Head of Security

About Rocket Lawyer   We believe everyone deserves access to affordable and simple legal services. Founded in 2008, Rocket Lawyer is the largest and most widely used online legal service platform in the world. With offices in North America, South America, and Europe, Rocket Lawyer has helped over 30 million people create over 50 million legal documents, and get their legal questions answered.   We are in a unique position to enhance and expand the Rocket Lawyer platform to a scale never seen before in the company’s history, to capture audiences worldwide. We are expanding our team to take on this challenge!

About the Role

As the Head of Security, you will champion and elevate the security standards of Rocket Lawyer. This role requires an individual who can integrate a robust security mindset across all departments, ensuring that every aspect of our operation and product development adheres to the highest security standards. This is a pivotal, player-coach role involving hands-on development of security roadmaps and strategies, managing a team of security professionals, and driving projects to completion, not just identifying risks.

Responsibilities

• Own and continuously improve the security framework of Rocket Lawyer's platform, ensuring alignment with industry best practices and certifications and protection of critical Rocket Lawyer and customer information against cybersecurity threats.
• Develop and oversee the implementation of detailed security strategies for general operations, AI security, and payments security, including ownership of the respective roadmaps.
• Lead the security team in achieving and maintaining PCI compliance and other critical security certifications.
• Establish and maintain secure software development life cycle (SDLC) practices across the product development organization. Transition to a secure agile delivery methodology that supports the strategic goals of the company.
• Act as a player-coach by directly engaging in the creation of strategies and detailed roadmaps, ensuring their execution and alignment with organizational objectives.
• Build and nurture relationships with key stakeholders across all departments to ensure integration of security practices.
• Conduct security control gap analysis, risk assessments, internal penetration tests, and code reviews.
• Coordinate with external security service providers and support the selection of future security services vendors and suppliers.

Requirements

• Minimum 10 years experience in Information Security at a consumer-facing online business, with a proven track record of leading security initiatives and protecting critical customer information.
• Must hold one or more of the following certifications: CISSP, CISM, CRISC, CISA.
• Strong understanding and practical experience in implementing security frameworks and secure SDLC practices.
• Experience with Managed Security Services and SOC implementations.
• Demonstrated ability to manage multiple concurrent projects and deliver results analytically and methodically.
• Excellent verbal and written communication skills with the ability to write clear technical specifications.

Preferred Qualifications:

• Expertise in AI security, including strategy development and roadmap ownership.
• Proficiency in payment security strategy and its implementation.
• Strong leadership skills with experience in a player-coach role, actively participating in strategy and roadmap development.

Benefits & Perks

• Comprehensive health plans (including Medical, Dental and Vision insurance for full-time employees)
• Unlimited PTO
• Competitive salary packages
• Life insurance
• Disability benefits
• Supplemental Optional Life Insurance Benefits
• FSA Options Optional
• HSA with Company Match
• 401k program with Company Match
• Fertility Assistance and Planning options
• Wellhub & ClassPass fitness platforms
• Comprehensive Pet Insurance options
• Financial Wellbeing & Student Loan Program access
• Access to additional Mental Health & Wellbeing resources
• Pre-tax Commuter/Transit Benefits
• Free Rocket Lawyer account with online access to an extensive legal documents library and brilliant licensed attorneys at discounted rates 

Rocket Lawyer is proudly committed to recruiting and retaining a diverse and inclusive workforce. As an Equal Opportunity Employer, we never discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, military or veteran status, status as an individual with a disability, or other applicable legally protected characteristics. We particularly welcome applications from veterans and military spouses.   All your information will be kept confidential according to EEO guidelines. You may request reasonable accommodations by sending an email to hr@rocketlawyer.com.All Locations $200,000—$260,000 USD

By applying for this position, your data will be processed as per Rocket Lawyer Privacy Policy.