Conduct structured interviews with partner organizations, operational teams, and technical stakeholders.
Documents end‑to‑end operational workflows and surface implicit, non‑documented practices.
Identify workflow fragility zones, handoff risks, and transition‑period vulnerabilities.
Element serves as a partner at the intersection of innovation and our clients' needs, efficiently crafting meaningful user experiences for government and commercial customers. Our talented professionals bring unparalleled energy engagement, setting a higher standard for impactful work.
Learn about our users, systems, and security posture, and how security enables our product and business goals.
Support security assessments of code and infrastructure changes with guidance from Security Engineers, helping ensure alignment with SOC 2, PCI-DSS, and internal policies.
Assist with automating recurring security and compliance activities such as vulnerability scanning, risk assessments, third-party risk reviews, and control validation.
ezCater is the leading food for work technology company in the US, connecting anyone who needs food for their workplace to over 100,000 restaurants nationwide. They provide flexible and scalable solutions and are backed by top investors.
Own security issue intake and coordination by triaging reports and coordinating fixes with maintainers.
Drive timely remediation by tracking SLAs, communicating status, and coordinating releases and backports when required.
Harden our CI/CD and release workflows by improving build pipeline security, secrets management, artifact integrity, and access controls.
The Open Home Foundation is a non-profit organization based in Switzerland, fighting for privacy, choice, and sustainability in smart homes by supporting open-source projects and open standards. They focus on open-source projects like Home Assistant and collaborate with others to promote privacy, choice, and sustainability.
You will review, challenge, and strengthen our systems, act as the security authority within engineering, define guardrails, and drive remediation when risks arise.
Operating independently, you’ll build the structure and standards needed as we scale.
Your mission is to own the company wide security strategy and architecture, ensure CIRO and SOC 2 alignment, and embed strong security practices across infrastructure, applications, and internal systems, while enabling engineering velocity.
Newton is changing how Canadians trade crypto, with the goal to make financial freedom something everyone can achieve by giving customers the tools and knowledge they need to navigate the crypto world. At Newton, you'll work with a remote team spread across Canada.
Lead and manage the Third Party Findings Management process across key risk impact categories.
Drive the optimization of the Due Diligence and Ongoing Monitoring risk assessment process across regulated and non-regulated Anchorage Digital legal entities.
Lead and manage the TPRM Quality Control process across regulated and non-regulated Anchorage Digital legal entities.
Anchorage Digital is building the world’s most advanced digital asset platform allowing institutions to participate in crypto. The company has over 600 employees and is funded by leading institutions including Andreessen Horowitz, GIC, Goldman Sachs, KKR, and Visa.
Implement security policies and standards into the company environment.
Develop and improve security concepts, policies, processes and awareness.
Act as main admin for respective Security Management systems and applications.
Deutsche Telekom IT Solutions Slovakia is a company providing innovative information and communication technology services. They are the second largest employer in the eastern part of Slovakia with more than 3900 employees and aim to proactively improve and transform.
Vendor and contractor risk assessment process during onboarding, adhering to a defined Service Level Agreement (SLA).
Conduct annual vendor monitoring and re-assessment processes for existing vendors.
Maintain the vendor inventory and collaborate with vendors on an ongoing basis to reduce identified risks.
Juniper Square's mission is to unlock the full potential of private markets by digitizing them and bringing efficiency, transparency, and access. They have a values-driven organization that offers employees a variety of ways to work, ranging from a fully remote experience to working full-time in one of their physical offices.
Assist in the preparation and execution of third-party audits and assessments.
Support the development and maintenance of Eltropy’s GRC program.
Conduct and manage vendor security assessments, maintain risk tracking, and ensure third-party compliance.
Eltropy is a FinTech company aiming to transform financial service access. They provide an AI-enabled digital conversations platform for community financial institutions to enhance operations, engagement, and productivity.
Partner with engineering teams throughout the SDLC to embed security by design in our products.
Lead and evolve our AppSec tooling and workflows by implementing, tuning, and integrating SAST, DAST, SCA, and container/image scanning into CI/CD pipelines.
Drive vulnerability management for our applications and supply chain, including triaging and prioritizing issues, coordinating with teams on fix/mitigate/accept decisions.
Camunda is the leader in enterprise agentic automation, orchestrating complex business processes across agents, people, and systems. They were named a Visionary in the inaugural 2025 Gartner Magic Quadrant for Business Orchestration and Automation Technologies (BOAT).
Own end-to-end application security for all Self products
Partner closely with engineering and product teams to remediate critical security findings
Support SOC 2 and PCI compliance efforts, including audit preparation and evidence collection
Self Financial is a venture-backed, high-growth FinTech company with a mission to increase economic inclusion and financial resilience by empowering people to build credit and build savings. They are passionate about challenging the status quo of the credit industry by providing people accessible tools to take control of their credit.
Support all stages of the third-party lifecycle, including vendor intake and offboarding.
Assist in the implementation, enhancement, and administration of TPRM tools and platforms.
Provide risk-based guidance to business units to support informed vendor selection.
New American Funding is a mortgage company. The Third Party Risk Management team is responsible for the governance and oversight of third-party risk; they value strong communication and a practical approach to risk management.
Lead design for complex security workflows across the software supply chain.
Partner with subject matter experts to transform technical complexity into accessible, value-focused experiences.
Coordinate across multiple security product groups to align on cohesive experiences.
GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. His mission is to enable everyone to contribute to and co-create the software that powers our world.
Own a portfolio of security programs (planning, resourcing, milestones, dependencies, risk/issue management, and outcomes).
Create and maintain multi-quarter roadmaps aligned to Keyrock’s business and operating model across venues and services (CEX/DEX and liquidity services).
Establish governance and operating cadence: steering meetings, status reporting, program reviews, and executive updates.
Keyrock is a leading change-maker in the digital asset space, renowned for its partnerships and innovation. They have over 200 team members around the world with a diverse team hailing from 42 nationalities, with backgrounds ranging from DeFi natives to PhDs.
Oversee third-party and internal risk assessments to support enterprise information security and governance, risk, and compliance (GRC) initiatives.
Manage vendor due diligence, maintains an accurate risk register, partners with internal stakeholders on mitigation strategies.
Drive continuous improvement of the risk and compliance framework.
Concorde Career Colleges is committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee based on race, color, religion, religious creed, national origin, ancestry, sex, age, veteran or military status, or any other legally protected characteristic. Concorde Career Colleges offer short career-focused programs preparing students for the healthcare industry.
Own and drive cross-functional security governance programs.
Lead end-to-end execution of security initiatives.
Manage senior and cross-functional stakeholders.
The Sui Foundation supports the development, growth, and adoption of the Sui network, a Layer 1 blockchain designed for Web3 experiences. They are committed to decentralization, transparency, and community engagement to onboard the next billion users to web3.
Lead current ISO 27001, SOC 2, and PCI compliance initiatives.
Spearhead initiatives to identify and improve security risks.
Conduct Risk Assessments within customer systems.
Canadian Bank Note Company (CBN) is a leader and trusted provider of secure document and adjacent enterprise-level system solutions across various domains. They seek long-term relationships with their employees and offer a competitive compensation package, including health, medical, life insurance benefits, and a defined contribution pension plan with company matching.
Conduct day-to-day risk ticket analysis and lead in-depth assessments of product launches and infrastructure changes.
Further operationalize and mature the One Twilio Risk Management framework leveraging risk management frameworks.
Build and optimize automated workflows that bridge the gap between compliance requirements and engineering productivity.
Twilio is shaping the future of communications, delivering innovative solutions to hundreds of thousands of businesses and empowering millions of developers worldwide. They have a strong culture of connection and global inclusion and are dedicated to remote-first work.
You will be responsible for company-wide IT security and its processes.
Evaluate and plan preventive measures to minimize security risks.
Create, maintain, and develop concepts, processes, and guidelines to strengthen our IT security.
TIMOCOM is an innovation driver that transforms and moves the logistics industry with pioneering and digital solutions. They connect over 55,000 customers in one of Europe's largest, dynamic logistics networks, helping them solve their logistical challenges in a smart, safe, and simple way.
Function as a Security Advisory Services lead Security Consultant for ePlus service solutions.
Refine existing Practice offerings, developing new Practice offerings, assisting with pre-sales activities, and performing programmatic assessments.
Effectively lead engagements as a subject matter expert (SME) to deliver client projects.
EPlus believes technology is a people business. They are passionate, skilled, and driven to deliver solutions. They value collaboration, innovation, and extraordinary results and are dedicated to fostering a culture that represents diversity and enables inclusion.
Manage and optimize security tools such as email security, DLP, SIEM, IDS/IPS, EDR, threat intelligence platforms, and other tooling
Design and implement AI-enabled workflows to scale enterprise security and threat operations
Monitor and manage security alerts and incidents, analyze data, and respond to security events
Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing. They are a Series C company backed by a16z, transforming industries that others have written off as too complex to innovate.