Job Description:
• Own and evolve the company’s information security strategy, roadmap, and operating model.
• Lead, mentor, and grow a high-performing information security team.
• Establish clear priorities, metrics, and accountability for security outcomes.
• Serve as a trusted security advisor to technology and business leadership.
• Partner closely with DevOps, SRE, and Cloud teams to design and secure cloud infrastructure and services.
• Provide hands-on guidance and implementation support for cloud security controls, identity and access management, and network security.
• Work with engineering teams to embed secure design, threat modeling, and security best practices into application development.
• Lead security monitoring, detection, and incident response activities.
• Participate directly in security investigations, root cause analysis, and remediation efforts.
• Ensure security tooling is effective, well-integrated, and operationally sustainable.
• Own security risk management processes including risk assessments and remediation tracking.
• Support customer and regulatory compliance requirements such as SOC 2, HIPAA, and related frameworks.
• Partner with legal, compliance, and customer-facing teams on audits, assessments, and security reviews.
• Develop and implement security policies, standards, and procedures aligned with business needs.
• Work closely with the VP, Technology Operations to align security priorities with operational goals.
• Partner with DevOps and SRE leadership to ensure security is built into reliability and operational processes.
• Collaborate with Product and Engineering leaders to balance security, velocity, and customer impact.
• Communicate clearly with stakeholders on security posture, risks, and improvement initiatives.
Requirements:
• 10 or more years of experience in information security, with experience spanning cloud, infrastructure, and application security
• Proven experience building security programs for AI-enabled platforms (MUST)
• 3 or more years of experience leading or managing security teams.
• Strong hands-on experience securing cloud environments such as AWS, Azure, or GCP.
• Deep understanding of identity and access management, network security, vulnerability management, and incident response.
• Experience partnering with legal teams to review customer and vendor security requirements in contracts.
• Experience working closely with DevOps, SRE, and engineering teams to implement security by design and privacy by design frameworks.
• Strong communication skills with the ability to explain security risks and decisions clearly.
• Hands-on experience supporting ISO 27001, SOC 2, HIPAA, or similar compliance frameworks.
• Hands on experience leading security incident preparedness and response.
• Background building or scaling security programs in growing technology organizations.
• Agile mindset to develop creative solutions to problems as they arise.
Benefits:
• Excellent and affordable medical benefits
• Flexible Paid Time Off
• Robust Learning & Development opportunities including over 700+ development courses free to all employees