Design, implement, and manage the integration of security tooling into CI/CD pipelines.
Develop and maintain automation scripts to streamline security processes and workflows.
Own the vulnerability management lifecycle: identification, triage, prioritization, and reporting.
MoonPay is a unified payments platform for digital currency, making it easy for anyone to buy, sell, swap, and pay in digital currencies. Trusted by over 30 million customers and over 500 ecosystem partners, MoonPay's secure, enterprise-grade platform is driving mainstream crypto adoption worldwide.
Design and implement scalable vulnerability scanning solutions.
Automate vulnerability ingestion, prioritization, and remediation workflows.
Partner with Engineering and DevOps teams to remediate vulnerabilities.
Keeper Security is a cybersecurity software company protecting organizations and individuals globally. They are known for zero-knowledge and zero-trust security, securing passwords, infrastructure secrets, and remote connections with role-based enforcement policies.
Own and enforce DevSecOps practices across CI/CD pipelines.
Drive vulnerability identification, triage, and remediation across infrastructure and applications.
Act as the primary security SME for the engineering organization.
Teramind is pioneering a predictive, AI-driven approach to safeguarding organizations' people, data, and operations. As a global leader in user behavior analytics, insider risk management, and workforce intelligence, we empower businesses to transform data into a strategic asset.
Lead security efforts across infrastructure, applications, internal systems, and employee devices
Identify risks and vulnerabilities across the organisation and ensure they are addressed
Establish scalable security processes and best practices across teams
LI.FI is dedicated to fostering a workplace that values and respects each team member's unique contributions. They value differences and encourage individuals of all backgrounds to apply.
Lead and grow a team of the best security engineers.
Define the strategy for Vanta’s application security program.
Work with Engineering and Product Development to assess and mitigate risk.
Vanta helps businesses earn and prove trust by providing continuous security monitoring and verification. They aim to empower companies to practice better security with their automation and orchestration tools. Vanta has a kind and talented team, embracing individuals with and without prior security experience.
Drive exploration and development of emerging security areas.
Render is a modern cloud platform for developers creating AI-native, full-stack, multi-service applications. They aim to eliminate the tradeoff between the power of hyperscalers and the simplicity of developer-friendly platforms. They are a diverse team that values craft, velocity, and user experience.
Embed security into CI/CD pipelines and own secure controls.
Lead the process of vulnerability and patch management, automating discovery.
Strengthen cloud and Kubernetes environments through secure configurations.
Alpaca is a US-headquartered self-clearing broker-dealer and brokerage infrastructure provider for stocks, ETFs, options, crypto, fixed income, and more. They are a dynamic team of 230+ globally distributed members committed to opening financial services to everyone.
Own and evolve vulnerability management end-to-end.
Embed secure design principles across mobile applications, APIs, and microservices.
Partner closely with engineering teams to remediate security issues.
Smart Working connects skilled professionals with global teams for full-time, long-term roles. They help you discover meaningful work with teams that invest in your success, where you’re empowered to grow personally and professionally.
Perform security reviews of our current and future product and service portfolio.
Be the security subject matter expert for product architects and engineers for threat modeling.
Find new and novel ways to identify and resolve security vulnerabilities in our products.
Palantir builds software for data-driven decisions and operations, empowering partners to develop lifesaving drugs, forecast supply chain disruptions, and locate missing children. They value excellence and encourage employees to work from their offices to foster connectivity and innovation.
Build AI agents that handle vulnerability triage, automated security reviews of PRs, and initial incident forensics at scale.
Build systems that automatically detect and remediate security gaps across AWS, GCP, and Azure -- configuration drift, IAM misconfigurations, vulnerable dependencies, exposed secrets.
Lead threat modeling, security reviews, and risk assessments across web applications, APIs, and services.
Atlan is building the missing context layer for data and AI, helping enterprises close the AI value chasm. They connect to every part of the modern data and AI stack to unify this context into a single, shared layer that both humans and AI agents can rely on.
Lead, develop, and mentor a team of Product Security Architects.
Own and continuously evolve the Product Security Architecture strategy.
Oversee and mature the Product Security Risk Register.
GitLab is the intelligent orchestration platform for DevSecOps. They enable organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. They have more than 50 million registered users and they value high-performance culture is driven by values and continuous knowledge exchange.
Integrate security activities across all SDLC phases.
Partner closely with engineering teams to ensure secure development practices.
Review security controls for new features, services, and architectural changes.
Infiterra simplifies subscription service delivery, enabling IT distributors, Managed Service Providers (MSPs), and telcos to succeed in the subscription economy. They are recognized as a global leader in subscription commerce, combining innovation, performance excellence, and trusted expertise to help partners transform and grow.
Lead end-to-end PCI DSS compliance, including CDE scoping and reduction, control implementation/validation, and audit management.
Lead and support SOC 2 Type II attestation initiatives, including TSC mapping, evidence collection, control testing, and remediation tracking
Own the Third-Party Risk Management (TPRM) program, including vendor tiering, risk assessments, and security reviews
HighLevel is an AI-powered business operating system that gives agencies, entrepreneurs and SMBs the infrastructure to build, automate and scale. With over 2,000 team members across 10+ countries, HighLevel operates as a global, remote-first organization built for speed and ownership.
Own and drive the company’s security strategy, roadmap, and overall posture
Lead threat modeling, secure code reviews, and architecture reviews
Build and maintain security tooling, automation, and infrastructure as code
Seesaw's mission is to provide every elementary student with joyful and connected learning experiences that lay the foundation for success in life. Trusted and loved by 25 million educators, students, and families worldwide, Seesaw is the only elementary learning experience platform.
Participate in threat modeling exercises with engineering team members
Triage SCA/SAST/DAST/CSPM findings by eliminating false positives and providing well-vetted vulnerabilities to engineering teams
Support vulnerability management efforts for networks and infrastructure
They offer a SaaS-based Global Employment Platform that enables clients to expand into over 180 countries. Their diverse, remote-first teams are essential to their success, fostering innovation and valuing every contribution.
Embed security into the SDLC by partnering with Engineering to implement secure design patterns, conduct threat modeling, and deliver developer-focused AppSec training.
Lead and perform application security assessments including SAST, DAST, SCA, and manual code review across web, mobile, and API surfaces.
Own and mature the vulnerability management program, including prioritization frameworks, SLA tracking, and cross-functional remediation coordination.
Branch is on a mission to empower workers with financial freedom by helping companies accelerate payments and providing working Americans with accessible, free financial services. They are committed to building inclusive and transparent financial products while valuing diversity of opinions and working styles, fostering innovation, and promoting teamwork.
Conduct regular vulnerability scanning of networks, servers, endpoints and applications.
Prioritize vulnerabilities based on CVSS scores, threat intelligence, and asset criticality.
Partner with IT infrastructure, application development, cloud, and network teams to remediate risks.
Connexus Credit Union serves members across all 50 states. They are a remote first employer with employees in the upper Midwest, and they foster collaboration and high performance.
Identifying opportunities to eliminate manual security workflows and replace them with scalable, automated solutions
Building internal tools and integrations that automate processes such as vulnerability triage and prioritization, alert enrichment and routing, and GRC evidence collection
Partnering with security and engineering stakeholders to understand pain points and translate them into practical technical solutions
Calendly's products are currently relied upon by millions. They are in the midst of exciting product growth, making joining at this time a fantastic opportunity. They hope Calendly can be part of your professional journey, allowing you to learn, grow, and do your best work alongside the best people.
Drive security vulnerability remediations with Engineering for CSPM, OS Runtime, SAST, SCA, DAST
Coordinate and track services provided by the security team and assist with enforcement security requirements throughout the organization
Assist with prioritizing work resulting from security findings, stakeholder requests, and strategic vision
Outreach provides a sales engagement platform to streamline communication and workflows for sales teams. They partner with Product, Engineering, Privacy, GRC, IT, and Legal teams to ensure security best practices are applied to protect the company and Outreach customers.
Work closely with engineering teams, PMs and external parties to ensure product security.
Support the Bug Bounty program, triaging, prioritizing and fixing issues.
Collaborate with infra security to level up our security posture.
RevenueCat helps developers build and scale in-app subscriptions by providing a monetization platform for mobile. They are a remote-first company of 120+ employees across 25 countries, and they value customer obsession and balance.