- San Francisco
- Date Posted
- Aug. 30, 2021
Build the world’s fastest Identity and Checkout products
Our mission is to make buying online faster, safer and easier for everyone. Fast Login and Fast Checkout enable a one-click sign-in and purchasing experience that makes it easier for people to buy and merchants to sell. The company’s products work on any browser, device or platform to deliver a consistent, stress-free purchasing experience. Fast is entirely consumer-focused and invests heavily in its users’ privacy and data security. Headquartered in San Francisco but open to a globally remote workforce, we are a founders-led, privately held company funded by Stripe, Index Ventures, Susa Ventures and other world-class investors.
We are committed to diversity and inclusion, and demonstrate our values through equitable pay, fantastic benefits, and access to all reasonable accommodations.
Fast is seeking a Chief Information Security Offer to lead global security strategy and operations for the company. You will scale the security and IT organization to meet the needs of a rapidly growing global startup, and apply deep application and infrastructure security experience to help build Fast products efficiently and securely. You will serve as a key member of the Leadership team, reporting to our co-founder.
- Manage, lead and hire a world-class Security and IT team that meets the needs of a dynamic and scaling organization
- Serve as a functional and strategic point person between the product and engineering teams, and the Fast security team.
- Provide strategic and tactical vision, and execution, focused on incident prevention, detection and response
- Guide technical development of security tools and product features in order to reduce security risk across the company
- Advise Founders, company leadership and all technical stakeholders on security issues and threats and take appropriate action in a timely manner working in a collaborative fashion
- Identify, track, and communicate detailed metrics indicating overall security risk factors
- Perform IT security risk assessments and report on ways to minimize threats
- Oversee security audits of systems, including SOC 1 & 2 certification processes and other security certification/assessments, and perform deep-dive analyses to address vulnerabilities and threat assessments.
- Monitor vulnerabilities and threats in network, host, and cloud systems
- Conduct real-time threat and impact analysis
- Maintain a current understanding of the threat landscape for the industry
- Drive security risk decisions and influence technical architecture
- Manage and develop information awareness training for the company
- 15+ years of relevant technology experience in application development security, incident response leadership, technical infrastructure security, and security compliance
- Demonstrated experience representing an organization’s information security program in presentations and discussions with customers, partners and other external parties
- Experience implementing controls and mitigating risks related to GDPR, PCI, and other information security and data privacy standards
- Experience implementing cloud security technologies, including encryption, network security, intrusion detection, and digital forensics
- Well-versed in the rapidly evolving threat landscape with a strategic mindset to mitigate threats
- Outstanding communication skills with an ability to build strong narratives to highlight the importance of security to employees internally and customers/shareholders externally, including both technical and non-technical audiences
- Fintech security experience a plus
- Benefits and Perks- Because People Matter
- Comprehensive insurance (paid 99% by the company) with no deductible, and 10 dollar copays
- Globally remote with flexible work schedules to fit your needs
- Generous paid parental/family leave for all caregivers- up to 12 weeks
- 401k with match up to 4%
- People-focused PTO that you determine- time off is there when you want it, when you need it
- Frequent inclusive events scheduled to allow everyone to express their voice (or dance skills)
- Monthly exercise and internet stipends---and snacks