Investigate activity and disrupt abusive operations in partnership with our policy, legal, integrity, global affairs and security teams, including by conducting cross-internet and open source research
Develop abuse signals and tracking strategies to help proactively detect harmful activity on our platform
Communicate investigation findings from your work with stakeholders internally and, at times, externally
OpenAI's mission is to ensure that general-purpose artificial intelligence benefits all of humanity. They are an AI research and deployment company that pushes the boundaries of AI systems and seeks to safely deploy them to the world through their products.
Helping design, develop, and deliver security features, with safety and security in mind
Working with other engineering teams to ensure that they make safe and compliant architectural and implementation choices
Leading by example in code review, decision-making, and team culture — fostering transparency, empathy, and collaboration
The Wikimedia Foundation operates Wikipedia and other Wikimedia free knowledge projects with the vision of a world in which every single human can freely share in the sum of all knowledge. They are a charitable, not-for-profit organization that relies on donations with offices in San Francisco, California, USA. They value having a diverse workforce and continuously strives to maintain an inclusive and equitable workplace.
Provide technical leadership on identity and access related projects.
Design, build, and deploy core systems like multi-factor authentication.
Engage with stakeholders to define requirements and balance security needs.
Patreon is a media and community platform where creators can give fans access to exclusive work. They have generated over $10 billion for creators and have over 100 million free memberships.
Investigate safety incidents, fraud cases, disputes, and policy violations.
Gather evidence, document findings, and make recommendations for resolution.
Partner with Operations, Legal, Support, and Risk teams on escalations.
Muvr is building the future of on-demand logistics and moving services. They connect customers with trusted drivers and crews to deliver large items quickly and reliably, ensuring safe interactions and a secure environment.
Lead Application Security testing projects and drive remediation of identified vulnerabilities.
Design and run adversarial testing campaigns across the full Buildkite environment.
Build automation for both AppSec and adversarial testing workflows.
Buildkite's mission is to unblock every developer on the planet with their CI/CD platform. They are a remote-first company since 2013 with a small team, high standards, and real ownership distributed across 60+ cities, built around async communication and genuine autonomy.
Perform infrastructure security reviews across cloud services, network design, IAM, and platform components.
Design and build internal security services, APIs, and tools that automate infrastructure vulnerability detection, triage, reporting, and remediation.
Develop security automation that integrates with CI/CD, cloud control planes, and developer workflows to shift detection and remediation earlier in the lifecycle.
Webflow is building the world’s leading AI-native Digital Experience Platform as a remote-first company. They empower teams to design, launch, and optimize for the web without barriers, from entrepreneurs to global enterprises, and believe the future of the web, and work, is more open, more creative, and more equitable.
Analyze security vulnerabilities and drive remediations.
Integrate security at every stage of the SDLC.
Deploy and manage security tooling.
Modern Health is a mental health benefits platform for employers, offering access to various resources for emotional, professional, social, financial, and physical well-being. They are the fastest entirely female-founded company in the U.S. to reach Unicorn status, with a unique culture centered around high empathy and accountability.
Research and develop offensive agentic capabilities that become core Sybil features
Hunt for real vulnerabilities across a range of target environments and translate what you find into repeatable, automated techniques
Build and ship end-to-end customer-facing features: from research spike to production deployment
Founded in 2023, RunSybil is automating hacker intuition by building Sybil: an AI-driven pentester. Backed by investor support and customer traction, their team comprises experts from OpenAI, Meta, Mandiant, Palantir, Cruise, Trail of Bits, and Aptiv.
Play a pivotal role in shaping the architecture, strategic direction and maturity of Canva’s Detection and Response capabilities.
Deliver innovative and scalable security solutions yourself as an individual, and also as a mentor of other security builders.
Evangelise and lead the adoption and integration of GenAI Workflows to raise the efficiency and scalability of the Detection and Response team’s operations.
Canva is a design platform redefining how the world experiences design. They have campuses in Sydney and Melbourne, and co-working spaces in Brisbane, Perth and Adelaide, with a flexible and fun culture that incorporates empathy, humility, and generosity.
Partner with engineering teams to conduct threat modeling.
Build and maintain automated scanning, penetration testing frameworks, and monitoring tools within our AWS CI/CD pipelines.
Champion a "security-first" mindset and host workshops that empower developers to write secure code.
Panopto is a customer-centric learning technology company and the leader in visual and audio-based learning. They empower organizations to share knowledge effortlessly. Panopto has been adopted by more than 1,600 companies and universities worldwide with over 11 million end users.
Analyze, troubleshoot and resolve operational challenges contributing to defined SLO's.
Manage site stability, performance, reliability, and maintain uptime for production environments.
CentralReach provides autism and IDD care software for Applied Behavior Analysis (ABA), multidisciplinary therapy, and special education. They are trusted by more than 200,000 users and is backed by Roper Technologies, Inc. (Nasdaq: ROP). Their culture is centered around impact, inclusion, and flexibility.
Refine the cloud environment, pruning back the excess to curate a purpose-led, repeatable, and reliable security space.
Translate security intent into a smooth operational reality, ensuring controls work beautifully at scale with clarity and predictability.
Design and shape the team's operations for years to come, leaving a lasting legacy.
Who Gives A Crap is a leading eco-friendly household essentials business that donates 50% of its profits to help everyone gain access to clean water and a toilet. With 250+ people across Australia, the UK, the Philippines, China, and the US, they aim to make the biggest possible impact for people and the planet.
Design, implement, and maintain systems that secure Yelp’s AWS and Google Cloud Platform environments.
Develop and enforce data security controls to support privacy initiatives.
Manage system-level access controls and tiered access for internal digital assets.
Yelp's engineering culture values individual authenticity and encourages creative solutions. They focus on helping users, growing as engineers, and having fun in a collaborative environment.
You will be responsible for owning and delivering quarterly goals for your team, leading engineers on your team through ambiguity to solve open-ended problems, and ensuring that everyone is supported throughout delivery.
You will support your peers and stakeholders in the product development lifecycle by collaborating with product management, design & analytics by participating in ideation, articulating technical constraints, and partnering on decisions that properly consider risks and trade-offs.
You will proactively identify project, process, technology or business issues, advocate for them, and lead in solving them.
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm is remote-first company with a simple and transparent pay structure which is based on a variety of factors, including location, experience and job-related skills.
Build and maintain stable, scalable foundational services that can be leveraged by other engineering teams.
Collaborate with many internal partners and product teams to influence the design of our API surface.
Design and develop reliable, secure, highly available and delightful experiences for the dbt Cloud admin and the end user.
Dbt Labs is the pioneer of analytics engineering, helping data teams transform raw data into reliable, actionable insights. They've grown from an open source project and now serve more than 5,400 dbt Platform customers, including Astra Zenica, Sky, Nasdaq, Volvo, JetBlue, and SafetyCulture.
Actively partner on the Cloud Security strategy and implementation.
Evolve and expand our current Cloud Security posture across multiple platforms.
Recommend and validate Security controls and improvements across our infrastructure stack
Circle is a global financial technology firm building the foundation for a more open financial system through digital assets, payment applications, and blockchain infrastructure. They value their employees and foster a culture of collaboration and excellence, with a flexible work enviornment.
Build distributed systems that support reliability, resiliency, and safe operation at scale.
Design and operate traffic control mechanisms: circuit breakers, rate limiting, admission control, backpressure, and graceful degradation.
Develop tooling that improves incident detection, response, and automated mitigation.
Whatnot is the largest live shopping platform in North America and Europe to buy, sell, and discover the things you love. They are a remote co-located team, inspired by innovation and anchored in their values.
Execute daily risk operations workflows, including triaging merchant underwriting applications and managing transaction monitoring reviews.
Work hands-on in Stripe Radar to build and tune fraud detection rules, manage alert thresholds, and maintain a healthy review queue.
Monitor payout operations for exceptions and anomalies, flagging holds, negative balances, and edge cases before they become merchant-facing problems.
Owner.com is the AI growth system for local restaurants, helping them improve SEO, marketing, and online ordering to grow first-party orders. Their team is in the low hundreds and includes top talent from successful SMB software companies, scaling rapidly to keep pace with customer growth.
KnowBe4 is a cybersecurity company that puts security first and provides an AI-driven Human Risk Management platform, empowering organizations to strengthen their security culture. They have unusually high customer retention rates and recognition as a Leader by G2 and TrustRadius.
Own the strategy and execution for the Cloudflare ecosystem to secure the network edge.
Lead the design of security controls within Google Cloud Platform, specifically for Vertex AI, BigQuery, VPC Service Controls, IAM, and Security Command Center.
Embed security into CI/CD pipelines (Cloud Build, GitHub Actions) using Infrastructure as Code (Terraform).
Kareo and PatientPop joined forces to become Tebra, the digital backbone for practice well-being, helping independent practices bring modernized care to patients everywhere. Well over 100,000 providers trust them to elevate their patient experience and grow their practice.