
11 - 50 employees
🔌 API
API
The Leaflet is an open-source JavaScript library for building mobile-friendly interactive maps. It is lightweight (around 42 KB), designed for simplicity, performance and usability, and provides core mapping features such as tile layers, markers, vector layers, popups, and interaction handlers. Leaflet is highly extensible via a large plugin ecosystem, well-documented, and maintained by a broad community of contributors and organizations.
🔥 0 minutes ago
Improve your chances of getting an interview by checking your resume score before you apply.

11 - 50 employees
🔌 API
API
The Leaflet is an open-source JavaScript library for building mobile-friendly interactive maps. It is lightweight (around 42 KB), designed for simplicity, performance and usability, and provides core mapping features such as tile layers, markers, vector layers, popups, and interaction handlers. Leaflet is highly extensible via a large plugin ecosystem, well-documented, and maintained by a broad community of contributors and organizations.
• Secure SDLC & DevSecOps • Embed automated checks across our cloud (GitHub Actions) and on-prem product pipelines — GitHub Advanced Security (SAST/SCA) and Wiz Code for application, dependency, and container scanning • Define secure-by-default patterns, paved-road guardrails, and standards for secure coding, code review, and dependency hygiene — so teams ship quickly and safely • Serve as the application authority for our Zero Trust program, aligned to NIST SP 800-207 and the CISA Zero Trust Maturity Model (Applications & Workloads pillar) • Threat Modeling & Secure Design • Partner with product and engineering on security reviews for new features and payment integrations — running threat modeling (e.g., STRIDE) early in design and turning output into concrete, prioritized work • Vulnerability Management (End to End) • Own the product and application vulnerability lifecycle — one program spanning code, dependency, container, pen-test, and bug-bounty findings, from discovery through remediation • Prioritize by real-world risk and drive remediation against risk-based SLAs; engineering owns the fixes, you own the program and the escalation paths that shrink time to remediate • Report program health with metrics leadership can act on, and provide evidence for compliance obligations (PCI DSS, GLI, ISO 27001, SOC 2) • Application & API Security • Defend our applications and APIs against the OWASP Top 10 and API abuse, partner on payment security across our payment gateways, and team with our Principal Cloud & Network Security Engineer — who owns our Cloudflare edge defenses (WAF, Bot Management) — on bot and abuse resilience • Own the application security of player-facing account flows — registration, authentication, session management, recovery — partnering with our Principal Identity Engineer on CIAM architecture and with SecOps and Fraud on account-takeover resilience • Testing & External Assurance • Coordinate penetration testing with external partners and drive findings to closure • Mature our existing coordinated-disclosure program into a full bug-bounty capability
• 10+ years in application or product security — or equivalent practical experience • Deep expertise across the AppSec toolchain: SAST, SCA, and secure code review • Strong command of the vulnerability management lifecycle: triage, prioritization, remediation tracking, metrics • Hands-on threat modeling and secure-design partnership with engineering teams • Working knowledge of a modern programming language and how real applications are built and deployed • Experience with CI/CD pipelines and cloud-native application security (our products run primarily on AWS) • Excellent communication — you turn a finding into a clear, prioritized ask • Fluency with AI — you lead with it, reaching for AI tools daily to work faster and sharper; hands-on experience applying AI to security or engineering work is a must.
• Competitive pay and benefits • Flexible vacation allowance • A hybrid / remote working environment • Startup culture backed by a secure, global brand
Apply Now🔥 4 hours ago
Information Systems Security Officer responsible for cyber operations and risk management. Collaborating with leadership to mitigate risks and protect digital infrastructure.
🇺🇸 United States – Remote
💵 $132k - $150k / year
⏰ Full Time
🟠 Senior
🔴 Lead
👮♂️ Cybersecurity / Security Engineer
🔥 5 hours ago
Cybersecurity Architect responsible for security systems across AbbVie's infrastructure environment. Collaborating with Information Security team on mitigating threats and enhancing security measures.
🇺🇸 United States – Remote
💵 $124.5k - $236.5k / year
⏰ Full Time
🟠 Senior
🔴 Lead
👮♂️ Cybersecurity / Security Engineer
🦅 H1B Visa Sponsor
🔥 8 hours ago
Principal Cybersecurity Architect leading design and governance of Generative AI security at GE Vernova. Ensuring secure adoption of AI systems in compliance with regulations and standards.
🇺🇸 United States – Remote
💵 $145.4k - $242.4k / year
⏰ Full Time
🔴 Lead
👮♂️ Cybersecurity / Security Engineer
🔥 8 hours ago
Principal Cybersecurity Architect responsible for securing enterprise applications and data platforms. Partnering with teams to ensure security in application design and data lifecycle management.
🇺🇸 United States – Remote
💵 $145.4k - $242.4k / year
⏰ Full Time
🔴 Lead
👮♂️ Cybersecurity / Security Engineer
🔥 9 hours ago
Staff Security Engineer at DoorDash leading threat modeling and operation of security services. Ensuring security of product and cloud environments with a global team effort.
🇺🇸 United States – Remote
💵 $193.8k - $285k / year
⏰ Full Time
🔴 Lead
👮♂️ Cybersecurity / Security Engineer
🦅 H1B Visa Sponsor