Director, Security Operations

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
• 12+ years of experience in cybersecurity, with a passion for Authentication and Authorization.
• Strong knowledge of Linux operating systems and cloud platforms (AWS & GCP).
• Experience with tools automation tools for automating intake complaints and concerns from customers.
• Familiarity with frameworks such as NIST, CIS, ISO 27001.
• Adept and well versed in collaborating with stakeholders across organizational boundaries.
• Knowledge of all areas of Security: GRC, IR, Vulnerability management, and product security, etc.
• Knowledge of software development, design and technical operations.
• Experience with Domain or website abuse processes.

Responsibilities

• Contribute to define, collect, and analyze security KPIs and KRIs for the security organization.
• Mentor and support more associate team members
• Develop and implement a comprehensive security operations strategy and roadmap aligned with Squarespace's overall our goals and risk appetite.
• Oversee the Security Operations Center (SOC) activities, including threat detection, monitoring, analysis, and proactive hunting, ensuring 24/7/365 coverage as appropriate.
• Establish and maintain a robust incident response program, including defining incident playbooks, leading major incident investigations, and conducting post-incident reviews to drive continuous improvement.
• Manage and enhance the vulnerability management program, from identification and assessment to prioritization and remediation tracking across all Squarespace assets.
• Lead efforts in security architecture review and design consultation for new products, features, and infrastructure changes to ensure security is built-in from the outset.
• Identify, evaluate, and implement new security technologies and tools to enhance detection, prevention, and response capabilities.
• Drive continuous improvement of security operations processes through automation, tooling, and best practices.
• Stay abreast of emerging security threats, vulnerabilities, and industry trends and proactively advise leadership on necessary adjustments to strengthen Squarespace's security posture.
• Contribute to the development and enforcement of security policies, standards, and guidelines across the organization.
• Build, mentor, and lead a high-performing team of security professionals, fostering a culture of continuous learning, collaboration, and accountability.
• Act as a key liaison and trusted advisor to internal stakeholders (e.g., Engineering, Product, Legal, Compliance, IT) on security-related matters.
• Manage relationships with external security vendors and partners, ensuring effective service delivery and technology adoption.
• Oversee security compliance activities related to relevant regulations (e.g., GDPR, PCI-DSS) and frameworks (NIST, ISO 27001), ensuring Squarespace's adherence.
• Promote a culture of security by design by working closely with development teams to integrate security into the software development lifecycle (SDLC).
• Work with partner teams to implement new security programs and refine existing ones, with an emphasis on driving the team's velocity while also maintaining high customer and employee engagement.

Benefits

• A choice between medical plans with an option for 100% covered premiums
• Fertility and adoption benefits
• Access to supplemental insurance plans for additional coverage
• Headspace mindfulness app subscription
• Global Employee Assistance Program
• Retirement benefits with employer match
• Flexible paid time off
• 12 weeks paid parental leave and family care leave
• Pretax commuter benefit
• Education reimbursement
• Employee donation match to community organizations
• 8 Global Employee Resource Groups (ERGs)
• Dog-friendly workplace
• Free lunch and snacks
• Private rooftop
• Hack week twice per year