Source Job

• Design and drive security solutions across product and internal applications
• Conduct threat modeling for existing systems and new product initiatives
• Partner with engineering teams to embed security into development and delivery workflows

Shakepay is reimagining financial services to give every Canadian their fair shake by making buying and earning bitcoin fast, easy, and secure. Since 2015, more than one million Canadians use Shakepay to grow their bitcoin savings; they are regulated across all Canadian provinces and territories, and backed by renowned venture capitalists with a funding of $44M.

• Partner with Product teams to ensure that products are designed, built, and operated securely.
• Conduct threat modeling activities with Product teams to ensure product threats are understood, documented, and mitigated.
• Review and analyze product source code to identify security vulnerabilities and providing recommendations for secure implementation.

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm is a remote-first company and offers competitive benefits anchored to their core value of people come first.

• Architect and implement secure AWS configurations.
• Embed security into CI/CD pipelines and repos using policy-as-code tools.
• Conduct threat modeling sessions and risk‑driven design reviews early in development.

OnePay is an all-in-one financial platform driven by a simple mission: better money makes life better. They are backed by Walmart and Ribbit Capital, and deeply embedded with the distribution of the world’s largest omnichannel retailer.

• Design and implement scalable infrastructure supporting HIPAA, SOC 2, and ISO 27001 compliance.
• Create self-service security tools integrating with developer workflows (GitLab CI/CD, Terraform).
• Lead threat modeling and security architecture reviews for new products and services.

Maven is the world's largest virtual clinic for women and families on a mission to make healthcare work for all of us.

• Own Swiftly's security risk register and threat models; identify, prioritize, and drive remediation of risks across application and infrastructure.
• Design secure architectures for our SaaS platform, mobile applications, and IOT/Hardware Integration, focusing on authentication, authorization, data protection, and network boundaries.
• Define and maintain security KPIs and dashboards for executive and board reporting.

Swiftly is on a mission to help cities move more efficiently and is the leading transit data platform for agencies to share real-time passenger information.

• Design and implement security solutions across enterprise platforms and cloud environments.
• Perform threat modeling and security risk assessments for new features and platforms.
• Partner with product teams to embed security requirements early in the SDLC.

Experian is a global data and technology company, powering opportunities for people and businesses around the world. As a FTSE 100 Index company listed on the London Stock Exchange, they have a team of 22,500 people across 32 countries and are committed to investing in their people.

• Partner with engineering and product teams to design and build secure systems.
• Lead threat modeling, code reviews, and vulnerability assessments to identify and mitigate risks.
• Define and evolve secure development practices, including tooling, automation, and developer education.

Uniswap Labs is committed to diversity in our workforce and is proud to be an Equal Opportunity Employer (EEO).

As a Sr. Security Developer, you will collaborate with security and engineering leadership to architect a scalable and resilient vision for secure cloud environments. You will develop and implement programs to ensure the company’s systems are compliant with regulatory requirements and privacy laws. Act as a technical subject matter expert for cloud security requirements and initiatives.

Wealthsimple is on a mission to help everyone achieve financial freedom by reimagining what it means to manage your money.

• Use security and compliance tools (GRC tools) to help the company stay audit-ready
• Manage IT assets and access permissions for team members and internal systems
• Support daily security operations related to ISO 27001 / SOC 2

Hopae is building the world’s most trusted digital identity platform — private, secure, and built for real life. Backed by top global investors, Hopae operates across Seoul, Paris, and San Francisco, bringing together exceptional talent from over 10 nationalities.

• Design, lead, and execute strategic security programs to mitigate security risks.
• Collaborate with security engineers to integrate and operationalize security controls.
• Establish clear, measurable metrics to track the impact of security programs.

DoorDash's mission is to empower local economies. They are a technology and logistics company known for delivering food, looking to expand into delivering all goods, fostering a culture where team members can share perspectives and solve challenges.

• Define Canonical's security risk management standards and playbooks
• Analyse and improve Canonical's security risk practices
• Evaluate, select and implement new security requirements, tools and practices

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects, they recruit on a global basis and set a very high standard for people joining the company.

• Design and implement automated systems to monitor, detect, and mitigate security risks.
• Harden cloud environments (AWS, GCP) and enforce least-privilege IAM, network segmentation, and encryption standards.
• Develop security frameworks and tooling to detect and prevent LLM-specific vulnerabilities.

Luxury Presence is a digital platform revolutionizing the real estate industry for agents, teams, and brokerages. They provide websites, marketing solutions, and an AI-powered mobile platform. Founded in 2016, Luxury Presence has grown to a global team and has been ranked on the Inc. 5000 fastest-growing companies list three years in a row.

In this role, you’ll be at the intersection of security, automation, and distributed systems. You’ll take ownership of hardening complex hybrid environments from bare-metal validators to multi-cloud clusters ensuring our systems are both fast and fortress-strong. You’ll join a distributed, high-performing Blockchain DevOps team that values ownership, transparency, and innovation.

Figment powers the future of Web3 through industry-leading blockchain infrastructure as the leading provider of staking solutions.

• Protecting data, products, and infrastructure against security threats.
• Meeting security and compliance services such as vulnerability management, security updates and upgrades, and intrusion response.
• Staying current with the latest Information Security trends and news.

Bounteous is a premier end-to-end digital transformation consultancy dedicated to partnering with ambitious brands to create digital solutions.

• Build and evolve core risk systems and decisioning infrastructure.
• Design and implement scalable backend services that support fraud prevention and compliance.
• Improve data instrumentation and observability to enable accurate risk analysis and reporting.

Shakepay is reimagining financial services to give every Canadian their fair shake by making buying and earning bitcoin fast, easy, and secure. They have a passionate, loyal, and growing community, with over one million Canadians using Shakepay.

As a Senior Security Engineer, you will lead cross-team infrastructure security initiatives that strengthen GitLab's SaaS Platforms and Self-Managed offerings. You'll design and own the implementation of security solutions while collaborating with various stakeholders across GitLab. Your technical leadership and hands-on execution will drive pragmatic security capabilities that empower critical software factories globally to operate securely at scale.

GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform , used by more than 100,000 organizations.

Architect and implement secure AWS infrastructure patterns (IAM, VPC, KMS, EKS, Lambda, ECS/Fargate, S3, CloudTrail, etc.). Write high-quality code (Python, Go preferred) to build automations, tooling, and internal security services. Build cloud guardrails, AWS Config rules, SCPs, and automated remediation workflows.

Motive empowers the people who run physical operations with tools to make their work safer, more productive, and more profitable.

• Configure and manage corporate devices and secure endpoint access across a fully remote team.
• Maintain and secure core SaaS tools such as Okta and Google Workspace.
• Monitor and respond to internal security events and incidents.

XBOW is redefining the future of cybersecurity by building the world's first autonomous pentester, powered by AI.

• Lead the architecture and development of security tools and infrastructure.
• Collaborate with engineers to implement security features in AWS cloud infrastructure.
• Support security detection and response efforts by contributing to detections, automation, and investigations.

Benchling’s mission is to unlock the power of biotechnology by providing the world’s most innovative biotech companies with a R&D Cloud.

Review security features of products to help internal and external customers succeed. Solve end-to-end problems and review SaaS/PaaS configurations. Understand Security Controls and Risks and compliance standards.

GoDaddy empowers everyday entrepreneurs around the world by providing the help and tools to succeed online, making opportunity more inclusive for all.