Lead the design and implementation of secure architectures for Built’s applications, services, and AI/ML initiatives.
Embed security throughout the development lifecycle by partnering with engineering teams on threat modeling, secure coding best practices, and design reviews.
Perform internal penetration testing of applications, networks, and features to uncover weaknesses before attackers do.
Built is an AI-powered platform transforming how real estate is financed, developed, and managed. They started by fixing construction draw management for lenders and have grown into a comprehensive operating system. Built brings together passionate people who are driven in a variety of disciplines, each bringing their unique perspective to everything they do.
Design and implement security solutions across enterprise platforms and cloud environments.
Perform threat modeling and security risk assessments for new features and platforms.
Partner with product teams to embed security requirements early in the SDLC.
Experian is a global data and technology company, powering opportunities for people and businesses around the world. As a FTSE 100 Index company listed on the London Stock Exchange, they have a team of 22,500 people across 32 countries and are committed to investing in their people.
Define and drive the strategic roadmap for proactive security vulnerability analysis.
Establish the technical vision and program for integrating robust security controls at every stage of the SDLC.
Lead collaborative and cross-functional threat modeling initiatives for core systems, new features, and evolving services.
Modern Health is a mental health benefits platform for employers, offering access to resources for emotional, professional, social, financial, and physical well-being. They are a fully remote workforce known for their culture centered around empathy and accountability, with a drive to win.
Lead, develop, and mentor the Platform Security team, setting direction, managing performance, and ensuring strong communication and execution across distributed time zones.
Design, implement, and operate cloud security controls for AWS, GCP, and Azure to protect infrastructure, services, and applications from evolving threats.
Partner with engineering and product leadership to influence architecture decisions, define security requirements, and ensure alignment with Affirm’s technical strategy.
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Security is critical to Affirm’s mission, and they aim to embed a strong security culture across the company so they can build and operate honest financial products.
Own and operate n8n’s vulnerability intake and triage process, including the [email protected] inbox
Define and maintain security policies, standards, and public-facing disclosure documentation
Embed security into the software development lifecycle through threat modeling, design reviews, and pragmatic guardrails
n8n is the open workflow orchestration platform built for the new era of AI. They give technical teams the freedom of code with the speed of no-code, so they can automate faster, smarter, and without limits. Since their founding in 2019, they’ve grown into a diverse team of over 160.
Design and implement automated systems to monitor, detect, and mitigate security risks.
Harden cloud environments (AWS, GCP) and enforce least-privilege IAM, network segmentation, and encryption standards.
Develop security frameworks and tooling to detect and prevent LLM-specific vulnerabilities.
Luxury Presence is a digital platform revolutionizing the real estate industry for agents, teams, and brokerages. They provide websites, marketing solutions, and an AI-powered mobile platform. Founded in 2016, Luxury Presence has grown to a global team and has been ranked on the Inc. 5000 fastest-growing companies list three years in a row.
Design and implement resiliency across our cloud platform and CI/CD pipelines.
Embed “security as code” and help lead incident response for high-severity outages.
Partner with engineering teams to enable safe, fast delivery at scale.
Alpaca is a US-headquartered self-clearing broker-dealer and brokerage infrastructure for stocks, ETFs, options, crypto, fixed income, 24/5 trading, and more. Our global team of 230+ members spans the USA, Canada, Japan, and beyond, fostering a vibrant community.
Lead and mentor the app security team, fostering a culture of security awareness and continuous improvement across the organization.
Oversee the day-to-day security operations, including monitoring, threat detection, incident response, and vulnerability management.
Maintain an application security risk management framework, identifying, analyzing, and treating risks.
TrueML is a mission-driven financial software company that aims to create better customer experiences for distressed borrowers. The TrueML team includes inspired data scientists, financial services industry experts, and customer experience fanatics who are building technology to serve people in a way that recognizes their unique needs and preferences as human beings and endeavors to ensure nobody gets locked out of the financial system.
Architect and implement secure AWS configurations.
Embed security into CI/CD pipelines and repos using policy-as-code tools.
Conduct threat modeling sessions and risk‑driven design reviews early in development.
OnePay is an all-in-one financial platform driven by a simple mission: better money makes life better. They are backed by Walmart and Ribbit Capital, and deeply embedded with the distribution of the world’s largest omnichannel retailer.
Conduct regular security assessments, vulnerability scanning, and penetration testing of Veeam products and services
Work with development teams to integrate secure development practices into the software development lifecycle
Collaborate on the design and implementation of security within public cloud environments
Veeam is the #1 global market leader in data resilience, believing businesses should control all their data whenever and wherever they need it. Based in Seattle, Veeam protects over 550,000 customers worldwide who trust Veeam to keep their businesses running.
Lead secure design reviews and threat modeling for AI-driven products.
Build and maintain security automation and governance frameworks.
Drive software supply chain security and vulnerability reduction.
AlphaSense empowers companies to make smarter decisions by providing market intelligence and search functionality driven by AI. With over 2,000 employees globally and offices in multiple countries, they foster a collaborative and innovative environment.
Serve as the system Security Manager / ISSO for My HealtheVet and act as the primary security point of contact for internal leadership and VA stakeholders.
Drive a risk-based security approach appropriate for a FISMA High / HVA system.
Coordinate incident response activities, including investigation support, escalation, documentation, and communication with VA security operations and CISO teams.
Oddball believes that the best products are built when companies understand and value the things they are working on. They value learning and growth and the ability to make a big impact at a small company.
Responsible for designing and implementing security best practices at each stage of the system development lifecycle.
Works in partnership with cross-functional teams to act as a security subject matter expert, while supporting and advancing the security of ConnectWise applications.
Conducts security assessments, threat modeling, and vulnerability reporting and develops security architecture patterns for implementing new solutions and products.
ConnectWise is a community-driven software company dedicated to the success of technology solution providers, with a suite that helps over 45,000 of their partners manage their businesses better. The company has over 3,000 colleagues in North America, EMEA and APAC and has an inclusive and positive culture.
Implement and manage cloud-native security tools and third-party solutions for threat detection and incident response.
Define, maintain, and execute the Incident Response plan, investigating and resolving incident escalations.
Collaborate with Dev, DevOps, and Infra teams to remediate identified vulnerabilities, discuss security best practices, and assist with security incident response.
We are redefining the future of legal operations through the power of AI, offering a cutting-edge platform that streamlines enterprise legal management, matter management, spend management, and contract lifecycle processes. We are a team of innovators using AI at the core to help legal departments become faster, smarter, and more strategic.
Partner with Product teams to ensure that products are designed, built, and operated securely.
Conduct threat modeling activities with Product teams to ensure product threats are understood, documented, and mitigated.
Review and analyze product source code to identify security vulnerabilities and providing recommendations for secure implementation.
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm is a remote-first company and offers competitive benefits anchored to their core value of people come first.
Engineer and deploy clever controls so security incidents stay rare.
Lead incident response efforts and security tool deployments.
Embrace AI and automation to protect the enterprise at machine speed.
Chainguard provides a secure foundation for software development and deployment. By providing guarded open source software, built from source and updated continuously, Chainguard helps organizations eliminate threats in their software supply chains. They value customer obsession, prioritize intentional action, and trust each other.
Monitor alerts and notifications from cloud services, security tools, and our SOC/MSSP partners.
Triage and analyze potential security incidents, determine severity and scope, and coordinate response and remediation.
Establish and enforce security standards, guidelines, and best practices across product, engineering, and IT.
Meshy is a leading 3D generative AI company on a mission to Unleash 3D Creativity by transforming the content creation pipeline, making it effortless for both professional artists and hobbyists to create unique 3D assets. Meshy's talent spans the globe and they are trusted by top developers.
Integrate security activities across all SDLC phases: requirements, design, implementation, testing, deployment, and maintenance.
Run threat modeling sessions (e.g. STRIDE) for new and existing systems; identify threats, attack paths, misconfigurations, and insecure design patterns.
Perform security-focused code reviews to identify vulnerabilities and risky implementations; provide clear, actionable guidance on secure coding patterns and best practices.
Infiterra's B2B SaaS platform helps IT Distributors and Managed Service Providers (MSPs) automate and grow their subscription business. With 100+ customers in 75 countries, they're recognized for innovation and global impact. Infiterra fosters a collaborative and growth-oriented culture, allowing you to be part of a dynamic, forward-thinking team.
Embed security into Firefox, Mozilla VPN, and other mission-critical products.
Anticipate, prioritize and mitigate risks through proactive threat modeling, security assessments, security testing, and automation.
Partner with engineers to integrate security throughout the software development lifecycle as a core design principle.
Mozilla Corporation shapes the internet for the better and makes privacy-minded brands like Firefox. They have over 225 million people around the world using their products each month and are focused on making the internet better for people.
Design, lead, and execute strategic security programs to mitigate security risks.
Collaborate with security engineers to integrate and operationalize security controls.
Establish clear, measurable metrics to track the impact of security programs.
DoorDash's mission is to empower local economies. They are a technology and logistics company known for delivering food, looking to expand into delivering all goods, fostering a culture where team members can share perspectives and solve challenges.