and maintain the Cyber Security Risk register.
Execute third party risk processes for cyber and perform/execute on awareness programs and phishing processes.
Liaise with the vendor management (VM) team to conduct security assessments of existing and prospective vendors.
Warner Music Group is a global collective of music makers and music lovers, tech innovators and inspired entrepreneurs, game-changing creatives and passionate team members. They turn dreams into stardom and audiences into fans. WMG is committed to creating a work environment that actively values, appreciates, and respects everyone and encourages applications from people with a wide variety of backgrounds and experiences.
Own monitoring of post-sales SME delivery programs including milestones, dependencies, risk tracking, and stakeholder comms.
Lead cross-functional alignment by coordinating with customer success managers, GRC SMEs, and Product to unblock customer outcomes.
Standardize + scale playbooks: Define repeatable processes for framework mapping and customer patterns to reduce time-to-value.
Vanta's mission is to help businesses earn and prove trust through continuously monitored and verified security. They empower companies to practice better security and prove it with ease with the help of their kind and talented team.
Own and evolve the GRC program in partnership with Legal and our CCO.
Develop, maintain, and enforce clear, practical security policies across all departments.
Develop and execute a comprehensive information security roadmap aligned with business objectives.
Allocate is a fintech company handling sensitive investor data and financial transactions. They are a rapidly growing organization that values client service, relentless problem-solving, and continuous improvement.
Conduct audits of selected security controls by reviewing assessment responses and validating technical details within engineering work items.
Interface directly with engineering teams to gather additional data, perform interviews, and assess adherence to SDL expectations.
Develop automation, durable controls, and process improvements to support the security auditing function and the broader SDL program.
Blueprint Technologies is a technology solutions firm headquartered in Bellevue, Washington. They are unified by a shared passion for solving complicated problems, and our people are their greatest asset.
Lead end-to-end audits: Scope, plan, and execute risk based IT audits; develop work programs.
Operate in rapidly evolving technology domains: Perform audits in rapidly evolving areas including cybersecurity and cloud architecture.
Drive remediation & improvement: Quantify risks, identify root causes, and recommend realistic improvements to processes and controls.
CDK Global is a leading provider of cloud-based software to dealerships and Original Equipment Manufacturers (“OEMs”) across automotive and related industries. Their cloud-based, software as a service (“SaaS”) platform enables dealerships to manage their end-to-end business operations. They are committed to creating an inclusive workforce where everyone is valued and considered an Equal Opportunity Employer.
Oversee third-party and internal risk assessments to support enterprise information security and governance, risk, and compliance (GRC) initiatives.
Manage vendor due diligence, maintains an accurate risk register, partners with internal stakeholders on mitigation strategies.
Drive continuous improvement of the risk and compliance framework.
Concorde Career Colleges is committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee based on race, color, religion, religious creed, national origin, ancestry, sex, age, veteran or military status, or any other legally protected characteristic. Concorde Career Colleges offer short career-focused programs preparing students for the healthcare industry.
IFS is a billion-dollar revenue company with 7000+ employees on all continents. Their leading AI technology is the backbone of their award-winning enterprise software solutions, enabling customers to be their best when it really matters–at the Moment of Service™.
Lead, coach, and grow a team of highly effective engineers, fostering a culture of continuous learning and high performance.
Own the end-to-end vulnerability lifecycle, ensuring the organization meets strict remediation SLAs and prioritizes risks based on actual business impact.
Partner with DevOps and Engineering teams to integrate security earlier in the SDLC, ensuring vulnerabilities are identified and remediated during the design and build phases.
ServiceNow is a global market leader that brings innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500. Their intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work.
Deliver GitLab Professional Services engagements, including installation, migration, training, and advisory services across GitLab capabilities.
Lead migrations from multiple source systems to GitLab SaaS or self-managed GitLab, helping customers adopt secure, reliable workflows.
Serve as a trusted technical advisor for customers, translating goals and constraints into practical implementation plans and clear next steps.
GitLab is the intelligent orchestration platform for DevSecOps. They enable organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. The company has more than 50 million registered users and a high-performance culture.
Ensure high availability, fault tolerance, and scalability of cloud services.
Optimize performance and cost efficiency across AWS environments.
Implement security best practices and SOC 2 compliance monitoring.
BlastPoint is a B2B data analytics startup located in Pittsburgh. They empower companies to engage with customers more effectively by discovering the humans in their data and understanding customer journeys; they are a tight-knit, forward-thinking team.
Collaborate with specialist teams to develop and execute the company's technology, security, and AI strategy.
Oversee all IT operations including Helpdesk/Service Desk, Systems Operations, Infrastructure/Network Operations, and End-user Computing/Device Management.
Lead incident, problem, and change management processes, ensuring timely resolution of issues and minimal business disruption.
GuidePoint Security provides cybersecurity expertise, solutions, and services to help organizations make decisions and minimize risk. They have over 1,200 employees and have established strategic partnerships with security vendors, serving as a trusted advisor to more than 6,200 customers.
You create, build, test, deliver and support infrastructure, automation, and employees tooling
Architect and maintain a Zero Trust corporate infrastructure
You lead infrastructure changes, evolve system design and foster good engineering practices
Air Up makes bottles that unbore water with flavor by scent. Behind it all are teams pushing boundaries every day with professionalism and passion, and it's refreshingly low politics and ego.
Maintain documentation for ISO/IEC 27001 & ISO/IEC 42001; improve activities.
Extract security requirements from client MSAs; identify gaps and risks.
Coordinate internal and client audit requests; collect evidence.
Avalere Health's mission is to ensure every patient is identified, treated, supported, and cared for. They bring Advisory, Medical, and Marketing teams together to forge unconventional connections, building a future where healthcare is not a barrier and no patient is left behind.
Lead audit readiness and execution for SOC 2, ISO 27001, PCI DSS, and other compliance frameworks relevant to our customer base
Manage the compliance lifecycle in a compliance platfom (such as Vanta, Drata etc) including evidence collection, control mapping, and continuous monitoring
Coordinate cross-functional audit activities with engineering, product, security, infrastructure, and support teams to gather evidence and remediate findings
Supabase is a born-remote and open-source-first company that provides tools developers love. They have 180+ team members across 40+ countries, and deeply believe in the open-source ecosystem and strive to support existing tools and communities.
Lead and grow a high-performing security engineering team.
Own cloud security architecture for AWS.
Embed security into the SDLC: threat modeling, secure coding guidance, code scanning, dependency controls, build-time checks, and release gates.
Keyrock is a leading change-maker in the digital asset space, known for partnerships and innovation. They have over 180 team members around the world from 42 nationalities, with backgrounds ranging from DeFi natives to PhDs, with hubs in London, Brussels, Singapore and Paris.
Conduct structured interviews with partner organizations, operational teams, and technical stakeholders.
Documents end‑to‑end operational workflows and surface implicit, non‑documented practices.
Identify workflow fragility zones, handoff risks, and transition‑period vulnerabilities.
Element serves as a partner at the intersection of innovation and our clients' needs, efficiently crafting meaningful user experiences for government and commercial customers. Our talented professionals bring unparalleled energy engagement, setting a higher standard for impactful work.