Director of Security

This is a fully remote position, open to applicants in California.

📋 Description

• Lead and expand the security team: Directly supervise, mentor, and develop emerging security leaders and engineers, including a Senior Security Engineer, Security Architect, and your current team members.

• Define and enhance security strategy: Build and advance a comprehensive security program from its inception, aligning security efforts with overarching business and product objectives.

• Integrate security into engineering workflows: Work closely with engineering and product teams to incorporate security early in system designs (such as threat and design reviews) and into CI/CD processes.

• Manage compliance and third-party risk: Oversee security architecture, operations, engineering, IT compliance, and third-party risk assessment programs to meet regulatory and fintech standards.

• Act as a risk-management partner: Function as a practical advisor who evaluates risk and offers business-enabling guidelines rather than serving solely as a gatekeeper.

• Communicate with stakeholders: Effectively convey complex security concepts and significant risks to non-technical stakeholders, executive leadership, and cross-functional partners.

⛳️ Requirements

• Experienced security leader: You have successfully led, mentored, and developed small security teams within highly-regulated, growth-oriented businesses.

• Public company familiarity: You have likely worked in a public company environment and understand the unique requirements that come with it.

• Strong communicator & influencer: You possess a strong capacity to lead through influence, build consensus, and navigate corporate organizational structures effectively.

• Pragmatic risk balancer: You have a proven history of recognizing business growth needs while balancing risk mitigation with operational efficiency and employee experience.

• Technical & architectural depth: You understand cloud-native security principles (least privilege, zero trust, segmentation), IAM controls, and practical architectural trade-offs among usability, performance, and security.

• Fintech or Insurtech background: You have direct experience working in growth-stage Fintech or Insurtech companies (such as Upstart, SoFi, Chime, etc.).

• IPO experience: You have previously guided a security function through the process of a company going public.

• Framework expertise: You possess deep familiarity and practical experience with frameworks and regulations such as NIST, CIS, SOX, SOC2, PCI, and CCPA/CPRA.

• DevSecOps exposure: You are familiar with infrastructure-as-code (e.g., Terraform, Ansible) and embedding automated security controls into deployment pipelines.

🏝️ Benefits

• Health, Dental, & Vision benefits plus savings plans

• Mac computers + work-from-home stipend to set up your home office

• Monthly internet and phone reimbursement

• Employee Stock Purchase Plan

• Restricted Stock Units (RSUs)

• 401(k) plan to help you save for retirement plus a company match

• Robust tuition reimbursement program

• $1,000 travel perk on each Earnie-versary to anywhere in the world

• Competitive days of annual PTO

• Competitive parental leave