Head of Security

As our Head of Security, you'll help us maintain and radically improve a proactive security posture that ensures compliance with industry standards, mitigates real risks, and enhances client confidence in how we handle sensitive data. This role will report directly to the Director of Engineering; expect to drive strategic security initiatives, implement effective monitoring and response systems, and foster a culture of security awareness and excellence within the organization.

Your Impact

Security Leadership

• Define and execute January's comprehensive security strategy aligned with our mission.
• Lead and build a security team as we grow, fostering a culture of security and excellence.
• Act as the principal security advisor to senior management, providing insights and recommendations on security matters.

Strategic Security Planning

• Develop and maintain a robust security framework to protect client data, ensure system integrity, and safeguard our technology infrastructure.
• Create a security roadmap that aligns with our long-term business objectives and technological advancements.

Risk Management & Compliance

• Conduct regular risk assessments to identify vulnerabilities and develop strategies to mitigate them.
• Ensure compliance with financial regulations such as SOC2, GDPR, and PCI_DSS, and manage audit processes to maintain regulatory standards.
• Stay updated on changes in regulatory requirements and adjust security practices accordingly.

Operational Security Oversight

• Oversee daily security operations, including monitoring, incident response, and forensic investigations.
• Develop and enforce security policies, standards, and guidelines to ensure a secure operational environment.
• Lead the response to security incidents, conducting thorough investigations and implementing corrective actions.

Integration of Security into DevOps & Development

• Collaborate with our development and DevOps teams to integrate security into the software development lifecycle (SDLC), ensuring secure coding practices and rapid, secure delivery of solutions.
• Automate security processes and incorporate security testing into CI/CD pipelines.

Training & Security Culture

• Develop and implement security awareness programs to educate employees about security best practices and foster a culture of security across the organization.
• Mentor and support future security hires, developing their skills and promoting a collaborative approach to security.

Technology & Vendor Management

• Evaluate and recommend security tools and technologies to enhance our security capabilities.
• Manage relationships with security vendors and service providers, ensuring they meet our security requirements.

Qualifications

Experience:

• 7-10 years of experience in security roles, with at least 3 years in a leadership or senior technical position.
• Proven experience in leading and managing security teams, preferably within the financial sector or a startup environment.
• Demonstrated success in developing and implementing security strategies and managing complex security projects.

Technical Expertise:

• Deep knowledge of security principles, protocols, and technologies.
• Extensive hands-on experience with security tools such as firewalls, IDS/IPS, SIEM, encryption, and vulnerability management.
• Proficiency in cloud security (AWS, Azure, or Google Cloud) and securing cloud-native applications.
• Strong coding or scripting skills (e.g., Python, Shell scripting) for automating security tasks.
• Expertise in network security, endpoint protection, and application security.

Regulatory Knowledge:

• In-depth understanding of financial regulations, including SOC2, GDPR, and PCI-DSS.
• Experience conducting compliance audits and managing regulatory documentation and reporting.

Leadership & Soft Skills:

• Exceptional leadership skills with a track record of building and mentoring security teams.
• Strong problem-solving and analytical abilities, capable of navigating complex security challenges.
• Excellent communication skills, with the ability to effectively convey security concepts to both technical and non-technical stakeholders.
• Ability to thrive in a fast-paced, dynamic startup environment.
• Passion for continuous learning and staying up-to-date with the latest in cybersecurity trends and technologies.

We are currently hiring for this position in our New York office.

January believes in doing its part to help close the wage gap that continues to plague much of the US workforce. We offer transparent and equitable compensation packages to all existing and future January team members.

The target salary range for the Head of Security role is $170,000 to $225,000, commensurate with experience. We determine the final package by considering experience, applicable education and training, and relevant skills derived throughout our interview process. This role also includes a competitive equity package, giving you a chance to feel true ownership of your work.