Enable software engineering teams to continuously improve the security posture of products and SaaS environments through AppSec and DevSecOps expertise.
Serve as the go-to AppSec expert, mentoring engineers on secure design patterns and coding practices while collaborating on threat models and design reviews.
Lead automation of vulnerability management tooling across CI/CD pipelines, perform security code reviews, and contribute to compliance strategies.
Work closely with development teams, product managers, and third-party groups to ensure AutoFi’s products, services, cloud environments, internal systems, and vendor ecosystem are secure.
Contribute to secure design reviews, application security standards, vulnerability management, security monitoring, incident response, threat hunting, and third-party security assessments.
Define, implement, and maintain security practices, standards, and controls across AutoFi’s products, services, cloud environments, and internal systems.
AutoFi is the leading provider of digital commerce technology that powers the sales and finance experiences for the most innovative brands and dealers in automotive. Their dynamic selling platform empowers dealers to sell vehicles more efficiently and profitably, both online and in the showroom. They are funded for years of future growth and backed by investors.
Own and improve the secure software development lifecycle, perform application security reviews, threat modeling, and deep code-level analysis for high-impact product, platform, and AI features.
Drive vulnerability management across internal reviews, bug bounty, pentests, and other research signals, ensuring findings are validated, prioritized, and tracked through remediation.
Configure and improve AppSec tooling and integrations, and use AI to automate and scale security processes while validating outputs with strong engineering judgment.
Apollo.io is the leading go-to-market solution for revenue teams, trusted by over 500,000 companies and millions of users globally. Founded in 2015, the company is one of the fastest growing companies in SaaS, raising approximately $250 million to date and valued at $1.6 billion.
Lead security architecture reviews for new and existing applications.
Develop, enforce, and continuously refine secure coding standards across engineering teams.
Continuously improve threat modeling frameworks across application components.
Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. They empower credit unions and banks by creating cutting-edge digital experiences. At Lumin, their culture is built on trust in expertise and decisions, respect for diverse perspectives and talents, and boldness in pursuing new ideas.
Lead AppSec program assessments to evaluate current state and help clients prioritize remediation efforts based on risk, resources, and organizational readiness.
Design pragmatic security workflows, processes, and tooling integrations that engineering teams will actually adopt.
Deliver polished client work including clear assessments, actionable roadmaps, and executive communications that drive decision-making.
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. The company has grown to over 1,200 employees and serves as a trusted advisor to more than 6,200 customers.
Embed security into CI/CD pipelines and product development as a technical leader.
Drive cross-team influence and own hard security challenges in a cloud-native environment.
Work in a remote-first culture focused on customer obsession and intentional action.
Chainguard provides hardened, secure, and production-ready builds of open source software to help organizations build faster and stay compliant. Backed by leading investors including Sequoia Capital and Kleiner Perkins, Chainguard serves Fortune 500 enterprises and global industry leaders.
Perform penetration testing and design reviews to identify vulnerabilities and insecure designs.
Maintain and build internal tools to automate security efforts, including SAST and DAST testing.
Identify vulnerabilities, demonstrate business impact, and articulate risk to drive prioritization.
Brex is the intelligent finance platform that enables companies to spend smarter and move faster in over 200 markets. With tens of thousands of customers including DoorDash, Coinbase, and Zoom, Brex fosters a diverse and inclusive team culture where collaboration with some of the brightest minds in the industry is key.
Build, operationalize, and scale the security engineering practices that protect our benefits platform.
Partner with teams building web and mobile applications, backend services, system integrations and data platforms.
Set direction and mature security capabilities; introduce strong standards and ship incremental improvements.
Benepass is making benefits easy by tailoring them to the unique needs of the workforce with an easy-to-use and highly customizable fintech platform. They are backed by leading investors and have raised approximately $75 million in equity capital, fostering an inclusive environment for its employees.
Build detections and security signal pipelines in Datadog.
Serve as the subject matter expert on AWS Cloud and on-prem infrastructure security.
Act as the technical lead during security incidents, including investigation and remediation.
Voltus is the leading platform connecting distributed energy resources to electricity markets, delivering less expensive, more reliable, and more sustainable electricity. Our company appears to be a remote-first company, and values diversity and inclusion.
Lead, coach, and grow the Security Engineering team.
Design and implement security controls across Cloud environments.
Partner with engineering teams to embed security into the SDLC.
Horizon3.ai is a cybersecurity company dedicated to enabling organizations to proactively find, fix, and verify exploitable attack vectors. They are a fast-growing company with a culture of respect, collaboration, ownership, and results.
Lead security strategy across infrastructure, cloud systems, and enterprise applications.
Drive SOC 2, ISO 27001, and ISO 42001 readiness/certifications.
Own vulnerability management, threat monitoring, and incident response workflows.
SaaS Talent is a recruiting company, and a hiring, business development and growth partner with 20+ years of experience in SaaS and Hi-Tech that helps you scale and transform your business. They've worked with 100+ companies and helped them achieve their goals.
Own and manage bug bounty intake processes, including triaging reports, validating vulnerabilities, and reproducing proof of concepts.
Collaborate with developers and product teams to design and implement effective remediation strategies for identified security issues.
Contribute directly to codebases by reviewing and submitting pull requests to fix security vulnerabilities.
Jobgether is a company using AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. They have a collaborative, feedback-driven culture that encourages innovation and ownership.
Partner with engineering teams to design, build, and operate secure-by-default cloud infrastructure across AWS and Google Cloud.
Build reusable Terraform modules and policy-as-code guardrails to make secure implementation easier for engineering teams.
Operate CSPM/CNAPP tooling and drive remediation of cloud vulnerabilities and misconfigurations.
Fullscript is a health technology company that provides a platform for practitioners to access clinical insights, lab interpretations, and high-quality supplements, serving over 125,000 practitioners and 10 million patients. The company has a remote-first culture, emphasizes work-life balance, and values inclusivity and continuous learning.
You will own small-to-medium engineering projects end-to-end, configure and operate security controls, and partner with senior engineers on larger initiatives.
You will develop deepening expertise in at least one control domain such as identity, endpoint, vulnerability management, or cloud security.
You will produce clean operational documentation, participate in change reviews, and mentor associate engineers on day-to-day execution.
Aprio is a Top 20 CPA and advisory firm that provides proven expertise and strategic foresight for fast-growing industries. The firm has over 40 U.S. office locations and more than 3,200 team members globally, with a top-rated culture focused on growth and innovation.
Smartsheet helps people and teams achieve their goals with seamless work management and scalable solutions. They empower teams to automate tasks, uncover insights, and scale smarter, fostering a culture of innovation and impact with a focus on challenge and purpose.
Design, build, and maintain scalable cloud infrastructure services in AWS and GCP.
Contribute production-quality Go and Python code to existing cloud services.
Develop and own automation and software deployment pipelines with maximum efficiency.
Dragos is dedicated to arming customers with best-in-class technology, threat intelligence, and services to protect their systems. They embody core values of authenticity, transparency, and trust and are a remote-first culture with operations in North America, Europe, the Middle East, and APAC.
Design, develop, and implement cloud security architecture solutions in Microsoft Azure.
Build and maintain security automation using Infrastructure as Code (IaC) tools.
Collaborate with development teams to embed security into CI/CD pipelines.
Hanger, Inc. is the world's premier provider of orthotic and prosthetic (O&P) services and products, offering advanced O&P solutions. With 160 years of excellence, Hanger employs many to help people achieve new levels of mobility and freedom.
Develop, automate, and maintain CI/CD pipelines for optimal software releases.
Collaborate with cross-functional teams to integrate DevOps practices with security.
Support cloud infrastructure using AWS services such as API Gateway, Lambda, S3, EKS, RDS, and Cognito.
LMI is a digital solutions provider dedicated to accelerating government impact with innovation and speed. The company serves defense, space, healthcare, and energy sectors with a focus on agility and collaboration.
Ensure the protection of patient data and all of the technology behind our platform.
Work helps ensure the best outcomes for patients as we strive to make mental healthcare work for everyone.
Rula strives to create a world where mental health is embraced as part of overall well-being. They are dedicated to providing quality, evidence-based care and making a positive impact on the lives of individuals struggling with mental health issues.
Own the end-to-end vulnerability lifecycle: intake, triage, assignment, remediation coordination, verification, and closure across all finding sources.
Enforce severity-based SLAs, escalation paths, and ownership expectations; track remediation timelines and follow up with engineering teams.
Assist the DevSecOps Lead with implementation of baseline security controls and help integrate controls into repositories, CI/CD pipelines, registries, and deployment workflows.
YipitData is the leading market research and analytics firm for the disruptive economy. They analyze billions of alternative data points to uncover actionable insights across sectors, with offices globally and recognized by Inc. as a Best Workplace for three consecutive years, emphasizing transparency, ownership, and continuous mastery.