Director of Security
DIRECTOR OF SECURITY
At Current, we’re on a mission to enable our members to create better financial outcomes for themselves. Headquartered in NYC, we’re a leading U.S. fintech and one of the fastest growing companies with nearly 4 million members. No matter your title, we’re a team that collaborates on building great products and making an impact together.
We are seeking a highly skilled and experienced Director of Security to join our organization and lead the security and compliance efforts. The Director of Security will play a critical role in overseeing and ensuring the security and compliance of our organization, with a primary focus on PCI (Payment Card Industry) and SOC 2 (Service Organization Control) audits. Reporting directly to the CTO and General Counsel, the Director of Security will be responsible for developing and implementing comprehensive security and compliance programs to safeguard our systems, data, and customer information. This role has a salary range of $180,000 - $250,000.
WHAT YOU’LL DO:
- Security Strategy and Governance:
- Develop and implement a strategic security and compliance roadmap, aligning it with organizational goals and objectives.
- Establish, maintain, and enforce security policies, procedures, and controls to protect sensitive data and assets.
- Vendor Risk Management:
- Assess the security practices of third-party vendors and service providers to ensure they meet the organization's security standards.
- PCI and SOC 2 Audits:
- Lead and manage all aspects of the PCI and SOC 2 audit process, including scoping, planning, and execution.
- Ensure that the organization is fully compliant with PCI DSS and SOC 2 requirements.
- Coordinate with external audit firms, as necessary, and act as the main point of contact during audits.
- Support key partnerships with our networks and issuing banks by responding to data and security-related inquiries in a timely manner.
- Monitor changes in regulatory requirements and industry standards related to security and compliance.
- Ongoing monitoring of PCI DSS and SOC 2 compliance along with other relevant regulations.
- Security Awareness and Training:
- Promote a culture of security awareness throughout the organization.
- Develop and deliver security training and awareness programs for employees.
- 7+ years of information security experience on consumer-facing technology products; experience at a financial technology company preferred
- Strong knowledge of security technologies, standards, and best practices.
- B.S. Computer Science or equivalent relevant fields
- Knowledge of current frameworks, standards and regulations such as SOC2, Cloud Security Alliance (CSA), PCI-DSS, GDPR, CCPA, GLBA, and ISO270xx
- Deep experience with cloud technologies and cloud architecture
- Excellent communication and leadership skills.
- Ability to work collaboratively with cross-functional teams.
- Experience with incident response and forensic investigations.
- Competitive salary
- Meaningful equity in the form of stock options
- 401(k) plan
- Discretionary performance bonus program
- Biannual performance reviews
- Medical, Dental and Vision premiums covered at 100% for you and your dependents
- Flexible time off and paid holidays
- Generous parental leave policy
- Commuter benefits
- Fitness benefits
- Healthcare and Dependent care FSA benefit
- Employee Assistance Programs focused on mental health
- Healthcare advocacy program for all employees
- Access to mental health apps
- Team building activities
- Our modern Chelsea-based office with open floor plan, stocked kitchen, and catered lunches