Own and lead the delivery of large, multi-quarter Application Security and Engineering initiatives.
Improve existing complex application security architectures and provide guidance for securing AI-based workflows.
Proactively identify emerging industry threats and act as Incident Commander for large-scale security incidents.
Wrapbook provides a unified payroll platform that seamlessly connects your entire team in one place. It empowers production teams to manage projects, pay cast and crew, track expenses, and generate data-driven insights. With a growing team of 250+ people across the USA and Canada, Wrapbook is backed by top-tier investors and has raised $130M.
Conduct security assessments using SAST, DAST, and SCA tools to identify vulnerabilities.
Perform code reviews and provide secure coding guidance to development teams.
Evaluate AI/ML model security and implement protections against prompt injection.
Hims & Hers is a health and wellness platform focused on providing affordable and personalized care. They are a public company traded on the NYSE, committed to a talent-first flexible/remote work approach featuring outstanding benefits and a strong culture.
Create, manage, and maintain the application security strategy and roadmap.
Develop, execute, and track the performance of security measures to protect Alma’s data, applications, and systems.
Build and provide high-quality application security documentation and training to engineers.
Alma simplifies access to high-quality, affordable mental health care by making it easy and financially rewarding for therapists to accept insurance. Alma has over 20,000 therapists in their growing network and was named one of Inc’s Best Workplaces in 2022 and 2023.
Own and operate n8n’s vulnerability intake and triage process, including the [email protected] inbox
Define and maintain security policies, standards, and public-facing disclosure documentation
Embed security into the software development lifecycle through threat modeling, design reviews, and pragmatic guardrails
n8n is the open workflow orchestration platform built for the new era of AI. They give technical teams the freedom of code with the speed of no-code, so they can automate faster, smarter, and without limits. Since their founding in 2019, they’ve grown into a diverse team of over 160.
Lead, coach, develop, and support the GSSC AppSec team while effectively delegating workload
Refine and mature team processes to enhance operational excellence and program scalability
Engage directly with customers to understand key security concerns and communicate how ServiceNow mitigates their risks
ServiceNow is a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Their intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work.
Identify, analyze, and reduce application-layer security risk.
Triage, validate, and prioritize findings from automated security tools and external researchers.
Work with engineering, vulnerability management, and security operations teams to address findings.
Upwork is the world’s work marketplace, serving startups to Fortune 100 companies. They provide a platform that enables companies and talent to work together to unlock their potential, with over $3.8 billion of work done through Upwork last year.
Lead the vision, strategy, and delivery of 1Password’s AI and developer product portfolio.
Translate 1Password’s business and product strategy into an actionable roadmap.
Deliver cutting edge features to enable 1Password customers to safely use AI and build software more securely.
1Password is building the foundation for a safe, productive digital future. They have surpassed $400M in ARR and continue to accelerate, earning a spot on the Forbes Cloud 100 for four years in a row.
Design, develop, and deploy LLM- and RAG-powered applications that enhance analyst and hacker productivity across offensive security use cases.
Architect and maintain large-scale, high-performance data pipelines to process vulnerability, asset, and activity datasets from multiple sources.
Collaborate with security researchers and engineers to translate offensive security workflows into data-driven automation.
Bugcrowd empowers organizations to take back control and stay ahead of threat actors. With a network of hackers, Bugcrowd brings diverse expertise to uncover hidden weaknesses and adapts swiftly to evolving threats.
Drive and enable proactive identification, analysis, and remediation of security vulnerabilities.
Respond to manage pen testing and bug bounty programs.
Work in partnership with Software Architecture, Risk/Compliance, the SRE team, and other partners, to integrate security capabilities into the SDLC.
Subsplash builds The Ultimate Engagement Platform™ for churches, Christian ministries, non-profits, and businesses around the world. They are a family-owned and operated company of 290+ mission-driven people.
Integrate security activities across all SDLC phases: requirements, design, implementation, testing, deployment, and maintenance.
Run threat modeling sessions (e.g. STRIDE) for new and existing systems; identify threats, attack paths, misconfigurations, and insecure design patterns.
Perform security-focused code reviews to identify vulnerabilities and risky implementations; provide clear, actionable guidance on secure coding patterns and best practices.
Infiterra's B2B SaaS platform helps IT Distributors and Managed Service Providers (MSPs) automate and grow their subscription business. With 100+ customers in 75 countries, they're recognized for innovation and global impact. Infiterra fosters a collaborative and growth-oriented culture, allowing you to be part of a dynamic, forward-thinking team.
Support ServiceNow’s Sales Teams in Pre- and Post-Sales efforts.
Respond to prospect and customer questions related to security.
ServiceNow is a global market leader bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Their intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work.
Design and evolve safety policies for audio AI, image/video AI and agentic safety.
Build scalable, AI-powered systems and workflows that dramatically reduce response times and increase policy coverage.
Drive cross-functional safety integration with product, engineering, legal, and operations teams.
ElevenLabs is an audio AI research and product company. They aim to make information accessible in any voice, language, or sound, and have raised a $180 million Series C round, valuing the company at $3.3 billion.
Lead and mature Material Bank’s enterprise information security program.
Own the security risk management framework, including risk identification, scoring, tracking, and executive reporting.
Own detection, incident response, and resilience strategy.
Material Bank operates the world’s largest material marketplace for the architecture and design industry, connecting designers with materials from leading brands. They operate in 37 countries and their platform is the standard for design professionals around the globe.
Develop and implement AI-driven solutions for threat detection.
Automate security workflows, including vulnerability management.
Collaborate with security operations, architecture, and engineering teams.
Visa is a world leader in payments technology, facilitating transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories. They are dedicated to uplifting everyone, everywhere by being the best way to pay and be paid and offer the opportunity to create impact at scale.
Security analysis of internal and third-party applications.
Vulnerability assessment in web applications and APIs.
Review of SAST/DAST scan findings and support in remediation.
Netrix Global provides the people, processes, and technology needed to run and scale modern, data-driven businesses that are always on and always secure. They work with clients of all sizes and specialize in solutions for healthcare, manufacturing, government, education, financial services, and legal industries.
Design, build and maintain agentic workflows using low-code/no-code orchestration platforms and enterprise LLMs.
Translate business needs to AI logic by dissecting requests and re-engineering processes to be compatible with how LLMs and agents work.
Integrate agents with enterprise platforms via APIs and webhooks and determine how to extract, clean, and contextually feed data into AI models.
Lookout, Inc. is an endpoint to cloud security company purpose-built for the intersection of enterprise and personal data. They safeguard data across devices, apps, networks and clouds through their unified, cloud-native security platform and are trusted by enterprises of all sizes, government agencies and millions of consumers.
Analyze and assess security issues via design reviews, code audits, and penetration tests.
Design and build security tools, and develop mitigations and hardening strategies.
Review and develop secure operational practices, and provide security guidance for engineers.
Aptos Labs is building a people-first blockchain that aims to provide universal and fair access to decentralized assets in a safe and scalable way. Founded by original creators/maintainers of the Diem blockchain, they value diversity and are an Equal Opportunity Employer.
Drive security of systems at scale and influence security strategy.
Integrate security into our SDLC with a shift-left approach.
Build a culture where security empowers developers through best practices.
Boulevard provides a client experience platform for appointment-based, self-care businesses, empowering customers to enhance client experiences. They are a team that values diverse backgrounds and believes in equal opportunity, fostering an inclusive culture where employees can excel.
Lead SOC 2 and ISO programs through the full audit lifecycle.
Build integrations that continuously gather compliance evidence from AWS, GitHub, identity providers, and internal systems.
Evaluate and monitor third-party vendors for security and compliance risk.
Fieldguide is establishing a new state of trust for global commerce and capital markets through automating and streamlining the work of assurance and audit practitioners. The company is based in San Francisco, CA, and built as a remote-first company with a team that is inclusive, driven, humble and supportive.