Open Positions

The Chief Compliance Officer (CCO) is responsible for ensuring that the organization adheres to all relevant laws, regulations, and industry standards. The CCO plays a critical role in managing compliance risks, fostering a culture of compliance, and maintaining the trust of customers, regulators, and other stakeholders. Develops, implements, and maintains comprehensive compliance programs that align with organizational goals, risk appetite, and regulatory requirements. Oversees creation and implementation of compliance policies, procedures, and guidelines to establish strong compliance culture across the organization.

The Chief Information Security Officer (CISO) is responsible for establishing, implementing, and maintaining the organization's information security program to ensure the confidentiality, integrity, and availability of information assets. The CISO plays a crucial role in protecting the organization from cyber threats and ensuring compliance with relevant regulations and industry standards. Develops comprehensive information security strategies that align with organizational goals and regulatory requirements.

We are seeking a dynamic and skilled Cybersecurity Sales Engineer with a focus on leveraging ChatGPT assistants to enhance our sales and customer interaction processes. The ideal candidate will have a strong background in cybersecurity, sales, and a keen interest in AI and chatbot technologies. This role combines technical cybersecurity expertise with sales acumen and AI tool proficiency to streamline customer interactions and automate sales processes.

Develop and implement marketing strategies for cybersecurity products and services, leveraging ChatGPT as a key tool for customer engagement and content creation. Create compelling marketing content, including blogs, social media posts, and whitepapers, using ChatGPT to enhance creativity and efficiency. Use ChatGPT to analyze market trends and customer feedback, ensuring marketing campaigns are data-driven and targeted.

Manage security for remote workforce and infrastructure. Responsible for developing and enforcing policies that protect distributed teams, endpoints, and cloud resources.

Lead and oversee security operations, including incident response, threat detection, and security monitoring. Responsible for building and scaling the SOC function and driving continuous improvement across detection and response capabilities.

Design and implement enterprise security architecture, ensuring alignment with business objectives. Define security standards, patterns, and reference architectures across on-premise and cloud environments.

Lead and oversee GRC programs, ensuring alignment with business objectives and regulatory requirements. Drive risk management frameworks, audit readiness, and compliance across enterprise operations.

Develop and implement comprehensive security awareness and training programs across the organization. Measure program effectiveness and build a security-conscious culture from the ground up.

Manage physical security operations and programs. Oversee access control, surveillance systems, guard forces, and facility security to protect personnel and assets.

Lead offensive security testing and assessments. Plan and execute red team engagements, adversary simulations, and penetration tests to identify organizational vulnerabilities.

Lead defensive security operations and monitoring. Oversee threat detection, SIEM tuning, and incident response workflows to strengthen the organization's defensive posture.

Coordinate red and blue team activities and improvements. Facilitate collaborative exercises to close detection gaps and accelerate the feedback loop between offensive and defensive functions.

Drive cybersecurity marketing initiatives with AI-powered solutions and create compelling content that resonates with security professionals. Leverage ChatGPT assistants to scale content production and analyze campaign performance.

Help organizations navigate complex compliance requirements and implement governance frameworks. Conduct gap assessments, develop policies, and advise on ISO 27001, NIST, SOC 2, and other standards.

Monitor and analyze security events, implement security controls, and respond to incidents. Triage alerts, investigate anomalies, and contribute to threat detection rule development.

Lead incident response efforts and conduct post-incident analysis. Contain, eradicate, and recover from security breaches while producing high-quality incident reports and lessons learned.

Oversee vendor risk assessment programs and third-party security management. Build scalable TPRM processes to evaluate, monitor, and remediate risk across the supply chain.

Monitor, analyze, and respond to emerging security threats and vulnerabilities. Produce finished intelligence products and integrate threat feeds into detection and response workflows.

Analyze and report on cyber threats and provide actionable intelligence to executive and technical stakeholders. Develop intelligence collection plans and mentor junior analysts.

Design and implement security solutions and infrastructure. Build and maintain security tooling, integrations, and controls across cloud and on-premise environments.

Secure application development through code reviews, security testing, and developer enablement. Integrate security into the SDLC and reduce vulnerability exposure across the application portfolio.

Ensure compliance with regulations and standards and conduct assessments across business units. Track control effectiveness, manage evidence collection, and support external audits.

Conduct risk assessments and develop mitigation strategies. Quantify and communicate risk to business stakeholders and maintain the enterprise risk register.

Lead privacy initiatives and ensure compliance with privacy regulations across all operations. Develop and maintain a privacy program covering GDPR, CCPA, and other applicable laws.

Leverage AI tools to enhance technical sales processes and provide solutions to complex security challenges. Support the sales cycle with technical demonstrations, RFP responses, and proof-of-concept engagements.

Plan and conduct security audits, report findings and recommendations. Evaluate control effectiveness against frameworks such as ISO 27001, SOC 2, and NIST CSF.

Support privacy program implementation and compliance. Conduct privacy impact assessments, manage data subject requests, and maintain records of processing activities.

Design and implement privacy-enhancing technologies. Embed privacy by design principles into systems and data pipelines to reduce collection, enable consent, and support data minimization.

Develop and deliver security training programs for technical and non-technical audiences. Create engaging curriculum covering phishing awareness, secure development, and security fundamentals.

Assess and monitor third-party security risks. Conduct vendor questionnaires, on-site assessments, and continuous monitoring to ensure supply chain security.

Conduct digital forensics investigations and analysis in support of incident response and legal proceedings. Preserve chain of custody, image systems, and produce forensic reports.

Create and deliver security awareness programs including phishing simulations, e-learning modules, and live training sessions tailored to different employee populations.

Secure AI/ML systems and implement AI-driven security solutions. Assess risks in machine learning pipelines, protect model integrity, and evaluate adversarial attack surfaces.

Design secure systems and infrastructure and develop security patterns for cloud and hybrid environments. Provide architectural guidance to engineering teams and review designs for security risk.

Monitor and investigate potential insider threats using behavioral analytics, DLP, and UEBA tooling. Collaborate with HR and Legal to manage sensitive investigations.

Develop and implement security automation solutions including SOAR playbooks, custom integrations, and scripted remediation workflows to reduce analyst toil.

Secure blockchain and cryptocurrency operations including wallet infrastructure, smart contract auditing, and exchange security. Advise on Web3-specific threat models.

Implement and maintain physical security controls including access control systems, CCTV, and guard operations. Conduct physical risk assessments and develop remediation plans.

Manage vulnerability assessment and remediation programs across enterprise infrastructure. Prioritize findings using CVSS and threat intelligence and drive remediation SLAs with asset owners.

Oversee data protection strategy and ensure compliance with privacy laws including GDPR. Serve as the primary contact for supervisory authorities and advise on all data protection matters.

Develop and manage comprehensive security awareness programs for organizations. Drive metrics-based improvement in security culture through phishing simulations, training campaigns, and executive reporting.

Lead the development and implementation of security solutions across infrastructure. Define security standards, mentor engineers, and drive security architecture decisions across cloud environments.

Implement security in CI/CD pipelines and development processes. Automate SAST, DAST, SCA, and secrets scanning, and build developer-friendly security guardrails that don't slow delivery.

Design, implement, and maintain identity and access management systems including SSO, MFA, directory services, and lifecycle management. Identity is the new perimeter — this role owns it. Integrates with HR systems, cloud providers, and SaaS platforms to enforce least-privilege access at scale.

Deploy and manage privileged access management solutions to secure administrative accounts, service accounts, and secrets. Reduce standing privilege, implement just-in-time access, and ensure all privileged sessions are recorded and auditable.

Secure cloud infrastructure across AWS, Azure, or GCP. Implement cloud security posture management (CSPM), enforce IaC security policies, configure native security services, and build guardrails that allow engineering teams to move fast without introducing risk.

Secure containerized workloads and Kubernetes clusters across development and production environments. Implement runtime security, image scanning, network policies, secrets management, and admission controllers to harden the container supply chain.

Lead the design and implementation of a Zero Trust security model across the enterprise. Define the roadmap for identity-centric access, micro-segmentation, continuous verification, and least-privilege enforcement. Translate Zero Trust principles into actionable architecture across network, endpoint, identity, and application layers.

Lead the organization's post-quantum cryptography (PQC) readiness program. Assess cryptographic inventory, identify quantum-vulnerable systems, and drive migration to NIST-approved PQC algorithms (ML-KEM, ML-DSA, SLH-DSA). Advise on crypto-agility architecture and timeline planning ahead of Q-Day.

Manage software and hardware supply chain security risk. Maintain software bill of materials (SBOM) inventories, monitor for upstream vulnerabilities in third-party dependencies, assess vendor development practices, and ensure compliance with EO 14028 and NIST SSDF requirements.

Own the organization's Continuous Threat Exposure Management program — the evolution beyond traditional vulnerability management. Scope, discover, prioritize, validate, and mobilize remediation of exposures across the full attack surface including internal assets, cloud, SaaS, and external attack surface. Align exposure data to business risk and report to the board.

Conduct hands-on penetration tests against networks, applications, APIs, and cloud environments. Identify vulnerabilities, chain exploits to demonstrate real-world impact, and produce clear technical and executive reports with actionable remediation guidance.

Analyze malicious code, ransomware, and threat actor tooling to extract indicators of compromise, understand capabilities, and support incident response. Perform static and dynamic analysis, unpack obfuscated samples, and contribute YARA rules and detection signatures back to the security team.

Serve as a fractional or embedded Chief Information Security Officer for client organizations that require executive security leadership without a full-time hire. Develop information security strategy, manage security programs, present to boards, and act as the accountable security leader across multiple client engagements. Ideal for consultants with broad CISO-level experience.

Translate cybersecurity risk into financial terms using quantitative models including FAIR (Factor Analysis of Information Risk). Build risk models, run Monte Carlo simulations, and produce board-ready reports that express cyber risk in dollars rather than heat maps. Enable data-driven security investment decisions.

Drive execution of complex, cross-functional security programs from strategy to delivery. Own the security roadmap, coordinate workstreams across engineering, compliance, and operations, manage budgets, and report program health to executive leadership. The connective tissue between the CISO's strategy and the team's execution.

Lead the enterprise privacy strategy at the C-suite level, owning all privacy risk, regulatory compliance (GDPR, CCPA, CPRA, APRA, and emerging state laws), and privacy engineering direction. Serve as the executive accountable for data ethics, consent management, and privacy-by-design adoption. Report directly to the CEO or General Counsel and present to the board.