Source Job

• Act as the technical DRI for the public API platform.
• Partner closely with architecture and product leadership to define long-term platform direction.
• Design and implement shared API capabilities such as OAuth client creation, authorization enforcement, and request validation.

1Password is building the foundation for a safe, productive digital future, innovating the market-leading enterprise password manager and pioneering Extended Access Management. They are one of the most loved brands in cybersecurity, taking a human-centric approach in everything from product strategy to user experience, with over 180,000 businesses trusting their services.

• Building backend integrations with cloud provider's managed databases.
• Working on scalability and resiliency of clusters with 10K+ nodes.
• Implementing advanced HTTPS proxy with identity aware access control.

Teleport is the Infrastructure Identity Company, modernizing identity, access, and policy for infrastructure. They are a fast-growing, well-funded Y-Combinator company that values craft, work/life balance, and embraces a culture of humility, honesty, and transparency.

• Own and lead incident response process and actively investigate events.
• Prioritize alerts based on risk and collaborate with stakeholders for remediation.
• Design, implement, and maintain comprehensive security dashboards and generate periodic reports.

Deel is the all-in-one payroll and HR platform for global teams with a vision to unlock global opportunity for every person, team, and business. As one of the largest globally distributed companies, Deel's team of 7,000 spans more than 100 countries and speaks 74 languages.

• Modernize the identity stack to enable building agentic features.
• Build highly-scalable, fault-tolerant systems in a hybrid monolithic/microservices architecture.
• Work cross-functionally with product managers and business stakeholders to meet customers’ needs.

ezCater is the leading food for work technology company in the US, connecting anyone who needs food for their workplace to over 100,000 restaurants nationwide. They are backed by top investors and value innovation, pragmatism, and transparency in their culture.

• Lead detection engineering initiatives end-to-end, from threat research and design documentation through implementation, testing, and production deployment.
• Partner with Application Security, CTI, and Red Team to conduct threat modelling, translate threat intelligence into actionable detections, and validate detection effectiveness through threat simulation scenarios.
• Create automation and enrichment pipelines that reduce manual context-switching and cognitive load for analysts, improving mean-time-to-detect, analyse, and respond to security events.

Canva is a design platform that enables users to create various visual content. They foster a fun and collaborative environment with flexible work arrangements.

• Lead and scale the Identity Security Platform Engineering organization.
• Deliver secure, scalable, highly resilient API-first services.
• Grow and develop talent: Recruit, mentor, and retain top engineering talent.

1Password is building the foundation for a safe, productive digital future. As one of the most loved brands in cybersecurity, they take a human-centric approach in everything from product strategy to user experience and have surpassed $400M in ARR.

• Act as the Subject Matter Expert (SME) for Endpoint Detection and Response (EDR) tools/process including optimizing configurations/policies, developing custom threat detection rules, and proactively improving security posture.
• Configure, manage, and tune the full suite of security policies within SWG, CASB and ZTNA and assist our remote colleague with seamless experience through troubleshooting end user issues as needed.
• Continuously improve SaaS security posture with SSPM tools and processes around it and collaborate with diverse application owners to understand security control and resolve configuration drifts for our wide range of SaaS applications from baseline.

Deel is the all-in-one payroll and HR platform for global teams with a vision to unlock global opportunity for every person, team, and business. Among the largest globally distributed companies in the world, their team of 7,000 spans more than 100 countries.

• Own the configuration, tuning, and management of our SIEM solution.
• Perform architecture reviews, code reviews, and infrastructure configuration reviews.
• Maintain and optimize a vulnerability management CI/CD pipeline within our container/application delivery infrastructure.

Engine is transforming business travel into something personalized, rewarding, and simple. More than 20,000 companies already rely on Engine to support over 1 million travelers and billions in annual bookings each year.

• Implement and maintain security controls across multi-cloud environments (primarily AWS and Azure, with some GCP and AliCloud) and on-prem infrastructure
• Own IAM strategy and implementation: design and enforce identity, access, and permissions models that are secure, scalable, and practical
• Design and operate key management and custody security controls such as HSMs, secrets management, and secure key handling for trading operations

Auros is a global digital asset liquidity provider operating 24/7 across centralised and decentralised markets. They run high-availability, low-latency systems where resilience and risk discipline matter and treat security as a core engineering and risk function, with direct engagement from senior leadership.

• Design, deploy, and manage security tools and infrastructure to detect and prevent threats across cloud (AWS and GCP), corporate, and product environments.
• Work collaboratively with engineering and product teams to integrate security into the SDLC (Secure Software Development Life Cycle) via threat modeling, code reviews, and automated testing.
• Conduct security assessments, penetration testing, and vulnerability management to identify and remediate risks in our applications and services.

Acorns is a financial wellness app helping people and families save and invest money for the long term. Since 2014, Acorns has grown into a global company with multiple life-stage products serving the needs of kids, teens, adults, and parents.

• Design, deploy, and maintain end-user environments, identity and access management, and networking.
• Enable scaling by automating IT tasks through scripting and system integration via APIs.
• Implement and enforce endpoint security, identity security, and secure onboarding/offboarding processes.

XBOW is redefining the future of cybersecurity by building the world's first autonomous pentester, powered by AI. Backed by Sequoia Capital and a team that includes the creators of GitHub Copilot and GitHub Advanced Security, XBOW is shaping the future of cybersecurity.

• Design, implement, and maintain advanced detection rules across SIEM, EDR, and Cloud platforms.
• Develop complex automated response playbooks for multi-stage incidents and integrate security tools via APIs.
• Co-lead the organization's threat hunting program, defining strategy, methodology, and campaign planning.

AlphaSense is a market intelligence and search platform powered by AI, helping companies make informed decisions with insights from various content sources. With over 2,000 employees globally and offices in multiple countries, they serve over 6,000 enterprise customers, including a majority of the S&P 500.

• Architect, implement and maintain authentication (AuthN) and authorization (AuthZ) systems.
• Champion Zero Trust principles and ensure IAM solutions meet compliance requirements.
• Act as a senior Individual Contributor driving technical decisions and mentoring engineers.

ShipBob is a global supply chain and fulfillment technology platform designed for SMB and Mid-Market ecommerce merchants. They provide access to best-in-class capabilities and aim to deliver a delightful shopper experience; they are headquartered in Chicago.

• Lead cross-team infrastructure security initiatives from design through delivery, owning technical outcomes and stakeholder communication
• Design and implement security solutions for cloud infrastructure, container platforms, and orchestration systems
• Partner with SRE, Infrastructure, and Engineering teams to integrate security into platform services and deployment pipelines

GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Their mission is to enable everyone to contribute to and co-create the software that powers our world.

• Be a key driver in the greenfield implementation of Lime’s enterprise IGA platform.
• Implement, manage, and automate the identity lifecycle to ensure seamless and secure transitions.
• Execute on a high volume of new application integrations for Single Sign-On (SSO) and MFA.

Lime is a global shared micromobility business operating in close to 30 countries across five continents with a mission to build a future where transportation is shared, affordable, and carbon-free. They have powered more than one billion rides globally and continue to set the pace for shared micromobility.

• Lead an engineering team building client-facing enterprise security features.
• Design and implement libraries and microservices in Rust.
• Deliver bring-your-own IdP integrations and modern enterprise authentication flows.

Kraken is a mission-focused company rooted in crypto values. They are committed to industry-leading security, crypto education, and world-class client support, and operate as a fully remote company with Krakenites in 70+ countries who speak over 50 languages.

• Drive and enable proactive identification, analysis, and remediation of security vulnerabilities.
• Respond to manage pen testing and bug bounty programs.
• Work in partnership with Software Architecture, Risk/Compliance, the SRE team, and other partners, to integrate security capabilities into the SDLC.

Subsplash builds The Ultimate Engagement Platform™ for churches, Christian ministries, non-profits, and businesses around the world. They are a family-owned and operated company of 290+ mission-driven people.

• Identify and help mitigate security issues related to Applied’s cloud, datacenter, and Kubernetes infrastructure.
• Implement new and update existing security measures for the protection of Applied’s infrastructure.
• Contribute to the operationalization of Security platforms at Applied.

Applied Systems is transforming the insurance industry with innovative software and services. They have 40+ years of experience and are committed to creating a culture built on values that make them indispensable to each other.

• Hands-on DevSecOps engineer securing ThriveCart's e-commerce platform infrastructure.
• Implement security automation, maintain monitoring systems, and enable engineering teams with security tooling.
• Ensure high availability, providing security tooling/dashboards and aiding developers with findings.

ThriveCart is the leading no-code sales platform for digital course creators, coaches, entrepreneurs, and online businesses looking to boost revenue, drive conversions, and scale audiences. ThriveCart powers over 65,000 businesses and 12 million enrolled students, generating over $2 billion in annual sales.

• Design, build, and maintain security tools, scripts, and automations.
• Partner with Engineering teams to manage and drive remediation of security vulnerabilities.
• Evaluate and prioritize security risks based on industry standards and business context.

Weedmaps is a global leader in the cannabis industry. They are dedicated to transparency, education, and community, serving cannabis to consumers and businesses in the U.S. and worldwide.