Own a portfolio of security programs (planning, resourcing, milestones, dependencies, risk/issue management, and outcomes).
Create and maintain multi-quarter roadmaps aligned to Keyrock’s business and operating model across venues and services (CEX/DEX and liquidity services).
Establish governance and operating cadence: steering meetings, status reporting, program reviews, and executive updates.
Lead and mature Material Bank’s enterprise information security program.
Own the security risk management framework, including risk identification, scoring, tracking, and executive reporting.
Own detection, incident response, and resilience strategy.
Material Bank operates the world’s largest material marketplace for the architecture and design industry, connecting designers with materials from leading brands. They operate in 37 countries and their platform is the standard for design professionals around the globe.
Lead execution of the enterprise information security program.
Oversee threat detection/response, vulnerability management, and incident response processes.
Partner with Engineering and Infrastructure teams to secure cloud environments and CI/CD pipelines.
bswift transforms benefits administration, making it simpler and smarter. They serve thousands of companies and millions of people nationwide, reducing administrative burdens and freeing HR teams to focus on creating thriving, people-first workplaces.
Lead customer due diligence questionnaire (DDQ) and RFP response process and third-party risk management process.
Support enterprise sales with technical customer security discussions.
Lead SOC 2 Type II audit preparation, evidence collection, and remediation.
Vanilla is an AI-powered estate advisory platform that aims to modernize estate planning. They are a startup distributed across the U.S. with a mix of fully remote and hybrid roles that embraces flexibility and values curious builders and problem-solvers.
Mentor and develop security engineers and analysts.
Define and own the security strategy and roadmap.
Lead and scale the security function across vulnerability management.
Attentive is the AI marketing platform for 1:1 personalization redefining the way brands and people connect. They combine technology with human expertise to build authentic customer relationships, partnering with more than 8,000 customers across 70+ industries.
Drive execution of complex technical programs at the intersection of Security, Engineering, and Compliance.
Translate complex technical initiatives into clear programs that meet security and regulatory obligations.
Influence security strategy and drive alignment across Engineering, Compliance, and People Ops.
Rula is dedicated to treating the whole person and creating a world where mental health is embraced. They are a remote-first company that strives to be a force for positive change in the field of mental healthcare and hire in most U.S. states.
Design and implement the North American Physical Security Governance Program.
Develop, maintain, and govern all North American physical security policies, standards, and procedures.
Build and lead a Quality Assurance and Compliance function for physical security.
Vantage Data Centers powers, cools, protects and connects the technology of the world’s well-known hyperscalers, cloud providers and large enterprises. They operate across North America, EMEA and Asia Pacific and has evolved data center design in innovative ways.
Own and lead the delivery of large, multi-quarter Application Security and Engineering initiatives.
Improve existing complex application security architectures and provide guidance for securing AI-based workflows.
Proactively identify emerging industry threats and act as Incident Commander for large-scale security incidents.
Wrapbook provides a unified payroll platform that seamlessly connects your entire team in one place. It empowers production teams to manage projects, pay cast and crew, track expenses, and generate data-driven insights. With a growing team of 250+ people across the USA and Canada, Wrapbook is backed by top-tier investors and has raised $130M.
Lead current ISO 27001, SOC 2, and PCI compliance initiatives.
Spearhead initiatives to identify and improve security risks.
Conduct Risk Assessments within customer systems.
Canadian Bank Note Company (CBN) is a leader and trusted provider of secure document and adjacent enterprise-level system solutions across various domains. They seek long-term relationships with their employees and offer a competitive compensation package, including health, medical, life insurance benefits, and a defined contribution pension plan with company matching.
Serve as the primary vCISO and subject matter expert for multiple clients.
Lead data-centric cybersecurity programs aligned to business risk.
Manage, mentor, and develop vCISO team members.
Coretelligent partners with growing, highly regulated organizations that need secure, dependable IT environments built to scale. They deliver managed IT, cybersecurity, cloud, and strategy, through a model designed for consistency, transparency, and trust. They are building a team of professionals who care deeply about quality, ownership, and continuous improvement.
Lead cross-team infrastructure security initiatives from design through delivery, owning technical outcomes and stakeholder communication
Design and implement security solutions for cloud infrastructure, container platforms, and orchestration systems
Partner with SRE, Infrastructure, and Engineering teams to integrate security into platform services and deployment pipelines
GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Their mission is to enable everyone to contribute to and co-create the software that powers our world.
Lead, mentor, and grow a team of international and domestic risk analysts.
Conduct and oversee complex risk assessments across cloud environments and on-premise telecommunications systems.
Develop and deliver high-impact, executive-level risk reporting.
At Twilio, they're shaping the future of communications. They deliver innovative solutions to hundreds of thousands of businesses and empower millions of developers worldwide to craft personalized customer experiences, with a strong culture of connection and global inclusion.
Own end-to-end program management for large, complex cross-functional GTM initiatives.
Build scalable program management frameworks, including intake processes, success criteria templates.
Partner with GTM leadership to surface risks and opportunities, create executive-ready communications.
Vanta helps businesses earn and prove trust by providing a platform to monitor and verify security continuously. Vanta has a kind and talented team, and while some have prior security experience, many have been successful at Vanta without it.
Implement and maintain security controls across multi-cloud environments (primarily AWS and Azure, with some GCP and AliCloud) and on-prem infrastructure
Own IAM strategy and implementation: design and enforce identity, access, and permissions models that are secure, scalable, and practical
Design and operate key management and custody security controls such as HSMs, secrets management, and secure key handling for trading operations
Auros is a global digital asset liquidity provider operating 24/7 across centralised and decentralised markets. They run high-availability, low-latency systems where resilience and risk discipline matter and treat security as a core engineering and risk function, with direct engagement from senior leadership.
Own application, cloud, infrastructure, and data security across Cherry
Be hands-on: design systems, review code and architecture, and contribute directly where needed
Lead incident response, threat modeling, and security reviews
Cherry is a profitable, high-growth fintech ($500M+ revenue, ~3x YoY) building the financial infrastructure for healthcare providers. Security is core to their product, not a support function. They are looking for strong leaders that will help them scale Cherry to be the go-to financial partner for every doctor in the country.
Own the 24‑month global security roadmap developed with an external partner; drive planning, resource allocation, cross‑region rollout, milestone tracking, and KPI delivery.
Lead the cybersecurity transformation: redesign the security operating model, establish regional capability hubs, hire and upskill teams, and integrate security into engineering and product lifecycles.
Modernize security tooling and architecture: define global architecture for IAM, cloud security, vulnerability management, SIEM/XDR, DLP, and secure SDLC integrations; manage vendor selection and lifecycle.
Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. With a combination of industry-leading tools, services, and expertise, Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
Lead secure design reviews, threat modeling, and security-focused code reviews across the product and platform.
Build and run Fieldguide’s vulnerability management program: scanning, triage, SLA-driven remediation tracking, and engineering coordination.
Partner with Compliance to ensure technical controls satisfy framework requirements (SOC 2, ISO 27001, ISO 42001, FedRAMP).
Fieldguide is establishing a new state of trust for global commerce and capital markets through automating and streamlining the work of assurance and audit practitioners. They are based in San Francisco, CA, and built as a remote-first company that enables you to do your best work from anywhere.
Drive and enable proactive identification, analysis, and remediation of security vulnerabilities.
Respond to manage pen testing and bug bounty programs.
Work in partnership with Software Architecture, Risk/Compliance, the SRE team, and other partners, to integrate security capabilities into the SDLC.
Subsplash builds The Ultimate Engagement Platform™ for churches, Christian ministries, non-profits, and businesses around the world. They are a family-owned and operated company of 290+ mission-driven people.
Lead the configuration and management of GRC tools to ensure integration with security systems.
Manage the main dashboard for SOC 2 reporting, ensuring accuracy and compliance.
Develop and maintain a comprehensive risk management program and conduct risk assessments.
Engine is transforming business travel into something personalized, rewarding, and simple. They have over 20,000 companies relying on Engine to support over 1 million travelers and billions in annual bookings each year and have been recognized as one of the fastest-growing travel and fintech platforms in North America.
Perform internal audits and vulnerability testing, ensuring security controls are monitored.
Lead security architecture governance for internal IT and projects, using Unified Architecture Framework.
Maintain compliance with security requirements and develop roadmaps to address evolving threats.
Jobgether is a platform connecting job seekers with companies. It uses AI-powered matching to ensure applications are reviewed quickly and fairly, identifying top candidates for employers.