Lead AppSec program assessments to evaluate current state and help clients prioritize remediation efforts based on risk, resources, and organizational readiness.
Design pragmatic security workflows, processes, and tooling integrations that engineering teams will actually adopt.
Deliver polished client work including clear assessments, actionable roadmaps, and executive communications that drive decision-making.
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. The company has grown to over 1,200 employees and serves as a trusted advisor to more than 6,200 customers.
Enable software engineering teams to continuously improve the security posture of products and SaaS environments through AppSec and DevSecOps expertise.
Serve as the go-to AppSec expert, mentoring engineers on secure design patterns and coding practices while collaborating on threat models and design reviews.
Lead automation of vulnerability management tooling across CI/CD pipelines, perform security code reviews, and contribute to compliance strategies.
Hypori is a high-growth cybersecurity SaaS company transforming how organizations think about secure mobility. Backed by $55M in funding from investors including UBS and AE Industrial Partners, the company is expanding into new commercial and regulated markets.
Deliver Application Security services including threat modeling, architecture reviews, and program assessments.
Author comprehensive reports tailored to technical and managerial audiences with remediation strategies.
Contribute to practice development and mentor team members while embracing emerging technologies.
GuidePoint Security provides trusted cybersecurity expertise, solutions, and services to help organizations minimize risk. With over 1,200 employees, the company fosters a collaborative culture focused on mentorship and knowledge sharing.
Own and improve the secure software development lifecycle, perform application security reviews, threat modeling, and deep code-level analysis for high-impact product, platform, and AI features.
Drive vulnerability management across internal reviews, bug bounty, pentests, and other research signals, ensuring findings are validated, prioritized, and tracked through remediation.
Configure and improve AppSec tooling and integrations, and use AI to automate and scale security processes while validating outputs with strong engineering judgment.
Apollo.io is the leading go-to-market solution for revenue teams, trusted by over 500,000 companies and millions of users globally. Founded in 2015, the company is one of the fastest growing companies in SaaS, raising approximately $250 million to date and valued at $1.6 billion.
Jobgether uses an AI-powered matching process to connect candidates with hiring companies quickly and objectively. They are a remote-first, globally distributed company with an inclusive engineering culture.
Play a key role in protecting and strengthening large-scale cloud-native applications that power next-generation AI infrastructure.
Work at the intersection of software engineering and cybersecurity, ensuring security is embedded throughout the software development lifecycle.
Collaborate cross-functionally to identify and remediate vulnerabilities in complex distributed systems.
Our partner is a company building large-scale cloud-native applications that power next-generation AI infrastructure. They have a high-impact security engineering environment with a collaborative and innovative culture focused on trust, learning, and impact.
Partner with Product and Engineering teams to integrate security into application design and development, leading threat modeling and secure code reviews.
Develop and implement automated security guardrails across the SDLC, investigate and prioritize application security findings.
Promote secure coding practices through training and coaching, and create security standards and procedures that scale across teams.
Quanata is an insurance technology innovation company that engineers advanced risk prediction and prevention solutions and builds a full-stack, flexible, digital & increasingly AI-native insurance platform. We are a remote-first company wholly owned and funded by State Farm, with a culture that prioritizes inclusivity and positive collaboration.
Conduct threat modelling reviews of Technical Design Documents (TDDs) and provide actionable security recommendations early in the design process.
Perform application security assessments, including penetration testing, vulnerability assessments, and proof-of-concept development.
Investigate, triage, and respond to Bug Bounty program submissions, validating findings and driving timely remediation with engineering teams.
MoonPay is a unified payments platform for digital currency. Trusted by over 30 million customers and over 500 ecosystem partners, the company is committed to building a fairer, more open financial system with a culture of accountability and inclusivity.
Design and implement security controls across CI/CD pipelines, cloud infrastructure, and software development workflows.
Integrate security testing tools including SAST, DAST, dependency scanning, and vulnerability management.
Partner with Engineering, Infrastructure, and Security teams to implement secure development practices.
Kaseya is the leading provider of AI-powered IT management and cybersecurity software, serving Managed Service Providers (MSPs) and internal IT organizations worldwide. Backed by Insight Partners, the company supports customers in more than 20 countries, manages over 15 million endpoints, and fosters a culture of innovation, accountability, and results.
Perform penetration testing and design reviews to identify vulnerabilities and insecure designs.
Maintain and build internal tools to automate security efforts, including SAST and DAST testing.
Identify vulnerabilities, demonstrate business impact, and articulate risk to drive prioritization.
Brex is the intelligent finance platform that enables companies to spend smarter and move faster in over 200 markets. With tens of thousands of customers including DoorDash, Coinbase, and Zoom, Brex fosters a diverse and inclusive team culture where collaboration with some of the brightest minds in the industry is key.
Own the roadmap for secure SDLC controls and partner with Engineering to roll out practical security standards.
Drive adoption of key controls across repositories and pipelines, including scanning and code review.
Support vulnerability management and prepare audit-ready documentation.
YipitData is a leading market research and analytics firm for the disruptive economy, providing data-driven insights to top investment funds and Fortune 500 companies. They recently raised $475M and have a culture of ownership, rapid growth, and high impact.
Lead penetration testing across web apps, APIs, and infrastructure.
Deliver detailed reports with proof-of-concept exploitation scenarios.
Mentor junior consultants and contribute to security research.
VerTALENTS is a subsidiary of VerSprite Cybersecurity that specializes in technology staffing, connecting top technical talent with clients. They work with clients to fill both full-time and contracting opportunities, adding value to both clients and candidates.
Embed security into every stage of software delivery across multi-cloud environments (AWS, Azure) as a hands-on technical leader.
Architect secure, scalable infrastructure, set engineering standards, and mentor a team of DevSecOps engineers.
Champion a shift-left security culture, integrate AI-powered tooling, and partner with cross-functional teams to align secure cloud solutions with business objectives.
ComPsych is the worldwide leader in organizational mental health, well-being, and absence management, dedicated to igniting human potential in workplaces across the globe. For over 40 years, they have combined technology with human expertise to support more than 75,000 customers worldwide, touching over 160 million lives across 200 countries.
Remediate platform-level security vulnerabilities using tools like Snyk and SAST/DAST.
Manage identity and access management and support security audits.
Implement security controls in CI/CD pipelines and manage Adobe Cloud Manager.
Solvative is a technology company that provides digital solutions and software development services. They have a small to medium-sized team with an informal, fun work culture that includes regular team activities and investment in employee growth.
Lead and own the ongoing operation and maintenance of Samsara’s vulnerability management program.
Collaborate with engineering teams to track and support the remediation of identified vulnerabilities.
Champion Samsara’s cultural principles in daily work.
Samsara is the pioneer of the Connected Operations Cloud, enabling organizations to harness IoT data for actionable insights. As a recently public company with a global team, they foster a culture of rapid career development and encourage employees to architect their own careers.
Own the operational health of one or two engineering domains (identity, network, cloud, endpoint, monitoring) and lead cross-team security initiatives.
Design security patterns, reference architectures, and standards that the team executes against, ensuring audit-ready documentation.
Mentor mid and associate engineers through pairing, code review, and clear standards to elevate team capability.
Aprio is a Top 20 CPA and advisory firm with over 40 U.S. office locations, international offices, and more than 3,200 team members speaking 60+ languages. They provide expertise and strategic foresight for fast-growing industries, fostering a progressive and innovative culture.
Lead penetration testing engagements on applications with complex technology stacks, working independently and collaboratively.
Contextualize vulnerabilities and assess realistic impact to clients, ensuring quality reports and services are delivered efficiently.
Maintain strong depth of knowledge in application security and mentor teammates while collaborating with project managers and delivery teams.
Coalfire is a cybersecurity firm that helps clients navigate complex security challenges through advisory, assessment, and automation services. The company is headquartered in Chicago with offices across the U.S. and U.K., and supports clients worldwide with a team of passionate cybersecurity experts.
Lead integration of security across the SDLC, embedding automated testing into CI/CD pipelines.
Secure cloud-native AWS architectures and enforce least privilege access and runtime protections.
Perform threat modeling, automate compliance, and innovate with AI security standards.
TrueML is a mission-driven financial software company that uses machine learning to improve customer experiences for distressed borrowers. The team includes data scientists, financial services experts, and customer experience fanatics building inclusive financial technology.
Own and manage bug bounty intake processes, including triaging reports, validating vulnerabilities, and reproducing proof of concepts.
Collaborate with developers and product teams to design and implement effective remediation strategies for identified security issues.
Contribute directly to codebases by reviewing and submitting pull requests to fix security vulnerabilities.
Jobgether is a company using AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. They have a collaborative, feedback-driven culture that encourages innovation and ownership.
Champion and implement security best practices and automated tooling across Spotify's infrastructure and platforms.
Partner closely with teams to integrate security throughout the software development lifecycle from design to deployment.
Conduct threat modeling, security reviews, and risk assessments for both AI and non-AI systems.
Spotify is the world's most popular audio streaming subscription service, unlocking the potential of human creativity by giving artists the opportunity to live off their art. With over 700 million users, the company values curiosity, collaboration, and a willingness to both teach and learn from others.