Acting as the primary subject matter expert for all security and compliance inquiries.
Taking end-to-end ownership of certification lifecycles, such as ISO 27001 and Cyber Essentials.
Working closely with the GRC team to improve existing programs.
Sword Health is shifting healthcare from human-first to AI-first through its AI Care platform, making world-class healthcare available anytime, anywhere. They have over 1,000 enterprise clients and are backed by 42 clinical studies and over 44 patents.
Design, review and develop security architectures for systems and networks.
Conduct security assessments and communicate identified risks from vulnerability scans.
Collaborate with Product & Engineering teams ensuring security integration in projects.
Jobgether is a platform leveraging AI to match candidates with suitable job opportunities. They focus on ensuring a fair and objective candidate review process, and operate with AI powered matching and partner companies.
Own the 24‑month global security roadmap developed with an external partner; drive planning, resource allocation, cross‑region rollout, milestone tracking, and KPI delivery.
Lead the cybersecurity transformation: redesign the security operating model, establish regional capability hubs, hire and upskill teams, and integrate security into engineering and product lifecycles.
Modernize security tooling and architecture: define global architecture for IAM, cloud security, vulnerability management, SIEM/XDR, DLP, and secure SDLC integrations; manage vendor selection and lifecycle.
Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. With a combination of industry-leading tools, services, and expertise, Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
Manage information security incidents and security risks across the organisation
Own and maintain the Information Security Management System (ISMS), including creating and updating policies, procedures, and guidance
Ensure adherence to information security policies and standards
TwinStream was formed in 2019 by engineers solving complex cross-domain problems within government organisations. They provide technical excellence and exceptional service to their clients with teams working both on-site and remotely.
Own our information security strategy and build our security roadmap.
Maintain our ISO 27001 certification, preparing for SOC 2 readiness.
Operate strategically and tactically, developing policy and reviewing cloud configurations.
ApprovalMax is redefining how finance teams manage the Money Out cycle — from purchase orders and supplier bills to employee expense management and payroll. Trusted by 18,000+ businesses worldwide, our platform empowers companies to automate financial controls, ensure compliance, and scale efficiently.
Collaborate with cross-functional teams to maintain and improve the company's comprehensive compliance program.
Manage the end-to-end audit process for SOC 2 compliance, ensuring timely and accurate completion.
Oversee the Information Security Risk Management Program, documenting identified risks, coordinating mitigation efforts.
airSlate is a global SaaS technology company that develops no-code workflow automation, electronic signature, and document management solutions. They have teammates in more than 20 countries across three continents and main hubs in the United States, Poland, Romania, Ukraine and Philippines.
Collaborate with business leadership, Legal, Procurement, and Cyber to review terms and conditions.
Track status of risk remediations in the risk register with business stakeholders.
Contribute to overall program enhancements and drive automation with various IT and Cybersecurity stakeholders.
NBCUniversal is a leading media and entertainment company that creates world-class content across film, television, and streaming. They own and operate entertainment and news brands, with a focus on improving communities, championing an inclusive culture, and attracting a talented workforce.
Serve as the lead Information Assurance authority for the program.
Manage and oversee RMF lifecycle activities, including ATO maintenance.
Develop, maintain, and govern cybersecurity and information assurance policies.
Jobgether is a company that uses AI to ensure applications are reviewed quickly, objectively, and fairly. They identify the top-fitting candidates and share this shortlist with the hiring company; the final decision is managed by the internal team.
Deliver world-class cyber security assessment and advisory services across multiple Compliance offerings.
Work effectively as a team member on large engagements and remain current on technical knowledge.
Demonstrate GuidePoint’s Core Values at all times and achieve and maintain relevant cyber security and audit certifications.
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. Since its inception in 2011, GuidePoint has grown to over 1000 employees and firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere.
Oversee security, compliance, and risk management of network infrastructure, ensuring the protection of critical assets and alignment with DoD standards.
Design and implement security measures that safeguard the network from unauthorized access, vulnerabilities, and advanced threats.
Manage the Risk Management Framework (RMF) process, ensuring systems remain secure and compliant with DoD requirements throughout their lifecycle.
TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well-planned information management environment. They focus on nimbly utilizing the best that information technology offers to meet the business needs of Federal Government customers.
Lead, mentor, and grow a team of international and domestic risk analysts.
Conduct and oversee complex risk assessments across cloud environments and on-premise telecommunications systems.
Develop and deliver high-impact, executive-level risk reporting.
At Twilio, they're shaping the future of communications. They deliver innovative solutions to hundreds of thousands of businesses and empower millions of developers worldwide to craft personalized customer experiences, with a strong culture of connection and global inclusion.
Play a critical role in the technical development, implementation, and maintenance of the GRC platform.
Drive integration strategies between GRC platforms and enterprise systems for automated data sharing and reporting.
Provide expert guidance and leadership on GRC technical matters to senior leadership and business stakeholders.
Jobgether is a platform helping candidates find jobs. They use AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements.
Partner with Engineering, Product, and Infrastructure leaders.
ButterflyMX empowers people to open and manage doors & gates from a smartphone. As a distributed, primarily remote workforce, they're looking for more intelligent, passionate, collaborative, ai-forward, and down-to-earth individuals to join their growing team.
Monitor and enforce security policies for data storage and access.
Support the Authority to Operate (ATO) process and security assessments.
Coordinate with cybersecurity teams to track security incidents.
NV5 Geospatial is a global technology solutions and consulting services company. They employ over 4,500 professionals in more than 100 offices worldwide and value diversity and collaboration.