Director, Security Engineering
Bengaluru, Karnataka
Greenlight
Greenlight's debit card for kids empowers parents to teach trade-off decisions, money management, and the power of saving and investing – in one app experienceAt Greenlight, we believe every child should have the opportunity to become financially healthy and happy. It’s no small task, and that’s why we leap out of bed every morning to come to work. Because creating a better, brighter future for the next generation depends on it.
Greenlight is seeking a highly motivated and experienced Director of Security Engineering with an application security focus to lead a team responsible for designing, implementing, and maintaining security solutions to protect our organization's systems, networks, and applications. You will collaborate with cross-functional teams, including product development, IT operations, and compliance, to ensure that security is integrated throughout the software development lifecycle and infrastructure architecture.
This role will functionally report to the SVP, Chief Security & Trust Officer
What you will be doing:
- Develop and execute the strategic vision for security engineering in India, aligning with global security objectives and business goals.
- Provide leadership and guidance to the security team in India, fostering a culture of innovation, collaboration, and excellence.
- Lead the design and architecture of security solutions for our products, systems, and infrastructure in India, ensuring they meet security requirements and industry best practices.
- Define security standards, patterns, and frameworks to guide the development of secure software and systems.
- Establish and maintain a Secure Development Lifecycle (SDL) process for our software development teams in India, integrating security into all phases of the development process.
- Provide training and support to development teams on secure coding practices, security testing tools, and vulnerability management.
- Identify, evaluate, and deploy security tools and technologies to automate security processes, enhance detection and response capabilities, and improve overall security posture.
- Drive the adoption of DevSecOps practices and toolchains to enable continuous integration and delivery of secure software.
- Conduct threat modelling exercises and risk assessments for our products, infrastructure & corporate environments, identifying potential security threats and vulnerabilities.
- Work with cross-functional teams to prioritize and address security risks through proactive mitigation and remediation efforts.
- Develop and maintain incident response plans and procedures for India aligned with the global plan, ensuring the organization is prepared to respond effectively to security incidents and breaches.
- Lead incident response and forensic investigations, collaborating with internal teams and external partners to mitigate the impact of security incidents.
- Ensure compliance with relevant security standards, regulations, and industry certifications applicable to India, such as ISO 27001, PCI DSS, and GDPR.
- Coordinate with compliance and audit teams to support security audits, assessments, and certifications for India operations.
- People management responsibilities for the IT team based out of IDC
- Responsible for delivering IT operations and projects aligned with global IT strategy
What you bring:
- Bachelor's or Master's degree in Computer Science, Information Security, or related field.
- Minimum of 15 years of experience in security engineering or related roles, with at least 5 years in leadership positions.
- Deep understanding of security principles, practices, technologies, and standards, with hands-on experience in designing and implementing security solutions.
- Strong knowledge of software development methodologies, including Agile, Scrum, and DevOps, with expertise in integrating security into the software development lifecycle.
- Ability to be hands on to implement security tooling, configurations & review code
- Experience with security tooling and automation, including vulnerability scanners, SIEM systems, intrusion detection/prevention systems, and security orchestration and automation platforms.
- Familiarity with cloud security concepts and technologies, such as AWS, Azure, or GCP, and container security solutions like Docker and Kubernetes.
- Excellent leadership, communication, and interpersonal skills, with the ability to influence and collaborate effectively with technical and non-technical stakeholders.
- Industry certifications such as CISSP, CISM, CSSLP, or equivalent, preferred.
- Fluency in English; proficiency in regional languages is a plus
It takes a special team to aim for a never-been-done-before mission like ours. We’re looking for people who love working together because they know it makes us stronger, people who look to others and ask, “How can I help?” and then “How can we make this even better?” If you’re ready to roll up your sleeves and help parents raise a financially smart generation, apply to join our team.
Greenlight is an equal opportunity employer and will not discriminate against any employee or applicant based on age, race, color, national origin, gender, gender identity or expression, sexual orientation, religion, physical or mental disability, medical condition (including pregnancy, childbirth, or a medical condition related to pregnancy or childbirth), genetic information, marital status, veteran status, or any other characteristic protected by federal, state or local law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security Audits Automation AWS Azure Banking CISM CISSP Cloud Compliance Computer Science DevOps DevSecOps Docker FinTech GCP GDPR Incident response Intrusion detection ISO 27001 Kubernetes PCI DSS Risk assessment Scrum SDLC SIEM Strategy Vulnerabilities Vulnerability management
Perks/benefits: Flex hours
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs