Perform penetration testing and design reviews to identify vulnerabilities and insecure designs.
Maintain and build internal tools to automate security efforts, including SAST and DAST testing.
Identify vulnerabilities, demonstrate business impact, and articulate risk to drive prioritization.
Brex is the intelligent finance platform that enables companies to spend smarter and move faster in over 200 markets. With tens of thousands of customers including DoorDash, Coinbase, and Zoom, Brex fosters a diverse and inclusive team culture where collaboration with some of the brightest minds in the industry is key.
Own and improve the secure software development lifecycle, perform application security reviews, threat modeling, and deep code-level analysis for high-impact product, platform, and AI features.
Drive vulnerability management across internal reviews, bug bounty, pentests, and other research signals, ensuring findings are validated, prioritized, and tracked through remediation.
Configure and improve AppSec tooling and integrations, and use AI to automate and scale security processes while validating outputs with strong engineering judgment.
Apollo.io is the leading go-to-market solution for revenue teams, trusted by over 500,000 companies and millions of users globally. Founded in 2015, the company is one of the fastest growing companies in SaaS, raising approximately $250 million to date and valued at $1.6 billion.
Play a key role in protecting and strengthening large-scale cloud-native applications that power next-generation AI infrastructure.
Work at the intersection of software engineering and cybersecurity, ensuring security is embedded throughout the software development lifecycle.
Collaborate cross-functionally to identify and remediate vulnerabilities in complex distributed systems.
Our partner is a company building large-scale cloud-native applications that power next-generation AI infrastructure. They have a high-impact security engineering environment with a collaborative and innovative culture focused on trust, learning, and impact.
Partner with Product and Engineering teams to integrate security into application design and development, leading threat modeling and secure code reviews.
Develop and implement automated security guardrails across the SDLC, investigate and prioritize application security findings.
Promote secure coding practices through training and coaching, and create security standards and procedures that scale across teams.
Quanata is an insurance technology innovation company that engineers advanced risk prediction and prevention solutions and builds a full-stack, flexible, digital & increasingly AI-native insurance platform. We are a remote-first company wholly owned and funded by State Farm, with a culture that prioritizes inclusivity and positive collaboration.
Own and manage bug bounty intake processes, including triaging reports, validating vulnerabilities, and reproducing proof of concepts.
Collaborate with developers and product teams to design and implement effective remediation strategies for identified security issues.
Contribute directly to codebases by reviewing and submitting pull requests to fix security vulnerabilities.
Jobgether is a company using AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. They have a collaborative, feedback-driven culture that encourages innovation and ownership.
Enable software engineering teams to continuously improve the security posture of products and SaaS environments through AppSec and DevSecOps expertise.
Serve as the go-to AppSec expert, mentoring engineers on secure design patterns and coding practices while collaborating on threat models and design reviews.
Lead automation of vulnerability management tooling across CI/CD pipelines, perform security code reviews, and contribute to compliance strategies.
Hypori is a high-growth cybersecurity SaaS company transforming how organizations think about secure mobility. Backed by $55M in funding from investors including UBS and AE Industrial Partners, the company is expanding into new commercial and regulated markets.
Performs web, mobile application, and internal penetration tests.
Researches new attack vectors and stays current with cybersecurity news and trends.
Creates detailed reports that clearly communicate vulnerabilities and mitigation.
Insider One provides a platform that unifies marketing and customer engagement teams. With over 1,500 team members across 30+ offices, they focus on AI-driven solutions and customer data integration across various channels.
Lead AppSec program assessments to evaluate current state and help clients prioritize remediation efforts based on risk, resources, and organizational readiness.
Design pragmatic security workflows, processes, and tooling integrations that engineering teams will actually adopt.
Deliver polished client work including clear assessments, actionable roadmaps, and executive communications that drive decision-making.
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. The company has grown to over 1,200 employees and serves as a trusted advisor to more than 6,200 customers.
Perform hands-on web application penetration tests on real customer applications to find vulnerabilities.
Identify coverage gaps in autonomous testing and manually reproduce edge cases for product improvement.
Partner with engineers to translate findings into product coverage and build regression test cases.
Horizon3.ai is a cybersecurity company that provides the NodeZero platform for autonomous penetration testing. They are a fast-growing, remote team of former U.S. Special Operations cyber operators, startup engineers, and cybersecurity practitioners committed to a culture of respect, collaboration, ownership, and results.
Work closely with development teams, product managers, and third-party groups to ensure AutoFi’s products, services, cloud environments, internal systems, and vendor ecosystem are secure.
Contribute to secure design reviews, application security standards, vulnerability management, security monitoring, incident response, threat hunting, and third-party security assessments.
Define, implement, and maintain security practices, standards, and controls across AutoFi’s products, services, cloud environments, and internal systems.
AutoFi is the leading provider of digital commerce technology that powers the sales and finance experiences for the most innovative brands and dealers in automotive. Their dynamic selling platform empowers dealers to sell vehicles more efficiently and profitably, both online and in the showroom. They are funded for years of future growth and backed by investors.
Smartsheet helps people and teams achieve their goals with seamless work management and scalable solutions. They empower teams to automate tasks, uncover insights, and scale smarter, fostering a culture of innovation and impact with a focus on challenge and purpose.
Own end-to-end security reviews across smart contracts, backend services, and frontend surfaces.
Build and ship an agentic security CI/CD pipeline that runs autonomously against every PR and release candidate.
Triage and manage the bug bounty program, reproduce findings, and route confirmed issues to engineering with context.
Polygon Labs is a global blockchain payments company building infrastructure to move money instantly and reliably. It has facilitated trillions in onchain value transfer and supports millions of daily transactions for banks, fintechs, and enterprises.
Perform scoped and open-ended assessments on internal and external facing systems.
Perform threat and vulnerability research to identify new ways of achieving the program’s mission.
Work with the customer Blue Team to identify gaps, address findings, and improve breach response.
Cyber Advisors is a rapidly growing Cybersecurity Consulting firm that simulates real-world attacks to uncover vulnerabilities. They believe in inclusion, employee development, and have a caring, happy culture where people feel valued.
Champion and implement security best practices and automated tooling across Spotify's infrastructure and platforms.
Partner closely with teams to integrate security throughout the software development lifecycle from design to deployment.
Conduct threat modeling, security reviews, and risk assessments for both AI and non-AI systems.
Spotify is the world's most popular audio streaming subscription service, unlocking the potential of human creativity by giving artists the opportunity to live off their art. With over 700 million users, the company values curiosity, collaboration, and a willingness to both teach and learn from others.
Lead security architecture reviews for new and existing applications.
Develop, enforce, and continuously refine secure coding standards across engineering teams.
Continuously improve threat modeling frameworks across application components.
Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. They empower credit unions and banks by creating cutting-edge digital experiences. At Lumin, their culture is built on trust in expertise and decisions, respect for diverse perspectives and talents, and boldness in pursuing new ideas.
Coordinate with engineering teams to raise concerns and communicate results.
Manage and review the work of external security auditing teams.
Espresso Systems is building foundational infrastructure to power tomorrow’s internet, where digital assets are able to move across chains. They are a diverse and passionate group of contributors from around the world with roughly $60 million raised from leading investors.
Plan, design, and execute red (and purple) team engagements to simulate advanced adversarial tactics and techniques.
Perform in-depth penetration tests on web applications, endpoint agents, internal systems, and our people.
Utilize a mix of traditional scripting and generative AI platforms to rapidly prototype tools, replicate sophisticated cyber threats, and automate repetitive workflows during live engagements.
Huntress is dedicated to making enterprise-grade cybersecurity accessible to businesses of all sizes. Founded in 2015 by former NSA cyber operators, they are a remote-first team and secure more than 5M endpoints and 11M identities worldwide.