Recurly is a leading enterprise subscription billing platform that serves companies of all sizes, including some of the largest Fortune 500 organizations in the world. We are seeking a Sr. Director of Information Security to lead our security and compliance teams. This role reports directly to the Chief Technology Officer. 

As the Sr. Director of Information Security you will lead Recurly’s information security and compliance programs. You will be responsible for managing and growing the information security and compliance teams with multiple direct reports. Lead those teams to success with a management style that enables flexibility and ownership. In this role you will also work with many other Recurly teams and executives. Communication to your peers and the executive team will be critical. Experience in managing multiple technical projects at once and the ability to prioritize those tasks in a project is a must. There will also be a customer facing element so experience in dealing with large Fortune 500 security, sales and compliance teams is a must. 

Technology/Services You Will Use:

Cloud Providers (Google/Amazon), Container Security (Aqua/Twistlock), WAF, Next Generation-Firewalls, Vulnerability Scanners, EDR, Bug Bounty Software, Containers, Terraform, Salt, Jenkins, Git, Splunk, ELK, Kubernetes, etc. 

Responsibilities:

• Serve as a member of the Recurly’s CTO Technology Leader to develop and implement the overall information security technology strategy that is well aligned with and effectively enables the business strategy and operational goals of the organization
• Create and implement the overall information security product roadmap in support of the business goals
• Work closely with operational leadership to actively manage all information security capital investments through ongoing technology investment strategic planning, ongoing investment forecasting/variance reporting, and annual submission and business justification for authorization of required capital budget needs
• Responsible for the overall security of Recurly’s technology assets and ensures predictable performance of the assets through accountability models leveraging industry leading best practices
• Provide technical and business guidance to the various teams with the development department, including product owners, managers, developers, quality assurance teams and other staff members
• Evaluate existing platforms and recommend information security technologies, including new trends in the market
• Own security incident processes – be the primary point person during any incidents and ensure associated planning/processes are maintained

Requirements:

• A minimum of 10+ years of experience in the network/security engineering and/or security areas with at least 8+ years of direct people management experience
• Experience developing processes and protocols around embedding security, privacy, and compliance into the overall development process
• Experience developing highly effective training programs around security, privacy, and compliance that are catered to different audiences (technical and non-technical)
• Strong knowledge of the financial services area (or other critical infrastructure areas) with an emphasis on network/system engineering and information security
• A track record of leading the delivery of complex, multi-faceted technology initiatives
• Experience with Advanced Persistent Threat (APT) and criminal actors and advanced knowledge of associated Tactics, Techniques and Procedures (TTP)
• Experience and familiarity working across the global cyber security community
• Demonstrated expertise and experience with advanced and 0-day threats, intrusions, malware infection, packet analysis
• Knowledge of/experience with international compliance requirements/standards (PCI,SSAE16, GDPR, CCPA) and other security regulation requirements
• Experience with privacy and PII topics within the context of SaaS platforms
• Experience working in high-paced Agile execution environments
• Degree in computer science, electrical engineering, information science, or a related technical discipline preferred

Preferences:

• Experience with Container
• Security Experience with Google/AWS Cloud
• Experience with Terraform or Infrastructure as Code

About Recurly

Recurly is an enterprise-class subscription management platform that cuts through the complexity of subscription management to optimize and automate revenue growth. Founded in 2009, Recurly uses an open platform approach to easily connect with a broad variety of back-office systems. In addition to enabling lightweight and flexible custom integrations, Recurly also has powerful out-of-the-box integrations with enterprise solutions like Salesforce, NetSuite, and Avalara to provide efficiencies through end-to-end automation of billing events throughout the customer lifecycle.

Recurly's flexible architecture, coupled with deep expertise in the payments industry is validated by the billions of dollars in transactions the company processes each year. Thousands of companies worldwide depend on Recurly to manage and optimize their rapidly-growing subscription businesses.

Offices located in San Francisco, California, Boulder, Colorado and New Orleans, LA.