Manage and mentor a team to drive research projects and improve outcomes, ensuring collaboration and growth within the group.
Map complex data structures and risk surfaces to help our customers ensure proper coverage
Ensure that the research conducted provides tangible product value to the customer, enhancing their security posture and overall experience.
Detect security flaws in SaaS applications and business applications
Research applications and permission structures
Help our customers research incidents with context enrichment and event investigation
Collaborate with our product and engineering teams to define innovative solutions to our customer needs
Publish relevant findings to the industry

We're looking for a GRC Program Manager to drive FedRAMP authorization and oversee our broader compliance portfolio. You'll be the program's operational backbone - coordinating 3PAO assessments, managing documentation, and ensuring readiness across teams.

FedRAMP authorization is a strategic milestone for Port as we expand into enterprise and federal markets. This is a high-visibility initiative with executive sponsorship, requiring precise coordination across engineering, security, and product. We need a program manager who thrives in complex, cross-functional environments and can translate regulatory frameworks into clear execution plans while managing timelines, budgets, and stakeholder expectations.
What you'll do

Lead the FedRAMP project from kickoff through ATO: schedule, documentation, 3PAO engagement, and agency coordination.
Own the System Security Plan (SSP), Plan of Action & Milestones (POA&M), and all readiness deliverables.
Manage the 3PAO relationship, coordinate assessments, and drive remediation efforts.
Build and maintain the compliance evidence repository and continuous monitoring program.
Manage cross-team milestones, track control implementation progress, and identify blockers.
Develop repeatable processes and frameworks to sustain compliance post-authorization.
Partner with Engineering, Security, IT, and Product to translate NIST 800-53 controls into technical implementations.
Lead internal readiness assessments and gap analyses.

XM Cyber is a global leader in hybrid cloud security. XM Cyber brings a new approach that uses the attacker’s perspective to find and remediate critical attack paths across on-premises and multi-cloud networks. The XMCyber platform enables companies to rapidly prioritize andrespond to cyber risks affecting their business-sensitive systems. About the role: Are you a super-talent Senior Software Engineer with a deep passion for cybersecurity and a profound understanding of AI-driven attack techniques? We are looking for a highly professional and responsible R&D member to join our team. This role is for someone who thrives on technical challenges and is ready to leverage their expertise to identify, analyze, and defend against advanced cyber threat Responsibilities: As a Senior Software Engineer in R&D, you will be a key player in the design, development, and deployment of our cybersecurity platform. Your responsibilities will include:
* Leading the research and implementation of techniques to identify and mitigate AI-related attack methods, such as data manipulation and adversarial attacks on security systems.
* Developing and integrating new security features into our platform to proactively defend against modern cyber threats.
* Collaborating with our team to define technical requirements and architectural solutions for cutting-edge security features.
* Tackling challenging technical problems at the intersection of cybersecurity and low-level systems.

We're looking for a Corporate Systems Administrator to own Port's internal IT systems, identity lifecycle, and governance processes as we scale globally and progress toward FedRAMP authorization.

Port is expanding rapidly into enterprise and federal markets, and we're managing an increasingly complex and sensitive SaaS and infrastructure environment. We need a leader who can build scalable processes, strengthen our security and compliance posture, and ensure our internal systems evolve to support fast, high-quality growth.

In this role, you'll partner closely with Security, GRC, Engineering, and Finance to implement best-practice controls, automate lifecycle workflows, and drive operational excellence across the company.



Who you'll work with

You'll report to the Head of IT and work closely with the CIO, Security team, GRC Program Manager, and Engineering/DevOps teams. You'll partner with business system owners across all departments to ensure governance standards are met. You'll also work with Finance on procurement and vendor management.



What you'll do
Own the IT systems & employee lifecycles - manage identity lifecycle, MDM, endpoint security, and SaaS access management across the company.
Implement and maintain GRC-related IT controls, including SSO, encryption, device posture enforcement, and centralized logging.
Collaborate with Security and GRC teams to ensure compliance with access, backup, and configuration standards.
Lead internal IT audits and manage evidence collection efforts for FedRAMP, SOC 2, and other compliance initiatives.
Partner with business system owners to uphold governance best practices and ensure systems align with security and compliance requirements.
Maintain and evolve the SaaS catalog, ensuring continuous review of ownership, access controls, and lifecycle management.
Drive the SSO roadmap, integrating the majority of our SaaS applications into a unified identity platform.
Represent IT in the SaaS procurement process to ensure tools meet governance, security, and integration standards.
Develop and scale IT governance processes, automating workflows such as new system onboarding and access provisioning.
Continuously strengthen our enterprise IT governance and security posture as the company grows.

Were looking for an Application Security Researcher with strong penetration testing skills and a solid development or research background to join our Security Research team. This is a critical role where youll work closely with developers and researchers to build application security platform.

Responsibilities
What Youll Be Doing

Be a key member of OX research team building our vulnerability management platform, focusing on vulnerability exploitation analysis
Evaluate open source intelligence feeds and vulnerability knowledge base
Develop unique detection engines to enhance dynamic application security testing (DAST) solution
Take active part of the ideation process and prototyping of new features and product offerings

We are seeking a highly skilled and experienced Information Security Specialist to join


As the Information Security Specialist, you will be responsible for designing, implementing, and maintaining robust security measures to protect our assets and data. Working closely with various international stakeholders to integrate security best practices in all stages of the design and operating model, from design and deployment to monitoring and incident response.

What You'll Do:

Design and maintain the security model, ensuring alignment with best practices and regulatory requirements.
Manage and maintain security, including the site and endpoints employees use.
Assist with the deployment and assurance activities associated with Security controls with Autofleet. .
Continuously monitor environments, detect threats, and lead effective incident response and remediation efforts.
Ensure compliance with global standards (e.g., GDPR, ISO 27001, NIST) by driving audits, risk assessments, and security governance processes.
Co-ordinate offensive security activities including penetration testing, red team exercises, and third-party risk evaluations.
Drive continuous improvement of security operations, championing automation, zero-trust architecture, and emerging security capabilities.