- Provide strong technical leadership to the security engineering team, setting the vision, strategy, and direction for security initiatives.
- Design and oversee the development of secure systems, applications, and infrastructure, incorporating security by design principles.
- Establish and enforce security policies and procedures, ensuring they are consistently followed throughout the engineering organization.
- Lead vulnerability assessments and penetration testing efforts, and ensure timely resolution of identified security issues through collaboration with engineering teams and PDLC.
- Evaluate, select, and implement security tools and technologies to enhance the organization's security posture, with a focus on automation and engineering integration.
- Develop and manage an incident response plan, and lead investigations and responses to security incidents or breaches, collaborating closely with engineering teams.
- Ensure the organization complies with relevant security regulations and standards, including key security audits such as SOC 2, SOX, and others applicable to the fintech industry, by embedding compliance into engineering processes.
- Establish key performance indicators (KPIs) and regularly report on security metrics and the overall state of security to executive leadership, highlighting engineering contributions.
- Promote a culture of security awareness throughout the engineering organization, providing guidance and training on secure coding practices.
- Evaluate and manage the security posture of third-party vendors and partners, ensuring they meet the standards required by key security audits.
- Develop and manage the security engineering budget, allocating resources effectively to meet security objectives.
What you’ll bring to the team:
- Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred).
- 10+ years of relevant experience in Information Security
- Proven experience in the fintech industry is highly desirable.
- Industry certifications such as CISSP, CISM, or CISA are a plus.
- Strong knowledge of security frameworks and standards (e.g., NIST, ISO 27001).
- Demonstrated ability to stay current with evolving security threats and best practices and translate them into engineering solutions.
- Excellent communication and interpersonal skills, with the ability to collaborate across engineering teams and communicate security concepts effectively.
- Proven managerial track record. You have experience hiring, developing and managing high performing teams.
Work perks at Greenlight:
- Medical, dental, vision, and HSA match
- Paid life insurance, AD&D, and disability benefits
- Traditional 401k with company match and Roth IRA
- Unlimited PTO
- Paid company holidays and pop-up bonus holidays
- Wellness & professional development stipends
- Mental health resources
- 1:1 financial planners
- Fertility healthcare
- 100% paid parental and caregiving leave, plus cleaning service and meals during your leave
- Flexible WFH, both remote and in-office opportunities
- Fully stocked kitchen, catered lunches, and occasional in-office happy hours
- Employee resource groups