• Maintain and expand our industry-leading training portfolio. • Ensure existing content remains current. • Produce new courses and labs. • Create YouTube and social media content to grow audience engagement. • Contribute to the development and delivery of live training sessions. • Design, produce, and maintain training content across multiple formats (asynchronous, synchronous, lab-based). • Develop hands-on scenarios and lab environment for use in courses and certifications. • Collaborate with the product manager and SMEs to align new courses with the cybersecurity roadmap. • Create engaging YouTube videos and social media content showcasing TCM Security’s cybersecurity expertise. • Provide technical breakdowns of cybersecurity topics at the appropriate level for the target audience. • Assist in preparing and teaching live training sessions for clients and community members. • Prepare course materials with multiple modalities in mind, including on-demand and live deliveries. • Engage with live instructors to ensure their preparedness to deliver our courses.

Role Description We are looking for a Platform Security Engineer (Senior+) to join our Product Security domain. This role exists because the scope and importance of our work has outgrown the capacity of a single person. Our platform underpins multiple products and handles sensitive, high-value data. At its core sits a large, graph-based data store that powers downstream systems. Building and securing access to that data, correctly and pragmatically, is critical to the company. This is a hands-on engineering role. You will design, build, and ship production-grade security and privacy controls, not just define policies or review designs from the sidelines. What you’ll be working on - Take ownership of platform-level trust and safety concerns, including: - Designing and implementing authentication and authorization for a large, graph-based database (hundreds of thousands of nodes) - Building and evolving secure OAuth-based AuthN/AuthZ flows, including token handling, permission models, and enforcement - Making concrete improvements to production security posture - Auditing, understanding, and improving data flows and data-privacy controls, ensuring sensitive data does not end up where it shouldn’t - Acting as a security and privacy gatekeeper in reviews — asking hard questions and requiring changes when needed - Improving and maintaining supply-chain security, including SAST, SCA, container scanning, and CI/CD hardening This role is intentionally broad. You will not be a single-domain specialist, and you will not be shielded from complexity. What success looks like - After ~90 days, a successful hire will have: - Shipped meaningful, production-level security improvements - Taken ownership of parts of the AuthN/AuthZ model and implementation - Developed a solid mental model of our data flows and privacy risks - Earned trust across teams as someone who can say “this is not okay” — and explain why, with facts - Reduced risk in practical ways, not through security theatre How you’ll work - This is a high-autonomy role. You are expected to scope problems yourself when needed. - You will collaborate closely with engineers across the company, not operate as a silo. - Disagreement is normal — decisions should be backed by reasoning, data, and threat modeling, not ego. - Blocking a release on security or privacy grounds is possible when warranted, with clear escalation paths. - If you see a problem, even outside your direct domain, you are expected to help fix it. Qualifications - Strong proficiency in Python (our primary language) - Deep understanding of authentication and authorization concepts, including OAuth, JWTs, permission models, and secure token handling - Experience designing and securing non-trivial data systems - Ability to reason about risk, trade-offs, and real-world constraints - A track record of shipping real security improvements, not just writing policy Requirements - Strongly preferred: - Experience with graph databases, ideally Neo4j or similar - Experience with CI/CD and supply-chain security (SAST, SCA, container scanning, pipeline hardening) - Experience with Go or Rust - Some familiarity with frontend or React (not required, but useful for end-to-end thinking) What this role is not - Not a policy-only or advisory role - Not a role with pre-defined, perfectly scoped tasks - Not about chasing tools without understanding the problems they solve - Not security theatre - If you need everything spelled out, or prefer to avoid ambiguity, this role will be frustrating. Seniority & growth This role is intentionally levelled as Senior+. We are open to hiring at different seniority levels if the fit is right. Titles matter less than ownership, judgment, and impact. Why join You’ll work on core platform security problems that directly affect how data is accessed, protected, and trusted. You’ll have real influence, real responsibility, and the space to do things properly, without losing sight of pragmatism.

• The IT & Security Governance Manager is responsible for advancing enterprise-wide technology maturity across corporate IT, cloud and product environments, and operational systems. • This role strengthens governance structures, data stewardship practices, security controls, and operational risk management to ensure that systems and data effectively support the organization's mission, strategic partnerships, and sustainable growth. • This position operationalizes compliance frameworks as structured tools to enhance efficiency, accountability, and resilience — leveraging them to improve processes, mitigate risk, and elevate overall technology governance rather than treating compliance as the sole objective.

We are looking to hire ambitious entrepreneurs to start and scale their own startups. We are serial entrepreneurs, for example Paul Müller (founder Adjust, €1.2B exit) and Petter Made (founder SumUp, €8B) who are eager to support outlier personalities and serial entrepreneurs to build €1B+ companies. Our offer: - A salary while you build your startup as you will directly be employed by us. Alternatively, you can opt for up to €500k in funding. - 1:1 sparring with unicorn founders on a weekly basis - Community: Access to the top 0.1% of founders, peers and investors - Team building: Hiring top notch talent supported through our network (over 50,000 professionals) - Distribution: Support in reaching product-market-fit and building up a sales force / marketing machine - Funding support for securing a multi-million euro funding round within 12 months (on average, EWOR Fellows raise > €2M after our Grand Pitch) One of our fellows set a record for Europe’s largest pre-seed round by a first-time founder, securing a €12M pre-seed investment. Tasks - You will own, build, and run your startup in fields such as Cybersecurity - You will embark on an extensive personal development journey crafted by unicorn founders and follow a fully customised programme enhancing your goal, time, and energy management - You will receive support in hiring through our network to over 50,000 professionals and advice as well as best practices from serial entrepreneurs - You will receive intensive coaching to make your startup ready to raise millions in funding - You will iterate your product with us until having reached product-market-fit and receive support in building up a sales force or creating a marketing engine respectively Requirements - You are based in Europe or the Americas or open to relocate - You are willing to take full responsibility for your own startup and scale it to €100M+ in revenues - You have excellent communication skills in the English language Join us and build a €1B+ company with us!