Independently performs complex security analysis of classified and unclassified applications, systems, and enclaves for compliance with security requirements.
Performs Command Cyber Readiness Inspections and cybersecurity vulnerability evaluations.
Uses a variety of security techniques, technologies, and tools to evaluate security posture in highly complex computer systems and networks.
Electrosoft Services, Inc. provides comprehensive technology-based solutions and services to federal customers. They focus on cybersecurity, ICAM, enterprise IT modernization, and software solutions and retain highly qualified employees and offer them meaningful work, growth opportunities, and work-life balance.
Partner with engineering teams to identify and fix vulnerabilities through hands-on testing, code review, and threat modeling.
Build, implement, and tune security tooling and automation (SAST, SCA, DAST) within the CI/CD pipeline to embed secure development practices.
Perform security testing, including penetration tests using tools like Burp Suite, and stay ahead of emerging threats to continuously strengthen the platform's security posture.
Prolific builds the human data infrastructure, connecting researchers and companies with a global participant pool to collect high-quality, ethically sourced human behavioral data for AI development. The company operates in a mission-driven, collaborative culture focused on impactful work in the AI innovation space.
Collaborate with internal teams to define the scope of application security testing activities.
Plan and carry out application security testing in all phases of the software development life cycle to identify vulnerabilities.
Assess discovered vulnerabilities and recommend solutions to reduce risk and mitigate security impacts to the application environment.
Clear Capital is a national real estate analytics, data solutions and valuation technology company with a simple purpose: to build confidence in real estate decisions to strengthen communities and improve lives. They value commitment, integrity, kindness, and attention to detail, providing a mission-driven environment where work makes a measurable impact.
Embed security into the SDLC by partnering with Engineering to implement secure design patterns, conduct threat modeling, and deliver developer-focused AppSec training.
Lead and perform application security assessments including SAST, DAST, SCA, and manual code review across web, mobile, and API surfaces.
Own and mature the vulnerability management program, including prioritization frameworks, SLA tracking, and cross-functional remediation coordination.
Branch is on a mission to empower workers with financial freedom by helping companies accelerate payments and providing working Americans with accessible, free financial services. They are committed to building inclusive and transparent financial products while valuing diversity of opinions and working styles, fostering innovation, and promoting teamwork.
Assist the GTE team in identifying, analyzing, and emulating cybersecurity threats to assess organizational resilience.
Support Red Team assessments and penetration testing activities, including reconnaissance, vulnerability assessment, exploitation, and reporting.
Help conduct research on emerging cyber threats and attack techniques to enhance team methodologies and capabilities.
Sony Corporation of America is the U.S. headquarters of Sony Group Corporation, based in Tokyo, Japan. Sony creates and delivers more entertainment experiences to more people than anyone else on earth.
Build and cultivate strong client relationships based on trust and communication.
Lead and oversee active client-facing incident response engagements.
Invest in career development and provide mentorship to Forensic professionals.
Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents. Their approach and delivery are designed by industry veterans to address the industry’s persistent challenges of efficiency, predictability, and transparency
Lead high-impact technical engagements with CISOs, SOC leaders, and security architects.
Own the full POC lifecycle, from initial setup to delivering clear business value.
Act as a trusted technical advisor, helping customers understand how PTBOX's offerings fit into their security strategy.
PTBOX offers security leaders a comprehensive platform to continuously assess, validate, and enhance their security defenses. It is an early-stage company operating in a fast-paced environment.
Own the product roadmap for offensive product area(s), from discovery through launch and iteration.
Define attack capabilities, translating attacker techniques into product requirements.
Engage directly with customers and prospects to understand how they use NodeZero.
Horizon3.ai is a cybersecurity company dedicated to enabling organizations to proactively find and fix exploitable attack vectors. They're a fusion of former U.S. Special Operations cyber operators and startup engineers committed to a culture of respect, collaboration, ownership, and results.
Conduct technical due diligence for investment firms, assessing technology strengths, risks, and opportunities in potential investments.
Design and implement improvement solutions such as Agile transformations, while guiding junior developers and engineers.
Collaborate with client and internal technical leads to identify enhancements for software products, organizations, and processes.
Crosslake Technologies provides programmatic, proactive technology management support throughout the investment lifecycle for private equity and tech companies. It is a diverse organization united by the belief that technology makes a difference.
Participate in threat modeling exercises with engineering team members
Triage SCA/SAST/DAST/CSPM findings by eliminating false positives and providing well-vetted vulnerabilities to engineering teams
Support vulnerability management efforts for networks and infrastructure
They offer a SaaS-based Global Employment Platform that enables clients to expand into over 180 countries. Their diverse, remote-first teams are essential to their success, fostering innovation and valuing every contribution.
Conduct regular vulnerability scanning of networks, servers, endpoints and applications.
Prioritize vulnerabilities based on CVSS scores, threat intelligence, and asset criticality.
Partner with IT infrastructure, application development, cloud, and network teams to remediate risks.
Connexus Credit Union serves members across all 50 states. They are a remote first employer with employees in the upper Midwest, and they foster collaboration and high performance.
Bridge Security and Development, empowering engineering teams to deliver secure code.
Integrate security into the Software Development Life Cycle (SDLC) for AI-driven applications.
Conduct penetration tests and monitor application resilience.
EcoVadis is the leading provider of business sustainability ratings. Their solutions are backed by an international team of experts and powerful technology that analyzes data and builds sustainability scorecards, giving companies actionable insights into their environmental, social, and ethical risks.
Own edge governance and traffic analysis using Cloudflare, monitoring for threats and implementing real-time countermeasures.
Lead the vulnerability management program, including triaging third-party researcher reports and coordinating fixes between external researchers and internal engineering teams.
Design and execute proactive offensive security strategies, including internal penetration tests focused on real-world attack paths and business logic flaws.
Donorbox is a leading fundraising platform and donor management system for nonprofit organizations. The company is a profitable, bootstrapped, and fully distributed team of about 150 people based in over 16 states and 23 countries, known for building trusted products and being recognized as a great place to work.
Design and implement scalable vulnerability scanning solutions.
Automate vulnerability ingestion, prioritization, and remediation workflows.
Partner with Engineering and DevOps teams to remediate vulnerabilities.
Keeper Security is a cybersecurity software company protecting organizations and individuals globally. They are known for zero-knowledge and zero-trust security, securing passwords, infrastructure secrets, and remote connections with role-based enforcement policies.
Perform threat modeling, security architecture review, and design analysis for web applications and APIs.
Conduct manual and automated security testing during development and pre-release stages.
Implement and manage SBOM generation and consumption processes across the SDLC.
Constructor's mission is to enable all educational organizations to provide high-quality digital education. With expertise in machine intelligence and data science, they offer an all-in-one platform for education and research, addressing educational challenges.
Represent Surefire Cyber as a skilled technical forensic and consulting expert.
Play a pivotal role in detecting and analyzing intrusions, offering clear guidance to clients.
Provide career development for a Forensic team consisting of 3-4 Consultants.
Surefire Cyber redefines the incident response model by delivering a swifter, stronger response to cyber incidents. Their client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents.
Lead and grow a team of the best security engineers.
Define the strategy for Vanta’s application security program.
Work with Engineering and Product Development to assess and mitigate risk.
Vanta helps businesses earn and prove trust by providing continuous security monitoring and verification. They aim to empower companies to practice better security with their automation and orchestration tools. Vanta has a kind and talented team, embracing individuals with and without prior security experience.
Perform security assessments, control effectiveness review, and cyber incident response
Build and write scripts/queries to assess the security posture of CIS infrastructure
Provide regular reporting on the status of the information security program to senior staff
The Center for Internet Security (CIS) makes the connected world a safer place for people, businesses, and governments through collaboration and innovation. CIS is a community-driven nonprofit responsible for industry-leading best practices for securing IT systems and data.
Serve as the outsourced CISO for 8–12 clients, providing executive-level security leadership on a fractional basis
Conduct security risk assessments, gap analyses, and penetration testing oversight for prospective and current clients
Develop and maintain security programs, policies, and incident response plans tailored to each client's risk profile and regulatory environment
Reputation Management Consultants (RMC) is an affiliated organization with a premier advisory firm specializing in reputation management and strategic consulting for mid-market companies and high-profile clients. They are launching a dedicated cybersecurity division to address a critical truth our clients face every day: a data breach is a reputation event; and are building an AI-powered cybersecurity practice from the ground up.