Own and improve the secure software development lifecycle, perform application security reviews, threat modeling, and deep code-level analysis for high-impact product, platform, and AI features.
Drive vulnerability management across internal reviews, bug bounty, pentests, and other research signals, ensuring findings are validated, prioritized, and tracked through remediation.
Configure and improve AppSec tooling and integrations, and use AI to automate and scale security processes while validating outputs with strong engineering judgment.
Enable software engineering teams to continuously improve the security posture of products and SaaS environments through AppSec and DevSecOps expertise.
Serve as the go-to AppSec expert, mentoring engineers on secure design patterns and coding practices while collaborating on threat models and design reviews.
Lead automation of vulnerability management tooling across CI/CD pipelines, perform security code reviews, and contribute to compliance strategies.
Hypori is a high-growth cybersecurity SaaS company transforming how organizations think about secure mobility. Backed by $55M in funding from investors including UBS and AE Industrial Partners, the company is expanding into new commercial and regulated markets.
Lead security architecture reviews for new and existing applications.
Develop, enforce, and continuously refine secure coding standards across engineering teams.
Continuously improve threat modeling frameworks across application components.
Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. They empower credit unions and banks by creating cutting-edge digital experiences. At Lumin, their culture is built on trust in expertise and decisions, respect for diverse perspectives and talents, and boldness in pursuing new ideas.
Smartsheet helps people and teams achieve their goals with seamless work management and scalable solutions. They empower teams to automate tasks, uncover insights, and scale smarter, fostering a culture of innovation and impact with a focus on challenge and purpose.
Work closely with development teams, product managers, and third-party groups to ensure AutoFi’s products, services, cloud environments, internal systems, and vendor ecosystem are secure.
Contribute to secure design reviews, application security standards, vulnerability management, security monitoring, incident response, threat hunting, and third-party security assessments.
Define, implement, and maintain security practices, standards, and controls across AutoFi’s products, services, cloud environments, and internal systems.
AutoFi is the leading provider of digital commerce technology that powers the sales and finance experiences for the most innovative brands and dealers in automotive. Their dynamic selling platform empowers dealers to sell vehicles more efficiently and profitably, both online and in the showroom. They are funded for years of future growth and backed by investors.
Lead AppSec program assessments to evaluate current state and help clients prioritize remediation efforts based on risk, resources, and organizational readiness.
Design pragmatic security workflows, processes, and tooling integrations that engineering teams will actually adopt.
Deliver polished client work including clear assessments, actionable roadmaps, and executive communications that drive decision-making.
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. The company has grown to over 1,200 employees and serves as a trusted advisor to more than 6,200 customers.
Own and manage bug bounty intake processes, including triaging reports, validating vulnerabilities, and reproducing proof of concepts.
Collaborate with developers and product teams to design and implement effective remediation strategies for identified security issues.
Contribute directly to codebases by reviewing and submitting pull requests to fix security vulnerabilities.
Jobgether is a company using AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. They have a collaborative, feedback-driven culture that encourages innovation and ownership.
Perform penetration testing and design reviews to identify vulnerabilities and insecure designs.
Maintain and build internal tools to automate security efforts, including SAST and DAST testing.
Identify vulnerabilities, demonstrate business impact, and articulate risk to drive prioritization.
Brex is the intelligent finance platform that enables companies to spend smarter and move faster in over 200 markets. With tens of thousands of customers including DoorDash, Coinbase, and Zoom, Brex fosters a diverse and inclusive team culture where collaboration with some of the brightest minds in the industry is key.
You will own small-to-medium engineering projects end-to-end, configure and operate security controls, and partner with senior engineers on larger initiatives.
You will develop deepening expertise in at least one control domain such as identity, endpoint, vulnerability management, or cloud security.
You will produce clean operational documentation, participate in change reviews, and mentor associate engineers on day-to-day execution.
Aprio is a Top 20 CPA and advisory firm that provides proven expertise and strategic foresight for fast-growing industries. The firm has over 40 U.S. office locations and more than 3,200 team members globally, with a top-rated culture focused on growth and innovation.
Act as the main cybersecurity partner to Customer Support and Integrity teams, establishing the dedicated security function and building vision, strategy, and execution.
Lead technical direction, design security controls, and operationalize solutions to reduce risk for support agents and tooling across global teams.
Drive alignment, build measurable metrics, and perform security testing to proactively manage security risks at scale.
DoorDash is a technology and logistics company that enables door-to-door delivery, connecting consumers, merchants, and Dashers. They are a large, rapidly growing company committed to supporting employee happiness and health with comprehensive benefits and perks.
Provide security automation and application development expertise.
Assist in detection and alerting through various security tools.
Evaluate new technologies and processes that enhance security capabilities.
Ivanti manages, automates, and protects data and technology to empower continuous innovation. Their AI-powered platform brings IT and Security teams together around a single, trusted system of record enabling smarter decisions. They serve 34,000 customers across 149 countries.
Build, operationalize, and scale the security engineering practices that protect our benefits platform.
Partner with teams building web and mobile applications, backend services, system integrations and data platforms.
Set direction and mature security capabilities; introduce strong standards and ship incremental improvements.
Benepass is making benefits easy by tailoring them to the unique needs of the workforce with an easy-to-use and highly customizable fintech platform. They are backed by leading investors and have raised approximately $75 million in equity capital, fostering an inclusive environment for its employees.
Own end-to-end security reviews across smart contracts, backend services, and frontend surfaces.
Build and ship an agentic security CI/CD pipeline that runs autonomously against every PR and release candidate.
Triage and manage the bug bounty program, reproduce findings, and route confirmed issues to engineering with context.
Polygon Labs is a global blockchain payments company building infrastructure to move money instantly and reliably. It has facilitated trillions in onchain value transfer and supports millions of daily transactions for banks, fintechs, and enterprises.
Define and evolve product security architecture for Valon’s multi-tenant SaaS platform.
Support secure implementation of customer-facing security capabilities in conjunction with Engineering.
Lead threat modeling, security design and code reviews for new features, services, and major architectural changes.
Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing. We're a Series C company backed by a16z, transforming industries that others have written off as too complex to innovate.
Partner with engineering teams to design, build, and operate secure-by-default cloud infrastructure across AWS and Google Cloud.
Build reusable Terraform modules and policy-as-code guardrails to make secure implementation easier for engineering teams.
Operate CSPM/CNAPP tooling and drive remediation of cloud vulnerabilities and misconfigurations.
Fullscript is a health technology company that provides a platform for practitioners to access clinical insights, lab interpretations, and high-quality supplements, serving over 125,000 practitioners and 10 million patients. The company has a remote-first culture, emphasizes work-life balance, and values inclusivity and continuous learning.
Performs web, mobile application, and internal penetration tests.
Researches new attack vectors and stays current with cybersecurity news and trends.
Creates detailed reports that clearly communicate vulnerabilities and mitigation.
Insider One provides a platform that unifies marketing and customer engagement teams. With over 1,500 team members across 30+ offices, they focus on AI-driven solutions and customer data integration across various channels.
Design, develop, and implement cloud security architecture solutions in Microsoft Azure.
Build and maintain security automation using Infrastructure as Code (IaC) tools.
Collaborate with development teams to embed security into CI/CD pipelines.
Hanger, Inc. is the world's premier provider of orthotic and prosthetic (O&P) services and products, offering advanced O&P solutions. With 160 years of excellence, Hanger employs many to help people achieve new levels of mobility and freedom.
Own the managed AI platform posture end-to-end, anticipating changes and governing usage across the organization.
Build financial visibility with token tracking dashboards, anomaly detection, and ROI reporting for leadership.
Harden AI security posture by mitigating prompt injection risks and ensuring no sensitive data flows into AI prompts.
Chainguard is the trusted source for open source, delivering hardened, secure builds of open source software and AI agents. They are venture-backed by leading investors and count Fortune 500 enterprises like Anduril, Canva, and OpenAI as customers.
Lead security strategy across infrastructure, cloud systems, and enterprise applications.
Drive SOC 2, ISO 27001, and ISO 42001 readiness/certifications.
Own vulnerability management, threat monitoring, and incident response workflows.
SaaS Talent is a recruiting company, and a hiring, business development and growth partner with 20+ years of experience in SaaS and Hi-Tech that helps you scale and transform your business. They've worked with 100+ companies and helped them achieve their goals.
Lead and grow the Application & Product Security squad.
Own the strategic direction of product, application, and AI security.
Drive vulnerability management end-to-end with urgency.
Monarch is a personal finance platform designed to make finances feel simple again. They are a team of do-ers led by experienced entrepreneurs passionate about helping members reach their financial goals, hyper focused on building a product people love.