Director of Security & IT Operations

Pilot.com•San Francisco, CA

2d•Onsite

About The Position

Pilot is seeking a Director of Security to establish a world-class security program that protects customer financial data and ensures internal systems are secure and resilient. This role involves setting the vision, strategy, and execution for application security, cybersecurity detection and response, corporate IT cloud infrastructure, and business technology systems. The position will collaborate with other executives to shape the future of security at Pilot, blending hands-on technical expertise with strategic leadership. The ideal candidate is passionate about safeguarding critical financial data and growing a security function in a fast-paced environment.

Requirements

8+ years in security roles.
3-5 years leading security programs or teams in a dynamic environment.
Experience at a fast-growing startup or tech company is strongly preferred.
Comfortable building and advocating for a company-wide security strategy while also handling day-to-day security tasks.
Ability to explain complex security concepts to both technical and non-technical stakeholders.
Skill in building trust within a company and with external parties.
Enjoyment in mentoring and coaching security talent.
Thrive in an environment where you can move fast, adapt quickly, and create processes from scratch.
Resourceful, autonomous, and able to balance security best practices with business needs.

Nice To Haves

Experience at a fast-growing startup or tech company.

Responsibilities

Develop and implement an end-to-end security roadmap aligned with Pilot’s priorities, risk profile, and compliance needs.
Define and execute an AI-specific security strategy.
Manage cybersecurity detection and response.
Perform hands-on security implementation, including threat assessments, vulnerability scans, and remediation.
Oversee core security controls such as MFA, SSO, endpoint protection, and identity & access management.
Own security compliance programs, provide guidance for audits and certifications (e.g., SOC 2 Type II), and partner with the legal team on regulatory and contractual security requirements.
Evaluate proactive security programs like regular penetration tests.
Develop and roll out security awareness training programs for employees and provide guidance to developers on secure coding.
Work closely with product and engineering teams to embed security into product design and development.
Manage the end-to-end IT function, including physical hardware, SaaS application configuration, and IT systems engineering.
Oversee IT systems such as Okta and SaaS integrations.
Support Pilot’s business systems needs.