Own the DoW product strategy and execution roadmap, ensuring alignment with customer needs, mission requirements, and market demands.
RegScale is a cyber GRC platform designed to enable the CISO to track and monitor security controls. They help organizations break out of the slow and expensive realities that plague legacy GRC tools by bridging security, risk, and compliance through controls lifecycle management.
Serve as the primary vCISO and subject matter expert for multiple clients.
Lead data-centric cybersecurity programs aligned to business risk.
Manage, mentor, and develop vCISO team members.
Coretelligent partners with growing, highly regulated organizations that need secure, dependable IT environments built to scale. They deliver managed IT, cybersecurity, cloud, and strategy, through a model designed for consistency, transparency, and trust. They are building a team of professionals who care deeply about quality, ownership, and continuous improvement.
Lead development of security strategy aligned to client business goals.
Guide risk management practices including risk registers and threat modeling.
Provide executive-level oversight of regulatory compliance programs.
Jobgether uses an AI-powered matching process to ensure applications are reviewed fairly. Their system identifies the top-fitting candidates and shares this shortlist with the hiring company.
Support the ISSO with information system security activities.
Perform Assessment and Authorization efforts under the Risk Management Framework.
Develop and maintain RMF documentation and coordinate vulnerability remediation.
GovCIO transforms government IT with innovative services and solutions. They foster a collaborative, team-oriented culture where employees' talents drive success.
Work with private equity and portfolio company clients, consulting on how to apply an information security vision and strategy in alignment with customer business objectives.
Work with customers to assess and address information security risks.
Assist in managing customer security programs including the achievement and/or maintenance of key compliance initiatives such as SOC, ISO27001, NIST, PCI, and SOX.
Crosslake supports changemakers and helps them buy, build, and run better technology. They believe in a programmatic, proactive approach to actively manage technology throughout the investment lifecycle.
Lead the end-to-end Certification & Authorization (C&A) process for information systems.
Maintain and update System Security Plans (SSPs), POA&Ms, and other FedRAMP/GovRAMP/NIST documentation artifacts.
Oversee control gap analysis and drive remediation efforts across technical and administrative domains.
EBSCO Information Services (EBSCO) delivers a fully optimized research experience, seamlessly integrated with a powerful discovery platform to support the information needs of our end-users. Headquartered in Ipswich, MA, EBSCO employs more than 2,700 people worldwide, with most embracing hybrid or remote work models.
Own and drive cross-functional security governance programs.
Lead end-to-end execution of security initiatives.
Manage senior and cross-functional stakeholders.
The Sui Foundation supports the development, growth, and adoption of the Sui network, a Layer 1 blockchain designed for Web3 experiences. They are committed to decentralization, transparency, and community engagement to onboard the next billion users to web3.
Lead the configuration and management of GRC tools to ensure integration with security systems.
Manage the main dashboard for SOC 2 reporting, ensuring accuracy and compliance.
Develop and maintain a comprehensive risk management program and conduct risk assessments.
Engine is transforming business travel into something personalized, rewarding, and simple. They have over 20,000 companies relying on Engine to support over 1 million travelers and billions in annual bookings each year and have been recognized as one of the fastest-growing travel and fintech platforms in North America.
Lead current ISO 27001, SOC 2, and PCI compliance initiatives.
Spearhead initiatives to identify and improve security risks.
Conduct Risk Assessments within customer systems.
Canadian Bank Note Company (CBN) is a leader and trusted provider of secure document and adjacent enterprise-level system solutions across various domains. They seek long-term relationships with their employees and offer a competitive compensation package, including health, medical, life insurance benefits, and a defined contribution pension plan with company matching.
You will review, challenge, and strengthen our systems, act as the security authority within engineering, define guardrails, and drive remediation when risks arise.
Operating independently, you’ll build the structure and standards needed as we scale.
Your mission is to own the company wide security strategy and architecture, ensure CIRO and SOC 2 alignment, and embed strong security practices across infrastructure, applications, and internal systems, while enabling engineering velocity.
Newton is changing how Canadians trade crypto, with the goal to make financial freedom something everyone can achieve by giving customers the tools and knowledge they need to navigate the crypto world. At Newton, you'll work with a remote team spread across Canada.
Embed privacy-by-design principles into Docker products, services, and internal platforms.
Partner closely with Docker engineering and product teams to integrate privacy requirements into architecture decisions, SDLC processes, and CI/CD pipelines.
Design, develop, and maintain automated GRC and privacy workflows to support compliance monitoring, control testing, DPIAs, risk assessments, reporting, and audit readiness.
Docker makes app development easier so developers can focus on what matters. Their remote-first team spans the globe and they are passionate about innovation and great developer experiences. With over 20 million monthly users and 20 billion image pulls, Docker is a trusted tool for building, sharing, and running apps.
Lead SOC 2 and ISO programs through the full audit lifecycle.
Build integrations that continuously gather compliance evidence from AWS, GitHub, identity providers, and internal systems.
Evaluate and monitor third-party vendors for security and compliance risk.
Fieldguide is establishing a new state of trust for global commerce and capital markets through automating and streamlining the work of assurance and audit practitioners. The company is based in San Francisco, CA, and built as a remote-first company with a team that is inclusive, driven, humble and supportive.
Own day-to-day execution of SOC 1, SOC 2, PCI DSS, and ISO 27001 readiness and audit cycles.
Develop and maintain policies, procedures, risk assessments, control narratives, and supporting documentation.
Facilitate risk assessments for systems, vendors, products, and business initiatives.
Astra is building mission-critical infrastructure for moving money at scale. Their platform processes billions in annual transaction volume with 99.9%+ uptime, powering real-time transfers, bank debits, card disbursements, and complex financial compliance systems.
Manage certification frameworks, including CMMC, NIST, and SOC 2.
Develop, track, and maintain security and compliance policy documents.
Analyze and review system configurations for security vulnerabilities.
Rubris Inc. provides transformational legal technology and solutions for complex business and legal processes in the mass tort industry. They streamline and automate processes to improve efficiency while delivering unprecedented insights and analytics.
MicroTech is an award-winning Service-Disabled Veteran-Owned Small Business (SDVOSB) that provides information technology and communications solutions. They focus on providing cutting-edge solutions with the customer at the forefront, solving complex business challenges to increase productivity and decrease costs.
Assess and improve client security and IT controls.
Develop policies, processes, and risk assessments aligned to top frameworks like NIST, ISO 27001, and SOC 2.
Translate technical and regulatory requirements into clear, actionable steps for our clients.
Hotman Group is a rapidly growing boutique firm redefining cybersecurity and GRC. They help business leaders earn and keep customer trust through expert guidance and a commitment to quality, fostering a collaborative environment where every voice matters.
Own and lead enterprise-level compliance programs.
Define and mature ISO 27001 and ISO 42001 control environments and SOX 404 ITGCs.
Act as a subject matter expert and internal consultant for various teams.
Spring Health aims to eliminate mental health barriers with its clinically validated technology, Precision Mental Healthcare. They partner with over 450 companies, providing care for 10 million people and are valued at $3.3 billion.