About Us: Grow Therapy is on a mission to serve as the trusted partner for therapists growing their practice, and patients accessing high-quality care. Powered by technology, we are a three-sided marketplace that empowers providers, augments insurance payors, and serves patients. Following the mass increase in depression and anxiety, the need for accessibility is more important than ever. To make our vision for mental healthcare a reality, we’re building a team of entrepreneurs and mission-driven go-getters. Since launching in February 2021, we’ve empowered more than ten thousand therapists and hundreds of thousands of clients across the country and insurance landscape. We’ve raised more than $178mm of funding from Sequoia Capital, Transformation Capital, TCV, SignalFire, and others. The OpportunityWe are looking for a Security Risk Program Manager to take Grow Therapy's security risk program to the next level of maturity. Reporting directly to the Head of Security, you'll be part of a team focused on protecting Grow's patients, providers, employees, and business by embedding risk awareness into everyday decision-making. Your work will directly support Grow's mission to expand access to high-quality mental healthcare—safely, responsibly, and at scale. Your responsibilities will include building and maturing our enterprise risk management framework, driving audit readiness, shaping executive risk reporting, and partnering closely with teams across Legal, Compliance, Engineering, and Product. What You'll Be Doing - Build and mature Grow's enterprise security risk management program, including risk identification, assessment, prioritization, remediation tracking, and maintaining a comprehensive risk register that informs business decisions. - Lead the charge on AI risk management: Security sits within Grow’s Internal Foundations pillar, which is building company-wide infrastructure to support AI adoption. You’ll be in an incredible position to influence safe and thoughtful adoption of AI tooling at the enterprise level. - Own the third-party/vendor security risk management program, streamlining review workflows to support business velocity while ensuring robust security oversight of partners and vendors. - Drive audit readiness and external certifications (SOC 2, HIPAA-aligned assessments, HITRUST readiness) in close partnership with Legal and Compliance, reducing repeat findings and improving remediation timelines. - Develop and deliver executive-level risk reporting and readouts that translate technical and security risks into clear business impact, enabling leadership to make informed, risk-aware tradeoffs as the company scales. - Partner proactively across Security Engineering, Product, Engineering, and Operations to embed security and risk awareness into planning and decision-making cycles—positioning security as a strategic enabler rather than a gatekeeper. You'll Be a Good Fit If - You have deep experience building and operating security or enterprise risk management programs (not just managing projects) and a strong bias toward execution in fast-paced environments. - You bring strong knowledge of healthcare security, privacy, and compliance frameworks (HIPAA, SOC 2, HITRUST) and can navigate regulatory obligations without sacrificing speed or innovation. - You have exceptional stakeholder management and communication skills, including a track record of influencing senior leaders and translating complex risk concepts into actionable business guidance. - You are a strong program manager with a structured approach to prioritization, documentation, and cross-functional alignment. - Bonus: Experience scaling risk programs at high-growth or pre-IPO tech companies, prior ownership of vendor risk programs, or familiarity with GRC tooling and automation. Employment Type: Full Time, Exempt Base Compensation: The base compensation range for this position is $152,000–$189,750 USD Annually. The base compensation for this role will vary depending on several factors, including relevant experience, qualifications, and the candidate's working location. Location: This is a hybrid role with the expectation to work onsite from our NYC or San Francisco hub locations three days per week (Tuesday, Wednesday, and Thursday) and travel 2–3 times per year (e.g., company and department offsites). Full Time Employee Benefits: - Comprehensive Health Coverage: Medical, dental, and vision insurance, plus life and disability coverage. - Parental Leave & Family Support: Up to 18 weeks paid leave and a new child stipend. - Financial Wellness: 401(k) program and equity opportunities. - Meals & Home Office Support: Stipends for home office setup and ongoing funds for meals, with tailored perks for both remote and in-office employees. - Time Off to Recharge: Flexible PTO, 12 paid holidays, and a full winter break week. - Wellness & Development: Annual stipends to put towards personal & professional growth. - Mental & Physical Health Support: No-cost access to therapy through the Grow platform, weekly flexible hours for self-care (“Mental Health Mornings/Afternoons”) and memberships to leading wellness apps (such as One Medical, Headspace, and Talkspace). - Extra Perks: Pet insurance discounts, commuter benefits, and global travel assistance. Research shows that some groups hesitate to apply unless they meet every qualification. If you’re excited about this role but don’t check every box, we encourage you to apply. At Grow, we value diverse experiences, transferable skills, and the unique strengths each person brings. Grow Therapy is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. Use of AI Tools: By submitting your application, you acknowledge and consent to the use of automated tools as part of our recruitment process. Specifically, we use a third-party AI tool, Gem, to assist in the initial screening of resumes. This tool analyzes resumes based on role-specific criteria provided by our recruiters to identify potentially strong matches for the role. Importantly, no hiring decisions are made by the AI tool. All decisions about which candidates move forward are made by our human recruiting team after independent review.More information about Gem’s approach to compliance with California FEHA regulations on automated decision systems and New York Local Law 144 can be found on the Gem compliance website.We are committed to transparency and fairness in our hiring practices. If you have questions about how our AI tools work, or would like more information about how your application will be processed, please contact us at talentops@growtherapy.com. If you require an accommodation due to a disability, or have concerns about the use of AI in the hiring process, please also contact us. We are happy to provide assistance or offer an alternative method of participating in the recruitment process.

Title: Security Engineer - Vulnerability Management Location: - Seattle, Washington; Chicago, Illinois Hybrid Job Description: Company Overview Docusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people's lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now, these were disconnected from business systems of record, costing businesses time, money, and opportunity. Using Docusign's Intelligent Agreement Management platform, companies can create, commit, and manage agreements with solutions created by the #1 company in e-signature and contract lifecycle management (CLM). What you'll do As a Security Engineer - Vulnerability Management, you will enable new business opportunities by establishing and enforcing cloud security controls, managing vulnerabilities, ensuring secure configuration, and leading initiatives to continuously strengthen the security posture of Docusign deployments to new environments. You'll design and implement solutions that proactively protect our cloud infrastructure, enabling the business to innovate with confidence. Your expertise will drive secure-by-default practices and deliver impactful security outcomes that support our platform's ongoing growth This position is an individual contributor reporting to the Sr. Manager, Cloud & Infrastructure Vulnerability Management. Responsibility - Design and implement scalable security controls and systems to protect cloud infrastructure across a global environment - Design and implement the optimization of enterprise endpoint security tools (e.g., EDR, antivirus, device control) - Discover and manage security vulnerabilities and work with teams for remediation - Lead initiatives to establish, enforce, and continuously improve cloud security baselines and guardrails - Collaborate with engineering, product, and operations teams to embed security into infrastructure, platforms, and development workflows - Develop and maintain automation, policy-as-code, and infrastructure-as-code solutions to streamline security operations and compliance - Integrate security checks and guardrails into CI/CD pipelines, enabling secure development practices and early detection of risks - Respond to cloud security incidents, conduct post-mortems, and drive remediation and platform hardening based on lessons learned - Harden cloud resources, images, and registries, and deliver reusable modules and templates for secure-by-default deployments - Monitor and reduce configuration drift, verify remediation effectiveness, and manage exceptions with clear criteria and review processes - Operate and optimize third-party cloud security platforms, ensuring reliability and alignment with service level objectives - Author clear documentation, runbooks, and self-service resources to empower product and platform teams in secure cloud adoption - Report on key security metrics, such as coverage, drift, and incident response effectiveness, to drive transparency and continuous improvement Job Designation Hybrid: Employee divides their time between in-office and remote work. Access to an office location is required. (Frequency: Minimum 2 days per week; may vary by team but will be weekly in-office expectation) Positions at Docusign are assigned a job designation of either In Office, Hybrid or Remote and are specific to the role/job. Preferred job designations are not guaranteed when changing positions within Docusign. Docusign reserves the right to change a position's job designation depending on business needs and as permitted by local law. What you bring Basic - 5+ years of experience in cloud security engineering or related field - The individual must be a U.S. Citizen, U.S. National or U.S. Person. Individuals outside of these categories are generally barred from having logical access to IL5 data or infrastructure - Bachelor's degree in Computer Science, Engineering, or related discipline - Expereince in one or more security domains, such as endpoint security, configuration compliance, SIEM/SOAR, or ITSM integrations - Experience deploying, configuring, and using cloud and endpoint security tools like Microsoft Defender - Experience with service desk tools like ServiceNow - Experience in at least one programming language (Python, Go, or TypeScript) - Experience with policy-as-code and infrastructure-as-code tools (OPA, Sentinel, Conftest, Terraform, CloudFormation, or CDK) - Experience integrating security controls into CI/CD pipelines - Experience with multi-cloud environments - Experience with Kubernetes and container security - Experience with incident response and root cause analysis in cloud environments - Experience with monitoring, alerting, and defining service level objectives - Experience authoring technical documentation, modules, and runbooks - Experience with cloud security posture management (CSPM/KSPM) tools - Experience hardening images, registries, and implementing workload/runtime controls - Experience collaborating with engineering, IT, and security teams Preferred - Master's degree in Computer Science, Engineering, or related discipline - Deep experience with Azure security services, architecture, and best practices - Knowledge of Wiz, Microsoft Defender, or similar CWPP/CNAPP solutions - Experience with AWS and/or GCP security controls - Experience with serverless security and securing cloud-native applications - Experience with regulatory compliance frameworks (e.g., SOC 2, ISO 27001, PCI DSS) - Experience with automated remediation and security orchestration in cloud environments - Experience with secrets management and PKI in cloud platforms Wage Transparency Pay for this position is based on a number of factors including geographic location and may vary depending on job-related knowledge, skills, and experience. Based on applicable legislation, the below details pay ranges in the following locations: Illinois, Colorado, Massachusetts and Minnesota: $137,100.00 - $193,725.00 base salary Washington, Maryland, New Jersey and New York (including NYC metro area): $137,100.00 - $200,125.00 base salary This role is also eligible for the following: - Bonus: Sales personnel are eligible for variable incentive pay dependent on their achievement of pre-established sales goals. Non-Sales roles are eligible for a company bonus plan, which is calculated as a percentage of eligible wages and dependent on company performance. Global benefits provide options for the following: - Paid Time Off: earned time off, as well as paid company holidays based on region - Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement - Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment - Retirement Plans: select retirement and pension programs with potential for employer contributions - Learning and Development: options for coaching, online courses and education reimbursements - Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events Life at Docusign Working here Docusign is committed to building trust and making the world more agreeable for our employees, customers and the communities in which we live and work. You can count on us to listen, be honest, and try our best to do what's right, every day. At Docusign, everything is equal. We each have a responsibility to ensure every team member has an equal opportunity to succeed, to be heard, to exchange ideas openly, to build lasting relationships, and to do the work of their life. Best of all, you will be able to feel deep pride in the work you do, because your contribution helps us make the world better than we found it. And for that, you'll be loved by us, our customers, and the world in which we live. Accommodation Docusign is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need such an accommodation, or a religious accommodation, during the application process, please contact us at accommodations@docusign.com. If you experience any issues, concerns, or technical difficulties during the application process please get in touch with our Talent organization at taops@docusign.com for assistance. Applicant and Candidate Privacy Notice States Not Eligible for Employment This position is not eligible for employment in the following states: Alaska, Hawaii, Maine, Mississippi, North Dakota, South Dakota, Vermont, West Virginia and Wyoming. Equal Opportunity Employer It's important to us that we build a talented team that is as diverse as our customers and where all employees feel a deep sense of belonging and thrive. We encourage great talent who bring a range of perspectives to apply for our open positions. Docusign is an Equal Opportunity Employer and makes hiring decisions based on experience, skill, aptitude and a can-do approach. We will not discriminate based on race, ethnicity, color, age, sex, religion, national origin, ancestry, pregnancy, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, registered domestic partner status, caregiver status, marital status, veteran or military status, or any other legally protected category. #LI-Hybrid

• You’ll support the execution and continuous improvement of Qohash’s security program, ensuring operational excellence and regulatory alignment. • You’ll be part of the Operations team, collaborating closely with Engineering, Product and Customer Success teams to help implement and maintain security and compliance requirements. • You’ll support risk assessments, track identified risks, and help coordinate remediation efforts. • You’ll support and coordinate security audits and compliance efforts, including SOC 2, ISO 27001, ITSG-33, and third-party risk assessments. • You’ll help document and improve security and compliance procedures to support organizational preparedness and resilience. • You’ll maintain security policies, standards, awareness materials, and support internal security training initiatives. • You’ll leverage AI wherever possible to accelerate delivery and standardize processes. • You’ll work remotely full-time, within the province of Quebec or Ontario, with a small number of team get-togethers in either Montreal or Quebec City.

Why USAA? At USAA, our mission is to empower our members to achieve financial security through highly competitive products, exceptional service and trusted advice. We seek to be the #1 choice for the military community and their families. Embrace a fulfilling career at USAA, where our core values – honesty, integrity, loyalty and service – define how we treat each other and our members. Be part of what truly makes us special and impactful. The Opportunity We are looking for a SIU Investigator (mid-level). This is a desk position. Within defined guidelines and framework, protects USAA and our members from potential fraudulent claims by investigating questionable, suspect claims activity in compliance with state insurance fraud-related laws and regulations and policies and procedures. The candidate selected will have strong multi-line SIU Investigation experience. This role is remote eligible. However, you must live in the assigned territory which is ME, VT, NH, MA, CT, RI, DE, MD or Washington DC. There may be occasional business travel. What you'll do: - Applies knowledge and understanding of fraud schemes and investigation strategies on any questionable or suspect first or third part claims. - Participates in the development of fraud prevention strategies. - Applies knowledge of P&C insurance industry products, services, and processes in investigating claims to include P&C insurance policy contracts, coverages and internal claims handling process and procedures. - Applies knowledge of state laws and regulations pertaining to insurance fraud in investigating claims. - Collects evidence of potential fraud through field or remote interviews and thorough searches of investigative databases, internal resources, Internet resources, public records, and forensic tools. - Makes recommendations within defined authority guidelines. - Prepares and presents detailed and comprehensive verbal and written investigative reports summarizing the results of the investigation and recommended outcome. - Develops and maintains external relationships with industry, law enforcement and other contacts involved in fraud investigation, detection, and prevention. - May serve as a resource team member on specific matters through demonstrated skill or training. - Assists with the delivery of fraud awareness training initiatives in a defined environment. - Handles CAT duty responsibilities as business requires. - Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled in accordance with risk and compliance policies and procedures. What you have: - High School Diploma or General Equivalency Diploma (GED). - 2+ years claims adjusting experience, or P&C SIU/Fraud Investigation experience OR 4+ years prior investigative law enforcement (to include military) or relevant fraud industry investigation experience. - Proven investigatory skills. - Experience obtaining statements from various parties to incidents, witnesses, and suspects. - Ability to gather broad range of evidence and draw conclusions based on the objective details related to the applicability of fraud. - Demonstrated ability to organize and prioritize workload, performing multiple tasks and devising solutions to problems. - Familiarity with using computers and various software packages to enter and extract data for analysis from relevant data sources and systems. - Knowledge of city, state and local regulations, legal concepts, understanding of contracts, case law, medical treatment, and medical terminology. What sets you apart: - SIU experience conducting low to complex P&C fraud investigations OR a combination of Insurance Claims and (Law Enforcement Investigations OR Military Investigations) experience. - Strong background with multi-line SIU investigations - Designations such as CFE, CIFI, SCLA, ACLS, FCLS, LPCS, AIC, CPCU, CCLS, or other. - US military experience through military service or a military spouse/domestic partner Compensation range: The annualized range for this position is: $77,120 - $147,390. This is an hourly position. USAA does not provide visa sponsorship for this role. Please do not apply for this role if at any time (now or in the future) you will need immigration support (i.e., H-1B, TN, F-1, STEM OPT Training Plans, etc.). Compensation: USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive. You are paid within the salary range based on your experience and market data of the position. The actual salary for this role may vary by location. Employees may be eligible for pay incentives based on overall corporate and individual performance and at the discretion of the USAA Board of Directors. The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job. Benefits: At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness. These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs. Additionally, our career path planning and continuing education assists employees with their professional goals. For more details on our outstanding benefits, visit our benefits page on USAAjobs.com Applications for this position are accepted on an ongoing basis, this posting will remain open until the position is filled. Thus, interested candidates are encouraged to apply the same day they view this posting. USAA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.