About The Position

As the Principal Business Information Security Officer, you will translate enterprise security requirements into practical guidance that reflects how Redfin operates—from real estate agent workflows to AWS infrastructure to emerging AI use cases. This senior individual contributor role requires strong security judgment, technical credibility, business acumen, and the ability to communicate complex risk to executives. As the BISO, you will help leadership understand Redfin's risk profile while helping teams implement security controls that work within their actual business context. Serve as Redfin's primary security liaison to Rocket Companies' Information Security organization and enterprise governance forums. Develop deep expertise in how Redfin operates, including real estate agent workflows, customer-facing products, internal tools, AWS infrastructure, data usage, and engineering delivery. Translate security, compliance, and policy requirements into clear implementation guidance for engineering, product, and business teams. Represent Redfin's business and technology risk profile to Redfin and Rocket leadership. Identify gaps between enterprise security expectations and Redfin's current architecture, practices, tooling, or processes. Maintain visibility into material Redfin security risks, remediation plans, owners, timelines, compensating controls, and risk acceptance decisions. Partner with engineering teams on secure architecture, AWS security controls, identity and access management, data protection, vulnerability management, logging, incident readiness, and operational resilience. Participate in architecture reviews, AI adoption reviews, technology evaluations, major platform decisions, and integration planning where security risk is material. Communicate risk in business terms, including potential impact to customers, agents, operations, engineering delivery, regulatory exposure, public-company obligations, and company reputation. Streamline operating rhythms for security reviews, risk reporting, remediation tracking, policy adoption, and escalation management.

Requirements

  • 10 years of experience in information security, security architecture, cloud security, technology risk management, compliance, or related technical leadership roles
  • Bachelor's degree in computer science, information security, cybersecurity, business administration, or related field (or equivalent professional experience)

Nice To Haves

  • Experience as a Business Information Security Officer (BISO), security business partner, principal security architect, security risk leader, or similar embedded security leadership role
  • Experience in a publicly traded company, regulated environment, consumer technology, fintech, mortgage, real estate, or other data-sensitive business
  • Deep familiarity with AWS-native security controls, cloud governance, infrastructure security, and modern software engineering practices
  • Experience supporting enterprise integrations, mergers, acquisitions, or subsidiary operating models
  • Familiarity with AI security, responsible AI governance, data governance, privacy, and emerging technology risk
  • Familiarity with common security and compliance frameworks such as NIST, ISO 27001, SOC 2, SOX, PCI, or similar

Responsibilities

  • Serve as Redfin's primary security liaison to Rocket Companies' Information Security organization and enterprise governance forums
  • Develop deep expertise in how Redfin operates, including real estate agent workflows, customer-facing products, internal tools, AWS infrastructure, data usage, and engineering delivery
  • Translate security, compliance, and policy requirements into clear implementation guidance for engineering, product, and business teams
  • Represent Redfin's business and technology risk profile to Redfin and Rocket leadership
  • Identify gaps between enterprise security expectations and Redfin's current architecture, practices, tooling, or processes
  • Maintain visibility into material Redfin security risks, remediation plans, owners, timelines, compensating controls, and risk acceptance decisions
  • Partner with engineering teams on secure architecture, AWS security controls, identity and access management, data protection, vulnerability management, logging, incident readiness, and operational resilience
  • Participate in architecture reviews, AI adoption reviews, technology evaluations, major platform decisions, and integration planning where security risk is material
  • Communicate risk in business terms, including potential impact to customers, agents, operations, engineering delivery, regulatory exposure, public-company obligations, and company reputation
  • Streamline operating rhythms for security reviews, risk reporting, remediation tracking, policy adoption, and escalation management

Benefits

  • medical, dental, and vision benefits
  • 401K retirement plan
  • paid-time off
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service