About the position
We are seeking a Head of Security to lead the Security organization at Zapier. This role involves evolving our security strategy, collaborating with leaders and executives, and executing a multifaceted security strategy. The Head of Security will also be responsible for building security into our products and infrastructure, managing a talented Security team, and ensuring compliance with security standards. The ideal candidate is an experienced SaaS security leader with a strong engineering background, a deep understanding of various security functions, and the ability to develop and deliver on a security vision and roadmap.
Responsibilities
- Continually evolve and design the future of the security organization
- Enhance and communicate the security strategy for products and company
- Set the vision, strategy, and deliver on a roadmap
- Work closely with engineering, design, legal, and product stakeholders to address user problems and provide solutions
- Develop effective ways to communicate, monitor, and lead teams
- Keep senior leadership informed on teams' progress and potential blockers
- Build rapport with each member of the Security Team and support them through coaching and mentorship
- Participate in security reviews and spread security and technical knowledge throughout the company
- Guide Executive leadership team by recommending information security investments
- Provide strategic leadership for secure product development and security features
- Collaborate with various disciplines to build security goals into roadmaps and maintain alignment
- Stay current on technological advancements in the field of security
Requirements
- Skilled, pragmatic, and engineering-oriented SaaS security leader
- Experience leading security teams for a SaaS-based product company on modern tech stacks
- Experience working at a company that ships products and features quickly and safely
- Engineering experience and approach to solving security challenges through engineering means and a product lens
- Specialized in at least one security discipline and deep understanding of other security functions
- Experience working with security tools, implementing detection and response mechanisms, running red team exercises, and implementing compliance controls
- Familiarity with OWASP Top Ten and guarding against common vulnerabilities
- Familiarity with security needs within an engineering organization
- Pragmatic approach to security that adapts to the company's needs
- Ability to manage diverse, high-performing, and growth-mindset engineering organizations
- Empathetic leader that values diversity and fosters a culture of psychological safety, inclusivity, and belonging
- Ability to forecast staffing needs and make hard staffing decisions
- Ability to assess performance equitably across diverse people and functions
- Experience managing managers, tech leads, and individual contributors
- Passion for mentoring engineers and leaders
- Track record of giving and receiving feedback well
- Ability to develop and deliver on an aligned security vision, strategy, and roadmap
- Ability to communicate vision, strategy, and roadmap to others and gain alignment
- Ability to define measurable outcomes and a roadmap to deliver on those outcomes
- Ability to track progress toward outcomes and make adjustments when needed
- Ability to prioritize effectively and communicate tradeoffs and prioritization decisions
- Ability to build strong partnerships and collaborate with various stakeholders
- Excellent communication skills, both verbal and written
- Ability to communicate to various levels, including executives
- Ability to distill complex security risks into relatable information
- Ability to protect customers' API credentials and enhance security strategy for products and company
- Ability to work closely with engineering, design, legal, and product stakeholders
- Ability to develop effective ways to communicate, monitor, and lead teams
- Ability to build rapport and support team members through coaching and mentorship
- Participation in security reviews and spreading security and technical knowledge throughout the company
- Ability to guide executive leadership team on information security investments
- Strategic leadership for secure product development and security features
- Collaboration with various disciplines to integrate security goals into roadmaps
- Stay current on technological advancements.
Benefits
- Competitive compensation in the technology sector
- Equitable pay practices based on competencies
- Simple and transparent pay structure
- Pay ranges for the role provided
- Finalized compensation package based on experience and competencies
- Total Rewards program
- Non-standard application process promoting inclusion and equity
- Prompt communication throughout the application process
- Equal opportunity employer
- Commitment to diversity, inclusion, belonging, and equity
- Consideration of applicants with criminal histories
- Reasonable accommodations for individuals with disabilities
- All-remote company with restrictions on permanent work locations