Support the execution and continuous improvement of Qohash’s security program.
Support risk assessments, track identified risks, and help coordinate remediation efforts.
Maintain security policies, standards, awareness materials, and support internal security training initiatives.
Qohash is building a foundational pillar of Canada’s digital sovereignty, believing security must scale differently. They look for bold, mission-driven individuals with technical depth and strategic clarity who collaborate across disciplines to protect sensitive data.
Own Security Governance: maintain and evolve security policies, standards, and control frameworks.
Lead the Security TPRM function across vendor lifecycle: intake/onboarding, due diligence, contracting handoffs, ongoing monitoring.
Build, coach, and scale the Governance and TPRM teams: hiring, performance management, career development, and team morale.
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. The majority of their roles are remote. They offer competitive benefits anchored to the core value of people come first.
Lead, develop, and mentor a team of Product Security Architects.
Own and continuously evolve the Product Security Architecture strategy.
Oversee and mature the Product Security Risk Register.
GitLab is the intelligent orchestration platform for DevSecOps. They enable organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. They have more than 50 million registered users and they value high-performance culture is driven by values and continuous knowledge exchange.
Reduce operational toil by experimenting with AI and automation in security workflows, building simple tools that make your team's work easier, and sharing what you learn.
Build trust across engineering and cloud teams by responding to security requests with genuine care, clear communication, and reliable follow-through.
Own alert triage and incident response with thoroughness and accuracy, ensuring security findings are investigated quickly, escalated at the right time to the right people, and documented clearly for the whole team to learn from.
Jane is a founder-led, high-growth SaaS company that builds products and tools that thousands of clinics rely on every day to run their businesses, care for their patients, and grow their communities. They are a team of more than 700 people working remotely across Canada, the US, and the UK.
Be the person who can answer and solve any security problem the company or their clients encounter; not advise, but solve.
Build security systems, not just strategies; write production-quality code and develop monitoring, guardrails, and enforcement systems for AI agents.
Act as a security founder inside the company by identifying gaps in the security market, prototyping new products and tools, and turning internal capabilities into external offerings.
Human Agency scales rapidly and has a growing pipeline of opportunities that demand exceptional talent across disciplines. They are a company of doers, where leaders roll up their sleeves, teams work flat, and everyone contributes to what ships.
Help scale NerdWallet’s application security program through automation, tooling, and developer enablement.
Partner with engineering and product teams to identify and remediate security gaps across multiple systems while balancing business priorities.
Build tools, processes, and automation that improve security posture visibility for engineers and leadership.
NerdWallet aims to bring clarity to life's financial decisions with a team of exceptional Nerds. They foster an inclusive, flexible, and candid culture where employees are empowered to grow and take risks, supporting well-being and development whether working remotely or in-office.
Identify and respond to security incidents on a global scale.
Act as an incident commander to drive incidents through the entire response lifecycle.
Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors.
Mozilla Corporation is a non-profit-backed technology company that has shaped the internet for the better over the last 25 years. With more than 225 million people around the world using their products each month, they’re shaping the next 25 years of technology and helping to reclaim an internet built for people, not companies.
Perform GRC functions and maintain the Cyber Security Risk register.
Execute third party risk processes for cyber and perform/execute on awareness programs and phishing processes.
Liaise with the vendor management (VM) team to conduct security assessments of existing and prospective vendors.
Warner Music Group is a global collective of music makers and music lovers, tech innovators and inspired entrepreneurs, game-changing creatives and passionate team members. They turn dreams into stardom and audiences into fans. WMG is committed to creating a work environment that actively values, appreciates, and respects everyone and encourages applications from people with a wide variety of backgrounds and experiences.