Define and evolve a multi-year enterprise security roadmap aligned to business objectives and risk appetite across all business units.
Lead the unification of security programs, toolsets, and policies inherited from Transact and CBORD into a single enterprise-class operation.
Own and maintain compliance programs including SOC 2, PCI DSS, HITRUST, TX-RAMP, GovRAMP, FERPA, and HIPAA, securing SaaS platforms and cloud environments.
Illumia provides secure, intelligent technology solutions to streamline operations for education, healthcare, and corporate enterprises. As a portfolio company of Roper Technologies with over 1,750 client institutions, we foster an inclusive culture built on values of Authenticity, Responsibility, Passion, and Excellence, empowering diverse teams to deliver their best work.
Own and operate the end-to-end enterprise cybersecurity program, including strategy, architecture, operations, governance, and compliance.
Establish a multi-year security roadmap aligned with business priorities, technology evolution, and regulatory requirements.
Define and execute a strategy for AI-assisted cybersecurity operations, leveraging machine learning, automation, and advanced analytics to enhance detection and response capabilities.
Natera is a global leader in cell-free DNA (cfDNA) testing, dedicated to oncology, women’s health, and organ health. They aim to make personalized genetic testing and diagnostics part of the standard of care. Their team consists of highly dedicated statisticians, geneticists, doctors, laboratory scientists, business professionals, software engineers and many other professionals from world-class institutions, who care deeply for their work and each other.
Lead end-to-end PCI DSS compliance, including CDE scoping and reduction, control implementation/validation, and audit management.
Lead and support SOC 2 Type II attestation initiatives, including TSC mapping, evidence collection, control testing, and remediation tracking
Own the Third-Party Risk Management (TPRM) program, including vendor tiering, risk assessments, and security reviews
HighLevel is an AI-powered business operating system that gives agencies, entrepreneurs and SMBs the infrastructure to build, automate and scale. With over 2,000 team members across 10+ countries, HighLevel operates as a global, remote-first organization built for speed and ownership.
Support the execution and continuous improvement of Qohash’s security program.
Support risk assessments, track identified risks, and help coordinate remediation efforts.
Maintain security policies, standards, awareness materials, and support internal security training initiatives.
Qohash is building a foundational pillar of Canada’s digital sovereignty, believing security must scale differently. They look for bold, mission-driven individuals with technical depth and strategic clarity who collaborate across disciplines to protect sensitive data.
Apply compliance frameworks to assess, design, and implement security controls.
Conduct compliance gap assessments and develop remediation plans.
Create and maintain key documentation tailored to client needs.
AHEAD builds platforms for digital business by weaving together advances in cloud infrastructure, automation and analytics, and software delivery. They prioritize creating a culture of belonging where all perspectives and voices are represented, valued, respected, and heard.
Build and cultivate strong client relationships based on trust and communication.
Lead and oversee active client-facing incident response engagements.
Invest in career development and provide mentorship to Forensic professionals.
Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents. Their approach and delivery are designed by industry veterans to address the industry’s persistent challenges of efficiency, predictability, and transparency
Serve as a trusted advisor to CISOs, translating technical findings into business impact and cyber risk insights.
Own the end-to-end lifecycle of customer relationships and engagements, including onboarding and assessment coordination.
Drive long-term customer retention through consistent value realization and measurable outcomes.
Cye helps security and risk leaders gain a clear, defensible view of their cyber exposure, grounded in financial impact and real-world attack paths. They allow organizations to establish a strong baseline, prioritize decisions with confidence, and track measurable reduction over time.
Helping define the security operations roadmap by designing and implementing long term strategies
Improve and maintain processes, tooling, documentation and training to mature and enhance cybersecurity incident response
Design, implement and maintain security events monitoring systems
Docplanner empowers patients by giving them access to leave and read reviews about their visit and also provides doctors with the technology to manage bookings easily and save time. They are leaders in 13 countries with over 2,500 employees globally, maintaining a startup-mindset.
As the first dedicated InfoSec hire, you'll secure organizational systems, data, and operations.
You will develop and maintain a practical framework for securely deploying AI tools across the organization.
You will lead security incident response, investigate alerts, and coordinate containment.
Customer.io's platform is used by over 8,000 companies to send billions of messages daily. They power automated communication and help teams send smarter messages using real-time behavioral data, operating as a globally distributed, remote-first company.
Oversee the internal cybersecurity program, road map, and strategy.
Partner with Product, Engineering, Legal, and Compliance leadership to determine risks and deploy risk management processes.
Serve as Waymark’s HIPAA Security Officer, ensuring compliance with the HIPAA Security Rule.
Waymark is a mission-driven team transforming care for people with Medicaid benefits. They partner with communities, delivering technology-enabled, human-centered support to help patients stay healthy and thrive in Medicaid healthcare delivery.
Serve as the primary Incident Commander for critical security events.
Orchestrate response efforts across multiple teams.
Conduct post-incident reviews and drive improvements.
GitLab is the intelligent orchestration platform for DevSecOps. They enable organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. GitLab has more than 50 million registered users and is trusted by more than 50% of the Fortune 100*, which reflects a high-performance culture driven by their values and continuous knowledge exchange.
Develop, maintain, and continuously improve GRC policies, standards, procedures, and control frameworks.
Lead and support SOC 2 Type II, ISO 27001, PCI DSS and other compliance initiatives, including evidence collection, control validation, and remediation tracking.
Partner with Security and Platform teams to ensure controls are technically implemented, not just documented.
HighLevel is an AI powered, all-in-one white-label sales & marketing platform that empowers agencies, entrepreneurs, and businesses to elevate their digital presence and drive growth. With over 1,500 team members across 15+ countries, we operate in a global, remote-first environment.
Lead the ongoing maintenance and operation of secure cloud infrastructures, focusing on AWS and cloud-native technologies.
Secure applications built for cloud environments by automating security assessments, monitoring runtime environments, and integrating security practices into the development lifecycle.
Implement robust security controls for cloud workloads and data, including containers, virtual machines, and serverless architectures.
Ro is a direct-to-patient healthcare company with a mission of helping patients achieve their health goals by delivering the easiest, most effective care possible. Ro is the only company to offer nationwide telehealth, labs, and pharmacy services and is recognized as a top workplace, earning more than 20 honors since 2021.
Responsible for managing and growing a comprehensive third-party risk management program across the organization.
Ensuring that Privia Health's information assets are safeguarded against cyber threats originating from third and fourth parties.
Leading the Third Party Access Committee (TPAC), driving compliance with regulations and implementing industry best practices for vendor risk management.
Privia Health is a technology-driven, national physician enablement company that collaborates with medical groups, health plans, and health systems to optimize physician practices, improve patient experiences, and reward doctors for delivering high-value care. The Privia Platform is led by top industry talent and exceptional physician leadership.
Integrate security across the entire product lifecycle.
Build a platform security mindset, ensuring cloud-native architecture, app-first thinking and AI initiatives are secure by design.
Ensure regulatory and compliance requirements are met through scalable, well-designed security capabilities.
Redcare Pharmacy is Europe’s No.1 e-pharmacy, powered by passionate teams and cutting-edge innovation. They strive to create a healthy collaborative work environment where every employee feels valued and inspired to contribute to their vision “Until every human has their health”.
Lead and grow a team of the best security engineers.
Define the strategy for Vanta’s application security program.
Work with Engineering and Product Development to assess and mitigate risk.
Vanta helps businesses earn and prove trust by providing continuous security monitoring and verification. They aim to empower companies to practice better security with their automation and orchestration tools. Vanta has a kind and talented team, embracing individuals with and without prior security experience.
Secure cloud-based environments by designing and implementing native security solutions using services.
Drive Continuous RMF practices, automating control implementation and reporting through modern methodologies like Continuous Authorization to Operate.
Automate provisioning and configuration of IT environments and implement and manage security measures like firewalls, IDS/IPS, vulnerability scanning, encryption, and ICAM solutions.
Rise8 builds custom, secure software for government organizations, measuring success by impact: lives saved, time returned, and missions advanced. They believe customer experience starts with employee experience, so they take care of their employees and offer competitive pay and benefits, autonomy, growth, and a culture rooted in kindness, candor, and continuous learning.
Support security and compliance programs aligned with frameworks such as NIST, ISO, PCI DSS, and HIPAA.
Assist in maintaining alignment with global privacy regulations (GDPR, CCPA, and similar frameworks).
Assist in the development, implementation, and maintenance of security, privacy, and AI governance policies, standards, and procedures.
Hims & Hers is a health and wellness platform with a mission to help the world feel great through the power of better health. They are redefining healthcare by putting the customer first and delivering access to care that is affordable, accessible, and personal.
Develop and implement a comprehensive security engineering roadmap aligned with business objectives.
Oversee the design and implementation of security architecture across network, infrastructure, and cloud environments.
Hire, mentor, and manage a high-performing team of security architects and engineers.
Auctane provides mailing and shipping software that helps businesses of all sizes meet industry and customer demands. The company has a global, multicultural team of 20+ nationalities and fosters a casual, inclusive, and people-first culture where diverse perspectives are valued.