Director of Security

Position Summary:The Director of Information Security will design and execute a comprehensive, scalable security program to protect customer data, infrastructure, and products. Reporting directly to the CEO, you will lead a globally distributed security and operations team, manage risk and compliance, and shape the future of security in an cloud-native environment.You will be expected to lead aggressively with a preventive mindset, build a strong security culture, and deliver measurable results in a fast-paced, high-growth environment.Key Responsibilities Strategy & Governance:Define and lead the company’s global information security strategy and roadmapDevelop and enforce security policies, standards, and procedures aligned with business objectives and compliance obligationsLead regular risk assessments across infrastructure, application, and network layersEnsure early involvement in the product lifecycle to embed “secure by design” practicesTeam Building & Leadership:Structure and grow a high-performing, multi-disciplinary security organizationLead workforce planning, hiring, and budget management for Security Engineering, GRC, SOC, and Red Team functionsDesign career paths, mentorship programs, and training plans for security analysts, engineers, and operations staffFoster a distributed, proactive security culture through Security Champions and cross-functional collaborationSecurity Engineering & Operations:Oversee technical security programs, including secure architecture, threat modeling, CI/CD controls, and hardening initiativesPartner with SysOps to ensure secure infrastructure-as-code, container security, and cloud platform governanceDrive automation and orchestration of security operations and incident response (e.g., SOAR, ChatOps)Compliance, Risk & Government Contracting:Ensure ongoing compliance with SOC 2, ISO 27001, and government security requirements (e.g., FedRAMP)Manage external audits and certification processes end-to-endWork closely with Legal, HR, and Product on privacy (GDPR, CCPA) and data retention policiesManage third-party vendor risk and due diligenceIncident Response & Threat Intelligence:Develop and own the company’s global incident response strategy, playbooks, and escalation workflowsOversee continuous monitoring and alerting through a growing SOCEstablish and maintain threat intelligence capabilities to anticipate and neutralize evolving risksQualifications & Experience:Bachelor’s or Master’s in Computer Science, Cybersecurity, or related discipline8+ years of progressive security experience, including 3+ years in a director or senior leadership roleProven success building and scaling security functions in fast-growing SaaS or platform environmentsStrong experience with AWS/GCP, DevSecOps principles, container security, and cloud-native toolingDeep familiarity with security frameworks: NIST 800-53, ISO 27001, SOC 2, FedRAMPExperience leading or partnering with GRC, DevOps, and engineering to embed security across the SDLCDemonstrated leadership in high-growth, goal-oriented environmentsDesired Skills & Attributes:CISSP, CISM, or equivalent certificationProficiency in automating security workflows using Python, Terraform, or orchestration toolsExperience with red/blue team coordination and breach simulationAbility to lead and inspire multicultural, distributed teams across time zonesStrong communication and executive influence skills; ability to align stakeholders on risk prioritiesStrategic thinker with a bias for action, accountability, and innovationNice to have:Expertise with AI/ML-powered security tools (SIEM, SOAR, UEBA) and automation platformsKnowledge of adversarial ML, prompt injection, and AI risk management frameworksWhat We Offer: Career growth opportunities.Competitive U.S.-based salary.Remote flexibility with global collaboration opportunitiesThe chance to build the foundational security organization of a next-generation platformA mission-driven, innovative, and supportive company culture focused on real impact and fast execution