Source Job

• Own and operate n8n’s vulnerability intake and triage process, including the [email protected] inbox
• Define and maintain security policies, standards, and public-facing disclosure documentation
• Embed security into the software development lifecycle through threat modeling, design reviews, and pragmatic guardrails

n8n is the open workflow orchestration platform built for the new era of AI. They give technical teams the freedom of code with the speed of no-code, so they can automate faster, smarter, and without limits. Since their founding in 2019, they’ve grown into a diverse team of over 160.

• Act as a direct support to developers building on Horizen.
• Take ownership of Horizen’s developer documentation and resources.
• Drive awareness and adoption of Horizen within global developer communities.

Horizen Labs is pioneering privacy-focused, zero-knowledge technology that powers a more secure and interconnected digital world. They are a global team united in transforming the landscape of Web3 and digital trust; they operate on a hybrid model with a distributed global workforce.

• Lead secure design reviews, threat modeling, and security-focused code reviews across the product and platform.
• Build and run Fieldguide’s vulnerability management program: scanning, triage, SLA-driven remediation tracking, and engineering coordination.
• Partner with Compliance to ensure technical controls satisfy framework requirements (SOC 2, ISO 27001, ISO 42001, FedRAMP).

Fieldguide is establishing a new state of trust for global commerce and capital markets through automating and streamlining the work of assurance and audit practitioners. They are based in San Francisco, CA, and built as a remote-first company that enables you to do your best work from anywhere.

• Improve the culture of shipping and accountability.
• Drive adoption of AI tools for development and integration.
• Rapidly grow the software engineering team.

Recast is looking for a highly motivated and entrepreneurial Director of Engineering to help them accelerate their engineering and product development practice. They are a fully remote team with members in 6+ countries, committed to building a diverse team.

• Deploy and operationalize Cycode ASPM platform.
• Build IDE-to-cloud security pipelines.
• Design and deploy pre-approved security patterns.

Life360's mission is to keep people close to the ones they love. They are a remote-first company with more than 750 employees.

• Coordinate product launch messaging and releases, ensuring all GTM teams (Sales, Success, Support) are enabled with the right messaging and materials.
• Translate technical capabilities from product (via PRDs or other documentation) into clear, benefit-driven narratives that resonate with SaaS, Gaming, and Mobile App audiences.
• Execute on strategy for FastSpring’s Developer Relations program, ensuring a consistent stream of content and resources that empower the FastSpring developer community.

FastSpring is the world’s leading ecommerce platform for SaaS/Software, gaming, and digital product companies. We pride ourselves on being an innovative company with an entrepreneurial culture, growth mindset, global influence, and profitable operations.

• Identify, analyze, and reduce application-layer security risk.
• Triage, validate, and prioritize findings from automated security tools and external researchers.
• Work with engineering, vulnerability management, and security operations teams to address findings.

Upwork is the world’s work marketplace, serving startups to Fortune 100 companies. They provide a platform that enables companies and talent to work together to unlock their potential, with over $3.8 billion of work done through Upwork last year.

• Lay the groundwork for a thriving developer community by shipping PoCs, running experiments, and crafting clear, delightful docs.
• Meet developers where they are—social, Discord, and IRL—and create fresh, joyful touchpoints that make building with Adaption a pleasure.
• Turn curiosity into momentum with great onboarding: demos, better docs, tutorials, and reference implementations—plus creative campaigns across blogs, videos, and more.

Adaption builds efficient intelligence that evolves in real-time. They aim to create AI systems that are flexible, personalized, and accessible, and believe in bringing together the best individuals to push the boundaries of continual adaptation.

• Lead and mature Material Bank’s enterprise information security program.
• Own the security risk management framework, including risk identification, scoring, tracking, and executive reporting.
• Own detection, incident response, and resilience strategy.

Material Bank operates the world’s largest material marketplace for the architecture and design industry, connecting designers with materials from leading brands. They operate in 37 countries and their platform is the standard for design professionals around the globe.

• Own a portfolio of security programs (planning, resourcing, milestones, dependencies, risk/issue management, and outcomes).
• Create and maintain multi-quarter roadmaps aligned to Keyrock’s business and operating model across venues and services (CEX/DEX and liquidity services).
• Establish governance and operating cadence: steering meetings, status reporting, program reviews, and executive updates.

Keyrock is a leading change-maker in the digital asset space, renowned for its partnerships and innovation. They have over 200 team members around the world with a diverse team hailing from 42 nationalities, with backgrounds ranging from DeFi natives to PhDs.

• Lead the vision, strategy, and delivery of 1Password’s AI and developer product portfolio.
• Translate 1Password’s business and product strategy into an actionable roadmap.
• Deliver cutting edge features to enable 1Password customers to safely use AI and build software more securely.

1Password is building the foundation for a safe, productive digital future. They have surpassed $400M in ARR and continue to accelerate, earning a spot on the Forbes Cloud 100 for four years in a row.

• Own the go-to-market strategy for the Developer Platform API.
• Produce technical content that proves value and build tutorials.
• Represent Brave in the AI engineer community and optimize documentation.

Brave is building the independent search infrastructure for the AI era. They own their own global web index, offering Zero-Data-Retention guarantees, unbiased ranking, and total sovereignty, powering the next generation of LLMs, RAG pipelines, and agentic frameworks. The company celebrates diversity and is committed to creating an inclusive environment for all employees.

• Own and lead the delivery of large, multi-quarter Application Security and Engineering initiatives.
• Improve existing complex application security architectures and provide guidance for securing AI-based workflows.
• Proactively identify emerging industry threats and act as Incident Commander for large-scale security incidents.

Wrapbook provides a unified payroll platform that seamlessly connects your entire team in one place. It empowers production teams to manage projects, pay cast and crew, track expenses, and generate data-driven insights. With a growing team of 250+ people across the USA and Canada, Wrapbook is backed by top-tier investors and has raised $130M.

• You’ll be expected to own large chunks of the production lifecycle of our video output.
• This role requires shipping consistently, with an expectation of producing high-quality videos on a regular, fast-paced cadence.
• Represent Tailscale publicly through conference talks and in-person events as a steward of the brand.

Tailscale is building the new Internet by delivering software that makes it easy to securely interconnect people and their devices, no matter where they are. They are a fully distributed company founded in 2019, and backed by Accel, CRV, Insight, Heavybit, and Uncork Capital.

• Manage two small teams of 4 and 3 engineers, and take ownership of the whole product and shape its roadmap.
• Provide technical guidance on architectural & design decisions, strategic direction, and occasionally do code reviews.
• Foster individual growth through thoughtful guidance and mentorship, creating a respectful and collaborative environment.

Nomic Foundation is a non-profit advancing the Ethereum ecosystem. They build open-source runtimes, compilers, build systems, and deployment solutions that are used by tens of thousands of developers. They emphasize robust engineering and lean processes, allowing for quick decision-making and distraction-free software development.

• Own the roadmap for platform scalability, leading the transition to cell-based architectures to support new global regions and data residency requirements.
• Drive the strategy and execution of enterprise-grade features, including Role-Based Access Control (RBAC), Audit logs, and advanced authentication/identity integrations.
• Own the development and planning process for Bugcrowd’s APIs, integrating feedback from internal stakeholders and customers to ensure a seamless developer experience.

Bugcrowd empowers organizations to take back control and stay ahead of threat actors. They unite the collective ingenuity and expertise of customers and a trusted alliance of elite hackers with their patented data and AI-powered Security Knowledge Platform™. Bugcrowd is based in San Francisco and New Hampshire, and is supported by General Catalyst, Rally Ventures, Costanoa Ventures, and others.

• Own technical coordination for chain integrations, upgrades, and migrations across partner chains.
• Serve as the primary technical point of contact for OP Stack partners post-launch.
• Act as connective tissue between engineering, product, governance, partnerships, and growth teams.

OP Labs is the team building the technology behind Optimism, the leading blockchain infrastructure provider powering 65% of all Layer 2 transactions. Backed by a16z, Paradigm, and others, OP Labs has raised over $175M to drive the next generation of onchain innovation. They are a fully remote, deeply engaged, highly skilled, and fun team who takes pride in teammates' accomplishments.

• Identify, prioritize, and source best-of-breed commercial security applications.
• Structure and negotiate production, lab, and development multi-tenant licenses.
• Act as the internal voice of the technical partner ecosystem across teams.

SimSpace is focused on building its culture and mindfully enhancing its atmosphere. They foster a culture of continuous learning, curiosity, and professional growth, empowering people to shape their careers.

• Establish and execute a comprehensive long-term vision and strategy for Product Security, AppSec, and Privacy Engineering across all product lines.
• Lead the Product Security Review process, including threat modeling, security architecture reviews, and penetration testing oversight for new and existing features.
• Define and enforce Security and Privacy standards and policies within the Software Development Lifecycle (SDLC) and CI/CD pipelines.

Flock Safety is the leading safety technology platform, helping communities thrive by taking a proactive approach to crime prevention and security. We’re a high-performance, low-ego team driven by urgency, collaboration, and bold thinking.

• Security analysis of internal and third-party applications.
• Vulnerability assessment in web applications and APIs.
• Review of SAST/DAST scan findings and support in remediation.

Netrix Global provides the people, processes, and technology needed to run and scale modern, data-driven businesses that are always on and always secure. They work with clients of all sizes and specialize in solutions for healthcare, manufacturing, government, education, financial services, and legal industries.