Senior Director, Product Security at Credit Karma
What You'll Do
- Lead the security prevention and detection programs for the global enterprise.
- Manage the multi-year roadmap for security initiatives focusing on Network, Endpoint, Cloud, Product and Application Security.
- Identify gaps in the areas above and plan remediations.
- Partner with multiple stakeholders across the business and engineering to ensure security initiatives are aligned with business and technology strategy.
- Encourage strategic change and promote culture of proactive business transformation.
- Participate in key decision making and drive alignment.
- Gather technical recommendations from multiple subject matter experts and make informed decisions.
- Convert strategic concepts into execution while navigating business needs.
- Provide strategic architectural guidance and decision making in implementing security controls and solutions.
- Act as a key liaison representing the Cyber, AppSec and Security Engineering organizations, as well as overall engineering.
- Evangelize the security program.
- Promote the Security service catalog and ensure all teams know when and how to engage with Security.
- Develop metrics measuring program performance and present to key stakeholders.
- Present complex technical concepts to non-technical partners in order to promote value proposition of integrating security into every critical business process.
- Mentor and grow the staff reporting to you
- Coach and mentor engineers and managers to develop their technical and soft skills.
- Manage three or more experienced security leaders and their teams to provide a cohesive technical security voice and ensure all these teams are highly successful in delivering maximum value to the organization.
- Represent Credit Karma in industry events.
What We Expect
- 15+ years experience leading enterprise security architecture in the financial services and technology sectors.
- Proven track record of maturing security programs and initiatives.
- Keen understanding of multiple security concepts spanning Public Cloud, Network, Endpoint, and Application Security stacks.
- Experience successfully building security controls into a DevOps environment.
- Previous experience with public cloud and hybrid environments; Google Cloud preferred.
- Outstanding technical communication skills in multiple media, including technical design documentation, email, instant messaging, and videoconferencing, with all levels of the organization ranging from the board and CEO to individual software developers.
- Hands-on engagement in day-to-day implementation - there are no ivory towers for architects at Credit Karma.