Listing Description

About the role

MetaMap is rapidly expanding across the globe, and is looking to hire an experienced (Associate) Director, Cyber Security to lead our security and privacy teams.  We handle extremely sensitive data on behalf of heavily regulated banks, FinTechs, lending institutions, crypto exchanges, retailers, and other types of companies in dozens of countries across emerging markets (especially in LATAM and Africa).  This role will manage our team of talented security engineers and compliance analysts to ensure that we process this data responsibly and securely, and that we maintain the trust of our customers. 

In this role, you will manage MetaMap’s security team.  This will include managing a group of excellent application security engineers that keep the MetaMap platform secure, and working with this team to support our fast-moving Engineering team.  Additionally, you will manage a Compliance Analyst who is in charge of our internal policies and governance efforts, and manages our relationships with our auditors and our security certifications (we currently have SOC 2 Type 2 and ISO 27001 certifications).  You will also work closely with our Revenue team to make sure that we can address questions and concerns about the security of our platform from existing customers or sales prospects.  

Additionally, you will work closely with our Legal team to build out a world class privacy program (the Security team is part of the Legal Department, and this role reports directly to the General Counsel).  This will include extensive data mapping, and working closely with our Engineering, Product, Data, and IT teams to ensure that we protect data subjects when we process their data.

We are a fast-moving startup, and we need agile “athletes” who are comfortable with change and can adjust and grow with our specific needs. If you need structure and process, this is not the role for you. If you are excited about the idea of building out a security function that can support a company looking to grow throughout complex emerging markets, come join us and help build the infrastructure that will allow MetaMap to unlock borderless commerce across the globe!

Key responsibilities

• Oversee our overall security team, with a special focus on application security


• Build strong relationships with our Engineering team and help develop reliable and low-touch SDLC processes.


• Build out strong security and privacy governance processes that are workable in a startup environment, but that will meet the expectations of our large enterprise customers (that expect a certain level of program maturity).


• Support our Revenue team, making sure that we can make our customers comfortable with our security practices, or adjust our program as needed to meet customer expectations.


• Oversee Security Incident Response, working with other teams to build out a reliable incident response framework.


• Maintain existing security certifications, and get new certifications as needed.

Skills & Experience

Requirements:

• 10+ years of experience doing security work, ideally for a company that handles very sensitive information and that operates internationally.  


• Technical or application security experience is extremely important, given how sensitive the data we process can be. But this is a broader role and experience with security governance, compliance, audits, and incident response is all helpful too.


• Experience supporting sales or revenue teams to answer customer questions, train sales teams, prepare security materials and white-papers, etc. – especially if that experience involves enterprise customers.


• Experience building out pragmatic governance practices that are reasonable given our stage and size.


• Experience obtaining security certifications and managing external and internal auditors.


• Significant management experience and a track record of helping to grow team members (especially if done remotely).  


• The​ ​ability​ ​to​ ​build​ ​and​ ​maintain​ ​strong​ ​relationships​ ​with​ ​a​ ​variety​ ​of​ ​people and teams, both internal and external.​ ​​​You​ ​will​ ​need​ ​to​ ​be​ ​able​ ​to​ ​gain​ ​the​ ​trust​ ​of​ ​a​ ​wide​ ​range​ ​of​ ​folks​ ​at MetaMap,​ ​to​ ​speak​ ​to​ ​each​ ​team​ ​“in​ ​their​ ​language,”​ ​and​ ​to​ make them ​feel​ ​comfortable​ ​enough​ ​to​ ​reach​ ​out​ ​when things​ ​go​ ​wrong. You will also need to build trusted relationships with key external stakeholders. You will need to do all of this in a purely remote environment with team members distributed all over the world.


• A​ ​desire​ ​to​ ​work​ ​on​ ​an​ ​agile & lean​ ​team.​ ​​​We are pulled in a million different directions at all times, and the ability to triage, prioritize, and encourage the same in your team is critical.

Bonus experience:

• Experience working for a company that sells to banks, FinTechs, or other heavily regulated organizations


• Experience working in emerging markets


• Spanish proficiency is a huge plus (Portuguese could also be helpful)