Source Job

• Work with private equity and portfolio company clients, consulting on how to apply an information security vision and strategy in alignment with customer business objectives.
• Work with customers to assess and address information security risks.
• Assist in managing customer security programs including the achievement and/or maintenance of key compliance initiatives such as SOC, ISO27001, NIST, PCI, and SOX.

Crosslake supports changemakers and helps them buy, build, and run better technology. They believe in a programmatic, proactive approach to actively manage technology throughout the investment lifecycle.

• Lead and mature Material Bank’s enterprise information security program.
• Own the security risk management framework, including risk identification, scoring, tracking, and executive reporting.
• Own detection, incident response, and resilience strategy.

Material Bank operates the world’s largest material marketplace for the architecture and design industry, connecting designers with materials from leading brands. They operate in 37 countries and their platform is the standard for design professionals around the globe.

• You will review, challenge, and strengthen our systems, act as the security authority within engineering, define guardrails, and drive remediation when risks arise.
• Operating independently, you’ll build the structure and standards needed as we scale.
• Your mission is to own the company wide security strategy and architecture, ensure CIRO and SOC 2 alignment, and embed strong security practices across infrastructure, applications, and internal systems, while enabling engineering velocity.

Newton is changing how Canadians trade crypto, with the goal to make financial freedom something everyone can achieve by giving customers the tools and knowledge they need to navigate the crypto world. At Newton, you'll work with a remote team spread across Canada.

• Assess and improve client security and IT controls.
• Develop policies, processes, and risk assessments aligned to top frameworks like NIST, ISO 27001, and SOC 2.
• Translate technical and regulatory requirements into clear, actionable steps for our clients.

Hotman Group is a rapidly growing boutique firm redefining cybersecurity and GRC. They help business leaders earn and keep customer trust through expert guidance and a commitment to quality, fostering a collaborative environment where every voice matters.

• Serve as the primary vCISO and subject matter expert for multiple clients.
• Lead data-centric cybersecurity programs aligned to business risk.
• Manage, mentor, and develop vCISO team members.

Coretelligent partners with growing, highly regulated organizations that need secure, dependable IT environments built to scale. They deliver managed IT, cybersecurity, cloud, and strategy, through a model designed for consistency, transparency, and trust. They are building a team of professionals who care deeply about quality, ownership, and continuous improvement.

• Own day-to-day execution of SOC 1, SOC 2, PCI DSS, and ISO 27001 readiness and audit cycles.
• Develop and maintain policies, procedures, risk assessments, control narratives, and supporting documentation.
• Facilitate risk assessments for systems, vendors, products, and business initiatives.

Astra is building mission-critical infrastructure for moving money at scale. Their platform processes billions in annual transaction volume with 99.9%+ uptime, powering real-time transfers, bank debits, card disbursements, and complex financial compliance systems.

• Lead development of security strategy aligned to client business goals.
• Guide risk management practices including risk registers and threat modeling.
• Provide executive-level oversight of regulatory compliance programs.

Jobgether uses an AI-powered matching process to ensure applications are reviewed fairly. Their system identifies the top-fitting candidates and shares this shortlist with the hiring company.

• Lead current ISO 27001, SOC 2, and PCI compliance initiatives.
• Spearhead initiatives to identify and improve security risks.
• Conduct Risk Assessments within customer systems.

Canadian Bank Note Company (CBN) is a leader and trusted provider of secure document and adjacent enterprise-level system solutions across various domains. They seek long-term relationships with their employees and offer a competitive compensation package, including health, medical, life insurance benefits, and a defined contribution pension plan with company matching.

• Support the development, implementation, and maintenance of IT compliance policies, standards, procedures, and controls.
• Coordinate and support internal and external audits, including preparation of documentation, evidence collection, and remediation tracking.
• Perform periodic compliance assessments, gap analyses, and risk assessments against applicable frameworks and standards.

Xcelerate Solutions, founded in 2009 and located in McLean, VA, is a fast-growing company. The company is defined by a diversified workforce of dynamic and versatile professionals, with growth and development opportunities that contribute to individual and firm growth.

• Design, implement, and operate the information security program for our growing healthcare organization operating under the PACE model.
• Configure and monitor tools, logs, and alerts, analyze activity, and investigate potential security incidents.
• Draft, maintain, and enforce security policies, standards, and procedures aligned to HIPAA, NIST, and partner requirement.

Habitat Health envisions a world where older adults experience an independent and joyful aging journey in the comfort of their homes, enabled by access to comprehensive health care. They provide personalized, coordinated clinical and social care as well as health plan coverage through the Program of All-Inclusive Care for the Elderly (“PACE”) in collaboration with their leading healthcare partners, including Kaiser Permanente.

• Manage certification frameworks, including CMMC, NIST, and SOC 2.
• Develop, track, and maintain security and compliance policy documents.
• Analyze and review system configurations for security vulnerabilities.

Rubris Inc. provides transformational legal technology and solutions for complex business and legal processes in the mass tort industry. They streamline and automate processes to improve efficiency while delivering unprecedented insights and analytics.

• Build and maintain strong relationships with key partners.
• Conduct deep discovery to understand the partners’ organizational structure, goals and objectives.
• Collaborate with partners to develop mutually beneficial, strategic business plans to achieve sales targets.

KnowBe4's AI-driven Human Risk Management platform empowers organizations to strengthen their security culture. They have over 70,000 organizations worldwide as customers and value radical transparency, extreme ownership, and continuous professional development.

• Recruit, certify, and operationalize partners to successfully position and sell the Oasis platform.
• Drive regional revenue by co-selling complex enterprise deals with partners across Security, DevOps, and IAM stakeholders.
• Build C-level partner relationships to establish Oasis as the "first-call" solution for NHI security.

Oasis Security is the market-leading provider for non-human identity management. Their platform transforms how organizations secure non-human identities throughout their lifecycle, enabling security and development teams to bolster enterprise security posture and simplify compliance.

• Own and evolve the GRC program in partnership with Legal and our CCO.
• Develop, maintain, and enforce clear, practical security policies across all departments.
• Develop and execute a comprehensive information security roadmap aligned with business objectives.

Allocate is a fintech company handling sensitive investor data and financial transactions. They are a rapidly growing organization that values client service, relentless problem-solving, and continuous improvement.

• Lead SOC 2 and ISO programs through the full audit lifecycle.
• Build integrations that continuously gather compliance evidence from AWS, GitHub, identity providers, and internal systems.
• Evaluate and monitor third-party vendors for security and compliance risk.

Fieldguide is establishing a new state of trust for global commerce and capital markets through automating and streamlining the work of assurance and audit practitioners. The company is based in San Francisco, CA, and built as a remote-first company with a team that is inclusive, driven, humble and supportive.

• Help grow Infisical’s customer base and ensure a seamless product experience.
• Demonstrate technical value, drive successful implementations, and expand product usage across accounts.
• Guide customers through onboarding and recommend best practices for specific architectures and use cases.

Infisical is an open source security infrastructure platform that engineers use for secrets, certificates, and privileged access management. They've raised $19M and helps developers and organizations securely manage over 1.5 billion secrets each month.

• Collaborate with specialist teams to develop and execute the company's technology, security, and AI strategy.
• Oversee all IT operations including Helpdesk/Service Desk, Systems Operations, Infrastructure/Network Operations, and End-user Computing/Device Management.
• Lead incident, problem, and change management processes, ensuring timely resolution of issues and minimal business disruption.

GuidePoint Security provides cybersecurity expertise, solutions, and services to help organizations make decisions and minimize risk. They have over 1,200 employees and have established strategic partnerships with security vendors, serving as a trusted advisor to more than 6,200 customers.

• Be part of the Operational Technology (OT) Product Excellence team that is responsible for ensuring our customers’ success with ServiceNow’s OT products
• Be the focal point of contact/coordination for customer programs and events with Product Excellence
• Develop a deep understanding on customer use cases and success outcomes

ServiceNow is a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500. Their intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work.

• Partner with Sales, helping customers address complex security challenges.
• Translate requirements into outcome-driven solutions that reduce risk.
• Communicate effectively with both technical practitioners and executive stakeholders.

ServiceNow, founded in 2004, provides AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500. Their cloud-based platform connects people, systems, and processes to empower organizations to find smarter, faster ways to work, aiming to improve work globally.

• Deliver technical training, workshops, and certifications to ensure MSP/MSSP partners can independently position and deliver NodeZero.
• Assist partners in building repeatable service offerings around continuous pentesting, compliance validation, and attack surface management.
• Develop technical collateral, playbooks, and best practices to support partner go-to-market strategies.

Horizon3.ai is a cybersecurity company that enables organizations to proactively find, fix, and verify exploitable attack vectors before criminals exploit them. They are a fast-growing, remote company made up of former U.S. Special Operations cyber operators, startup engineers, and formerly frustrated cybersecurity practitioners.