Source Job

• Own and operate n8n’s vulnerability intake and triage process, including the [email protected] inbox
• Define and maintain security policies, standards, and public-facing disclosure documentation
• Embed security into the software development lifecycle through threat modeling, design reviews, and pragmatic guardrails

n8n is the open workflow orchestration platform built for the new era of AI. They give technical teams the freedom of code with the speed of no-code, so they can automate faster, smarter, and without limits. Since their founding in 2019, they’ve grown into a diverse team of over 160.

• Embed security into Firefox, Mozilla VPN, and other mission-critical products.
• Anticipate, prioritize and mitigate risks through proactive threat modeling, security assessments, security testing, and automation.
• Partner with engineers to integrate security throughout the software development lifecycle as a core design principle.

Mozilla Corporation shapes the internet for the better and makes privacy-minded brands like Firefox. They have over 225 million people around the world using their products each month and are focused on making the internet better for people.

• Deploy and operationalize Cycode ASPM platform.
• Build IDE-to-cloud security pipelines.
• Design and deploy pre-approved security patterns.

Life360's mission is to keep people close to the ones they love. They are a remote-first company with more than 750 employees.

• Own and lead the delivery of large, multi-quarter Application Security and Engineering initiatives.
• Improve existing complex application security architectures and provide guidance for securing AI-based workflows.
• Proactively identify emerging industry threats and act as Incident Commander for large-scale security incidents.

Wrapbook provides a unified payroll platform that seamlessly connects your entire team in one place. It empowers production teams to manage projects, pay cast and crew, track expenses, and generate data-driven insights. With a growing team of 250+ people across the USA and Canada, Wrapbook is backed by top-tier investors and has raised $130M.

• Analyze and assess security issues via design reviews, code audits, and penetration tests.
• Design and build security tools, and develop mitigations and hardening strategies.
• Review and develop secure operational practices, and provide security guidance for engineers.

Aptos Labs is building a people-first blockchain that aims to provide universal and fair access to decentralized assets in a safe and scalable way. Founded by original creators/maintainers of the Diem blockchain, they value diversity and are an Equal Opportunity Employer.

• Drive execution of complex technical programs at the intersection of Security, Engineering, and Compliance.
• Translate complex technical initiatives into clear programs that meet security and regulatory obligations.
• Influence security strategy and drive alignment across Engineering, Compliance, and People Ops.

Rula is dedicated to treating the whole person and creating a world where mental health is embraced. They are a remote-first company that strives to be a force for positive change in the field of mental healthcare and hire in most U.S. states.

• Define and drive the strategic roadmap for proactive security vulnerability analysis.
• Establish the technical vision and program for integrating robust security controls at every stage of the SDLC.
• Lead collaborative and cross-functional threat modeling initiatives for core systems, new features, and evolving services.

Modern Health is a mental health benefits platform for employers, offering access to resources for emotional, professional, social, financial, and physical well-being. They are a fully remote workforce known for their culture centered around empathy and accountability, with a drive to win.

• Own application, cloud, infrastructure, and data security across Cherry
• Be hands-on: design systems, review code and architecture, and contribute directly where needed
• Lead incident response, threat modeling, and security reviews

Cherry is a profitable, high-growth fintech ($500M+ revenue, ~3x YoY) building the financial infrastructure for healthcare providers. Security is core to their product, not a support function. They are looking for strong leaders that will help them scale Cherry to be the go-to financial partner for every doctor in the country.

• Define security detection program strategy and roadmap.
• Oversee development, testing, and maintenance of detection logic.
• Lead and mentor a high-performing team of security operators.

Cribl helps solve IT and Security's data needs. They foster a collaborative, curious, and motivated team environment where employees are passionate about putting customers first and believe in empowering our employees to do their best work, wherever they are.

• Design, lead, and execute strategic security programs to mitigate security risks.
• Collaborate with security engineers to integrate and operationalize security controls.
• Establish clear, measurable metrics to track the impact of security programs.

DoorDash's mission is to empower local economies. They are a technology and logistics company known for delivering food, looking to expand into delivering all goods, fostering a culture where team members can share perspectives and solve challenges.

• Lead a high-performing engineering team, managing hiring, performance, and career growth while fostering an inclusive culture.
• Build the security modular platform, driving architecture, design, and implementation with emphasis on scalability, reliability, and low latency.
• Execute technical strategy, partnering with architects and principal engineers to shape long-term vision, modernization, AI integration, and security best practices.

Experian is a global data and technology company, powering opportunities for people and businesses around the world. They operate across a range of markets and invest in new advanced technologies to unlock the power of data and to innovate. A FTSE 100 Index company, they have a team of 23,300 people across 32 countries.

• Lead the design and implementation of secure architectures for Built’s applications, services, and AI/ML initiatives.
• Embed security throughout the development lifecycle by partnering with engineering teams on threat modeling, secure coding best practices, and design reviews.
• Perform internal penetration testing of applications, networks, and features to uncover weaknesses before attackers do.

Built is an AI-powered platform transforming how real estate is financed, developed, and managed. They started by fixing construction draw management for lenders and have grown into a comprehensive operating system. Built brings together passionate people who are driven in a variety of disciplines, each bringing their unique perspective to everything they do.

• Partner with Product teams to ensure that products are designed, built, and operated securely.
• Conduct threat modeling activities with Product teams to ensure product threats are understood, documented, and mitigated.
• Review and analyze product source code to identify security vulnerabilities and providing recommendations for secure implementation.

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm is a remote-first company and offers competitive benefits anchored to their core value of people come first.

• Build and operate privacy-preserving data practices at scale.
• Translate privacy requirements into durable engineering controls.
• Design and implement policy-based access controls for analytics and data platforms.

1Password is building the foundation for a safe, productive digital future by ensuring every identity is authentic, every application sign-in is secure, and every device is trusted. They are a cybersecurity company with over 180,000 businesses trusting them to help their teams securely adopt the SaaS and AI tools they need to do their best work.

• Build and ship security features for North, our AI workspace platform
• Develop autonomous agents that talk to sensitive enterprise data
• Write and ship minimal code that runs in low-resource environments, and has highly stringent deployment mechanisms

Cohere's mission is to scale intelligence to serve humanity, training and deploying frontier models for developers and enterprises building AI systems. They are a team of researchers, engineers, and designers passionate about their craft, believing that a diverse range of perspectives is a requirement for building great products.

• Integrate security activities across all SDLC phases: requirements, design, implementation, testing, deployment, and maintenance.
• Run threat modeling sessions (e.g. STRIDE) for new and existing systems; identify threats, attack paths, misconfigurations, and insecure design patterns.
• Perform security-focused code reviews to identify vulnerabilities and risky implementations; provide clear, actionable guidance on secure coding patterns and best practices.

Infiterra's B2B SaaS platform helps IT Distributors and Managed Service Providers (MSPs) automate and grow their subscription business. With 100+ customers in 75 countries, they're recognized for innovation and global impact. Infiterra fosters a collaborative and growth-oriented culture, allowing you to be part of a dynamic, forward-thinking team.

• Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem.
• Bring security best practices to the software development lifecycle.
• Work to find security vulnerabilities through grey-box techniques, and propose solutions at the architecture and code level to mitigate findings.

Webflow is building the world’s leading AI-native Digital Experience Platform as a remote-first company. They empower teams to design, launch, and optimize for the web without barriers, with trust, transparency and creativity as their core values.

• Lead, develop, and mentor the Platform Security team, setting direction, managing performance, and ensuring strong communication and execution across distributed time zones.
• Design, implement, and operate cloud security controls for AWS, GCP, and Azure to protect infrastructure, services, and applications from evolving threats.
• Partner with engineering and product leadership to influence architecture decisions, define security requirements, and ensure alignment with Affirm’s technical strategy.

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Security is critical to Affirm’s mission, and they aim to embed a strong security culture across the company so they can build and operate honest financial products.

• Lead the end-to-end software supply chain security architecture for GitLab’s CI/CD platform.
• Drive cross-team technical strategy and decisions across our Software Supply Chain Security (SSCS) stage teams.
• Teach, mentor, and coach Staff Engineers and individual contributors.

GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world.

• This role shapes 1Password’s technical integration strategy within the broader security ecosystem.
• Identify high-impact integration opportunities and build partner-ready pre-production proof of concepts.
• Ensure 1Password leads the evolving identity and security ecosystem, proactively shaping today and tomorrow.

1Password is building the foundation for a safe, productive digital future. They innovate the market-leading enterprise password manager and pioneered Extended Access Management. As one of the most loved brands in cybersecurity, they take a human-centric approach; over 180,000 businesses trust 1Password.