Head of Information Security

Local or 100% Remote

Who we are 

Our mission at Point is to make homeownership more valuable and accessible to all. Every day, we explore, build, and iterate to create innovative financial products that improve the lives of our customers. Together, we’re creating the premier full-stack home equity platform to help current homeowners access their home wealth and aspiring ones realize their dream of homeownership. We recently raised a $120M Series C led by WestCap, and have raised over $170M overall from Andreessen Horowitz and other leading investors.

About the role

Point seeks a driven, dynamic Head of Information Security to build and lead a comprehensive information security program and team. You will be establishing and maintaining an organizational-wide information security management program, collaborating with business stakeholders to drive initiatives in an exciting, fast-paced environment. As a strategic advisor, you will guide Point’s security posture and manage all aspects of Point’s information security program to ensure compliance with industry standards.

Your responsibilities

• Develop and maintain an information security strategy that aligns with organizational priorities, business objectives, regulatory requirements, and evolving risks, threats, and vulnerabilities. 
• Grow and lead a highly skilled team managing and supporting security activity while overseeing the day-to-day relationships and activities.
• Implement and monitor a risk-based information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy, and recovery of information owned, controlled, and processed by the company.
• Review vendor contracts to ensure they meet security requirements.
• Oversee information security audits.
• Respond to external information security questionnaires. 
• Partner with business units to ensure that risk management processes and security standards are understood and consistently applied across the company.
• Manage incident response plans and procedures as well as any security incidents and events.
• Evaluate security controls and opportunities for improvement and communicate recommendations to the executive team.
• Maintain a high degree of knowledge of current and proposed security changes impacting regulatory, privacy, and security industry best practice guidance.
• Develop and manage information security training and awareness across the company.

About you

• Bachelor’s degree preferred in computer science, information assurance, MIS, or related field.
• At least 15 years of experience with 10 years of cybersecurity or information technology experience, preferably in the consumer financial industry.
• CISM or other industry security management certification.
• CISSP or other industry cybersecurity certification.
• Strong ability to identify needs, take initiative, and prioritize work efforts, balancing operational tasks with longer-term strategic security efforts.
• Ability to remain credible with the team and external constituents through sustained industry knowledge.
• Strong knowledge and understanding of information security management frameworks and various regulatory requirements such as SOC 2, NIST, SOX, and GLBA.
• Excellent project management, written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences at various levels, ranging from investors to engineers.
• Demonstrated experience and success in senior leadership roles in risk management and information security.

Our benefits 

Generous health benefits

We provide medical, dental, and vision plans with options for flexible spending accounts (FSA) and health savings accounts (HSA). Point covers 99% of employee medical, dental, and vision premiums.

Unlimited paid time off

Recharge with unlimited paid time off and 10 company holidays. 

Flexible remote & onsite work

Our teams work from many different locations and time zones. We support fully remote work and also have an amazing in-person environment in our downtown Palo Alto, CA HQ. 

Fully paid parental leave

Point will true-up wages from state-applicable PFL earnings so that the employee’s total gross pay will be equivalent to 100% of their regular base pay, as well as two weeks of fully paid leave to be available after exhaustion of state PFL. 

For employees in states without Paid Family Leave, Point will provide up to 8 weeks of paid parental leave. 

In addition, all employees will receive 4 weeks of fully paid transition time. For four weeks after returning from parental leave, and following the use of all other paid leave benefits, you may work part-time, meaning two or three days per week, and receive 100% of regular base pay.

Financial wellness

We provide 401K retirement plans for employees as well as guaranteed life insurance and short- and long-term disability coverage. Full-time employees have the opportunity to take ownership in the company through equity options.

Extra work/life benefits

We provide monthly stipends for internet, mobile plans, and a one-time home office reimbursement. 

Point is proud to be an equal opportunity employer. We provide employment opportunities regardless of age, race, color, ancestry, national origin, religion, disability, sex, gender identity or expression, sexual orientation, veteran status, or any other protected class. Each individual at Point brings their own perspectives, work experiences, lifestyles, and cultures with them, and we believe that a more diverse team creates more innovative products, provides better services to customers, and helps us all grow and learn. 

The expected base salary range for Technical roles (e.g. Engineering, Product, Design) at this level within Point is $240,000 to $295,000 per year. This does not include any other potential components of the compensation package, including equity, benefits, and perks outlined above. At the launch of each position we benchmark compensation to the appropriate role and level utilizing competitive compensation data from various data sources as references. At the offer stage we use  the signal we received from our interviews coupled with your experience, location, and other job-related factors to determine final compensation. 

California Consumer Privacy Act Notice