Back to jobs
New

Director, Corporate Security

San Francisco, California, United States

Interested in working on cutting-edge blockchain technology and creating equitable access to the global financial system? Since 2014, the mission-driven team at the Stellar Development Foundation (SDF) has helped fuel the tremendous growth of the Stellar blockchain network, an open-source platform that operates at high-scale today. Developers and companies around the world build on it, and the SDF team is expanding to support the rapidly growing and changing Stellar ecosystem.

The Stellar Development Foundation (SDF) is looking for a talented, experienced, and hands-on corporate cybersecurity professional to join our team. In this senior managerial role, you’ll be shaping and implementing SDF’s corporate IT and cybersecurity strategy. You will oversee and coordinate information technology and security efforts throughout the organization and be an advocate for necessary changes in the cybersecurity posture as they arise. You will serve as a bridge between senior executives and the operational security team.

While this role pertains to our corporate IT infrastructure, you will report to our Chief Financial Officer and work closely with senior executives to ensure consistent policy development. You will work collaboratively with internal stakeholders, senior management, and external partners to enhance SDF’s corporate security posture and progress vital mitigation strategies.  On a daily basis, you will manage a team of 2 – 3 IT security professionals, ensure the functionality of the corporate IT security team, and execute the SDF cybersecurity strategy.

In this role, you will:

  • Identify Cybersecurity Risks:
    • Maintain a comprehensive NIST CSF based cybersecurity risk management framework, ensuring alignment with relevant cybersecurity regulations and industry standards.
    • Support regular risk assessments to identify and evaluate cybersecurity threats, vulnerabilities, and potential impacts on the organization, and organize efforts to design and improve our security vulnerability management programs both proactively (audits, etc.) and reactively (patching policy, CVE tracking, etc.)
    • Ensure an accurate inventory of critical assets is maintained. 
    • Draft and review information security policies, standards and procedures. 
    • Oversee management of security reviews of third-party vendors and track surface area of risk for use of their products and integrations at SDF.
    • Work closely with the IT & engineering teams on security analyses using SIEM tools and vulnerability assessments. While improving or implementing solutions as needed.
  • Communicate Risks and Mitigation Strategies:
    • Provide detailed, actionable reports on identified risks to executive leadership and decision-makers.
    • Develop and present risk mitigation options and recommendations that align with the organization's risk appetite and strategic objectives.
    • Integrate and coordinate security and security impacting functions (e.g., IT, HR) throughout the organization.
  • Implement and Monitor Mitigations:
    • Oversee the implementation of approved cybersecurity mitigation strategies and solutions, including endpoint, cloud, and third-party security baselines.
    • Oversee the effective deployment of security tools, policies, and procedures to protect the organization’s assets and information, including resilient backup and recovery solutions. Develop roadmaps for improving and iterating on implemented security tooling and policy.
    • Continuously monitor the effectiveness of implemented controls, including via internal and/or external audits and penetration tests, and adjust strategies as necessary to address emergent risks.
  • Respond to Security Incidents 
    • Track and document security impacting changes and exceptions to security policy and controls, approve, deny or escalate as required. 
    • Work within SDF’s incident response framework and ensure postmortem follow up is completed in a timely manner. 
    • Coordinate with internal and external stakeholders to ensure comprehensive incident response and recovery plans are in place and regularly tested.

You have:

  • 10+ years of experience in enterprise IT and and corporate security 
  • A Bachelor's or Master’s degree, or equivalent experience.
  • Subject matter expert in cloud infrastructure and SaaS applications
  • Extensive experience in a senior cybersecurity and/or IT leadership roles, including coordination with cross-functional teams, and effective collaboration with various stakeholders.
  • Strong hands-on technical knowledge of cloud and enterprise platforms, security, security tools, and security architecture.
  • Operational security experience, including incident response. 
  • In-depth knowledge of cybersecurity frameworks, standards, and best practices (e.g., NIST, ISO 27001, CIS), threat analysis, and risk management.
  • Strong communication skills to convey complex security concepts to non-technical stakeholders.
  • Relevant certifications such as CISSP, CISM, or CISA.
  • Knowledge of access control and identity management systems
  • Experience with network protocols and secure network design
  • A strong track record working in a collaborative environment
  • Experience consulting with external vendors
  • Experience with MITRE, NIST, OWASP frameworks

Bonus points:

  • Experience working on open source projects
  • Master's Degree in Computer Science and/or Information Technology 
  • Participation in the crypto community
  • Experience with security solutions like SEIM tooling, Wazuh, and audit tooling
  • Experience in developing policies in collaboration with executive level roles

We offer competitive pay with a base salary range for this position of $195,000 - $235,000 depending on job-related knowledge, skills, experience, and location. In addition, we offer lumen-denominated grants along with the following perks and benefits:

USA Benefits/Perks:

  • Competitive health, dental & vision coverage with most plans covered at 100% for the employee + any dependents
  • Flexible time off + 15 company holidays including a company-wide holiday break
  • Up to 12 weeks of paid parental leave for both non-birthing and birthing parents, as well as up to 14 weeks of paid pregnancy leave for birthing parents
  • Gym reimbursement ($80 per month)
  • Life & ADD (up to $50K)
  • Short & Long term disability
  • 401K with 4% match
  • Health & Dependent Care FSA Accounts
  • Commuter benefits with $250/month employer contribution
  • Health Savings Account (HSA) with monthly employer contribution
  • Family building benefits through Kindbody
  • Wellbeing benefits (One Medical, Rightway, Headspace)
  • L&D budget of $1,500/year
  • Daily lunch and snacks in office
  • Company retreats
About Stellar
 
Stellar is more than a blockchain. Powered by a decentralized, fast, scalable, and uniquely sustainable network made for financial products and services and a thriving and passionate ecosystem that includes a non-profit organization driven by a mission, Stellar is paving the path to unlock the world’s economic potential through blockchain technology. Built with speed and low costs in mind, the Stellar network provides builders and financial institutions worldwide a platform to issue assets, and to send and convert currencies in real time creating real world utility. Founded in 2014, the Stellar Development Foundation (SDF) supports the continued development and growth of the Stellar network and also serves the ecosystem of NGOs, corporations, universities, small businesses, governments, and solo entrepreneurs building on the Stellar network through tooling, funding and strategic collaborations. Together, Stellar is where blockchain meets the real world.
 
About the Stellar Development Foundation
 
The Stellar Development Foundation (SDF) is a non-profit organization focused on working with and supporting changemakers to create equitable access to the global financial system through blockchain technology. SDF provides grants, investments, funding, and other awards to builders and organizations. SDF also develops resources and tooling on the Stellar network to help unlock real world utility. As a nonprofit foundation, SDF puts the health of the Stellar network and the Stellar ecosystem and its mission above all else.
 
We look forward to hearing from you!
 
Privacy Policy
 
By submitting your application, you are agreeing to our use and processing of your data in accordance with our Privacy Policy.
 
SDF is committed to diversity in its workforce and is proud to be an equal opportunity employer. SDF does not make hiring or employment decisions on the basis of race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other basis protected by applicable local, state or federal law.

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf

Select...

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Stellar Development Foundation’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Select...
Select...
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.