Head of Security

Hi 👋🏾, I’m Abhik , Ashby’s Co-Founder and VP of Engineering. I’m seeking a knowledgeable, collaborative, and creative leader to scale our security program and build out our security team. Hopefully, you fit the bill! As our Head of Security, you won’t have to build from scratch. You’ll inherit a reasonably competent security program that I developed, and then our former Head of Security & IT improved. Instead, you’ll scale this program and team through our next phase of high growth. I think it’s important to share a bit about the broader company as context for this role. Ashby builds powerful and easy-to-use recruiting software that replaces several venture-backed companies' worth of products (often with a better experience). We have notable customers like Notion, Linear, Shopify, and Snowflake. Our growth and retention metrics are best-in-class among our peers: we have tens of millions in ARR, thousands of customers (including Enterprise customers), growing >120% year over year, very low churn, and many years of runway. As a result, Ashby manages a significant amount of sensitive information and PII on behalf of candidates and customers (from candidate addresses to offer details to company calendars), and the volume and types of sensitive data are only increasing as we expand the product. This presents interesting security challenges that you’ll lead and collaborate with other departments to solve. Your first challenge will be building out our security team and scaling our security program. There’s no team today, but we’ve added many automations (e.g., one-click offboarding) and services (e.g., SecurityPal) to help. We also collaborate with other departments (e.g., Support triages security@) to manage a good portion of routine Security work. That being said, you’ll still need to be a hands-on security generalist to start. By the end of the year, you’ll have added people (1-3 individuals), processes, and automation to scale yourself out of more of the routine work. Some other examples of challenges you’ll work on: LLMs and AI products are powerful technologies, and new startups today have an advantage in utilizing these technologies because they have higher risk tolerance. Despite our scale, we must continue to adopt new technologies at a similar pace, but with the right security and privacy controls in place to match our maturity. You’ll help us navigate that with our IT and leadership teams by building policies, processes, and systems for departments to adopt at startup speed. LLMs and AI also pose challenges for the recruiting industry, including mass bot applications and fraudulent candidates. You’ll lend your expertise to our Product teams to help them build counters in our product (example here ). You’ll also work with our customers and the broader industry to help them build strategies in their own processes (example here ). As we move into people workflows and capture more sensitive data, we’ll need to address the additional risk that brings, but, at the same time, not hinder our ability to provide excellent support to our customers. You’ll partner with Engineering, IT, and Customer Support to develop tools, integrations, and safeguards that enable us to practice least privilege through smart automations rather than slow, manual approvals.