Source Job

• Work alongside DevOps and engineering teams to ensure our platforms, repositories and CI/CD pipelines are secure by default while remaining easy to build, test, and deploy against
• Identify security risks through tools, audits, and monitoring, and drive them to resolution — whether that means changing a policy, updating infrastructure, or improving a pipeline
• Take ownership of the security posture across multiple AWS accounts and continuously improve it over time

Versaterm is a global public safety solutions company helping agencies transform how they serve their communities. Since 1977, they’ve been building an ecosystem of intuitive tools designed for public safety agencies, forensic labs, court systems, schools and other institutions.

• Lead cross-team infrastructure security initiatives from design through delivery, owning technical outcomes and stakeholder communication
• Design and implement security solutions for cloud infrastructure, container platforms, and orchestration systems
• Partner with SRE, Infrastructure, and Engineering teams to integrate security into platform services and deployment pipelines

GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Their mission is to enable everyone to contribute to and co-create the software that powers our world.

• Drive and enable proactive identification, analysis, and remediation of security vulnerabilities.
• Respond to manage pen testing and bug bounty programs.
• Work in partnership with Software Architecture, Risk/Compliance, the SRE team, and other partners, to integrate security capabilities into the SDLC.

Subsplash builds The Ultimate Engagement Platform™ for churches, Christian ministries, non-profits, and businesses around the world. They are a family-owned and operated company of 290+ mission-driven people.

• Hands-on DevSecOps engineer securing ThriveCart's e-commerce platform infrastructure.
• Implement security automation, maintain monitoring systems, and enable engineering teams with security tooling.
• Ensure high availability, providing security tooling/dashboards and aiding developers with findings.

ThriveCart is the leading no-code sales platform for digital course creators, coaches, entrepreneurs, and online businesses looking to boost revenue, drive conversions, and scale audiences. ThriveCart powers over 65,000 businesses and 12 million enrolled students, generating over $2 billion in annual sales.

• Identify and help mitigate security issues related to Applied’s cloud, datacenter, and Kubernetes infrastructure.
• Implement new and update existing security measures for the protection of Applied’s infrastructure.
• Contribute to the operationalization of Security platforms at Applied.

Applied Systems is transforming the insurance industry with innovative software and services. They have 40+ years of experience and are committed to creating a culture built on values that make them indispensable to each other.

• Architect and implement secure AWS configurations (IAM roles/policies, encryption keys, VPC segmentation)
• Embed security into CI/CD pipelines and repos using policy-as-code tools (pre-commit hooks, SAST/SCA, IDE tool integrations)
• Conduct threat modeling sessions and risk‑driven design reviews early in development

OnePay is a consumer fintech company trusted by millions of Americans to make money better by providing an all-in-one financial services platform. They are backed by Walmart and Ribbit Capital, allowing them rare scale and distribution to build something truly category-defining.

• Design, build, and maintain security tools, scripts, and automations.
• Partner with Engineering teams to manage and drive remediation of security vulnerabilities.
• Evaluate and prioritize security risks based on industry standards and business context.

Weedmaps is a global leader in the cannabis industry. They are dedicated to transparency, education, and community, serving cannabis to consumers and businesses in the U.S. and worldwide.

• Optimize cloud infrastructure and manage governance, risk, and compliance.
• Expand cloud architecture and implement scalable solutions.
• Ensure high availability, security, and performance across AWS environments.

Rubris provides transformational legal technology and solutions for complex business and legal processes in the mass tort industry. Their data solutions streamline and automate processes to improve efficiency while delivering unprecedented insights and analytics.

• Serve as a security point of contact for external customers deploying into regulated cloud environments.
• Implement and operate security controls required for FedRAMP Moderate/High, aligned to NIST SP 800-53.
• Implement security and compliance gates in CI/CD pipelines to prevent non-compliant infrastructure or code from reaching production.

Knox runs the largest Federal managed cloud, building and operating secure cloud and AI environments that support the U.S. government’s most critical missions. Their work is high-impact and purpose-driven, expecting speed, rigor, and trust.

• Own and lead Impiricus’s security architecture across AWS.
• Design and implement application and infrastructure security controls across the SDLC.
• Build and operate detection and response capabilities, including logging, monitoring, and alerting.

Impiricus is an AI-powered HCP Engagement Engine transforming how life sciences companies support physicians. They ethically connect HCPs to pharma resources and are known for their unique access to a large network of HCP advisors.

• Monitor active threats, analyze them, and develop a remediation plan.
• Respond to all security incidents and manage the end-to-end incident response lifecycle.
• Work cross-functionally with engineering teams to architect secure solutions.

EarnIn is a company building products that deliver real-time financial flexibility for those with the unique needs of living paycheck to paycheck. They are growing fast and excited to continue bringing world-class talent onboard to help shape the next chapter of their growth journey.

• Own and lead the delivery of large, multi-quarter Application Security and Engineering initiatives.
• Improve existing complex application security architectures and provide guidance for securing AI-based workflows.
• Proactively identify emerging industry threats and act as Incident Commander for large-scale security incidents.

Wrapbook provides a unified payroll platform that seamlessly connects your entire team in one place. It empowers production teams to manage projects, pay cast and crew, track expenses, and generate data-driven insights. With a growing team of 250+ people across the USA and Canada, Wrapbook is backed by top-tier investors and has raised $130M.

• Design, build, and maintain secure, scalable cloud infrastructure.
• Own CI/CD pipelines and deployment workflows across services and environments.
• Improve reliability, availability, and performance through monitoring, alerting, and incident response practices.

Jobgether is a company that uses an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. They identify the top-fitting candidates and share this short list directly with the hiring company.

• Keep the platform reliable and secure by participating in on-call rotation and owning security incident response planning.
• Prepare for and pass security audits, ensuring continuous compliance with ISO 27001 and other frameworks.
• Implement the principle of least privilege and drive network segmentation and zero-trust initiatives.

Jobgether is a company that helps candidates find the right job using AI-powered matching. They ensure applications are reviewed quickly, objectively, and fairly against the role's core requirements.

• Manage identity & access security, administer and secure Windows Active Directory, Azure Entra ID and SSO configurations.
• Secure cloud infrastructure by protecting and monitoring infrastructure hosted in AWS and GCP.
• Lead endpoint protection & threat detection; manage Microsoft Defender XDR for endpoint security; monitor alerts, investigate incidents, and lead incident response efforts.

Backcountry's mission is to connect people to their passions through their online stores. They aim to supply customers with premium outdoor products, shopping experience, personalized Gearhead expertise and inspirational content.

• Own vulnerability management, SIEM tuning and monitoring, incident response, and threat investigation.
• Maintain secure baseline configurations based on industry standards.
• Oversee AWS security controls and enforce cloud security guardrails.

Jobgether posts this position on behalf of a partner company. They use an AI-powered matching process to ensure applications are reviewed quickly and fairly.

• Design, implement, and manage secure and scalable cloud infrastructure and integrations.
• Leverage centralized logging and monitoring using CloudWatch, CloudTrail and Sumo Logic.
• Design and enforce IAM roles and policies following least privilege and Zero Trust principles.

The University of St. Thomas designs, builds, integrates and maintains critical campus systems, custom applications, websites and apps using modern cloud platforms. They were recognized as a 2025 AWS Champions Award winner and have a commitment to inclusion and equal opportunity.

• Serve as a cloud security technical expert to develop and execute cloud security policies and procedures.
• Collaborate with cloud technology teams across the enterprise to ensure the integrity and security of our digital assets in AWS/Azure IaaS environments.
• Demonstrate high proficiency across a wide range of cloud security technologies to establish guardrails to prevent or automatically remediate common security misconfigurations.

AbbVie discovers and delivers innovative medicines and solutions that solve serious health issues today and addresses the medical challenges of tomorrow. It strives to have a remarkable impact on people's lives across several key therapeutic areas.

• Design and automate Azure security controls.
• Build “secure‑by‑default” CI/CD and tooling.
• Lead incident response and ensure compliance with HIPAA, SOC 2, and HITRUST.

IntusCare is dedicated to providing a HIPAA-compliant healthcare platform for vulnerable elderly populations. As a fast-growing startup, they are scaling to support hundreds of customers and prioritize security.

• Define and execute a technical vision for Onebrief’s infrastructure.
• Design and evolve a deployment strategy focused on AWS and on-prem.
• Build security and compliance directly into the infrastructure lifecycle.

Onebrief provides collaboration and AI-powered workflow software designed specifically for military staffs, making them faster, smarter, and more efficient. They have raised $320m+ from top-tier investors and are valued at $2.15B, with a team spanning veterans and technologists.