Implement and maintain enterprise security tooling and approved configuration baselines across endpoints, browsers, SaaS platforms, and identity systems.
Partner with Corporate Security Engineering leadership and Vulnerability Management to ensure configuration controls and remediation efforts are aligned, measurable, and enforceable.
Continuously improve security configurations by reducing drift, expanding automation, and strengthening documentation and evidence collection to support audit readiness.
Own the strategy and maturity roadmap for corporate security engineering and operations.
Manage and develop System Security Engineers and Security Operations Analysts.
Strengthen configuration enforcement, vulnerability remediation, monitoring quality, and detection coverage.
Onebrief is collaboration and AI-powered workflow software designed specifically for military staffs. Founded in 2019, today, Onebrief’s team spans veterans from all forces and global organizations, and technologists from leading-edge software companies.
Own CMMC 2.0 and SOC 2 end-to-end, including control design and implementation.
Lead all IT functions supporting corporate and program needs, owning IT architecture and tooling decisions.
Provide guidance and escalation support for IT hardware/software issues; mentor IT Support Specialist & Cloud Infrastructure Engineer.
DEFCON AI leverages artificial intelligence, mathematical optimization, data analytics, and software engineering for resilient optimization of complex systems. They align outcomes with operational goals, better decision making, and empower customers to anticipate, assess, and mitigate the impacts of disruptions.
Drive adoption of a Secure Software Development Lifecycle (SSDLC) across engineering teams.
Implement and integrate application security tooling into CI/CD pipelines, improving vulnerability detection and remediation.
Establish consistent threat modelling and secure design practices across new features and products.
Neko Health's mission is to deliver proactive healthcare for all, empowering members to take control of their health via technology and compassionate care. They have nearly 100 full-time engineers working across Berlin, Chamonix, Hamburg, Lisbon, Marseille, Vilnius, and Stockholm and they support a flexible workplace that prioritizes work-life balance.
Act as the Subject Matter Expert (SME) for Endpoint Detection and Response (EDR) tools/process including optimizing configurations/policies, developing custom threat detection rules, and proactively improving Deel’s overall security posture for remote endpoints.
Configure, manage, and tune the full suite of security policies within SWG, CASB and ZTNA. Assist our remote colleague with seamless experience through troubleshooting end user issues as needed.
Continuously improve SaaS security posture with SSPM tools and processes around it. Collaborate with diverse application owners, understand security control and resolve configuration drifts for our wide range of SaaS applications from baseline.
Deel is an all-in-one payroll and HR platform for global teams. As one of the largest globally distributed companies, its team of 7,000 spans more than 100 countries with a connected and dynamic culture that drives continuous learning and innovation.
Conduct gap assessments against CMMC/NIST SP 800-171 requirements
Assist with the development and updates to the System Security Plan (SSP) and POA&M
Broadway Ventures transforms challenges into opportunities with expert program management, cutting-edge technology, and innovative consulting solutions. As an 8(a), HUBZone, and Service-Disabled Veteran-Owned Small Business (SDVOSB), they empower government and private sector clients by delivering tailored solutions that drive operational success, sustainability, and growth.
Enhances the strategic pillars of a security compliance program and facilitate day-to-day compliance operations.
Involved in multiple areas of the business where compliance and security impact operations.
Works on assignments that are complex and require professional skepticism, judgment, initiative, and knowledge of SaaS Company positions.
Optro is the leading audit, risk, ESG, and InfoSec platform on the market, surpassing $300M ARR and continuing to grow. More than 50% of the Fortune 500 leverage their award-winning technology. They inspire each other to innovate and are proud of what they are producing.
Accelerate Onebrief’s execution of GRC programs supporting NIST RMF, FedRAMP High, CMMC, and SOC2 authorizations
Develop and manage integrated project plans for control implementation, remediation, and continuous monitoring
Coordinate cross-functional teams (Infrastructure, Engineering, Product) to ensure timely delivery of compliance requirements
Onebrief provides collaboration and AI-powered workflow software designed specifically for military staffs, aiming to make them faster, smarter, and more efficient. Valued at $2.15B, the company has raised $320m+ from top-tier investors and operates as an all-remote company.
You create, build, test, deliver and support infrastructure, automation, and employees tooling
Architect and maintain a Zero Trust corporate infrastructure
You lead infrastructure changes, evolve system design and foster good engineering practices
Air Up makes bottles that unbore water with flavor by scent. Behind it all are teams pushing boundaries every day with professionalism and passion, and it's refreshingly low politics and ego.
Partner with engineering teams to conduct threat modeling.
Build and maintain automated scanning, penetration testing frameworks, and monitoring tools within our AWS CI/CD pipelines.
Champion a "security-first" mindset and host workshops that empower developers to write secure code.
Panopto is a customer-centric learning technology company and the leader in visual and audio-based learning. They empower organizations to share knowledge effortlessly. Panopto has been adopted by more than 1,600 companies and universities worldwide with over 11 million end users.
Own our SOC 2 Type 2 and HIPAA compliance programs.
Own IT operations end-to-end, from onboarding to offboarding.
Counterpart helps small businesses do more with less risk. They pair leading insurance experts with cutting-edge technology to empower small business owners to grow with confidence.
Perform infrastructure security reviews across cloud services, network design, IAM, and platform components.
Design and build internal security services, APIs, and tools that automate infrastructure vulnerability detection, triage, reporting, and remediation.
Develop security automation that integrates with CI/CD, cloud control planes, and developer workflows to shift detection and remediation earlier in the lifecycle.
Webflow is building the world’s leading AI-native Digital Experience Platform as a remote-first company. They empower teams to design, launch, and optimize for the web without barriers, from entrepreneurs to global enterprises, and believe the future of the web, and work, is more open, more creative, and more equitable.
Support client engagements related to CMMC readiness, implementation, and documentation
Develop, update, and maintain System Security Plans (SSPs)
Assist with NIST SP 800-171, NIST SP 800-53, and FedRAMP documentation, control mapping, and related deliverables
Hotman Group is a remote boutique cybersecurity and GRC firm supporting clients across a range of industries and compliance needs. They value strong writing, quality work, collaboration, sound judgment, and practical execution.
Design, implement, and manage the integration of security tooling into CI/CD pipelines.
Develop and maintain automation scripts to streamline security processes and workflows.
Own the vulnerability management lifecycle: identification, triage, prioritization, and reporting.
MoonPay is a unified payments platform for digital currency, making it easy for anyone to buy, sell, swap, and pay in digital currencies. Trusted by over 30 million customers and over 500 ecosystem partners, MoonPay's secure, enterprise-grade platform is driving mainstream crypto adoption worldwide.
Perform vulnerability management and coordinate patching.
Swapcard is the leading AI-powered event platform designed to drive revenue growth and foster meaningful connections at in-person and hybrid events. With 42 nationalities represented among their 180+ team members, they champion diversity as a catalyst for creativity, collaboration, and unparalleled innovation.
In collaboration, develop and maintain the Security Architecture roadmap that preserves a strong security posture and aligns with corporate objectives.
Lead the development and implementation of automation for established and new security processes to increase operational efficiency and reduce manual intervention.
Develop the architectural framework for the secure deployment of AI, designing foundational layers for Model Security, Data Privacy, and Autonomous Agent orchestration.
Bestow is a leading vertical technology platform serving some of the largest and most innovative life insurers. Their platform unifies the fragmented, legacy value chain, enabling carriers to launch products in weeks instead of years.
Smartsheet helps people and teams achieve their goals with work management and scalable solutions. They empower teams to automate tasks, uncover insights, and scale smarter, with a focus on creating space for innovation and meaningful work.
Support RMF lifecycle activities in accordance with DoDI 8510.01.
Develop and maintain RMF artifacts including system security plan, plan of action & milestones, security control traceability matrix, security CONOPS and incident response plan.
Maintain the system Body of Evidence within eMASS.
SIXGEN is committed to fair and equitable compensation practices. We take into account various factors including the candidate's relevant experience, education, skills, LCATs rates and position level, and market competitiveness.
Build proactive security automation aimed at decreasing manual remediation work.
Research new and novel ways to accomplish security work and publish your findings on our blog.
Participate in a monthly security on-call rotation for critical escalations.
Automox is a cloud-native IT operations platform that helps modern organizations keep every endpoint automatically configured, patched, and secured – anywhere in the world. They are trusted by more than 2,500 leading companies and MSPs worldwide and value a ‘one team’ mentality where everyone’s unique skills contribute to an environment that encourages collaboration and ownership.
Lead security architecture and design reviews across applications, infrastructure, and integrations.
Conduct and coordinate penetration testing, threat modeling, and security reviews.
Design and implement security automation within CI/CD pipelines.
Assured modernizes insurance by providing software solutions to large insurers that help them win in a technology-driven world. Their products include self-service claim-filing software to backend fraud detection and are dynamic, collaborative, and rewarding.
Lead end-to-end audit execution across SOC 2, ISO 27001, ISO 42001, ISO 27701, HIPAA, and GDPR and maintain year-round audit readiness.
Build and mature Atlan's risk management program and turn abstract risk conversations into measurable metrics with clear ownership and quarterly leadership reviews.
Integrate our GRC platform with cloud infrastructure, CI/CD pipelines, HR systems, and product engineering tooling to automate evidence collection and continuous control testing.
Atlan is building the missing context layer for data and AI, helping enterprises close the AI value chasm and finally move AI pilots into production. We are backed by world-class investors including GIC, Insight Partners, Meritech, Peak XV, and Salesforce Ventures and trusted by global enterprises like Mastercard, Workday, General Motors, Unilever and others.