Source Job

• Lead the ongoing maintenance and operation of secure cloud infrastructures, focusing on AWS and cloud-native technologies.
• Secure applications built for cloud environments by automating security assessments, monitoring runtime environments, and integrating security practices into the development lifecycle.
• Implement robust security controls for cloud workloads and data, including containers, virtual machines, and serverless architectures.

Ro is a direct-to-patient healthcare company with a mission of helping patients achieve their health goals by delivering the easiest, most effective care possible. Ro is the only company to offer nationwide telehealth, labs, and pharmacy services and is recognized as a top workplace, earning more than 20 honors since 2021.

• Design, implement, and improve security controls across our entire fleet.
• Lead the technical direction for cyber security defense, covering enterprise posture management, threat detection, and vulnerability management.
• Partner with ITOps, SysOps, DevOps and XOps to embed security into the core of our architecture and change management processes.

Wrike is a powerful work management platform designed to facilitate collaboration, enhance productivity, and enable teams to concentrate on meaningful work. They foster a hybrid work environment and value innovation, customer focus, collaboration, creativity, and commitment.

• Design and maintain secure architectures across AWS, Azure, and GCP environments.
• Collaborate with DevOps and Engineering to integrate security into CI/CD pipelines.
• Monitor alerts, investigate incidents, and coordinate responses with the SOC.

Reveleer provides a cloud-based healthcare SaaS platform. They are an equal opportunity employer that values diversity and does not discriminate based on race, religion, or other protected characteristics.

• Collaborates with the CSO Team to support the development, maintenance, and implementation of security standards.
• Partner with IT to support the secure implementation of access controls and identity management
• Participate in and contribute to initiatives for operating system, Docker images, Kubernetes/GKE and configuration hardening in the public cloud

Bestow is a leading vertical technology platform serving some of the largest and most innovative life insurers. They unify the fragmented, legacy value chain, enabling carriers to launch products in weeks instead of years. Bestow is backed by leading investors and trusted by major carriers.

• Contribute to the Infrastructure Security team’s vision and strategic roadmap.
• Manage an existing high-performing team of infrastructure security professionals and hire new members as appropriate.
• Establish and implement security policies, procedures, standards, and guidelines in support of infrastructure security.

GitLab is the intelligent orchestration platform for DevSecOps. They enable organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. GitLab has more than 50 million registered users and is a high-performance culture is driven by their values and continuous knowledge exchange.

• Embed security into CI/CD pipelines and own secure controls.
• Lead the process of vulnerability and patch management, automating discovery.
• Strengthen cloud and Kubernetes environments through secure configurations.

Alpaca is a US-headquartered self-clearing broker-dealer and brokerage infrastructure provider for stocks, ETFs, options, crypto, fixed income, and more. They are a dynamic team of 230+ globally distributed members committed to opening financial services to everyone.

• Maintain, optimize, and enhance on-premises and cloud computing environments.
• Execute technical aspects of implementation projects, ensuring seamless software integration and customization.
• Automate Infrastructure-as-Code (IaC) to manage virtual machines and deploy containers, services, and other infrastructure.

Striveworks helps organizations harness AI to solve national security and business challenges, acting as a command center for data and models. Founded by data scientists and engineers, they aim to simplify the deployment and optimization of AI systems, ensuring reliability and scalability.

• Secure cloud-based environments by designing and implementing native security solutions using services.
• Drive Continuous RMF practices, automating control implementation and reporting through modern methodologies like Continuous Authorization to Operate.
• Automate provisioning and configuration of IT environments and implement and manage security measures like firewalls, IDS/IPS, vulnerability scanning, encryption, and ICAM solutions.

Rise8 builds custom, secure software for government organizations, measuring success by impact: lives saved, time returned, and missions advanced. They believe customer experience starts with employee experience, so they take care of their employees and offer competitive pay and benefits, autonomy, growth, and a culture rooted in kindness, candor, and continuous learning.

• Design, implement, and operate security controls across Corporate IT environments and the Kinaxis Maestro SaaS platform, aligned with approved standards and architectures.
• Lead security engineering efforts for complex initiatives such as cloud migrations, SaaS integrations, container and Kubernetes adoption, and platform modernization.
• Contribute to detection engineering and monitoring capabilities that enable early identification of threats and control failures.

Kinaxis is a global leader in modern supply chain orchestration, powering complex global supply chains, and supporting the people who manage them. They have grown to become a global organization with over 2000 employees around the world and are winners of several Top Employer awards globally.

• Build AI agents that handle vulnerability triage, automated security reviews of PRs, and initial incident forensics at scale.
• Build systems that automatically detect and remediate security gaps across AWS, GCP, and Azure -- configuration drift, IAM misconfigurations, vulnerable dependencies, exposed secrets.
• Lead threat modeling, security reviews, and risk assessments across web applications, APIs, and services.

Atlan is building the missing context layer for data and AI, helping enterprises close the AI value chasm. They connect to every part of the modern data and AI stack to unify this context into a single, shared layer that both humans and AI agents can rely on.

• Responsible for security and integrity of the underlying infrastructure.
• Developing and maintaining tools for Global Security to deliver vulnerability management platforms.
• Vigilantly understand and mitigate security threats before they arise.

Docplanner is dedicated to making the healthcare experience more human by empowering patients and providing doctors with technology to manage bookings and save time. They operate in 13 countries, serving over 90 million patients monthly, and employ over 2,500 people globally.

• Perform implementation of CNAPP and CSPM tools in multi-account AWS and Azure environments.
• Implement IaC scanning tools within the CI/CD Pipelines.
• Develop Infrastructure as code in Cloud Formation or Terraform.

GuidePoint Security provides cybersecurity expertise, solutions and services to help organizations make better decisions and minimize risk. They have over 1,200 employees and have established strategic partnerships with leading security vendors.

• Architect, build, and maintain GitLab Pipelines for seamless application deployment.
• Design, deploy, and manage infrastructure across AWS GovCloud, edge, and Navy networks using Terraform, Ansible, and GitLab.
• Engineer automated processes for RHEL image hardening and execute automated STIG checklists.

LMI accelerates government impact with digital solutions and innovation. They bring commercial-grade platforms and mission-ready AI to federal agencies, focusing on agility and collaboration across defense, space, healthcare, and energy sectors.

• Own and drive the company’s security strategy, roadmap, and overall posture
• Lead threat modeling, secure code reviews, and architecture reviews
• Build and maintain security tooling, automation, and infrastructure as code

Seesaw's mission is to provide every elementary student with joyful and connected learning experiences that lay the foundation for success in life. Trusted and loved by 25 million educators, students, and families worldwide, Seesaw is the only elementary learning experience platform.

• Own edge governance and traffic analysis using Cloudflare, monitoring for threats and implementing real-time countermeasures.
• Lead the vulnerability management program, including triaging third-party researcher reports and coordinating fixes between external researchers and internal engineering teams.
• Design and execute proactive offensive security strategies, including internal penetration tests focused on real-world attack paths and business logic flaws.

Donorbox is a leading fundraising platform and donor management system for nonprofit organizations. The company is a profitable, bootstrapped, and fully distributed team of about 150 people based in over 16 states and 23 countries, known for building trusted products and being recognized as a great place to work.

• Responsible for designing, implementing, and operating security controls that protect cloud‑native platforms and workloads across public cloud environments.
• Partners closely with engineering, DevOps, and architecture teams to ensure cloud services are secure by design and compliant with regulatory requirements.
• Provides security oversight and engineering support for AI‑enabled capabilities used across the Pismo platform, ensuring alignment with security controls.

Pismo, founded in 2016, provides a comprehensive processing platform for banking, card issuing, and financial market infrastructure, helping customers innovate and build next-generation banking and payment solutions. Pismo has over 500 employees across more than 10 countries and joined Visa in 2024.

• Administer and maintain AWS and/or Azure environments.
• Design and maintain infrastructure using Terraform.
• Implement and maintain secure secrets management practices.

DEFCON AI leverages artificial intelligence, mathematical optimization, data analytics, and software engineering for resilient optimization of complex systems. Their technology aligns outcomes with operational goals and empowers customers to anticipate, assess, and mitigate the impacts of disruptions.

• Work with other Engineering teams to design sustainable infrastructure and microservice solutions.
• Automate tools and infrastructure to reduce manual work.
• Monitor applications and participate in an on-call rotation as required.

Bloomreach is building the world’s premier agentic platform for personalization, revolutionizing how businesses connect with their customers by building and deploying AI agents to personalize the entire customer journey. They power personalization for more than 1,400 global brands.

• Contribute to automated response patterns for security alerts.
• Embed security controls into CI/CD pipelines.
• Support governance controls for secure AI usage.

Oddball builds products when companies understand what they are working on. They value learning, growth, and the ability to make a big impact at a small company.

• Build, operate, and continuously improve secure cloud platforms.
• Deliver reliable, scalable SaaS environments for customers.
• Support Engineering and Security across teams.

Juvare is a SaaS software company focused on developing innovative enterprise resilience solutions for government agencies, corporations, healthcare providers, and higher education. Juvare solutions have supported over 500,000 emergency response incidents in all 50 states and 20 countries worldwide.