Design and implement security controls for mobile applications, backend services, and web platforms.
Conduct threat modelling and risk assessments for new and existing systems.
Embed secure coding practices across engineering teams, aligned with OWASP standards.
Smart Working connects skilled professionals with outstanding global teams and products for full-time, long-term roles, breaking down geographic barriers. It is a highly-rated workplace on Glassdoor, focused on community, growth, and well-being in a remote-first environment.
Perform infrastructure security reviews across cloud services, network design, IAM, and platform components.
Design and build internal security services, APIs, and tools that automate infrastructure vulnerability detection, triage, reporting, and remediation.
Develop security automation that integrates with CI/CD, cloud control planes, and developer workflows to shift detection and remediation earlier in the lifecycle.
Webflow is building the world’s leading AI-native Digital Experience Platform as a remote-first company. They empower teams to design, launch, and optimize for the web without barriers, from entrepreneurs to global enterprises, and believe the future of the web, and work, is more open, more creative, and more equitable.
Conduct regular vulnerability assessments, threat modeling, and security architecture and design reviews.
Partner with engineering teams to identify, prioritize, and mitigate identified risks
Design and implement proactive security solutions to systematically eliminate vulnerability classes rather than endlessly chase individual vulnerabilities
Oura's mission is to empower every person to own their inner potential. Its award-winning products help its global community gain a deeper knowledge of their readiness, activity, and sleep quality by using their Oura Ring and its connected app. The company is quickly growing and focused on helping people live healthier and happier lives, and ensures that its team members have what they need to do their best work — both in and out of the office.
Help scale NerdWallet’s application security program through automation, tooling, and developer enablement.
Partner with engineering and product teams to identify and remediate security gaps across multiple systems while balancing business priorities.
Build tools, processes, and automation that improve security posture visibility for engineers and leadership.
NerdWallet aims to bring clarity to life's financial decisions with a team of exceptional Nerds. They foster an inclusive, flexible, and candid culture where employees are empowered to grow and take risks, supporting well-being and development whether working remotely or in-office.
Participate in threat modeling exercises with engineering team members
Triage SCA/SAST/DAST/CSPM findings by eliminating false positives and providing well-vetted vulnerabilities to engineering teams
Support vulnerability management efforts for networks and infrastructure
They offer a SaaS-based Global Employment Platform that enables clients to expand into over 180 countries. Their diverse, remote-first teams are essential to their success, fostering innovation and valuing every contribution.
Own end-to-end application security for all Self products
Partner closely with engineering and product teams to remediate critical security findings
Support SOC 2 and PCI compliance efforts, including audit preparation and evidence collection
Self Financial is a venture-backed, high-growth FinTech company with a mission to increase economic inclusion and financial resilience by empowering people to build credit and build savings. They are passionate about challenging the status quo of the credit industry by providing people accessible tools to take control of their credit.
Design, implement, and manage application and cloud security tooling across AWS.
Lead the deployment and configuration of Wiz CSPM, collaborating with infrastructure and DevOps teams.
Manage secure code scanning processes, integrating SAST and DAST to identify and remediate vulnerabilities early in the SDLC.
Twin Health aims to empower people to improve and prevent chronic metabolic diseases with AI Digital Twin technology. It is recognized for innovation and culture, with recent funding to scale rapidly across the U.S. and globally.
Conducting a comprehensive threat model of our application and infrastructure layers.
Hardening our AWS infrastructure while keeping developer workflows frictionless.
Integrating security tooling into our CI/CD pipeline.
Loancrate simplifies home-buying for lenders and borrowers by building AI-native tooling to automate mortgage workflows. Since 2020, their remote team has enabled customers to power >$85 billion in new home loans and they value collaboration and open communication.
Lead security architecture and design reviews across applications, infrastructure, and integrations.
Conduct and coordinate penetration testing, threat modeling, and security reviews.
Design and implement security automation within CI/CD pipelines.
Assured modernizes insurance by providing software solutions to large insurers that help them win in a technology-driven world. Their products include self-service claim-filing software to backend fraud detection and are dynamic, collaborative, and rewarding.
Integrate security activities across all SDLC phases.
Partner closely with engineering teams to ensure secure development practices.
Review security controls for new features, services, and architectural changes.
Infiterra simplifies subscription service delivery, enabling IT distributors, Managed Service Providers (MSPs), and telcos to succeed in the subscription economy. They are recognized as a global leader in subscription commerce, combining innovation, performance excellence, and trusted expertise to help partners transform and grow.
Design and implement security controls across cloud, infrastructure, and internal platforms
Partner with engineering to harden cloud architecture, IAM, and infrastructure
Own product security reviews for new features, services, and major architecture changes
XBOW is redefining the future of cybersecurity by building the world's first autonomous pentester, powered by AI. They are backed by Sequoia Capital and Altimeter, and a team that includes the creators of GitHub Copilot and GitHub Advanced Security.
Implementing and maintaining Application Security Testing (AST) tools to identify code and dependency vulnerabilities during the software development lifecycle.
Implementing and maintaining Application Security Posture Management (ASPM) tools to centralize findings from multiple solutions and integrate into software development processes.
Acting as the first line of support for users by helping resolve false positives, providing guidance on finding remediation, and evaluating security exception requests.
AbbVie discovers and delivers innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. They strive to have a remarkable impact on people's lives across several key therapeutic areas and products and services in their Allergan Aesthetics portfolio.
Working cross functionally to design, build, and operate solutions that continuously improve and automate our security capabilities
Leveraging data to understand trends, metrics, and opportunities to improve our security posture and then helping execute on those opportunities with stakeholders
Leading and enhancing incident / issues response efforts, spearheading analysis, containment, and mitigation strategies in a cross-functional environment to ensure effective resolution and remediation of security incidents / issues
Aledade, a public benefit corporation, empowers independent primary care practices. Founded in 2014, they've become the largest network of independent primary care in the country with a collaborative, inclusive and remote-first culture.
Partner with engineering to drive technical implementation of controls throughout the product and infrastructure
Design, implement, and continuously improve security controls across AWS infrastructure and application architecture
Enhance and tune monitoring and detection capabilities in support of customer security and incident response capabilities
AlertMedia helps organizations protect their people and businesses through all phases of an emergency. Their award-winning threat intelligence, emergency communication, and travel risk management solutions help companies of all sizes identify, respond to, and recover from critical events faster and more confidently. They support essential communication for thousands of leading businesses in more than 150 countries.
Drive adoption of a Secure Software Development Lifecycle (SSDLC) across engineering teams.
Implement and integrate application security tooling into CI/CD pipelines, improving vulnerability detection and remediation.
Establish consistent threat modelling and secure design practices across new features and products.
Neko Health's mission is to deliver proactive healthcare for all, empowering members to take control of their health via technology and compassionate care. They have nearly 100 full-time engineers working across Berlin, Chamonix, Hamburg, Lisbon, Marseille, Vilnius, and Stockholm and they support a flexible workplace that prioritizes work-life balance.
Manage and optimize security tools such as email security, DLP, SIEM, IDS/IPS, EDR, threat intelligence platforms, and other tooling
Design and implement AI-enabled workflows to scale enterprise security and threat operations
Monitor and manage security alerts and incidents, analyze data, and respond to security events
Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing. They are a Series C company backed by a16z, transforming industries that others have written off as too complex to innovate.
Lead the deployment and optimization of cloud security tools.
Design and implement reusable, secure-by-default cloud patterns.
Build and run the cloud vulnerability management program.
WorkWave provides best-in-class solutions that directly contribute to the success of its customers. They foster a casual, collaborative, and innovative environment.
Perform vulnerability management and coordinate patching.
Swapcard is the leading AI-powered event platform designed to drive revenue growth and foster meaningful connections at in-person and hybrid events. With 42 nationalities represented among their 180+ team members, they champion diversity as a catalyst for creativity, collaboration, and unparalleled innovation.
Plays a key role in safeguarding the company’s cloud-based healthcare SaaS platforms, infrastructure, and customer data.
Responsible for designing, implementing, and managing enterprise-grade security solutions that align with regulatory frameworks such as HIPAA, HITRUST, SOC 2, and NIST 800-53.
Hands-on technologist with deep knowledge of cloud security (AWS/Azure), DevSecOps practices, endpoint protection, identity management, and security automation.
Reveleer provides cloud-based healthcare SaaS platforms. Reveleer is an equal opportunity employer and E-Verifies all new hires.
Own the strategy and execution for the Cloudflare ecosystem to secure the network edge.
Lead the design of security controls within Google Cloud Platform, specifically for Vertex AI, BigQuery, VPC Service Controls, IAM, and Security Command Center.
Embed security into CI/CD pipelines (Cloud Build, GitHub Actions) using Infrastructure as Code (Terraform).
Kareo and PatientPop joined forces to become Tebra, the digital backbone for practice well-being, helping independent practices bring modernized care to patients everywhere. Well over 100,000 providers trust them to elevate their patient experience and grow their practice.