The threat model here isn't external - it's acquisition entropy. When a private equity firm flips a vertical SaaS company in three to five years, the codebase gets optimized for exit multiples, not resilience. Computrition, operating through its parent company Perseus, buys and holds. They acquire dozens of vertical market software businesses - serving homebuilders, manufacturers, dealerships, finance, and healthcare - and provide a permanent home. The operating thesis: let each acquired company keep its leadership, culture, and technical stack while gaining access to shared resources from an ecosystem spanning 60,000+ employees and $10 billion in revenue.
That model creates a specific security posture. Each portfolio company operates with operational autonomy, which means no forced platform consolidations or rushed migrations. The attack surface is fragmented by design across 150,000+ global customers in regulated industries - healthcare data, financial records, manufacturing IP. Security roles here likely involve navigating governance across semi-independent businesses rather than defending a single perimeter.
For practitioners, the draw is scale without the usual PE timeline pressure. Success is measured in decades, not quarters. The work involves securing software that runs critical infrastructure for industries where downtime and breaches have real-world consequences - not fintech bros losing crypto, but homebuilders unable to close or healthcare systems going dark. The challenge is coherent security strategy across a portfolio that intentionally resists centralization.