Director, Security
Remote
Veza
Veza is the identity security company that enables organizations to understand, manage and control who can and should take what action on what data.About the Opportunity
The Director of Security will report directly to the Chief Security & Trust Officer and focus on safeguarding the company, its assets, and its platform. This role is critical in ensuring the security and integrity of Veza's assets, platform and products and maintaining customer trust. This position requires a strategic thinker with strong leadership skills and a deep understanding of the ever-evolving cybersecurity landscape.
You will:
- Product Security and Platform Integrity
- Collaborate with product and engineering teams to embed security and privacy by design principles into Veza's offerings.
- Ensure the protection of customer data and maintain a resilient customer experience.
- Conduct regular security audits and assessments of Veza's platform to identify and mitigate potential vulnerabilities.
- Drive the "Veza on Veza" initiative to showcase the company's internal use of its own products.
- Risk Management and Compliance
- Develop and implement internal security policies, procedures, and controls.
- Oversee ongoing compliance with industry standards such as SOC2 and ISO27001, and prepare for future certifications like GDPR and FedRAMP.
- Manage third-party and supply chain security risks, ensuring compliance with Veza's security standards.
- Conduct regular risk assessments, penetration testing, and manage incident response processes.
- Security Training and Awareness
- Develop and deliver comprehensive security training programs for employees, contractors, and partners.
- Foster a culture of security awareness and vigilance throughout the organization.
- Keep abreast of the latest security trends, threats, and best practices, and share insights with relevant stakeholders.
- Customer Trust and Support
- Address advanced-level security-related customer queries and concerns, providing expert guidance and solutions.
- Collaborate with the Customer Success team to ensure customer security needs are met and to build long-term trust.
- Contribute to the development of security-related content and resources for customers.
- Technology and Infrastructure Security
- Ensure the resilience and operational stability of Veza's IT systems, applications, data, and technology platforms.
- Collaborate with IT and infrastructure teams to implement and maintain robust security controls.
- Monitor and analyze security logs and events to detect and respond to potential threats.
You have:
- Education:
- Bachelor's degree in Computer Science, Cybersecurity, or a related field; Master's degree preferred.
- Experience:
-
- Minimum of 10 years of experience in information security, with at least 5 years in a leadership role.
- Deep understanding of security principles, frameworks, and best practices (e.g., NIST, ISO27001, OWASP).
- Strong knowledge of identity and access management, data protection, and cloud security.
- Experience with security audits, risk assessments, and compliance management.
- Excellent communication and interpersonal skills, with the ability to engage with diverse stakeholders.
- Proven track record of building and leading high-performing security teams.
- Relevant security certifications such as CISSP, CISM, or CISA are highly desirable.
Our Culture
We’re driven to build a strong company culture and are looking for individuals with solid alignment with the following:
- Ownership Mindset
- Act with Integrity
- Guardians of our Customers
- Opinionated Humility
- Build Trust, Earn Trust
What we offer
- Competitive salary and equity packages
- 401(k) retirement plan
- Pre-tax health care, dependent care, and commuter benefits (FSA)
- Flexible medical, dental, and vision benefits
- Parental leave
- Flexible Time Off
- Monthly Connectivity Stipend
At Veza, your base pay is one part of your total compensation package. For this position, the reasonably expected pay range can be discussed with your recruiter for the level at which this job has been scoped. Your base pay will depend on several factors, including your experience, qualifications, education, location, and skills. In the event that you are considered for a different level, a higher or lower pay range would apply. This position is also eligible for equity and a competitive benefits package.
Veza is proud to be an equal opportunity employer. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, or other applicable legally protected characteristics. We also consider qualified applicants according to applicable federal, state, and local laws. If a candidate with a disability requires an accommodation during the recruitment process, please email recruiting@veza.com
About Veza
Veza is the identity security company. Identity and security teams use Veza to secure identity access across SaaS apps, on-prem apps, data systems, and cloud infrastructure. Veza solves the blind spots of traditional identity tools with its unique ability to ingest and organize permissions metadata in the Veza Authorization Graph. Global enterprises like Blackstone, Wynn Resorts, and Expedia trust Veza to visualize access permissions, monitor permissions activity, automate access reviews, and remediate privilege violations. Founded in 2020, Veza is headquartered in Redwood City, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures. Visit us at veza.com and follow us on LinkedIn, Twitter, and YouTube.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISSP Cloud Compliance Computer Science FedRAMP GDPR IAM Incident response ISO 27001 NIST OWASP Pentesting Privacy Product security Risk assessment Risk management SaaS SOC 2 Vulnerabilities
Perks/benefits: Competitive pay Equity Flex vacation Health care Medical leave Parental leave Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs