Help scale NerdWallet’s application security program through automation, tooling, and developer enablement.
Partner with engineering and product teams to identify and remediate security gaps across multiple systems while balancing business priorities.
Build tools, processes, and automation that improve security posture visibility for engineers and leadership.
NerdWallet aims to bring clarity to life's financial decisions with a team of exceptional Nerds. They foster an inclusive, flexible, and candid culture where employees are empowered to grow and take risks, supporting well-being and development whether working remotely or in-office.
Collaborate closely with DevOps, CI/CD engineers, and Architecture team to implement and maintain security best practices across our infrastructure.
Leverage your expertise in security architecture to help engineers build and securely operate products and services from the ground up.
Assess, design, and implement security processes and controls to meet security, compliance, and audit requirements
LastPass is a leader in password and identity management, making it easier to log into life and work. Trusted by 100,000 businesses and millions of users, LastPass combines advanced security with effortless access for individuals, families, small business owners, and enterprise professionals.
Lead security architecture and design reviews across applications, infrastructure, and integrations.
Conduct and coordinate penetration testing, threat modeling, and security reviews.
Design and implement security automation within CI/CD pipelines.
Assured modernizes insurance by providing software solutions to large insurers that help them win in a technology-driven world. Their products include self-service claim-filing software to backend fraud detection and are dynamic, collaborative, and rewarding.
Assist in designing and maintaining secure infrastructure on EKS in our multi-cloud environment (AWS) using Infrastructure as Code (Terraform).
Write code (Python, Go, or Bash) to automate manual tasks, threat detection, and vulnerability management processes.
Integrate security tools (SAST, DAST, SCA) into our CI/CD pipelines, ensuring developers receive fast, actionable feedback on their code.
Smartsheet helps people and teams achieve anything with seamless work management and scalable solutions. They empower teams to automate the manual, uncover insights, and scale smarter, creating space for impactful work. The company values diverse perspectives and supports employee growth.
Participate in threat modeling exercises with engineering team members
Triage SCA/SAST/DAST/CSPM findings by eliminating false positives and providing well-vetted vulnerabilities to engineering teams
Support vulnerability management efforts for networks and infrastructure
They offer a SaaS-based Global Employment Platform that enables clients to expand into over 180 countries. Their diverse, remote-first teams are essential to their success, fostering innovation and valuing every contribution.
Work with development and product teams on security.
Review code and make decisions about secure coding.
Code solutions for preventative measures and alerts.
BetterHelp is the world’s largest online therapy service, providing affordable and convenient therapy across the globe. The company's network of over 30,000 licensed therapists has helped millions of people take ownership of their mental health. As a mental health company, they deeply invest in their team’s well-being and professional development.
Lead the deployment and optimization of cloud security tools.
Design and implement reusable, secure-by-default cloud patterns.
Build and run the cloud vulnerability management program.
WorkWave provides best-in-class solutions that directly contribute to the success of its customers. They foster a casual, collaborative, and innovative environment.
Build Vue 3 micro-frontends, .NET Lambda APIs, and event-driven services on AWS.
Collaborate with product, design, and engineers on the HRM+ console and its integrations.
Write the API, ship the UI, and wire the infrastructure end-to-end.
KnowBe4 is the global leader in Human Risk Management, trusted by over 70,000 organizations worldwide to secure their employees and AI agents for over 15 years. Their HRM+ combines continuous risk intelligence, advanced technical defenses, and personalized training to help organizations build strong security cultures.
Lead the design and development of products and solutions for state governments and enterprise customers
Work side-by-side with customer delivery leads, engineers, and UX designers to ensure successful projects delivery and deployments
Translate customer requirements into technical architectures and working implementations
SpruceID builds privacy-preserving, standards-based digital identity and credentialing solutions. They give individuals control of their information while enabling governments and enterprises to deliver secure, interoperable services.
Own product-level security across backend services, infrastructure, and CI/CD pipelines.
Lead threat modeling and security reviews for new features and architectural changes.
Identify high-impact, systemic security risks and drive long-term, preventive solutions.
Solflare is a fast-growing crypto wallet that aims to build a powerful gateway to Web3. Founded in 2021, Solflare has nearly 140 employees with offices in Zagreb, Belgrade, and Novi Sad, and it takes on bold challenges with curiosity, grit, and a deep sense of accountability in its culture.
Build security tools and controls that are deployed across the company
Design, develop, and deploy new core security features to public Chainlink products like the Chainlink core node
Define new processes and systems that make attacks on our networks hard to execute and easy to detect
Chainlink Labs is the industry-standard oracle platform bringing the capital markets onchain and powering the majority of decentralized finance (DeFi). Many of the world’s largest financial services institutions have also adopted Chainlink’s standards and infrastructure.
Perform vulnerability management and coordinate patching.
Swapcard is the leading AI-powered event platform designed to drive revenue growth and foster meaningful connections at in-person and hybrid events. With 42 nationalities represented among their 180+ team members, they champion diversity as a catalyst for creativity, collaboration, and unparalleled innovation.
You will plan and execute infrastructure deployments, using automation to ensure a stable platform.
You will manage operations, troubleshoot, and optimize workflows to maintain high availability.
You will own backend features supporting our platforms and interface with users for feedback.
Trust Wallet is the leading non-custodial cryptocurrency wallet, trusted by over 200 million people worldwide to securely manage and grow their digital assets. They aim to give individuals the opportunity to own their assets and participate in the future economy.
Maintain close partnerships with Engineering and Product teams.
Rula is dedicated to treating the whole person, not just the symptoms, to make mental healthcare work for everyone. They aim to create a world where mental health is no longer stigmatized, and their culture supports employees in feeling safe, seen, heard, and valued.
Perform Threat Modelling of architectural infrastructure changes and new cloud infrastructure and Kubernetes deployments in GCP and AWS.
Design, implement, and manage robust security controls and configurations for our GCP and AWS environments.
Develop and maintain secure Infrastructure as Code (IaC) using Terraform and tools.
MoonPay is a unified payments platform for digital currency, making it easy for anyone to buy, sell, swap and pay in digital currencies. They are trusted by over 30 million customers and over 500 ecosystem partners, driving mainstream crypto adoption worldwide.
Support the underlying infrastructure to fight financial crime.
Work with a small, passionate, and experienced team.
Influence the overall architecture and hosting strategy.
Hummingbird is a remote-first company united by the mission of fighting financial crime. They are customer-obsessed and love building SaaS products, with a culture that values diverse opinions and supports employees.
Design, build, and deploy full-stack solutions for state governments and public sector partners.
Collaborate with customer delivery leads, engineers, and UX designers to ensure successful deployments.
Translate customer requirements into technical architectures and production-ready systems.
SpruceID builds privacy-preserving, standards-based digital identity and credentialing solutions. They give individuals control of their information while enabling governments and enterprises to deliver secure, interoperable services.
Deliver priority roadmap features across frontend and backend systems
Support and enhance NHS and third-party integrations
Improve monitoring, logging, and system observability
Smart Working believes your job should not only look right on paper but also feel right every day. They aim to break down geographic barriers and connect skilled professionals with outstanding global teams and products for full-time, long-term roles, fostering growth and well-being.
Own and evolve vulnerability management end-to-end.
Embed secure design principles across mobile applications, APIs, and microservices.
Partner closely with engineering teams to remediate security issues.
Smart Working connects skilled professionals with global teams for full-time, long-term roles. They help you discover meaningful work with teams that invest in your success, where you’re empowered to grow personally and professionally.
Own the architecture, development, and operation of scalable, secure, and fault-tolerant cloud services.
Drive technical design and architectural decisions for distributed systems, influencing patterns, standards, and long-term platform evolution.
Lead complex initiatives end-to-end, from design through deployment and ongoing optimization.
ExtraHop is a company focused on reinventing Network Detection and Response (NDR) to offer enterprises unparalleled visibility, context, and control against emerging threats. They integrate NDR with Network Performance Management (NPM), Intrusion Detection Systems (IDS), and forensics, providing a single, comprehensive solution.