Head of Security

Lightspark is the easiest, most reliable, enterprise-grade gateway to the Lightning Network, enabling money to move just like bits and bytes do on the Internet. Lightspark services aim to be the fastest, lowest cost, easiest and most reliable way to send and receive payments globally using Lightning. We want to  deliver open payments for the Internet at scale and we’re laser-focused on solving real problems for our customers with best-in-class innovative software solutions.  We aim to help businesses around the world benefit from real time payments and build amazing new experiences for themselves and their customers. Lightspark is headquartered in Los Angeles but serving the world.

At Lightspark, we are pioneering the future of payments by leveraging the Bitcoin network and diving deep into the capabilities of the Lightning Network. Our mission is to make money flow, and unlock the global opportunity. 

We are seeking a highly experienced Head of Security to spearhead the development and ongoing management of our security functions, and represent Lightspark security to customers and regulators.. This role involves a range of responsibilities, from identifying vulnerabilities to implementing best-in-class security practices to long term security strategies. The ideal candidate will have a proven track record in team-building, engineering, and adhering to the highest security standards.

WHAT YOU’LL BE DOING:

• Strategic Leadership: Lead the identification and continuous improvement of security measures across engineering processes, products, and infrastructure

• Policy Governance: Develop and maintain security policies, standards, and guidelines aligned with organizational objectives and legal requirements, including compliance and audit planning

• Cross-functional Teamwork: Collaborate with various departments to develop and implement secure engineering practices

• Risk Management: Conduct regular security assessments and audits, ensuring compliance with industry standards

• Education & Training: Design and execute security training and awareness programs customized for the engineering department

• Incident Management: Lead the coordinated response to security incidents from detection to remediation, root cause analysis, and prevention

• Technology Monitoring: Keep abreast of emerging threats and technologies, and advise the leadership team accordingly

• Mentorship: Mentor and guide engineering teams on best practices for secure development, threat modeling, and testing

• Team Management: Hire, train, lead, and manage the security team.

• Customer Support: Interact with our customers’ security teams to support them and our business partners into evaluating, integrating, and using our products.

• Startup Mentality: While the role is oriented towards strategy and management, you will be expected to act as an individual contributor when needed. We are a startup!

WHAT WE’RE LOOKING FOR:

• A minimum of 8 years of experience in engineering security

• A minimum of 3 years of experience leading or managing a team

• Prior experience with finance, blockchain, or crypto technology is required

• A degree in Computer Science is ideal but not required, we value talent from diverse backgrounds

• Strong familiarity with security concepts, including secure coding, encryption, and authentication

• Proficient in one or more programming languages (Python, Java, C/C++, etc.)

• Knowledge of industry standards like ISO 27001, NIST, or OWASP

• Preferred certifications: CISSP, CEH, or equivalent

• Excellent problem-solving, analytical, and communication skills

Lightspark is on a mission to build an open payment protocol for the Internet at scale and therefore we’re committed to creating a more inclusive and diverse workplace to reflect the customers we serve. We welcome interest from individuals of all backgrounds and levels of experience who share our mission. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or other applicable legally protected characteristics.