Director, Security

Remote   |   Full Time

We are looking for a seasoned Security leader for our security functions. You will provide leadership on Cyber Security and work with our global teams.  Their responsibilities usually include researching and developing new designs and products, proposing budgets for projects, and overseeing all the activities related to each project.

Responsibilities:

  • Evangelize and role model Security FIRST mindset with a deeper understanding of our domain
  • Develop innovative security & compliance platforms for continuous assessment of threats, vulnerabilities, risk, regulatory and compliance across our products/application and Cloud infrastructure
  • Embed threat modeling, solutions architecture, secure code review into product and application teams so they are secure from the start and compliant with risk policies and regulatory obligations.
  • Collaborate with engineering and product management teams to solve security and compliance issues with minimal disruption to other business units
  • Lead compliance-related activities by planning, driving, and implementing controls and procedures with respect to compliance.
  • Interact with Industry experts, vendors, partners, internal staff, and auditors
  • Periodic Risk Assessment and mitigation plan including management updates
  • Ensure technology risk impacting the business is effectively-identified, quantified, communicated, and managed.
  • Analyzing existing Org data for continuous product and process improvement
  • Increase agility by using the wisdom of your team - Get work done with Fun!
  • Operating with scale amid the business and tech growth of the company

Requirements:

  • 12+ years of IS experience with 4+ years of InfoSec leadership experience
  • Thorough knowledge of strategy, security, governance, risk management, and compliance concepts
  • Lead and Change the Culture to Security First in every step across the organization
  • Working knowledge of compliance frameworks (CIS, NIST, OWASP, PCI)
  • Experience applying  various OWASP Projects such as Top 10, ASVS, Proactive Controls, SCP, etc. to improve application security posture  
  • Security & Privacy by design code reviews
  • Experience building DevSecOps ensuring code must be secure and trusted before releasing to production   
  • Experience with SIEM, IPS, IDS, and WAF technologies.
  • CISSP, CISM, GIAC Certification and/or expertise
  • Security and perimeter modeling
  • Platform & Cloud Security
  • Understanding of various Security technologies
  • Regular update on all relevant vulnerabilities and security bulletins for our key technologies and advice on patch and upgrade requirements. 
  • Demonstrated ability to create and successfully execute strategic security and compliance roadmap
  • Experience securing various Cloud architectures and deployment strategies such as Software-as-a-service, Infrastructure-as-a-service (AWS), Platform as a service, etc
  • Knowledge and understanding of relevant legal and regulatory requirements including PCI-DSS, SOC, HIPAA, GDPR 
  • Work with 3rd party vendors and provide Product requirements for Security/GRC compliance
  • Thorough documentation abilities and process adherence culture
  • Practical experience in leading internal and external compliance audits 
  • Excellent written and verbal communication skills


Chargebee might be the opportunity you’re looking for

  • If you’re interested in how subscription businesses can get more efficient.
  • If you’re hungry to give and receive feedback, fully understanding that challenging perspectives are the only way that you can grow.
  • If you can bring empathy to problem solving.
If this sounds interesting but you’re not sure you'll tick all the boxes, apply anyway! There’s tons of room to grow at Chargebee.

Let’s talk

apply with your résumé to get
the conversation started

Submit Your Application

You have successfully applied
  • You have errors in applying