Director of Information and Data Security

Location: Santa Clara, CA (4 days onsite)
Compensation: $200,000-$240,000 OTE

Role Summary

We are seeking a Director of Information Security to lead and strengthen Eltropy’s security architecture, operational security program, IT security governance, and product security practices. This role will work closely with Engineering, DevOps and Product teams to build a scalable and resilient security foundation for a high growth SaaS Fintech.

This is a leadership role for someone who can operate strategically while also bringing strong hands-on experience across security operations, cloud and infrastructure security, product security, vulnerability management, and modern security governance. The role will lead the company’s overall security posture across internal systems and enterprise operations, while partnering with Engineering and Product teams to embed security into the design, development, and operation of our platform, including AI-enabled capabilities.

Responsibilities

• Define and enhance Eltropy’s security architecture across cloud infrastructure, identity and access, endpoint security, logging, monitoring, and data protection.
• Lead the operational security program, including incident response processes, security runbooks, monitoring, and escalation frameworks.
• Strengthen identity and access governance, including role-based access controls, privileged access management, joiner/mover/leaver processes, and periodic access reviews.
• Oversee endpoint security, asset inventory, and IT security governance across the organization.
• Lead business continuity and disaster recovery planning, readiness, and testing.
• Partner with SRE / DevOps, Engineering, and Product teams to govern product security for the SaaS platform.
• Establish and maintain a secure development framework, including secure SDLC practices, secure coding standards, threat modeling, code scanning, security reviews before release, and developer security training.
• Oversee the vulnerability management program across applications, cloud infrastructure, endpoints, and third-party dependencies.
• Manage remediation tracking for annual penetration tests and coordinate with Engineering and relevant teams on remediation efforts.
• Define and strengthen security and governance controls for internal AI tool usage and AI-enabled product capabilities.
• Develop practical guardrails for AI security, customer data privacy, and responsible use of AI technologies across internal and customer-facing environments.
• Partner cross-functionally to provide visibility to leadership on security risks, remediation priorities, and program maturity.

Required Qualifications

• 10+ years of experience in cybersecurity, information security, security engineering, or related roles, including leadership responsibility.
• Experience in a SaaS environment with responsibility across multiple security domains such as security operations, cloud security, IT security, identity and access management, or product security.
• Strong hands-on experience with incident response, vulnerability management, endpoint security, identity and access controls, and centralized logging and monitoring.
• Experience partnering with Engineering and DevOps teams to strengthen cloud and application security.
• Experience establishing or improving secure development practices, including secure SDLC, threat modeling, code scanning, and release security reviews.
• Experience coordinating remediation of security findings, including penetration test findings and vulnerability management activities.
• Demonstrated ability to lead cross-functionally and influence technical, operational, and compliance stakeholders.
• Strong written and verbal communication skills, including the ability to clearly communicate risks, priorities, and recommendations to senior leadership.
  
  

Preferred Qualifications

• Experience in fintech, regulated SaaS, or environments serving financial institutions.
• Experience working in organizations with SOC 2 or similar security and compliance frameworks.
• Experience with business continuity and disaster recovery planning and testing.
• Experience with AI security, AI governance, or security review of AI-enabled product capabilities.
• Familiarity with data protection and privacy considerations in customer-facing SaaS environments.
• Experience building or scaling security programs in a high-growth company.

 

About Eltropy

Eltropy is on a mission to disrupt the way people access financial services. Eltropy enables financial institutions to digitally engage in a secure and compliant way. Using our world-class digital communications platform, community financial institutions can improve operations, engagement, and productivity. Community Banks and Credit Unions use Eltropy to communicate with consumers via text, video, secure chat, co-browsing, screen sharing, and chatbot technology — all integrated in a single platform bolstered by AI, skill-based routing, and other contact center capabilities.

Eltropy Values

• Customers are our North Star
• No Fear – Tell the truth
• Team of Owners

Eltropy is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.