Director, Security
About the Opportunity
The Director of Security will report directly to the Chief Security & Trust Officer and focus on safeguarding the company, its assets, and its platform. This role is critical in ensuring the security and integrity of Veza's assets, platform and products and maintaining customer trust. This position requires a strategic thinker with strong leadership skills and a deep understanding of the ever-evolving cybersecurity landscape.
You will:
- Product Security and Platform Integrity
- Collaborate with product and engineering teams to embed security and privacy by design principles into Veza's offerings.
- Ensure the protection of customer data and maintain a resilient customer experience.
- Conduct regular security audits and assessments of Veza's platform to identify and mitigate potential vulnerabilities.
- Drive the "Veza on Veza" initiative to showcase the company's internal use of its own products.
- Risk Management and Compliance
- Develop and implement internal security policies, procedures, and controls.
- Oversee ongoing compliance with industry standards such as SOC2 and ISO27001, and prepare for future certifications like GDPR and FedRAMP.
- Manage third-party and supply chain security risks, ensuring compliance with Veza's security standards.
- Conduct regular risk assessments, penetration testing, and manage incident response processes.
- Security Training and Awareness
- Develop and deliver comprehensive security training programs for employees, contractors, and partners.
- Foster a culture of security awareness and vigilance throughout the organization.
- Keep abreast of the latest security trends, threats, and best practices, and share insights with relevant stakeholders.
- Customer Trust and Support
- Address advanced-level security-related customer queries and concerns, providing expert guidance and solutions.
- Collaborate with the Customer Success team to ensure customer security needs are met and to build long-term trust.
- Contribute to the development of security-related content and resources for customers.
- Technology and Infrastructure Security
- Ensure the resilience and operational stability of Veza's IT systems, applications, data, and technology platforms.
- Collaborate with IT and infrastructure teams to implement and maintain robust security controls.
- Monitor and analyze security logs and events to detect and respond to potential threats.
You have:
- Education:
- Bachelor's degree in Computer Science, Cybersecurity, or a related field; Master's degree preferred.
- Experience:
- Minimum of 10 years of experience in information security, with at least 5 years in a leadership role.
- Deep understanding of security principles, frameworks, and best practices (e.g., NIST, ISO27001, OWASP).
- Strong knowledge of identity and access management, data protection, and cloud security.
- Experience with security audits, risk assessments, and compliance management.
- Excellent communication and interpersonal skills, with the ability to engage with diverse stakeholders.
- Proven track record of building and leading high-performing security teams.
- Relevant security certifications such as CISSP, CISM, or CISA are highly desirable.
Our Culture
We’re driven to build a strong company culture and are looking for individuals with solid alignment with the following:
- Ownership Mindset
- Act with Integrity
- Guardians of our Customers
- Opinionated Humility
- Build Trust, Earn Trust
At Veza, your base pay is one part of your total compensation package. For this position, the reasonably expected pay range can be discussed with your recruiter for the level at which this job has been scoped. Your base pay will depend on several factors, including your experience, qualifications, education, location, and skills. In the event that you are considered for a different level, a higher or lower pay range would apply. This position is also eligible for equity and a competitive benefits package.
Veza is proud to be an equal opportunity employer. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, or other applicable legally protected characteristics. We also consider qualified applicants according to applicable federal, state, and local laws. If a candidate with a disability requires an accommodation during the recruitment process, please email recruiting@veza.com
About Veza
Veza is the identity security company. Identity and security teams use Veza to secure identity access across SaaS apps, on-prem apps, data systems, and cloud infrastructure. Veza solves the blind spots of traditional identity tools with its unique ability to ingest and organize permissions metadata in the Veza Authorization Graph. Global enterprises like Blackstone, Wynn Resorts, and Expedia trust Veza to visualize access permissions, monitor permissions activity, automate access reviews, and remediate privilege violations. Founded in 2020, Veza is headquartered in Redwood City, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures. Visit us at veza.com and follow us on LinkedIn, Twitter, and YouTube.
Apply for this job
*
indicates a required field