Director of Security

About The Position

Requirements

• 8+ years in security engineering, application security, or related fields
• Experience building or leading security programs in a SaaS, ecommerce, fintech, or high-transaction environment
• Strong hands-on experience securing web applications, APIs, and cloud infrastructure (AWS/Azure/GCP)
• Deep understanding of: Secure SDLC practices, Vulnerability management, Identity and access management, Encryption and key management
• Experience owning or supporting PCI-DSS and similar frameworks
• Proven ability to influence cross-functional teams without direct authority
• Strong executive communication skills

Nice To Haves

• Experience in high-transaction ecosystems with elevated fraud risk (fintech, ticketing, ecommerce, payments)
• Experience working with globally distributed engineering teams
• Experience leading SOC 2 or comparable framework implementation
• Security certifications (CISSP, CISM, OSCP, etc.)
• Experience building and scaling security teams

Responsibilities

• Lead security as a strategic differentiator aligned with enterprise trust and long-term revenue growth.
• Assess and elevate Etix’s overall security practices.
• Define and execute a multi-year security roadmap aligned with company growth.
• Establish clear security KPIs and provide executive-level visibility into risk.
• Evaluate and leverage emerging technologies, including AI-driven security tools, to improve threat detection, vulnerability management, and operational efficiency.
• Strengthen application and infrastructure security, with a goal of minimizing security-related downtime.
• Design security controls and workflows that prioritize automation and continuous enforcement, reducing reliance on manual processes and minimizing operational risk.
• Embed secure SDLC practices, threat modeling, and vulnerability management into engineering workflows.
• Strengthen cloud, network, IAM, and monitoring practices in partnership with DevOps and IT.
• Ensure security is built into architectural decisions across U.S. and international development teams.
• Define data classification, handling, encryption, and retention standards.
• Ensure compliance with global data privacy regulations and cross-border data transfer frameworks (e.g., GDPR, Data Privacy Framework).
• Own and continuously improve PCI-DSS posture.
• Evaluate and prepare for additional frameworks (e.g., SOC 2) as business needs evolve.
• Develop and lead incident response processes and post-incident reviews.
• Maintain a risk register and prioritize mitigation efforts based on business impact.
• Serve as the primary security contact for audits, RFP responses, customer reviews, and third-party assessments

Benefits

• Competitive medical, dental, and vision coverage options for Etix team members and their eligible family members, including domestic partners.
• Flexible Spending Accounts (FSA), Limited Purpose Flexible Spending Accounts (LPFSA), Health Savings Accounts (HSA), and Dependent Care Flexible Spending Accounts (DCFSA) in conjunction with our healthcare offerings.
• Life insurance, AD&D insurance, short-term disability, long-term disability and workers’ compensation are offered for eligible team members and paid by the company. Optional additional Life Insurance and AD&D may be purchased to cover an employee, spouse, and/or child(ren).
• 401k retirement savings plan with Fidelity Investments. Included in this program is financial planning and budgeting counseling.
• Paid Time Off benefits in addition to paid company holidays.
• Parental Leave is available to new Mothers and Fathers to help assist team members welcome a new child to their family.
• Every day casual dress code. While on-site or with clients, business casual attire is preferred. Etix offers branded apparel for client facing team members.