Learn about our users, systems, and security posture, and how security enables our product and business goals.
Support security assessments of code and infrastructure changes with guidance from Security Engineers, helping ensure alignment with SOC 2, PCI-DSS, and internal policies.
Assist with automating recurring security and compliance activities such as vulnerability scanning, risk assessments, third-party risk reviews, and control validation.
Drive and enable proactive identification, analysis, and remediation of security vulnerabilities.
Respond to manage pen testing and bug bounty programs.
Work in partnership with Software Architecture, Risk/Compliance, the SRE team, and other partners, to integrate security capabilities into the SDLC.
Subsplash builds The Ultimate Engagement Platform™ for churches, Christian ministries, non-profits, and businesses around the world. They are a family-owned and operated company of 290+ mission-driven people.
Build proactive security automation aimed at decreasing manual remediation work.
Research new and novel ways to accomplish security work and publish your findings on our blog.
Participate in a monthly security on-call rotation for critical escalations.
Automox is a cloud-native IT operations platform that helps modern organizations keep every endpoint automatically configured, patched, and secured – anywhere in the world. They are trusted by more than 2,500 leading companies and MSPs worldwide and value a ‘one team’ mentality where everyone’s unique skills contribute to an environment that encourages collaboration and ownership.
Develop and maintain automated security tools and processes to identify vulnerabilities and conduct security testing.
Design and implement secure cloud infrastructure, network architecture, and deployment processes.
Implement security monitoring tools and processes to proactively identify and respond to security events and anomalies.
Deel is an all-in-one payroll and HR platform for global teams, aiming to unlock global opportunity for every person, team, and business. They are among the largest globally distributed companies with a team of 7,000 spanning more than 100 countries, fostering a connected and dynamic culture.
Actively partner on the Cloud Security strategy and implementation.
Evolve and expand our current Cloud Security posture across multiple platforms.
Recommend and validate Security controls and improvements across our infrastructure stack
Circle is a global financial technology firm building the foundation for a more open financial system through digital assets, payment applications, and blockchain infrastructure. They value their employees and foster a culture of collaboration and excellence, with a flexible work enviornment.
Analyze security vulnerabilities and drive remediations.
Integrate security at every stage of the SDLC.
Deploy and manage security tooling.
Modern Health is a mental health benefits platform for employers, offering access to various resources for emotional, professional, social, financial, and physical well-being. They are the fastest entirely female-founded company in the U.S. to reach Unicorn status, with a unique culture centered around high empathy and accountability.
Own and drive remediation of security vulnerability tickets across environments
Analyze vulnerability trends to identify process gaps and recommend improvements
Track remediation progress and provide weekly status updates to management
ItD is a consulting and software development company blending diversity, innovation, and integrity with real business results. They are a woman- and minority-led firm that rejects strong hierarchies, empowering them to deliver great results with Fortune 500 companies and high-performance teams.
Lead Application Security testing projects and drive remediation of identified vulnerabilities.
Design and run adversarial testing campaigns across the full Buildkite environment.
Build automation for both AppSec and adversarial testing workflows.
Buildkite's mission is to unblock every developer on the planet with their CI/CD platform. They are a remote-first company since 2013 with a small team, high standards, and real ownership distributed across 60+ cities, built around async communication and genuine autonomy.
You will review, challenge, and strengthen our systems, act as the security authority within engineering, define guardrails, and drive remediation when risks arise.
Operating independently, you’ll build the structure and standards needed as we scale.
Your mission is to own the company wide security strategy and architecture, ensure CIRO and SOC 2 alignment, and embed strong security practices across infrastructure, applications, and internal systems, while enabling engineering velocity.
Newton is changing how Canadians trade crypto, with the goal to make financial freedom something everyone can achieve by giving customers the tools and knowledge they need to navigate the crypto world. At Newton, you'll work with a remote team spread across Canada.
Create, manage, and maintain the application security strategy and roadmap.
Develop, execute, and track the performance of security measures to protect Alma’s data, applications, and systems.
Build and provide high-quality application security documentation and training to engineers.
Alma simplifies access to high-quality, affordable mental health care by making it easy and financially rewarding for therapists to accept insurance. Alma has over 20,000 therapists in their growing network and was named one of Inc’s Best Workplaces in 2022 and 2023.
Refine the cloud environment, pruning back the excess to curate a purpose-led, repeatable, and reliable security space.
Translate security intent into a smooth operational reality, ensuring controls work beautifully at scale with clarity and predictability.
Design and shape the team's operations for years to come, leaving a lasting legacy.
Who Gives A Crap is a leading eco-friendly household essentials business that donates 50% of its profits to help everyone gain access to clean water and a toilet. With 250+ people across Australia, the UK, the Philippines, China, and the US, they aim to make the biggest possible impact for people and the planet.
Contribute to projects supporting the design, deployment, automation, and maintenance of SAS cloud environments and internal information systems.
Work according to established engineering practices, timelines, and quality standards to help ensure our environments are secure, efficient, and reliable.
Work within a variety of technical teams across SAS, including Cloud Operations, IT Infrastructure, Information Security, and Network Engineering.
SAS is a leader in data and AI, providing software and services to help customers transform data into intelligence. They are recognized for their inclusive culture and innovative technologies and offer a dynamic and fulfilling career with flexibility.
Run client SAST/DAST/SCA tools, review outputs and provide recommendations
Work with development teams to identify and remediate security vulnerabilities
Provide security guidance during the software development lifecycle (SDLC)
GuidePoint Security provides cybersecurity expertise and solutions to help organizations make better decisions and minimize risk. Since 2011, they've grown to over 1,200 employees and serve as a trusted advisor to more than 6,200 customers, fostering a collaborative and enjoyable workplace.
Design and implement security controls across cloud infrastructure, applications, and data systems.
Identify, assess, and mitigate security risks through threat modeling, reviews, and testing.
Build and maintain monitoring, alerting, and incident response capabilities.
BlockchainUnmasked aims to streamline cryptocurrency forensic investigations through advanced automation combined with cutting-edge solutions. They work with investigative partners to dramatically accelerate investigation times and boost success rates in interdiction, recovery, and deterrence.
Take ownership of securing high-availability, low-latency systems.
Implement and automate security controls across cloud and on-prem infrastructure.
Enhance resilience, reduce risk, and enable business operations to run safely and efficiently.
Jobgether is a platform that helps candidates find jobs and companies find candidates. They use AI-powered matching to connect talent with opportunities, ensuring a quick, objective, and fair review process.
Drive adoption of a Secure Software Development Lifecycle (SSDLC) across engineering teams.
Implement and integrate application security tooling into CI/CD pipelines, improving vulnerability detection and remediation.
Establish consistent threat modelling and secure design practices across new features and products.
Neko Health's mission is to deliver proactive healthcare for all, empowering members to take control of their health via technology and compassionate care. They have nearly 100 full-time engineers working across Berlin, Chamonix, Hamburg, Lisbon, Marseille, Vilnius, and Stockholm and they support a flexible workplace that prioritizes work-life balance.
Serve as a security point of contact for external customers deploying into regulated cloud environments.
Implement and operate security controls required for FedRAMP Moderate/High, aligned to NIST SP 800-53.
Implement security and compliance gates in CI/CD pipelines to prevent non-compliant infrastructure or code from reaching production.
Knox runs the largest Federal managed cloud, building and operating secure cloud and AI environments that support the U.S. government’s most critical missions. Their work is high-impact and purpose-driven, expecting speed, rigor, and trust.
Automate and streamline communication between cloud and on-prem systems.
Manage, test and debug user access groups.
Identify and fix security vulnerabilities in the access setup.
Sika is a specialty chemicals company with a globally leading position in the development and production of systems and products for bonding, sealing, damping, reinforcing, and protection in the building sector and industry. In 2024, Sika’s around 33,000 employees generated annual sales of CHF 11.76 billion and develops innovative technologies for customers worldwide.
Contribute to building and operating the infrastructure that supports the HackerOne platform.
Improve the reliability, security, and scalability of our systems.
Design and operate highly available cloud systems and apply best practices for reliability, observability, and security.
HackerOne is a global leader in Continuous Threat Exposure Management (CTEM). The HackerOne Platform unites agentic AI solutions with the ingenuity of the world’s largest community of security researchers to continuously discover, validate, prioritize, and remediate exposures across code, cloud, and AI systems. They combine the ingenuity of the largest security research community with a best-in-class AI-powered platform, trusted by the world’s top organizations.
Engineer a great experience for developers working in web-based environments through automation and virtualization.
Advocate for and adhere to lean-agile engineering principles, such as simple design and automated testing.
Protect sensitive data by applying security and privacy best practices and conducting security audits.
Skylight is a digital consultancy using design and technology to help government agencies deliver better public services. They are at the forefront of a civic movement to reinvent how all levels of government serve families in today's digital world.