Source Job

• Drive the implementation of technical controls and evidence gathering in collaboration with engineering for compliance standards.
• Manage the daily operational reality of audits, customer questionnaires, and internal IT/Security support requests.
• Rapidly prototype and ship internal tools, custom Vanta integrations, and scripts using AI-assisted development to close automation gaps.

Sayari is a risk intelligence provider equipping public and private sectors with visibility into complex commercial relationships. They deliver corporate and trade data from over 250 jurisdictions and are headquartered in Washington, D.C. They were also featured as one of Inc.’s “Best Workplaces” for 2025.

• Lead and mature LiveKit’s security and privacy compliance programs.
• Own the day-to-day operations of compliance workflows.
• Partner closely with Security and IT Engineers on controls design, documentation, governance, and audits.

LiveKit is revolutionizing the AI landscape by providing the network infrastructure that powers multimodal AI interfaces.

• Manage day-to-day IT needs, including device setup, troubleshooting, and software provisioning.
• Lead and coordinate all aspects of our SOC 2 readiness and audit process.
• Own identity and access management (IAM) across all systems and tools.

Found is building tools that give self-employed people the security and peace of mind that has historically only been possible at big corporations.

• Design and implement scalable infrastructure supporting HIPAA, SOC 2, and ISO 27001 compliance.
• Create self-service security tools integrating with developer workflows (GitLab CI/CD, Terraform).
• Lead threat modeling and security architecture reviews for new products and services.

Maven is the world's largest virtual clinic for women and families on a mission to make healthcare work for all of us.

• Configure and manage corporate devices and secure endpoint access across a fully remote team.
• Maintain and secure core SaaS tools such as Okta and Google Workspace.
• Monitor and respond to internal security events and incidents.

XBOW is redefining the future of cybersecurity by building the world's first autonomous pentester, powered by AI.

As an Information Security Officer at Form3, you'll play a pivotal role in strengthening and evolving our information security governance, risk, and compliance practices. Work closely with teams across the organization to embed security into business and technology decisions. Combine strategic oversight with practical execution, ensuring our controls, frameworks, and awareness initiatives remain industry leading as we scale globally.

Form3 is a company that offers a cloud-native, environment while helping define how security scales with the business.

Lead and support customer security audits and respond to security questionnaires. Prepare, coordinate, and manage ISO 27001 audits. Ensure ongoing compliance with HIPAA, NIST CSF, and other regulatory requirements.

OneStudyTeam specializes in speeding up clinical trials and increasing the chance of new therapies being approved with the ultimate goal of improving patient outcomes.

• Perform IT audit engagements (ISO27001) and readiness assessments.
• Evaluate the design and effectiveness of technology controls.
• Communicate IT audit findings to management and identify performance improvement opportunities.

Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance.

• Implement and maintain security measures to protect the organization's information assets and infrastructure.
• Support product and development teams on application security challenges, including threat modeling and architecture reviews.
• Support security incident response, perform root cause analysis, and drive remediation strategies.

insightsoftware is a global provider of comprehensive solutions for the Office of the CFO, transforming how teams operate and empowering leaders.

• Concevoir et piloter des solutions de sécurité pour les produits et les applications internes
• Réaliser des exercices de modélisation des menaces pour les systèmes existants et les nouvelles initiatives produit
• Collaborer avec les équipes d’ingénierie afin d’intégrer la sécurité dans les flux de développement et de livraison

Shakepay aims to reimagine financial services and give every Canadian their fair share by introducing the golden age of Bitcoin. They have built their culture around doing work that matters, winning as a team, and celebrating successes.

As a Compliance and Risk Specialist, you will support the Compliance and Risk team by leading compliance initiatives. You will conduct risk assessments and remediation activities. You will contribute to the development of security strategies for systems deployed globally.

Canadian Bank Note Company (CBN) is a trusted leader in secure technology solutions for governments and businesses worldwide.

• Hardening of cloud based infrastructure.
• Creating/maintaining Vulnerability Management program.
• Implementation of security controls.

TrueAccord, a wholly owned subsidiary of TrueML, is a category-defining company combining machine learning with a human-based approach to transform debt resolution.

• Own Swiftly's security risk register and threat models; identify, prioritize, and drive remediation of risks across application and infrastructure.
• Design secure architectures for our SaaS platform, mobile applications, and IOT/Hardware Integration, focusing on authentication, authorization, data protection, and network boundaries.
• Define and maintain security KPIs and dashboards for executive and board reporting.

Swiftly is on a mission to help cities move more efficiently and is the leading transit data platform for agencies to share real-time passenger information.

Maintain and improve documentation for ISO 9001 and ISO/IEC 27001. Support internal audits, track findings, and monitor corrective and preventive actions. Collaborate with cross-functional teams to enhance quality, security, and operational excellence.

Miratech is a global IT services and consulting company that brings together enterprise and start-up innovation to support digital transformation.

Lead day-to-day activities for SOC 2 and other IT compliance engagements. Guide staff, engage with clients, and play a key role in the delivery of high-quality audits and readiness assessments. Identify control gaps and provide recommendations for remediation.

Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance.

• Lead and scale internal technology operations for a fast-growing, remote-first organization.
• Ensure a secure, efficient, and reliable IT environment, managing internal systems, and driving technology strategy.
• Mentor a small IT team while actively participating in day-to-day operations, collaborating with cross-functional teams.

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements.

• Protecting data, products, and infrastructure against security threats.
• Meeting security and compliance services such as vulnerability management, security updates and upgrades, and intrusion response.
• Staying current with the latest Information Security trends and news.

Bounteous is a premier end-to-end digital transformation consultancy dedicated to partnering with ambitious brands to create digital solutions.

• Improve access controls, endpoint security, and tooling across the company.
• Own and improve WorkOS's identity and access management systems.
• Partner with Infra to implement controls for least privilege, audit logging, and change management.

WorkOS builds tools and services for developers to help them implement authentication, identity, authorization, and overall enterprise readiness.

• Support the audit and assurance teams in performing ISO 27001 certification assessments and related information security audits.
• Assist in audit planning, evidence review, report preparation, and overall quality assurance.
• Handle client ingestion and onboarding activities, perform HubSpot data scrubbing and updates, and register new engagements in Asana and coordinate Insight ONE transfers.

Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance.

Lead and inspire a team of security engineers and SOC analysts focused on cloud security, IAM, vulnerability management, and tooling. Drive the daily execution of security operations and oversee a dynamic SOC environment. Partner with IT, Engineering, DevOps, and GRC to enhance detection capabilities, streamline response, and reduce organizational risk.

Daxko builds the software that powers fitness, wellness, and community organizations—everything from member management and payments to digital engagement and analytics.