Because this role is highly focused on building relationships cross-functionally, you must be based in Austin, TX, and be open to coming on-site in a hybrid work arrangement.

As the Director of Application Security, you will be responsible for overseeing the security of our financial software products from design to deployment. Though you will be managing a team of around 11 Junior Engineers, the focus of this role is really more around cross-functional influencing and communication of critical messages to leadership audiences and the board, with the goal of ensuring security standards and practices are embedded throughout the entire product development lifecycle. This role requires a mix of deep technical expertise, a solid understanding of security architecture, and strong communication and leadership skills to guide teams through complex security challenges.

The compensation for this role will be Base Salary + Bonus + Stock Grant.

Responsibilities:

1. Collaboration & Stakeholder Engagement (Most Important!)
   Partner with product, engineering, and operations leadership to ensure that security considerations are part of product roadmaps and release cycles.
   Collaborate with other senior leaders in engineering, IT, and compliance to ensure unified approaches to product security across the company.
2. Continuous Improvement & Innovation:
   Stay up-to-date with the latest developments in cybersecurity threats, industry trends, and emerging technologies to proactively address future security needs.
   Recommend improvements in processes and tools to increase the overall security posture and efficiency of the product development lifecycle.
3. Security Architecture & Strategy:
   Design and implement security frameworks and solutions to safeguard our financial software products.
   Lead the security strategy for product development, ensuring alignment with industry best practices, regulatory compliance (e.g., GDPR, PCI-DSS), and organizational security goals.
   Build scalable security solutions for cloud-based environments (AWS, Azure, Google Cloud, etc.) and ensure integration into the development pipeline.
4. Leadership & Team Development:
   Lead, mentor, and develop a high-performing team of security engineers, analysts, and architects.
   Foster a collaborative environment and maintain a culture of security awareness across cross-functional teams including product development, engineering, and operations.
   Provide guidance and direction for the team to develop skills in emerging security threats, technologies, and practices.
5. Cloud Security:
   Oversee the implementation of cloud-native security best practices and secure cloud infrastructure in multi-cloud environments.
   Develop and enforce cloud security policies, identity and access management (IAM), vulnerability management, and threat detection systems in large cloud platforms.
6. Security Risk Management & Incident Response:
   Identify and mitigate risks related to product security and ensure proactive security measures are in place.
   Lead incident response planning and drive root cause analysis of security breaches or vulnerabilities. Develop and maintain a comprehensive security incident response plan for products and cloud environments.

Requirements:

• 10+ years of experience with 5-7 years managing and developing employees.
• Strong experience with security in large cloud environments (AWS, Azure, Google Cloud, etc.) and cloud security architecture.
• Proven experience in designing and implementing secure software architecture and understanding of secure software development lifecycle (SDLC).
• Hands-on experience with modern fraud/threat detection, vulnerability management, and cloud-native security tools.
• Expertise in security frameworks (e.g., NIST, ISO 27001, OWASP Top 10).
• Strong knowledge of encryption, identity and access management (IAM), and secure coding practices.
• Proficiency in cloud platforms (AWS, Azure, Google Cloud) and securing cloud-native applications, APIs, and microservices.
• Familiarity with container security, DevSecOps practices, and automation of security controls.
• Strong people leadership skills, with experience managing, mentoring, and developing high-performing teams.