Own and operate n8n’s vulnerability intake and triage process, including the [email protected] inbox
Define and maintain security policies, standards, and public-facing disclosure documentation
Embed security into the software development lifecycle through threat modeling, design reviews, and pragmatic guardrails
n8n is the open workflow orchestration platform built for the new era of AI. They give technical teams the freedom of code with the speed of no-code, so they can automate faster, smarter, and without limits. Since their founding in 2019, they’ve grown into a diverse team of over 160.
Define and drive the strategic roadmap for proactive security vulnerability analysis.
Establish the technical vision and program for integrating robust security controls at every stage of the SDLC.
Lead collaborative and cross-functional threat modeling initiatives for core systems, new features, and evolving services.
Modern Health is a mental health benefits platform for employers, offering access to resources for emotional, professional, social, financial, and physical well-being. They are a fully remote workforce known for their culture centered around empathy and accountability, with a drive to win.
Partner with Product teams to ensure that products are designed, built, and operated securely.
Conduct threat modeling activities with Product teams to ensure product threats are understood, documented, and mitigated.
Review and analyze product source code to identify security vulnerabilities and providing recommendations for secure implementation.
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm is a remote-first company and offers competitive benefits anchored to their core value of people come first.
Integrate security activities across all SDLC phases: requirements, design, implementation, testing, deployment, and maintenance.
Run threat modeling sessions (e.g. STRIDE) for new and existing systems; identify threats, attack paths, misconfigurations, and insecure design patterns.
Perform security-focused code reviews to identify vulnerabilities and risky implementations; provide clear, actionable guidance on secure coding patterns and best practices.
Infiterra's B2B SaaS platform helps IT Distributors and Managed Service Providers (MSPs) automate and grow their subscription business. With 100+ customers in 75 countries, they're recognized for innovation and global impact. Infiterra fosters a collaborative and growth-oriented culture, allowing you to be part of a dynamic, forward-thinking team.
Design and implement security solutions across enterprise platforms and cloud environments.
Perform threat modeling and security risk assessments for new features and platforms.
Partner with product teams to embed security requirements early in the SDLC.
Experian is a global data and technology company, powering opportunities for people and businesses around the world. As a FTSE 100 Index company listed on the London Stock Exchange, they have a team of 22,500 people across 32 countries and are committed to investing in their people.
Embed security into Firefox, Mozilla VPN, and other mission-critical products.
Anticipate, prioritize and mitigate risks through proactive threat modeling, security assessments, security testing, and automation.
Partner with engineers to integrate security throughout the software development lifecycle as a core design principle.
Mozilla Corporation shapes the internet for the better and makes privacy-minded brands like Firefox. They have over 225 million people around the world using their products each month and are focused on making the internet better for people.
Lead secure design reviews and threat modeling for AI-driven products.
Build and maintain security automation and governance frameworks.
Drive software supply chain security and vulnerability reduction.
AlphaSense empowers companies to make smarter decisions by providing market intelligence and search functionality driven by AI. With over 2,000 employees globally and offices in multiple countries, they foster a collaborative and innovative environment.
Conduct security assessments using SAST, DAST, and SCA tools to identify vulnerabilities.
Perform code reviews and provide secure coding guidance to development teams.
Evaluate AI/ML model security and implement protections against prompt injection.
Hims & Hers is a health and wellness platform focused on providing affordable and personalized care. They are a public company traded on the NYSE, committed to a talent-first flexible/remote work approach featuring outstanding benefits and a strong culture.
Identify, analyze, and reduce application-layer security risk.
Triage, validate, and prioritize findings from automated security tools and external researchers.
Work with engineering, vulnerability management, and security operations teams to address findings.
Upwork is the world’s work marketplace, serving startups to Fortune 100 companies. They provide a platform that enables companies and talent to work together to unlock their potential, with over $3.8 billion of work done through Upwork last year.
Own and lead the delivery of large, multi-quarter Application Security and Engineering initiatives.
Improve existing complex application security architectures and provide guidance for securing AI-based workflows.
Proactively identify emerging industry threats and act as Incident Commander for large-scale security incidents.
Wrapbook provides a unified payroll platform that seamlessly connects your entire team in one place. It empowers production teams to manage projects, pay cast and crew, track expenses, and generate data-driven insights. With a growing team of 250+ people across the USA and Canada, Wrapbook is backed by top-tier investors and has raised $130M.
Conduct regular security assessments, vulnerability scanning, and penetration testing of Veeam products and services
Work with development teams to integrate secure development practices into the software development lifecycle
Collaborate on the design and implementation of security within public cloud environments
Veeam is the #1 global market leader in data resilience, believing businesses should control all their data whenever and wherever they need it. Based in Seattle, Veeam protects over 550,000 customers worldwide who trust Veeam to keep their businesses running.
Design and implement resiliency across our cloud platform and CI/CD pipelines.
Embed “security as code” and help lead incident response for high-severity outages.
Partner with engineering teams to enable safe, fast delivery at scale.
Alpaca is a US-headquartered self-clearing broker-dealer and brokerage infrastructure for stocks, ETFs, options, crypto, fixed income, 24/5 trading, and more. Our global team of 230+ members spans the USA, Canada, Japan, and beyond, fostering a vibrant community.
Design, implement, and operate automated patch pipelines for Linux/Windows across GCE and GKE nodes.
Proactively monitor security dashboards, logs, and alerts for threats, anomalies, and suspicious activity.
Support the vulnerability management program by triaging, prioritizing, and coordinating the remediation of infrastructure-related vulnerabilities.
Turing, based in San Francisco, is a research accelerator for frontier AI labs and a partner for enterprises deploying advanced AI systems. They accelerate research with data, talent, and training, and build intelligence systems, with a leadership team from top tech companies.
Analyze and assess security issues via design reviews, code audits, and penetration tests.
Design and build security tools, and develop mitigations and hardening strategies.
Review and develop secure operational practices, and provide security guidance for engineers.
Aptos Labs is building a people-first blockchain that aims to provide universal and fair access to decentralized assets in a safe and scalable way. Founded by original creators/maintainers of the Diem blockchain, they value diversity and are an Equal Opportunity Employer.
Implement security automation, maintain monitoring systems, and enable engineering teams with security tooling.
Ensure high availability, providing security tooling/dashboards and aiding developers with findings.
ThriveCart is the leading no-code sales platform for digital course creators, coaches, entrepreneurs, and online businesses looking to boost revenue, drive conversions, and scale audiences. ThriveCart powers over 65,000 businesses and 12 million enrolled students, generating over $2 billion in annual sales.
Work on integrating the XBOW product with customer environments
Lead self-hosted product deployments, support and upgrades
XBOW is redefining the future of cybersecurity by building the world's first autonomous pentester, powered by AI. Backed by Sequoia Capital and Altimeter, and a team that includes the creators of GitHub Copilot and GitHub Advanced Security, XBOW is shaping the future of cybersecurity.
Lead the design and implementation of secure architectures for Built’s applications, services, and AI/ML initiatives.
Embed security throughout the development lifecycle by partnering with engineering teams on threat modeling, secure coding best practices, and design reviews.
Perform internal penetration testing of applications, networks, and features to uncover weaknesses before attackers do.
Built is an AI-powered platform transforming how real estate is financed, developed, and managed. They started by fixing construction draw management for lenders and have grown into a comprehensive operating system. Built brings together passionate people who are driven in a variety of disciplines, each bringing their unique perspective to everything they do.
Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem.
Bring security best practices to the software development lifecycle.
Work to find security vulnerabilities through grey-box techniques, and propose solutions at the architecture and code level to mitigate findings.
Webflow is building the world’s leading AI-native Digital Experience Platform as a remote-first company. They empower teams to design, launch, and optimize for the web without barriers, with trust, transparency and creativity as their core values.
Engineer and deploy clever controls so security incidents stay rare.
Lead incident response efforts and security tool deployments.
Embrace AI and automation to protect the enterprise at machine speed.
Chainguard provides a secure foundation for software development and deployment. By providing guarded open source software, built from source and updated continuously, Chainguard helps organizations eliminate threats in their software supply chains. They value customer obsession, prioritize intentional action, and trust each other.
Creates, monitors, and triages security signals; participates in SIEM evaluation and onboarding.
Supports vulnerability management by tracking findings and driving remediation with service owners.
Maintains identity and access hygiene in critical applications and enforces MFA.
Gametime is uniting the world through shared experiences, making it easy for people to discover and access live experiences. They support more than 60,000 events across the US and Canada, reimagining the event ticket industry.