
Director of Security
Posted Jun 21

Posted Jun 21
This is a fully remote position, open to applicants in California.
• Lead and expand the security team: Directly supervise, mentor, and develop emerging security leaders and engineers, including a Senior Security Engineer, Security Architect, and your current team members.
• Define and enhance security strategy: Build and advance a comprehensive security program from its inception, aligning security efforts with overarching business and product objectives.
• Integrate security into engineering workflows: Work closely with engineering and product teams to incorporate security early in system designs (such as threat and design reviews) and into CI/CD processes.
• Manage compliance and third-party risk: Oversee security architecture, operations, engineering, IT compliance, and third-party risk assessment programs to meet regulatory and fintech standards.
• Act as a risk-management partner: Function as a practical advisor who evaluates risk and offers business-enabling guidelines rather than serving solely as a gatekeeper.
• Communicate with stakeholders: Effectively convey complex security concepts and significant risks to non-technical stakeholders, executive leadership, and cross-functional partners.
• Experienced security leader: You have successfully led, mentored, and developed small security teams within highly-regulated, growth-oriented businesses.
• Public company familiarity: You have likely worked in a public company environment and understand the unique requirements that come with it.
• Strong communicator & influencer: You possess a strong capacity to lead through influence, build consensus, and navigate corporate organizational structures effectively.
• Pragmatic risk balancer: You have a proven history of recognizing business growth needs while balancing risk mitigation with operational efficiency and employee experience.
• Technical & architectural depth: You understand cloud-native security principles (least privilege, zero trust, segmentation), IAM controls, and practical architectural trade-offs among usability, performance, and security.
• Fintech or Insurtech background: You have direct experience working in growth-stage Fintech or Insurtech companies (such as Upstart, SoFi, Chime, etc.).
• IPO experience: You have previously guided a security function through the process of a company going public.
• Framework expertise: You possess deep familiarity and practical experience with frameworks and regulations such as NIST, CIS, SOX, SOC2, PCI, and CCPA/CPRA.
• DevSecOps exposure: You are familiar with infrastructure-as-code (e.g., Terraform, Ansible) and embedding automated security controls into deployment pipelines.
• Health, Dental, & Vision benefits plus savings plans
• Mac computers + work-from-home stipend to set up your home office
• Monthly internet and phone reimbursement
• Employee Stock Purchase Plan
• Restricted Stock Units (RSUs)
• 401(k) plan to help you save for retirement plus a company match
• Robust tuition reimbursement program
• $1,000 travel perk on each Earnie-versary to anywhere in the world
• Competitive days of annual PTO
• Competitive parental leave
Weekday (YC W21)
Cherokee Federal
Lumin Digital
Order.co
Get handpicked remote jobs straight to your inbox weekly.