My client is late seed stage/early series A and they are looking for a Lead Security Engineer to join them, with a path to become the Head of Security in a very short timeframe. They operate in the financial services space and they must meet stringent information security obligations, and you will play a key role in building and implementing their security infrastructure.
They currently do not have dedicated security staff, but a vCISO is in place on a consulting basis, helping establish security policies. This role will bridge the gap between policy creation and hands-on implementation, working closely with the development team to ensure security measures are embedded in their operations.
This is a high-impact opportunity where you’ll build the security program from the ground up and be on a path to become the Head of Security, scaling the team as the company grows.
What You’ll Do
- Hands-on security engineering (70%) – Work within frameworks like NIST, SOC2, and ensure security operations are fully implemented.
- Compliance & security governance (30%) – Align security operations with regulatory requirements and sift through compliance documentation.
- Security Infrastructure & Operations – Work within Google Cloud (GCP) to design and implement security infrastructure and security operations programs.
- Incident Response (IR) – Lead incident response efforts, ensuring the company is prepared for potential security incidents.
- SIEM & SOAR Pipelines – Build out security monitoring and automation tools for real-time threat detection.
- Educate & Advise Leadership – The CIO is technical but not from a security background, so the ability to clearly communicate security needs and best practices is critical.
- Scalability & Growth – Help refine and grow the security program, with the long-term vision of leading the security function as the company scales.
What We’re Looking For
- 5-10 years of experience in security engineering, ideally in a fast-paced startup or early-stage company.
- Hands-on experience in security operations – including incident response (IR), security monitoring (SIEM), and automation (SOAR).
- Strong understanding of security frameworks like NIST, SOC2, ISO 27001.
- Experience implementing security programs – from policies to hands-on infrastructure security.
- Basic scripting skills (Python, Bash, etc.) for automation.
- GCP experience preferred (but AWS or Azure is also acceptable).
- Excellent communication skills – ability to explain security concepts to non-security stakeholders, including the CIO and leadership team.
Why Join?
- High-growth startup – Be part of a cutting-edge fintech at an exciting stage.
- Pathway to leadership – This role is designed to evolve into Head of Security as the company scales.
- Equity opportunity – Own a stake in the company as it grows.
- Make a real impact – Build security from zero to one in a company that values security as a core function.
