Support and maintain the company-wide information security program.
Facilitate IT risk assessments with business units and define acceptable risk levels.
Monitor the external threat environment and advise stakeholders on emerging risks.
Zensurance is a leading InsurTech company redefining commercial insurance for Canadian businesses. They leverage advanced technology and industry expertise to deliver tailored insurance solutions. Zensurance values ownership, collaboration, and innovation within their team, which has been recognized multiple times by Deloitte as a Technology Fast 50/500 company.
Maintain and improve information security policies, standards, and procedures.
Support SOC 2, ISO 27001, and HITRUST readiness, audit preparation, and evidence collection.
Support vendor security reviews, third-party risk assessments, and remediation tracking.
Benepass is making benefits easy through its customizable fintech platform. They enable People teams to implement, administer, and track benefits that meet employees where they are. The company has raised approximately $75 million in equity capital and is backed by leading investors.
Manage the lifecycle of information security policies, standards, and procedures, coordinating reviews and approvals.
Support security awareness initiatives, including training content and phishing simulation campaigns.
Develop governance metrics, dashboards, and reports to track compliance and program effectiveness.
Oportun is a mission-driven financial services company that offers responsible credit, savings, and budgeting tools to help members achieve financial goals. With over $21.3 billion in credit provided and a diverse, inclusive culture, the company serves those left out of the financial mainstream.
Deliver world-class cyber security assessment and advisory services while ensuring customer satisfaction.
Work effectively as a team member on large engagements and remain current on technical knowledge.
Demonstrate GuidePoint’s Core Values at all times: Take Charge and Complete Our Mission.
GuidePoint Security provides trusted cybersecurity expertise, solutions, and services to help organizations make better decisions and minimize risk. They have over 1,200 employees and focus on core values to establish an enjoyable workplace atmosphere.
Translate group security frameworks into practical policies, controls, and procedures.
Build and strengthen a Security-by-Design culture across projects, platforms, and teams.
Support teams in identifying risks, defining actions, and tracking real progress.
Q8 is a well-respected, reliable, and trustworthy energy supplier that has been operating since 1983, with nearly 5,000 service stations in Europe. They are committed to developing a wide range of innovative and sustainable products and services. Their culture is focused on growing together in a digital and inspiring environment of trust, focused on continuous learning.
Respond to customer and prospect security/compliance questions and improve repeatable processes and evidence quality.
Upsun is the cloud application platform for hybrid teams, enabling developers to build, ship, and scale confidently without managing backend infrastructure. The company has a remote, global workforce and fosters a multicultural, open, and inclusive culture with a focus on open source and innovation.
Prepare, develop, and issue policy contracts in compliance with state regulations and company guidelines.
Maintain forms library, assist with policy automation, and ensure timely and accurate fulfillment.
Collaborate with Underwriting, Claims, Legal, and Actuarial teams to deliver high-quality insurance products.
Crum & Forster (C&F) provides specialty and standard commercial lines insurance products through admitted and surplus lines companies, with a history dating to 1822. With over 2000 employees across the US, the company has earned a Great Place to Work award for its employee-first focus and commitment to diversity, equity, and inclusion.
Write and maintain security compliance documentation including agency policies and technical baselines.
Translate federal regulations like NIST and FISMA into clear, actionable policies for technical and non-technical audiences.
Collaborate with system owners and stakeholders to ensure documentation aligns with IT standards and organizational needs.
Valiant Solutions is a security-focused IT solutions provider serving public clients nationwide. Named one of the fastest growing privately held companies and a Best Place to Work, we pride ourselves on an employee-centric culture and work-life balance.
Provide support on regulatory compliance requirements and conduct gap assessments of business unit procedures against global policies.
Collaborate with Legal, Information Security, and business teams to manage compliance risks and support regulatory exams.
Maintain an understanding of business processes, products, and services while participating in exams as a subject matter expert.
Experian is a global data and technology company operating across financial services, healthcare, automotive, and more. With 25,200 employees across 32 countries, they have an award-winning, inclusive, and purpose-driven culture.
Assist in the ongoing development, implementation, and maintenance of the Company’s compliance program.
Develop policies and procedures that provide appropriate guidance and instruction to Company employees.
Lead the development and delivery of compliance training programs for employees at all levels.
Orca Bio is a late-stage biotechnology company redefining the transplant process by developing next-generation cell therapies. They aim to provide significantly better survival rates with dramatically fewer risks. They have a start-up culture of camaraderie and leadership by example.
Play a pivotal role in promoting a culture of security awareness and ensuring the protection of organizational assets against cyber threats.
Monitor various security systems to promptly detect and respond to any security incidents, and lead in investigating security breaches and incidents.
Conduct comprehensive assessments of security risks and evaluate third-party vendor security measures to gauge the effectiveness of existing security controls and identify areas for enhancement.
Numeris is Canada’s most trusted and authoritative source for broadcast measurement and consumer behaviour data. We have been recognized for over 75 years as providing the gold standard in audience intelligence. The company values continuous learning and career advancement opportunities with collaborative, curious, and dedicated teams.
Monitor and ensure compliance with international sanctions regulations.
Manage data protection matters both internally and externally.
Supervise internal compliance processes, including conducting KYC and KYS procedures.
Gcore provides infrastructure and software solutions for AI, cloud, network, and security. They are a global team of 550+ professionals building infrastructure and software that supports the entire digital ecosystem.
Lead and maintain the IT Compliance Program, ensuring alignment with industry best practices and regulatory requirements.
Stay abreast of relevant laws, regulations, and industry standards (e.g. GDPR, ISO 27001, NIS2, SOC 2,...).
Serve as a main point of contact for senior management and stakeholders on regulatory and IT compliance matters.
EcoVadis is the leading provider of business sustainability ratings, offering solutions backed by experts and technology. They analyze data to provide companies with insights into their environmental, social, and ethical risks, fostering a culture of global sustainability change.
Focus on developing and delivering compliance solutions and strategies for Commercial, Defense Industrial Base, and State/Local customers.
Conduct compliance audits, assessments, and gap analyses to identify areas for improvement.
Author policies, plans, and procedures in CJIS and FedRAMP environments while serving as a trusted advisor to customers.
Planet Technologies is the leading provider of Microsoft consulting services to public sector and commercial organizations, specializing in building custom solutions that transform business operations. They are a growing team with collaborative peers and caring leaders, focused on high-profile client projects.
Manage security compliance programs against frameworks like PCI-DSS, NIST, and SOC 1/2, leveraging automation tools for continuous assessment.
Oversee identity and access management, including automated provisioning audits and anomaly detection.
Collaborate with engineering, DevOps, and product teams to integrate compliance into CI/CD and cloud infrastructure.
Prosper is a FinTech company focused on improving financial well-being. It is a growing company with a collaborative culture and offers resources for professional growth and holistic well-being.
Work collaboratively with a team of assessors as a federal compliance specialist, planning and executing assessments for clients.
Draft audit observations, lead interview walkthroughs, and assess security vulnerabilities against appropriate frameworks.
Prepare and review assessment reports, educate clients on compliance activities, and manage priorities to achieve delivery targets.
Coalfire is on a mission to make the world a safer place by solving clients’ hardest cybersecurity challenges. They are thought leaders, consultants, and cybersecurity experts, and a team of passionate problem-solvers with offices across the U.S. and U.K.
Manage security and IT service desk tickets, access controls, and user provisioning.
Administer Atlassian cloud products, endpoint protection, and SOC/SIEM alerts.
Document processes, support compliance, and maintain security best practices.
Bitwarden is the trusted identity security leader for millions of users worldwide, empowering enterprises, developers, and individuals to securely manage and share sensitive information anywhere. The company is headquartered in Santa Barbara, California, and operates as a fully remote team with a collaborative culture.
Conducting KYC and due diligence checks on customers, suppliers, and third parties.
Perform sanctions screening and support investigations into potential matches.
Review high-risk transactions, ensuring proper controls and escalation.
IVC Evidensia, the UK and Europe’s leading veterinary care group, is made up of over 900 practices and referral hospitals, united by a shared purpose of happier animals, happier owners. They support their people to make more impact, access more career opportunities, and play an active role in their local and professional communities.
Drive compliance efforts to unlock business capabilities
Secure Owner by helping teams successfully prevent and remediate vulnerabilities
Help teams build better and more secure systems by avoiding pitfalls of risk.
Owner is an AI-native system local business owners use to succeed, starting with restaurants. It's building the system that replaces the many tools owners use to run their business and powers everything from the restaurant’s website, online ordering, CRM, POS, and more. The team is in the low hundreds.
Serve as primary IT contact, handling hardware/software support, account management, and remote troubleshooting for a remote-first team.
Assist with compliance evidence collection and control testing for SOC 2, GDPR, and PCI obligations.
Maintain accurate audit-ready records, asset inventory, and documentation while supporting off-hours maintenance and small projects.
Velora unifies Aplos, Raisely, and Keela to help nonprofits thrive with fundraising, donor management, and financial tracking. We serve over 15,000 nonprofits globally and operate as a remote-first team with a mission to make nonprofit work easier and more impactful.