Source Job

• Design and implement automation, dashboards, and integrations that power our Governance, Risk, and Compliance (GRC) operations.
• Operationalizing and expanding our GRC platform (Drata), building AI-assisted workflows that automate evidence collection, control monitoring, and vendor risk.
• Manage project delivery across multiple GRC automation initiatives simultaneously — maintaining clear scope, milestones, and stakeholder visibility without sacrificing quality.

1Password is building the foundation for a safe, productive digital future. They innovated the market-leading enterprise password manager and pioneered Unified Access Management, a new cybersecurity category built for the way people and AI agents work today. 1Password has surpassed $400M in ARR and has over 180,000 businesses using their product.

• Lead security strategy across infrastructure, cloud systems, and enterprise applications.
• Drive SOC 2, ISO 27001, and ISO 42001 readiness/certifications.
• Own vulnerability management, threat monitoring, and incident response workflows.

SaaS Talent is a recruiting company, and a hiring, business development and growth partner with 20+ years of experience in SaaS and Hi-Tech that helps you scale and transform your business. They've worked with 100+ companies and helped them achieve their goals.

• Lead and scale a high-performing organization across DevOps, IT, and Security functions, setting strategic roadmaps aligned with company objectives and regulatory requirements.
• Own and evolve the company's security posture and compliance, ensuring high availability and disaster recovery capabilities while optimizing cost and system resilience.
• Direct IT operations including end-user support and corporate systems, and mentor team members while fostering a culture of transparency and operational excellence.

Zippy is a fintech company providing online loans and insurance for manufactured homes to make the process simple and fast. The company is backed by institutional investors, has a remote-first team spread across many US states, and focuses on a mission-driven, inclusive culture with competitive pay and equity.

• Manage and expand Valon's security and privacy compliance program across key frameworks and regulations.
• Build and scale modern Security GRC capabilities that leverage AI-enabled tools and processes, reducing manual overhead while optimizing risk and compliance operations.
• Maintain and evolve Valon's risk management practices; facilitate risk assessments across teams and track remediation of identified issues to closure.

Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing. We're a Series C company backed by a16z, transforming industries that others have written off as too complex to innovate.

• Design and build scalable infrastructure to support rapid growth in data volume, service usage, and engineering velocity.
• Implement and maintain core security infrastructure and controls including, service-to-service authentication, secrets management, application security primitives.
• Partner closely with Security Engineering to implement infrastructure that supports best-in-class security and compliance practices.

Vanta helps businesses earn and prove trust by providing a platform that continuously monitors and verifies security. They empower companies to practice better security and prove it with ease. Vanta has a kind and talented team with offices in SF, NYC, London, Dublin, Tel Aviv, and Sydney.

• Diagnose, prioritize, and drive security program maturity.
• Translate security requirements into engineering practice.
• Own the compliance surface without losing sight of real risk.

Aledade helps independent primary care practices survive and thrive, aiming to bend the healthcare cost curve. They are the largest network of independent primary care in the country.

• Drive compliance efforts to unlock business capabilities
• Secure Owner by helping teams successfully prevent and remediate vulnerabilities
• Help teams build better and more secure systems by avoiding pitfalls of risk.

Owner is an AI-native system local business owners use to succeed, starting with restaurants. It's building the system that replaces the many tools owners use to run their business and powers everything from the restaurant’s website, online ordering, CRM, POS, and more. The team is in the low hundreds.

• Build detections and security signal pipelines in Datadog.
• Serve as the subject matter expert on AWS Cloud and on-prem infrastructure security.
• Act as the technical lead during security incidents, including investigation and remediation.

Voltus is the leading platform connecting distributed energy resources to electricity markets, delivering less expensive, more reliable, and more sustainable electricity. Our company appears to be a remote-first company, and values diversity and inclusion.

• Lead, coach, and grow the Security Engineering team.
• Design and implement security controls across Cloud environments.
• Partner with engineering teams to embed security into the SDLC.

Horizon3.ai is a cybersecurity company dedicated to enabling organizations to proactively find, fix, and verify exploitable attack vectors. They are a fast-growing company with a culture of respect, collaboration, ownership, and results.

• Lead implementation of PCI DSS controls across infrastructure and application layers
• Design and secure AWS infrastructure using best practices around IAM, networking, and encryption
• Own Infrastructure as Code and improve deployment reliability across environments

Pragmatike is recruiting on behalf of a fast-growing fintech company building modern payment infrastructure for the travel and airline industry. Their platform enables complex multi-party and multi-method payment orchestration, helping enterprise clients recover revenue and process transactions more efficiently at scale.

• Execute on milestones for end-to-end SecOps & Threat initiatives in accordance with the Security roadmap.
• Identify and respond to complex security incidents, including system compromise, intrusion attempts, and/or denial of service attacks by conducting continuous monitoring, vulnerability assessments, and log analysis.
• Research emerging threats, publicly disclosed vulnerabilities or attack vectors, and proactively push mitigating controls to products and services.

6sense's mission is to multiply what matters: growth, retention, and efficiency. They envision a future where companies, teams and people reach their full potential. People are the heart and soul of the company with a growth mindset culture that is represented in all that they do.

• Build, operationalize, and scale the security engineering practices that protect our benefits platform.
• Partner with teams building web and mobile applications, backend services, system integrations and data platforms.
• Set direction and mature security capabilities; introduce strong standards and ship incremental improvements.

Benepass is making benefits easy by tailoring them to the unique needs of the workforce with an easy-to-use and highly customizable fintech platform. They are backed by leading investors and have raised approximately $75 million in equity capital, fostering an inclusive environment for its employees.

• Lead security incidents end-to-end, from detection and triage through containment and post-incident review, acting as incident commander.
• Conduct hands-on investigations across cloud and endpoint environments to determine root cause and impact, and partner with Observability & Automation to improve detections and build automated playbooks.
• Collaborate with Security, Infrastructure, and Product teams to identify gaps, strengthen the incident response lifecycle, and communicate effectively with both technical and non-technical stakeholders.

Affirm is reinventing credit to create honest and friendly financial products like buy now, pay later services without hidden fees. As a remote-first fintech company, they cultivate a collaborative and team-first culture for their skilled professionals.

• Understand real security workflows across threat modeling, privacy, and vendor risk.
• Integrate Clearly AI into those workflows alongside Jira, ServiceNow, Confluence, and GitHub.
• Drive disciplined implementation from contract to production.

Clearly AI automates the most painful bottleneck in the enterprise: security and privacy reviews. We help security teams complete high-quality threat models, privacy impact assessments, and vendor risk evaluations in minutes instead of weeks. We are early and deeply technical, backed by Y Combinator and live with Fortune 500s and global brands.

• Own the product strategy and execution that strengthens our defense-in-depth architecture and operational controls.
• Define and own the roadmap for security platform capabilities across cloud defense and secure-by-default developer tooling.
• Translate regulatory, audit, and risk requirements into usable product surfaces and guardrails for internal teams.

Anchorage Digital is building a digital asset platform for institutions to participate in crypto. It is funded by institutions including Andreessen Horowitz, GIC, and Goldman Sachs, and has a Series D valuation over $3 billion.

• Serve as the primary security owner for key leadership stakeholders, owning the design, implementation, and lifecycle management of security controls.
• Architect and operate security controls for systems supporting Circle’s infrastructure, ensuring strong access, monitoring, and auditability.
• Own Circle's endpoint and mobile security program end-to-end: endpoint protection platforms, device compliance policies, network, secure email gateway, and secure configuration baselines.

Circle is a financial technology firm building the foundation for a more open, global economy through digital assets, payment applications, and blockchain infrastructure. They are committed to building a flexible work environment, encouraging new ideas, and ensuring everyone is a stakeholder.

• Translate group security frameworks into practical policies, controls, and procedures.
• Build and strengthen a Security-by-Design culture across projects, platforms, and teams.
• Support teams in identifying risks, defining actions, and tracking real progress.

Q8 is a well-respected, reliable, and trustworthy energy supplier that has been operating since 1983, with nearly 5,000 service stations in Europe. They are committed to developing a wide range of innovative and sustainable products and services. Their culture is focused on growing together in a digital and inspiring environment of trust, focused on continuous learning.

• Operate & maintain security platforms (vulnerability management, CAASM, CNAPP).
• Monitor security findings and support remediation workflows.
• Develop scripts and automation to improve security workflows.

GuidePoint Security provides trusted cybersecurity expertise, solutions, and services. They help organizations make better decisions and minimize risk with a three-tiered, holistic approach to security. GuidePoint has over 1,200 employees and serves more than 6,200 customers.

• Design and implement our Zero Trust architectures
• Gather requirements and understand specifications while evaluating existing systems
• Influence and mentor activities within the team and across the organization

Zscaler accelerates digital transformation to ensure our customers can be more agile, efficient, resilient, and secure. As an AI-forward enterprise with a culture of execution centered on customer obsession, collaboration, ownership, and accountability.

• Own complex post-sale technical relationships, guiding onboarding through adoption and renewal.
• Lead technical implementation, including integrations, configuration, and security reviews.
• Partner with Customer Success Managers to proactively identify risks and drive expansion opportunities.

1Password is building the foundation for a safe, productive digital future. We ensure every identity is authentic, every application sign-in is secure, and every device is trusted. We are a fast-paced, dynamic environment, with over 180,000 businesses trusting our products.