Analyze security vulnerabilities and drive remediations.
Integrate security at every stage of the SDLC.
Deploy and manage security tooling.
Modern Health is a mental health benefits platform for employers, offering access to various resources for emotional, professional, social, financial, and physical well-being. They are the fastest entirely female-founded company in the U.S. to reach Unicorn status, with a unique culture centered around high empathy and accountability.
Perform infrastructure security reviews across cloud services, network design, IAM, and platform components.
Design and build internal security services, APIs, and tools that automate infrastructure vulnerability detection, triage, reporting, and remediation.
Develop security automation that integrates with CI/CD, cloud control planes, and developer workflows to shift detection and remediation earlier in the lifecycle.
Webflow is building the world’s leading AI-native Digital Experience Platform as a remote-first company. They empower teams to design, launch, and optimize for the web without barriers, from entrepreneurs to global enterprises, and believe the future of the web, and work, is more open, more creative, and more equitable.
Implementing and maintaining Application Security Testing (AST) tools to identify code and dependency vulnerabilities during the software development lifecycle.
Implementing and maintaining Application Security Posture Management (ASPM) tools to centralize findings from multiple solutions and integrate into software development processes.
Acting as the first line of support for users by helping resolve false positives, providing guidance on finding remediation, and evaluating security exception requests.
AbbVie discovers and delivers innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. They strive to have a remarkable impact on people's lives across several key therapeutic areas and products and services in their Allergan Aesthetics portfolio.
Lead Application Security testing projects and drive remediation of identified vulnerabilities.
Design and run adversarial testing campaigns across the full Buildkite environment.
Build automation for both AppSec and adversarial testing workflows.
Buildkite's mission is to unblock every developer on the planet with their CI/CD platform. They are a remote-first company since 2013 with a small team, high standards, and real ownership distributed across 60+ cities, built around async communication and genuine autonomy.
Partner with engineering teams to conduct threat modeling.
Build and maintain automated scanning, penetration testing frameworks, and monitoring tools within our AWS CI/CD pipelines.
Champion a "security-first" mindset and host workshops that empower developers to write secure code.
Panopto is a customer-centric learning technology company and the leader in visual and audio-based learning. They empower organizations to share knowledge effortlessly. Panopto has been adopted by more than 1,600 companies and universities worldwide with over 11 million end users.
Lead security architecture and design reviews across applications, infrastructure, and integrations.
Conduct and coordinate penetration testing, threat modeling, and security reviews.
Design and implement security automation within CI/CD pipelines.
Assured modernizes insurance by providing software solutions to large insurers that help them win in a technology-driven world. Their products include self-service claim-filing software to backend fraud detection and are dynamic, collaborative, and rewarding.
Design, implement, and manage application and cloud security tooling across AWS.
Lead the deployment and configuration of Wiz CSPM, collaborating with infrastructure and DevOps teams.
Manage secure code scanning processes, integrating SAST and DAST to identify and remediate vulnerabilities early in the SDLC.
Twin Health aims to empower people to improve and prevent chronic metabolic diseases with AI Digital Twin technology. It is recognized for innovation and culture, with recent funding to scale rapidly across the U.S. and globally.
Conducting a comprehensive threat model of our application and infrastructure layers.
Hardening our AWS infrastructure while keeping developer workflows frictionless.
Integrating security tooling into our CI/CD pipeline.
Loancrate simplifies home-buying for lenders and borrowers by building AI-native tooling to automate mortgage workflows. Since 2020, their remote team has enabled customers to power >$85 billion in new home loans and they value collaboration and open communication.
Actively partner on the Cloud Security strategy and implementation.
Evolve and expand our current Cloud Security posture across multiple platforms.
Recommend and validate Security controls and improvements across our infrastructure stack
Circle is a global financial technology firm building the foundation for a more open financial system through digital assets, payment applications, and blockchain infrastructure. They value their employees and foster a culture of collaboration and excellence, with a flexible work enviornment.
Focus on automation, integrating security within the CI/CD pipeline, and DevOps toolchain.
Strong working knowledge of security fundamentals including OWASP Top10.
Experience with public cloud infrastructure (AWS or Azure) and cloud security fundamentals.
GuidePoint Security provides cybersecurity expertise, solutions, and services to help organizations make better decisions and minimize risk. They have grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serve as a trusted advisor to more than 6,200 customers.
Assist in designing and maintaining secure infrastructure on EKS in our multi-cloud environment (AWS) using Infrastructure as Code (Terraform).
Write code (Python, Go, or Bash) to automate manual tasks, threat detection, and vulnerability management processes.
Integrate security tools (SAST, DAST, SCA) into our CI/CD pipelines, ensuring developers receive fast, actionable feedback on their code.
Smartsheet helps people and teams achieve anything with seamless work management and scalable solutions. They empower teams to automate the manual, uncover insights, and scale smarter, creating space for impactful work. The company values diverse perspectives and supports employee growth.
Build proactive security automation aimed at decreasing manual remediation work.
Research new and novel ways to accomplish security work and publish your findings on our blog.
Participate in a monthly security on-call rotation for critical escalations.
Automox is a cloud-native IT operations platform that helps modern organizations keep every endpoint automatically configured, patched, and secured – anywhere in the world. They are trusted by more than 2,500 leading companies and MSPs worldwide and value a ‘one team’ mentality where everyone’s unique skills contribute to an environment that encourages collaboration and ownership.
Working cross functionally to design, build, and operate solutions that continuously improve and automate our security capabilities
Leveraging data to understand trends, metrics, and opportunities to improve our security posture and then helping execute on those opportunities with stakeholders
Leading and enhancing incident / issues response efforts, spearheading analysis, containment, and mitigation strategies in a cross-functional environment to ensure effective resolution and remediation of security incidents / issues
Aledade, a public benefit corporation, empowers independent primary care practices. Founded in 2014, they've become the largest network of independent primary care in the country with a collaborative, inclusive and remote-first culture.
Design and implement security controls across cloud infrastructure, applications, and data systems.
Identify, assess, and mitigate security risks through threat modeling, reviews, and testing.
Build and maintain monitoring, alerting, and incident response capabilities.
BlockchainUnmasked aims to streamline cryptocurrency forensic investigations through advanced automation combined with cutting-edge solutions. They work with investigative partners to dramatically accelerate investigation times and boost success rates in interdiction, recovery, and deterrence.
Partner with engineering to drive technical implementation of controls throughout the product and infrastructure
Design, implement, and continuously improve security controls across AWS infrastructure and application architecture
Enhance and tune monitoring and detection capabilities in support of customer security and incident response capabilities
AlertMedia helps organizations protect their people and businesses through all phases of an emergency. Their award-winning threat intelligence, emergency communication, and travel risk management solutions help companies of all sizes identify, respond to, and recover from critical events faster and more confidently. They support essential communication for thousands of leading businesses in more than 150 countries.
Serve as trusted advisor to team’s leadership and partner teams by clearly articulating business risks associated with security issues
Lead security operation functions – including vulnerability management, SAST, DAST, detection engineering, and incident response – in CI/CD and cloud-native production environments
Integrate security into our applications throughout the software development lifecycle
They are scaling intelligence to serve humanity by training and deploying frontier models for developers and enterprises, building AI systems to power magical experiences. Cohere is composed of researchers, engineers, and designers who are passionate about their craft, and believes that a diverse range of perspectives is a requirement for building great products.
Work with development and product teams on security.
Review code and make decisions about secure coding.
Code solutions for preventative measures and alerts.
BetterHelp is the world’s largest online therapy service, providing affordable and convenient therapy across the globe. The company's network of over 30,000 licensed therapists has helped millions of people take ownership of their mental health. As a mental health company, they deeply invest in their team’s well-being and professional development.
Conduct regular vulnerability assessments, threat modeling, and security architecture and design reviews.
Partner with engineering teams to identify, prioritize, and mitigate identified risks
Design and implement proactive security solutions to systematically eliminate vulnerability classes rather than endlessly chase individual vulnerabilities
Oura's mission is to empower every person to own their inner potential. Its award-winning products help its global community gain a deeper knowledge of their readiness, activity, and sleep quality by using their Oura Ring and its connected app. The company is quickly growing and focused on helping people live healthier and happier lives, and ensures that its team members have what they need to do their best work — both in and out of the office.
Design and implement security controls across cloud, infrastructure, and internal platforms
Partner with engineering to harden cloud architecture, IAM, and infrastructure
Own product security reviews for new features, services, and major architecture changes
XBOW is redefining the future of cybersecurity by building the world's first autonomous pentester, powered by AI. They are backed by Sequoia Capital and Altimeter, and a team that includes the creators of GitHub Copilot and GitHub Advanced Security.
Design, implement, and maintain systems that secure Yelp’s AWS and Google Cloud Platform environments.
Develop and enforce data security controls to support privacy initiatives.
Manage system-level access controls and tiered access for internal digital assets.
Yelp's engineering culture values individual authenticity and encourages creative solutions. They focus on helping users, growing as engineers, and having fun in a collaborative environment.