Conduct regular vulnerability assessments, threat modeling, and security architecture and design reviews.
Partner with engineering teams to identify, prioritize, and mitigate identified risks
Design and implement proactive security solutions to systematically eliminate vulnerability classes rather than endlessly chase individual vulnerabilities
Perform infrastructure security reviews across cloud services, network design, IAM, and platform components.
Design and build internal security services, APIs, and tools that automate infrastructure vulnerability detection, triage, reporting, and remediation.
Develop security automation that integrates with CI/CD, cloud control planes, and developer workflows to shift detection and remediation earlier in the lifecycle.
Webflow is building the world’s leading AI-native Digital Experience Platform as a remote-first company. They empower teams to design, launch, and optimize for the web without barriers, from entrepreneurs to global enterprises, and believe the future of the web, and work, is more open, more creative, and more equitable.
Manage and optimize security tools such as email security, DLP, SIEM, IDS/IPS, EDR, threat intelligence platforms, and other tooling
Design and implement AI-enabled workflows to scale enterprise security and threat operations
Monitor and manage security alerts and incidents, analyze data, and respond to security events
Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing. They are a Series C company backed by a16z, transforming industries that others have written off as too complex to innovate.
Actively partner on the Cloud Security strategy and implementation.
Evolve and expand our current Cloud Security posture across multiple platforms.
Recommend and validate Security controls and improvements across our infrastructure stack
Circle is a global financial technology firm building the foundation for a more open financial system through digital assets, payment applications, and blockchain infrastructure. They value their employees and foster a culture of collaboration and excellence, with a flexible work enviornment.
Secure AI-specific attack surfaces: prompt injection defenses, PII handling in LLM pipelines, model interaction data leakage
Kiefer Tech leverages over 20 years of engineering heritage from the Green Energy sector to deliver cutting-edge AI, robotics, and enterprise solutions across Greece and the EU. They build sovereign AI infrastructure that keeps data within EU borders, respect privacy, and delivers tangible business impact.
Design, develop, and implement cloud-based infrastructure and programs.
Analyze and identify potential security threats and assess risks.
Partner with architects, engineers, and data scientists to develop and implement cloud security strategies.
Sift Healthcare is a data science company working to improve payments operations and outcomes in the healthcare industry. They are a growing and dynamic team based in Milwaukee, Wisconsin, that is serious about AI and thriving, looking for motivated team members who will help shape their culture.
Help scale NerdWallet’s application security program through automation, tooling, and developer enablement.
Partner with engineering and product teams to identify and remediate security gaps across multiple systems while balancing business priorities.
Build tools, processes, and automation that improve security posture visibility for engineers and leadership.
NerdWallet aims to bring clarity to life's financial decisions with a team of exceptional Nerds. They foster an inclusive, flexible, and candid culture where employees are empowered to grow and take risks, supporting well-being and development whether working remotely or in-office.
Design and implement cloud security guardrails across AWS and GCP
Embed policy enforcement and compliance checks directly into Terraform modules
Conduct architecture reviews and continuously harden multi-cloud environments
Beast Industries is a multifaceted media and entertainment company founded by Jimmy Donaldson, popularly known as MrBeast. We are known for revolutionizing digital content creation, encompassing ventures that extend far beyond YouTube.
Design and implement security controls across cloud, infrastructure, and internal platforms
Partner with engineering to harden cloud architecture, IAM, and infrastructure
Own product security reviews for new features, services, and major architecture changes
XBOW is redefining the future of cybersecurity by building the world's first autonomous pentester, powered by AI. They are backed by Sequoia Capital and Altimeter, and a team that includes the creators of GitHub Copilot and GitHub Advanced Security.
Working cross functionally to design, build, and operate solutions that continuously improve and automate our security capabilities
Leveraging data to understand trends, metrics, and opportunities to improve our security posture and then helping execute on those opportunities with stakeholders
Leading and enhancing incident / issues response efforts, spearheading analysis, containment, and mitigation strategies in a cross-functional environment to ensure effective resolution and remediation of security incidents / issues
Aledade, a public benefit corporation, empowers independent primary care practices. Founded in 2014, they've become the largest network of independent primary care in the country with a collaborative, inclusive and remote-first culture.
Collaborate with engineers to defend Tanium Cloud's services.
Design, implement, and operate controls to counter risks and threats.
Integrate security threats, vulnerabilities, and industry trends.
Tanium is an Autonomous IT company driven by AI and real-time endpoint intelligence. They empower IT and security teams to make their organizations unstoppable, with many of the world’s leading organizations trusting their single, unified platform. At Tanium, they are stewards of a culture that emphasizes the importance of collaboration, respect, and diversity.
Drive vulnerability management activities with cross-functional teams.
Execute application security testing and lead cyber risk management efforts.
Oversee remediation of findings from security assessments and testing.
The American Institutes for Research (AIR) is a nonpartisan, not-for-profit organization. They conduct behavioral and social science research and deliver technical assistance to address pressing challenges. They employ data-driven solutions, expanding opportunities and improving lives.
Lead, coach, and grow a team of highly effective engineers, fostering a culture of continuous learning and high performance.
Own the end-to-end vulnerability lifecycle, ensuring the organization meets strict remediation SLAs and prioritizes risks based on actual business impact.
Partner with DevOps and Engineering teams to integrate security earlier in the SDLC, ensuring vulnerabilities are identified and remediated during the design and build phases.
ServiceNow is a global market leader that brings innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500. Their intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work.
Design, develop, and implement cloud security architecture solutions in Microsoft Azure.
Build and maintain security automation using Infrastructure as Code (IaC) tools.
Collaborate with development and platform engineering teams to embed security into CI/CD pipelines.
Hanger, Inc. is the world's premier provider of orthotic and prosthetic (O&P) services and products, offering the most advanced O&P solutions, clinically differentiated programs and unsurpassed customer service. With 160 years of clinical excellence and innovation, Hanger's vision is to lead the orthotic and prosthetic markets by providing superior patient care, outcomes, services and value.
Lead Application Security testing projects and drive remediation of identified vulnerabilities.
Design and run adversarial testing campaigns across the full Buildkite environment.
Build automation for both AppSec and adversarial testing workflows.
Buildkite's mission is to unblock every developer on the planet with their CI/CD platform. They are a remote-first company since 2013 with a small team, high standards, and real ownership distributed across 60+ cities, built around async communication and genuine autonomy.
Leading incident response initiatives and conduct thorough cybersecurity investigations.
Enhancing security program by refining processes and optimizing tooling.
Designing and implementing advanced threat detection and mitigation strategies.
Docplanner empowers patients by giving them access to leave and read reviews about their visits and provides doctors with technology to manage bookings easily and save time. They employ over 2,500 people globally and have a startup-mindset.
Dive into client environments to explore application workloads, infrastructure dependencies, and security controls.
Aid in the design and implement migration strategies to reduce risks and unlock automation opportunities.
Develop scalable and secure infrastructure using Infrastructure as Code (IaC) tools.
Kunai builds full-stack technology solutions for banks, credit and payment networks, infrastructure providers, and their customers. At Kunai, they help their clients modernize, capitalize on emerging trends, and evolve their business for the coming decades by remaining tech-agnostic and human-centered.
Conduct structured interviews with partner organizations, operational teams, and technical stakeholders.
Documents end‑to‑end operational workflows and surface implicit, non‑documented practices.
Identify workflow fragility zones, handoff risks, and transition‑period vulnerabilities.
Element serves as a partner at the intersection of innovation and our clients' needs, efficiently crafting meaningful user experiences for government and commercial customers. Our talented professionals bring unparalleled energy engagement, setting a higher standard for impactful work.
Partner with engineering to drive technical implementation of controls throughout the product and infrastructure
Design, implement, and continuously improve security controls across AWS infrastructure and application architecture
Enhance and tune monitoring and detection capabilities in support of customer security and incident response capabilities
AlertMedia helps organizations protect their people and businesses through all phases of an emergency. Their award-winning threat intelligence, emergency communication, and travel risk management solutions help companies of all sizes identify, respond to, and recover from critical events faster and more confidently. They support essential communication for thousands of leading businesses in more than 150 countries.
Plays a key role in safeguarding the company’s cloud-based healthcare SaaS platforms, infrastructure, and customer data.
Responsible for designing, implementing, and managing enterprise-grade security solutions that align with regulatory frameworks such as HIPAA, HITRUST, SOC 2, and NIST 800-53.
Hands-on technologist with deep knowledge of cloud security (AWS/Azure), DevSecOps practices, endpoint protection, identity management, and security automation.
Reveleer provides cloud-based healthcare SaaS platforms. Reveleer is an equal opportunity employer and E-Verifies all new hires.
Lead security architecture and design reviews across applications, infrastructure, and integrations.
Conduct and coordinate penetration testing, threat modeling, and security reviews.
Design and implement security automation within CI/CD pipelines.
Assured modernizes insurance by providing software solutions to large insurers that help them win in a technology-driven world. Their products include self-service claim-filing software to backend fraud detection and are dynamic, collaborative, and rewarding.