Head Of Security

Engineering · New York, United States

Job description

At January, we're transforming the lives of borrowers by bringing humanity to consumer finance. Our data-driven products empower financial institutions to streamline their collections, providing borrowers with straightforward and compassionate solutions to regain financial stability and control over their lives. We're not just expanding access to credit. We're restoring dignity and paving the way for millions to achieve financial freedom.

As our Head of Security, you'll help us maintain and radically improve a proactive security posture that ensures compliance with industry standards, mitigates real risks, and enhances client confidence in how we handle sensitive data. This role will report directly to the Director of Engineering; expect to drive strategic security initiatives, implement effective monitoring and response systems, and foster a culture of security awareness and excellence within the organization.

Your Impact

Security Leadership

  • Define and execute January's comprehensive security strategy aligned with our mission.
  • Lead and build a security team as we grow, fostering a culture of security and excellence.
  • Act as the principal security advisor to senior management, providing insights and recommendations on security matters.

Strategic Security Planning

  • Develop and maintain a robust security framework to protect client data, ensure system integrity, and safeguard our technology infrastructure.
  • Create a security roadmap that aligns with our long-term business objectives and technological advancements.

Risk Management & Compliance

  • Conduct regular risk assessments to identify vulnerabilities and develop strategies to mitigate them.
  • Ensure compliance with financial regulations such as SOC2, GDPR, and PCI_DSS, and manage audit processes to maintain regulatory standards.
  • Stay updated on changes in regulatory requirements and adjust security practices accordingly.

Operational Security Oversight

  • Oversee daily security operations, including monitoring, incident response, and forensic investigations.
  • Develop and enforce security policies, standards, and guidelines to ensure a secure operational environment.
  • Lead the response to security incidents, conducting thorough investigations and implementing corrective actions.

Integration of Security into DevOps & Development

  • Collaborate with our development and DevOps teams to integrate security into the software development lifecycle (SDLC), ensuring secure coding practices and rapid, secure delivery of solutions.
  • Automate security processes and incorporate security testing into CI/CD pipelines.

Training & Security Culture

  • Develop and implement security awareness programs to educate employees about security best practices and foster a culture of security across the organization.
  • Mentor and support future security hires, developing their skills and promoting a collaborative approach to security.

Technology & Vendor Management

  • Evaluate and recommend security tools and technologies to enhance our security capabilities.
  • Manage relationships with security vendors and service providers, ensuring they meet our security requirements.

Qualifications

 Experience:

  • 7-10 years of experience in security roles, with at least 3 years in a leadership or senior technical position.
  • Proven experience in leading and managing security teams, preferably within the financial sector or a startup environment.
  • Demonstrated success in developing and implementing security strategies and managing complex security projects.

 Technical Expertise:

  • Deep knowledge of security principles, protocols, and technologies.
  • Extensive hands-on experience with security tools such as firewalls, IDS/IPS, SIEM, encryption, and vulnerability management.
  • Proficiency in cloud security (AWS, Azure, or Google Cloud) and securing cloud-native applications.
  • Strong coding or scripting skills (e.g., Python, Shell scripting) for automating security tasks.
  • Expertise in network security, endpoint protection, and application security.

 Regulatory Knowledge:

  • In-depth understanding of financial regulations, including SOC2, GDPR, and PCI-DSS.
  • Experience conducting compliance audits and managing regulatory documentation and reporting.

Leadership & Soft Skills:

  • Exceptional leadership skills with a track record of building and mentoring security teams.
  • Strong problem-solving and analytical abilities, capable of navigating complex security challenges.
  • Excellent communication skills, with the ability to effectively convey security concepts to both technical and non-technical stakeholders.
  • Ability to thrive in a fast-paced, dynamic startup environment.
  • Passion for continuous learning and staying up-to-date with the latest in cybersecurity trends and technologies.

We are currently hiring for this position in our New York office.

January believes in doing its part to help close the wage gap that continues to plague much of the US workforce. We offer transparent and equitable compensation packages to all existing and future January team members.

The target salary range for the Head of Security role is $170,000 to $225,000, commensurate with experience. We determine the final package by considering experience, applicable education and training, and relevant skills derived throughout our interview process. This role also includes a competitive equity package, giving you a chance to feel true ownership of your work.

January prioritizes the safety and well-being of our team members and, as such, requires all employees who work from or visit a January office to have proof of COVID-19 vaccination or provide a valid medical or religious exemption.

What we can offer you:

  • Pet-friendly office (only in NYC, for now!)
  • Competitive equity packages, giving you a chance to feel true ownership of your work
  • Flexible PTO so you can take the time you need to rest and recharge
  • Hybrid work model, where our team comes in 3x a week
  • Flexible work hours for better work/life balance
  • 12 weeks fully paid new parent leave program for all employees to enjoy bonding time
  • Free lunches for team socializing activities
  • Annual learning and development budget to invest in your professional growth
  • 401k so you can invest in your future
  • Gym membership reimbursement
  • Medical, dental, and vision insurance
  • Free access to One Medical 
  • Free access to the mental well-being platform Spring Health plus 3 free virtual sessions with a Spring Health licensed therapist
  • Commuter benefits for your travel to/from the office
  • Endless growth opportunity and the ability to take on new and exciting challenges

Recognitions:

  • Built In's Best Startups to Work For in New York (2023)
  • Built In's Best Startups to Work For in New York (2024)
  • Built In's Best Startups to Work For in San Francisco (2023)
  • Built In's Best Startups to Work For in San Francisco (2024)
  • Crain's Best Places to Work in NYC (2022) 
  • Crain's Best Places to Work in NYC (2023)
 
To learn more about what it’s like to work with us, check out our Glassdoor reviews. We think our track record speaks best.
 
January is an equal opportunity employer and does not discriminate on the basis of race, color, creed, ethnicity, sex, gender identity, sexual orientation, religion, disability, age, veteran status, or any other category protected by law.
 
At January, we believe that diversity of outlooks, demographics, identities, and life experiences enable companies to build the best products. More diversity means more empathy with different types of people. This matters a lot for us, since so many borrowers in financial distress with whom we engage come from underrepresented backgrounds. We practice what we preach and look forward to continuing to grow and build on our already diverse team.

Org chart