Oneleet

• Own the roadmap and sequencing for our code security bundles, prioritizing modules across need / want / nice-to-have tiers • Make scope tradeoff calls quickly under deadline pressure, including what to cut to ship on time • Work directly with design on mock-ups before engineering begins, providing product direction without requiring detailed specs • Partner with engineering leadership on technical tradeoffs and sequencing of dependencies across modules • Run design partner programs and customer interviews to validate priorities and gather feedback on shipped features • Define the competitive bar for each module based on direct comparison against incumbents in the space • Coordinate the free tier and Product Hunt launch plan, including which features to give away and how to upsell into paid • Track usage, success metrics, and engagement for shipped features and feed signal back into the roadmap • Collaborate with go-to-market on positioning, pricing, and bundle structure as we move from build to launch • Partner with the Oneleet Intelligence team on AI-powered features integrated into the bundles

• Build features end-to-end across backend (Go) and frontend (React/TypeScript) • Design and implement APIs that power dashboards, workflows, and reporting • Build UI components that present complex data clearly and drive user action • Map complex backend data to clear, actionable interfaces • Implement robust error handling and fallback behaviors for upstream service failures • Optimize end-to-end performance, including caching, pagination, and query design for high-volume data • Develop reusable patterns and components that scale across many areas of the platform • Work directly with customers and design partners to understand how features are used and iterate rapidly • Build monitoring and analytics to track feature usage, success rates, and user engagement • Collaborate with AppSec, backend, and design on how data flows from services through to the UI

• Develop and maintain backend services and APIs in Go • Design and optimize PostgreSQL schemas and queries for high-volume data • Build reliable orchestration and integration layers across internal and third-party systems • Implement metrics, distributed tracing, and observability across services • Collaborate with the Engineering team on improving the overall Developer Experience • Implement security best practices • Collaborate with frontend, fullstack, and the broader engineering team

• Own the integration, configuration, and output quality of security tooling that powers our platform • Tune outputs to maximize signal and minimize noise — decide what to surface, what to suppress, and what to enrich • Design rules, severity scoring, and triage flows that make findings actionable rather than overwhelming • Build the security judgment layer on top of underlying tooling — context-aware prioritization and exploitability reasoning • Partner with engineers on how findings are presented in the UI and how remediation flows work • Work with PM and design on roadmap priorities, providing the security expertise that drives what to build next • Review and shape architectural choices that affect security outcomes • Engage with customers directly to understand how they use the platform and what's blocking adoption • Benchmark our output quality against competitors and close gaps where they exist • Contribute back to the open source security tooling we depend on where it makes sense

• Build UI components and full pages in React/TypeScript across the platform • Extend and maintain our existing component library, ensuring consistency across the product • Implement complex triage, filtering, and workflow flows that handle high-volume data • Build data visualizations for dashboards, posture views, and reporting • Optimize frontend performance — list virtualization, smart pagination, responsive interactions on large datasets • Implement real-time updates where they matter • Partner with the Product Designer on mock-up reviews and on extending the component library • Work with fullstack and backend engineers to shape the APIs that power the UI • Build feedback loops and analytics that capture user interactions with new features • Work directly with customers and design partners to validate UX and iterate quickly

• Perform thorough internal reviews of client-uploaded evidence for compliance frameworks including SOC2, ISO27001, PCI, HIPAA, and GDPR • Conduct detailed quality assurance checks on individual controls to verify completeness, accuracy, and sufficiency prior to their audits with third-party auditing firms. • Execute comprehensive final QA reviews prior to clients engaging with an external auditor. • Identify gaps or weaknesses in evidence documentation and recommend improvements • Develop and maintain internal QA standards and review methodologies • Create guidance documents to help clients improve evidence quality • Collaborate with Security Program Engineers to address compliance gaps • Stay current on evolving compliance requirements across multiple frameworks to ensure our pre-audit preparation meets industry standards • Track audit readiness metrics and identify opportunities for process improvement • Provide expert feedback to our product team for compliance platform enhancements to better support pre-audit readiness

• Monitor and respond to customer questions across Slack shared channels and the support ticket queue • Resolve platform navigation, onboarding, billing, and pentest scheduling inquiries • Triage incoming requests and route escalations to the right internal team with full context documented • Send timely holding responses on escalations so customers always know what's happening • Log and tag all interactions accurately in our ticketing system (Pylon) • Identify recurring issues and contribute answers to the internal knowledge base • Collaborate with Security Program Managers, CS, and Engineering to resolve customer issues efficiently

• Own and build Oneleet's community strategy from the ground up- defining the audience, the value proposition, the platforms, and the programming that will make practitioners and buyers want to be part of it • Launch and manage Oneleet's owned community channels (Slack, Discord, LinkedIn, or similar) with clear onboarding journeys, engagement rituals, and moderation standards • Develop a content and programming calendar for the community: AMAs with security experts, compliance Q&A sessions, peer networking threads, and product feedback loops • Build a champion and ambassador program that turns Oneleet's most enthusiastic customers into active community voices • Own the full Oneleet events calendar- from intimate executive dinners and customer roundtables to hosted meetups, webinars, and presence at major industry conferences • Design event experiences that feel distinctly Oneleet: thoughtful, high-quality, and anything but generic • Manage end-to-end event logistics: venue sourcing, vendor management, invitations, run-of-show, on-site execution, and post-event follow-through • Build a repeatable playbook for flagship event formats so the program can scale without losing quality • Design and run exclusive programs for senior stakeholders- CISO roundtables, CTO advisory dinners, customer advisory boards- that deepen relationships and generate strategic insights • Partner with Sales and Customer Success to identify the right attendees for the right events and ensure every invitation feels personal and intentional • Create closed, peer-led forums where security and compliance leaders can connect, share challenges, and see Oneleet as the trusted platform at the center of those conversations • Own Oneleet's strategy and presence at key industry events and other relevant conferences • Coordinate booth experiences, sponsored sessions, side events, and executive meetings that maximize Oneleet's impact at each conference • Scout and evaluate new conference and sponsorship opportunities that align with where Oneleet's buyers spend their time • Define and track the metrics that prove community and events are driving business outcomes: pipeline influenced, retention impact, community growth, engagement rates, and event NPS • Report regularly on program performance and make data-informed decisions about where to invest and what to cut • Continuously gather feedback from community members and event attendees to improve the experience over time.

• You will be the single owner of the content and collateral that moves buyers from curious to convinced. • Build and maintain the full library of sales collateral: one-pagers, battlecards, competitive comparison tables, objection-handling guides, and ROI/TCO frameworks. • Create custom presentations and tailored pitch materials for mid-market prospects and strategic accounts- working directly with Account Executives to craft decks that speak to a specific buyer's context, industry, and pain points. • Develop mid-funnel content that accelerates deals: case studies, proof-of-concept summaries, security posture assessments, and compliance outcome narratives. • Partner with Sales to identify recurring objections and gaps in the current collateral library, and close those gaps faster than anyone expects. • Own the white paper and research content program- from topic ideation and outline through interviews, drafting, design briefing, and distribution. • Write authoritative, deeply credible long-form content on topics including SOC 2, ISO 27001, compliance automation, security program maturity, and the cost of legacy approaches. • Develop point-of-view content that positions Oneleet as the category-defining platform in the compliance and cybersecurity space. • Work with subject matter experts on the engineering and security team to extract insights that no generalist writer could produce. • Own Oneleet's competitive intelligence program- continuously monitoring the landscape, updating battlecards, and synthesizing win/loss patterns into actionable positioning guidance. • Build and maintain comparison frameworks (feature tables, methodology comparisons, pricing narratives) that hold up to scrutiny in a sales conversation. • Translate competitive insights into crisp, confident messaging that arms Sales to win against specific alternatives without sounding defensive. • Partner with Product to develop launch messaging, positioning, and collateral for new features and capabilities. • Ensure that product updates are translated into customer-facing language that emphasizes outcomes, not features. • Maintain a living messaging architecture- personas, value propositions, use case narratives- that keeps all content consistent and strategically aligned. • Conduct regular customer interviews and win/loss analyses to deepen understanding of buyer motivations, evaluation criteria, and decision triggers. • Feed insights back into messaging, collateral, and the product roadmap. • Develop a deep understanding of the mid-market buyer: their compliance pressures, their internal stakeholders, their timeline drivers, and what it takes to earn their trust.

• Write and publish high-volume content that makes Oneleet the sharpest voice in security and compliance. Not louder for the sake of it, louder because we are right. • Turn internal knowledge into content that hits different. The kind people screenshot and send to their group chats. • Build a cult following of founders, CTOs, and security leaders from the ground up. These people should feel like they are part of something. • Show up in every community where our buyers spend time. Not as a marketer, as the person everyone actually wants to hear from. • Ghostwrite for founders and experts. Take their raw ideas and make them go viral. • Own the brand voice. When people read our content, they should know it is us before they see the logo. • Challenge industry narratives. Call out the broken way things have been done. Say what everyone is thinking but nobody is saying. • Run experiments constantly. Kill what does not work, double down on what does.