Source Job

• Provide security guidance on all new and existing products.
• Perform regular product security assessments.
• Triage and escalate security issues.

WorkOS is a developer platform that helps make apps enterprise-ready, building tools and services for developers.

The Senior Director, Product Security will define and lead the product security strategy for the medical device portfolio. Key responsibilities include developing and executing a comprehensive product security strategy aligned with business and regulatory objectives. This role requires overseeing end-to-end product security management, ensuring compliance with regulations and standards.

iRhythm is a leading digital healthcare company that creates trusted solutions that detect, predict, and prevent disease.

Lead multiple development teams, QA, release engineering, and PM functions. Oversee design, development, and maintenance of web applications, client portals, APIs, and internal tools. Collaborate with business stakeholders to align engineering priorities with strategic objectives.

Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.

Lead end-to-end planning and execution of major Security programs that cross multiple teams and collectives. Collaborate and communicate with multiple stakeholders, both technical and non-technical across the business to ensure alignment and speed of delivery. Drive effective decision making to remove blockers.

Monzo's mission is to make money work for everyone, everywhere by solving problems through banking.

• Design and implement scalable infrastructure supporting HIPAA, SOC 2, and ISO 27001 compliance.
• Create self-service security tools integrating with developer workflows (GitLab CI/CD, Terraform).
• Lead threat modeling and security architecture reviews for new products and services.

Maven is the world's largest virtual clinic for women and families on a mission to make healthcare work for all of us.

• Responsible for designing and implementing security best practices at each stage of the system development lifecycle.
• Works in partnership with cross-functional teams to act as a security subject matter expert, while supporting and advancing the security of ConnectWise applications.
• Conducts security assessments, threat modeling, and vulnerability reporting and develops security architecture patterns for implementing new solutions and products.

ConnectWise is a community-driven software company dedicated to the success of technology solution providers, with a suite that helps over 45,000 of their partners manage their businesses better. The company has over 3,000 colleagues in North America, EMEA and APAC and has an inclusive and positive culture.

• Lead secure design reviews and threat modeling for AI-driven products.
• Build and maintain security automation and governance frameworks.
• Drive software supply chain security and vulnerability reduction.

AlphaSense empowers companies to make smarter decisions by providing market intelligence and search functionality driven by AI. With over 2,000 employees globally and offices in multiple countries, they foster a collaborative and innovative environment.

• Manage and mentor a team of software engineers, providing regular feedback and leading performance management.
• Collaborate on technical infrastructure decisions and contribute to technology strategy discussions.
• Establish engineering standards and drive continuous improvement in development processes.

ProPublica is an independent, nonprofit newsroom that produces investigative journalism in the public interest.

• Oversee and lead Remote’s security team and function.
• Manage Remote’s security strategy and its implementation.
• Ensure the confidentiality, integrity and availability of the organisation’s systems and information.

Remote is solving modern organizations’ biggest challenge – navigating global employment compliantly with ease.

• Define and validate new product capabilities, partner with engineering, manage launches, provide go-to-market support, and drive customer adoption.
• Be hands-on in the use of AI to research, spec and prototype new features.
• Work closely with customers in sectors like automotive, high tech, medical devices, and critical infrastructure to understand unique compliance challenges and validate product features.

Finite State partners with product security teams to create transparency for their connected devices and supply chains. They are a fast-growing series-B company with a fully distributed workforce and a mission-driven team passionate about arming their customers with actionable insights.

• Own the full P&L of the Security product line: define revenue targets, pricing strategy, and profitability roadmap.
• Define and execute product strategy for the entire Security suite, including DDoS Protection, WAAP, Bot Management, and related services.
• Drive revenue growth through tight collaboration with Sales and Marketing supporting go-to-market strategies, product bundles, and vertical-specific offerings.

Gcore provides infrastructure and software solutions for AI, cloud, network, and security, powering everything from real-time communication and streaming to enterprise AI and secure web applications. They are a global team of 550+ professionals building infrastructure and software that supports the entire digital ecosystem.

• Reproduce, assess, and document vulnerabilities, perform variant hunting, and contribute to exploitability research on security issues reported in GitLab’s products and services.
• Support and consult with product and development teams on effective vulnerability remediation and mitigation. Independently validate vulnerability fixes prior to release.
• Contribute to clear and actionable documentation that explains vulnerability impact, risk, and remediation guidance for technical and non-technical audiences, helping to scale PSIRT knowledge and practices across GitLab.

GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Their high-performance culture is driven by their values and continuous knowledge exchange, enabling their team members to reach their full potential while collaborating with industry leaders to solve complex problems.

• Mentor product engineering teams, providing them with security knowledge, support, and guidance.
• Perform security reviews and assessments, ensuring products and features are secure by default.
• Lead security projects from inception through to completion, advocating for security best practices.

WorkOS builds tools and services for developers to help them implement authentication, identity, authorization, and overall enterprise readiness.

• Implement and maintain security measures to protect the organization's information assets and infrastructure.
• Support product and development teams on application security challenges, including threat modeling and architecture reviews.
• Support security incident response, perform root cause analysis, and drive remediation strategies.

insightsoftware is a global provider of comprehensive solutions for the Office of the CFO, transforming how teams operate and empowering leaders.

• Partner with engineering and product teams to design and build secure systems.
• Lead threat modeling, code reviews, and vulnerability assessments to identify and mitigate risks.
• Define and evolve secure development practices, including tooling, automation, and developer education.

Uniswap Labs is committed to diversity in our workforce and is proud to be an Equal Opportunity Employer (EEO).

Manages the software engineering process, reviewing system specifications and requirements to prepare programming specifications. Architects, develops, and implements complex software solutions meeting standards for performance and security, working with cross-functional teams. Provides technical guidance, mentors engineers, evaluates technologies, and contributes to continuous process improvements.

9th Way Insignia is a service-disabled, veteran-owned small business bringing transformative technology to our government customers.

• Protecting data, products, and infrastructure against security threats.
• Meeting security and compliance services such as vulnerability management, security updates and upgrades, and intrusion response.
• Staying current with the latest Information Security trends and news.

Bounteous is a premier end-to-end digital transformation consultancy dedicated to partnering with ambitious brands to create digital solutions.

• Define, implement, and document new security features.
• Analyze, fix, and test vulnerabilities in open source software.
• Audit and analyze source code for vulnerabilities.

Canonical is a pioneering tech firm at the forefront of the global move to open source and publishes Ubuntu.

This role will lead offensive security capabilities and vulnerability operations. You will direct and manage hardware, software, cloud, network and corporate system red team operations. You will manage vulnerabilities across the company.

Flock Safety is the leading safety technology platform, helping communities thrive by taking a proactive approach to crime prevention and security.

Lead a team of engineers building Software Supply Chain Security features with a focus on CI job artifact security. Guide the design and implementation of SLSA (Supply-chain Levels for Software Artifacts) compliance within GitLab CI/CD pipelines. Collaborate with Product Managers to define, prioritize, and deliver the roadmap for supply chain security capabilities.

GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations.