Own and operate n8n’s vulnerability intake and triage process, including the [email protected] inbox
Define and maintain security policies, standards, and public-facing disclosure documentation
Embed security into the software development lifecycle through threat modeling, design reviews, and pragmatic guardrails
n8n is the open workflow orchestration platform built for the new era of AI. They give technical teams the freedom of code with the speed of no-code, so they can automate faster, smarter, and without limits. Since their founding in 2019, they’ve grown into a diverse team of over 160.
Analyze and assess security issues via design reviews, code audits, and penetration tests.
Design and build security tools, and develop mitigations and hardening strategies.
Review and develop secure operational practices, and provide security guidance for engineers.
Aptos Labs is building a people-first blockchain that aims to provide universal and fair access to decentralized assets in a safe and scalable way. Founded by original creators/maintainers of the Diem blockchain, they value diversity and are an Equal Opportunity Employer.
Reproduce, assess, and document vulnerabilities, perform variant hunting, and contribute to exploitability research on security issues reported in GitLab’s products and services.
Support and consult with product and development teams on effective vulnerability remediation and mitigation. Independently validate vulnerability fixes prior to release.
Contribute to clear and actionable documentation that explains vulnerability impact, risk, and remediation guidance for technical and non-technical audiences, helping to scale PSIRT knowledge and practices across GitLab.
GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Their high-performance culture is driven by their values and continuous knowledge exchange, enabling their team members to reach their full potential while collaborating with industry leaders to solve complex problems.
Integrate security activities across all SDLC phases: requirements, design, implementation, testing, deployment, and maintenance.
Run threat modeling sessions (e.g. STRIDE) for new and existing systems; identify threats, attack paths, misconfigurations, and insecure design patterns.
Perform security-focused code reviews to identify vulnerabilities and risky implementations; provide clear, actionable guidance on secure coding patterns and best practices.
Infiterra's B2B SaaS platform helps IT Distributors and Managed Service Providers (MSPs) automate and grow their subscription business. With 100+ customers in 75 countries, they're recognized for innovation and global impact. Infiterra fosters a collaborative and growth-oriented culture, allowing you to be part of a dynamic, forward-thinking team.
Own and lead the delivery of large, multi-quarter Application Security and Engineering initiatives.
Improve existing complex application security architectures and provide guidance for securing AI-based workflows.
Proactively identify emerging industry threats and act as Incident Commander for large-scale security incidents.
Wrapbook provides a unified payroll platform that seamlessly connects your entire team in one place. It empowers production teams to manage projects, pay cast and crew, track expenses, and generate data-driven insights. With a growing team of 250+ people across the USA and Canada, Wrapbook is backed by top-tier investors and has raised $130M.
Develop automated security testing for centralized security libraries which scale directly with developer needs and enable them to write secure code more easily.
Participate in the review and improvement of secure software development lifecycle (SDLC) processes.
Have significant ownership in and evangelize security training with development teams.
ATPCO is the world's primary source for air fare content, holding over 200 million fares across 160 countries. Every day, the travel industry relies on ATPCO's technology and data solutions to help millions of travelers reach their destinations efficiently. They have a remote-first culture rooted in trust, transparency, and belonging where your wellbeing comes first.
Responsible for designing and implementing security best practices at each stage of the system development lifecycle.
Works in partnership with cross-functional teams to act as a security subject matter expert, while supporting and advancing the security of ConnectWise applications.
Conducts security assessments, threat modeling, and vulnerability reporting and develops security architecture patterns for implementing new solutions and products.
ConnectWise is a community-driven software company dedicated to the success of technology solution providers, with a suite that helps over 45,000 of their partners manage their businesses better. The company has over 3,000 colleagues in North America, EMEA and APAC and has an inclusive and positive culture.
Define and drive the strategic roadmap for proactive security vulnerability analysis.
Establish the technical vision and program for integrating robust security controls at every stage of the SDLC.
Lead collaborative and cross-functional threat modeling initiatives for core systems, new features, and evolving services.
Modern Health is a mental health benefits platform for employers, offering access to resources for emotional, professional, social, financial, and physical well-being. They are a fully remote workforce known for their culture centered around empathy and accountability, with a drive to win.
Participate in offensive security engagements including external adversarial emulation.
Perform security audits to discover, communicate, and recommend remediation activities for vulnerabilities
ServiceNow is a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work.
Own the configuration, tuning, and management of our SIEM solution.
Perform architecture reviews, code reviews, and infrastructure configuration reviews.
Maintain and optimize a vulnerability management CI/CD pipeline within our container/application delivery infrastructure.
Engine is transforming business travel into something personalized, rewarding, and simple. More than 20,000 companies already rely on Engine to support over 1 million travelers and billions in annual bookings each year.
Design and implement security solutions across enterprise platforms and cloud environments.
Perform threat modeling and security risk assessments for new features and platforms.
Partner with product teams to embed security requirements early in the SDLC.
Experian is a global data and technology company, powering opportunities for people and businesses around the world. As a FTSE 100 Index company listed on the London Stock Exchange, they have a team of 22,500 people across 32 countries and are committed to investing in their people.
Architect and implement secure AWS configurations.
Embed security into CI/CD pipelines and repos using policy-as-code tools.
Conduct threat modeling sessions and risk‑driven design reviews early in development.
OnePay is an all-in-one financial platform driven by a simple mission: better money makes life better. They are backed by Walmart and Ribbit Capital, and deeply embedded with the distribution of the world’s largest omnichannel retailer.
Lead the design and implementation of secure architectures for Built’s applications, services, and AI/ML initiatives.
Embed security throughout the development lifecycle by partnering with engineering teams on threat modeling, secure coding best practices, and design reviews.
Perform internal penetration testing of applications, networks, and features to uncover weaknesses before attackers do.
Built is an AI-powered platform transforming how real estate is financed, developed, and managed. They started by fixing construction draw management for lenders and have grown into a comprehensive operating system. Built brings together passionate people who are driven in a variety of disciplines, each bringing their unique perspective to everything they do.
Serve as the system Security Manager / ISSO for My HealtheVet and act as the primary security point of contact for internal leadership and VA stakeholders.
Drive a risk-based security approach appropriate for a FISMA High / HVA system.
Coordinate incident response activities, including investigation support, escalation, documentation, and communication with VA security operations and CISO teams.
Oddball believes that the best products are built when companies understand and value the things they are working on. They value learning and growth and the ability to make a big impact at a small company.