About the role
We’re looking for someone to help us lead our security systems and processes as a pivotal function for the company as a whole. Our product sits at the intersection of financial technology, data science, security, policy, law enforcement, and design. We operate in a high security, high stakes environment, working with some of the most sensitive data you can imagine. Given this environment, our product team has held "Security First" as a value since our founding.
Your team's responsibilities will be wide ranging. They will include source code auditing, developing threat models, reviewing technical design documentation, and finding ways to empower engineering teams to build secure software by default. You must have a strong ability to work with colleagues to understand our products and then develop ways to improve existing security infrastructure. Given this broad scope, you’ll be responsible for prioritizing your work and the work of your team, and effectively communicating your goals to the rest of the organization.
We acknowledge that this is a large role. We're looking for someone who can address the immediate priorities and work with us to hire a full team to address the broad scope of the practice area.
What you're looking to do:
- Define a hiring roadmap and hire a team of individual contributors to support our security functions.
- Assess, define, and continuously improve Hummingbird’s security posture, policies, and procedures.
- Influence the product roadmap and strategy: Great ideas come from everywhere. Everyone on the team has a voice in strategy discussions, and is trusted to make significant decisions.
- Help to create a paranoid, security conscious culture across the organization.
- Advise on product definition and product design docs either directly or through your team
- Ensure our security posture supports our sales process and that we remain compliant with customer contract requirements.
- Be responsible for maintaining our security audits either directly or through your team (PCI, SOC2, ISO27001 etc.)
- Work with a small, passionate, and experienced team: We're still a small team of mostly senior engineers, and we love to do quality work together. We're fully remote, and we make a strong effort to prioritize, design, and code collaboratively.
- Report directly to the CTO and partner with them to influence broader technology and security strategy.
What we’re looking for:
- Experience building, shaping and managing a security team at a security conscious, rapidly growing SaaS organization.
- A practical and flexible approach to improving security – someone who seeks to find a way to 'yes' and eschews dogma or perfection when practical.
- Someone who knows what good looks like - our ideal candidate has strong opinions, loosely held, on how to build, scale, and own an information security practice area.
- Technical proficiency and the ability to recruit, evaluate, and lead strong security engineers who write code and build systems.
- Strong communication skills. You will be working closely with other executives and senior engineers and will need the ability to influence and educate.
- Passion for what we do! Hummingbird’s mission is to fight financial crime, and we center our work around enabling our clients to catch the bad guys.
Technologies we use and teach:
- AWS, PostgreSQL, Redis, ElasticSearch
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided