Information Security & Risk Director

The Role

In the Information Security and Risk (‘ISR’) team, it's our mission to continuously elevate our security program to better protect our customers and people against threats, and support our reach into Global and Enterprise markets. This organization plays a key role in helping to balance risk-taking activities and decisions with opportunities to manage risk.

The successful ISR Director candidate will be skilled in leading high-impact information security initiatives that align closely with our business objectives.

As a leader in the ISR team, you will bring your expertise to drive key, strategic programs that mitigate risk in a scalable way. You'll work closely with Engineering leaders to bring awareness to a broad range of security topics and champion a strong security posture. As a member of a growing organization, you will have the opportunity to craft and further refine your role commensurate with the priorities of the organization and the company. This position requires a strong people leader with a track record of working independently in a fast-paced environment.

Addepar takes a market-based approach to pay. A successful candidate’s starting pay will be determined based on the role, job-related skills, experience, qualifications, work location, and market conditions. The range displayed on each job posting reflects the minimum and maximum target base salary for roles in Colorado, California, and New York.

The current range for this role is $184,000 - $288,000 (base salary) + bonus + equity + benefits.

What You’ll Do

• Build positive partnerships with senior leaders in Engineering, to understand their business priorities, and ensure risks are well communicated and understood.
• Drive scale and optimization in Addepar's Security Operations & IAM functions and technologies, including the identification of metrics to measure and communicate impact to leadership.
• Lead and develop a team of dedicated Security Operations and IAM employees.
• Communicate clearly and partner at all levels of the company, and to influence to ensure objectives are met.
• Demonstrate strong analytical, problem-solving, and decision-making skills. Define, structure and plan work independently.

Who You Are

• Experience in Information Security, including Identity and Access Management and Security Operations functions and tools.
• Experience leading Security Incident Response teams and communicating with cross-functional leadership.
• Strong connectivity to the security industry, with the ability to hire great talent, and stay current with evolving security threats and mitigations.
• Ability to train, lead and educate cross-functional teams and team members on all aspects of the program and evolution.
• Experience with AWS and SaaS technologies required. Experience with API technologies a plus. Familiarity with current security frameworks, standards and regulations such as SOC2, NIST, CSF, ISO270xx.
• Preferred professional certifications: AWS Certified Solutions Architect, AWS Certified Security Specialty, Certified Information Security Auditor (CISA) or Certified Information Systems Security Professional (CISSP)