BUILD WHERE YOU'RE STRONGEST

All of our portfolio companies are hiring. We’d love to help facilitate a match.

Director, Security Engineering

Greenlight

Greenlight

Operations
Bengaluru, Karnataka, India
Posted on Thursday, May 23, 2024
Greenlight is the leading family fintech company on a mission to help parents raise financially smart kids. We proudly serve more than 6.5 million parents and kids with our award-winning banking app for families. With Greenlight, parents can automate allowance, manage chores, set flexible spend controls, and invest for their family’s future. Kids and teens learn to earn, save, spend wisely, and invest.
At Greenlight, we believe every child should have the opportunity to become financially healthy and happy. It’s no small task, and that’s why we leap out of bed every morning to come to work. Because creating a better, brighter future for the next generation depends on it.
Greenlight is seeking a highly motivated and experienced Director of Security Engineering with an application security focus to lead a team responsible for designing, implementing, and maintaining security solutions to protect our organization's systems, networks, and applications. You will collaborate with cross-functional teams, including product development, IT operations, and compliance, to ensure that security is integrated throughout the software development lifecycle and infrastructure architecture.
This role will functionally report to the SVP, Chief Security & Trust Officer

What you will be doing:

  • Develop and execute the strategic vision for security engineering in India, aligning with global security objectives and business goals.
  • Provide leadership and guidance to the security team in India, fostering a culture of innovation, collaboration, and excellence.
  • Lead the design and architecture of security solutions for our products, systems, and infrastructure in India, ensuring they meet security requirements and industry best practices.
  • Define security standards, patterns, and frameworks to guide the development of secure software and systems.
  • Establish and maintain a Secure Development Lifecycle (SDL) process for our software development teams in India, integrating security into all phases of the development process.
  • Provide training and support to development teams on secure coding practices, security testing tools, and vulnerability management.
  • Identify, evaluate, and deploy security tools and technologies to automate security processes, enhance detection and response capabilities, and improve overall security posture.
  • Drive the adoption of DevSecOps practices and toolchains to enable continuous integration and delivery of secure software.
  • Conduct threat modelling exercises and risk assessments for our products, infrastructure & corporate environments, identifying potential security threats and vulnerabilities.
  • Work with cross-functional teams to prioritize and address security risks through proactive mitigation and remediation efforts.
  • Develop and maintain incident response plans and procedures for India aligned with the global plan, ensuring the organization is prepared to respond effectively to security incidents and breaches.
  • Lead incident response and forensic investigations, collaborating with internal teams and external partners to mitigate the impact of security incidents.
  • Ensure compliance with relevant security standards, regulations, and industry certifications applicable to India, such as ISO 27001, PCI DSS, and GDPR.
  • Coordinate with compliance and audit teams to support security audits, assessments, and certifications for India operations.
  • People management responsibilities for the IT team based out of IDC
  • Responsible for delivering IT operations and projects aligned with global IT strategy

What you bring:

  • Bachelor's or Master's degree in Computer Science, Information Security, or related field.
  • Minimum of 15 years of experience in security engineering or related roles, with at least 5 years in leadership positions.
  • Deep understanding of security principles, practices, technologies, and standards, with hands-on experience in designing and implementing security solutions.
  • Strong knowledge of software development methodologies, including Agile, Scrum, and DevOps, with expertise in integrating security into the software development lifecycle.
  • Ability to be hands on to implement security tooling, configurations & review code
  • Experience with security tooling and automation, including vulnerability scanners, SIEM systems, intrusion detection/prevention systems, and security orchestration and automation platforms.
  • Familiarity with cloud security concepts and technologies, such as AWS, Azure, or GCP, and container security solutions like Docker and Kubernetes.
  • Excellent leadership, communication, and interpersonal skills, with the ability to influence and collaborate effectively with technical and non-technical stakeholders.
  • Industry certifications such as CISSP, CISM, CSSLP, or equivalent, preferred.
  • Fluency in English; proficiency in regional languages is a plus
Who we are:
It takes a special team to aim for a never-been-done-before mission like ours. We’re looking for people who love working together because they know it makes us stronger, people who look to others and ask, “How can I help?” and then “How can we make this even better?” If you’re ready to roll up your sleeves and help parents raise a financially smart generation, apply to join our team.
Greenlight is an equal opportunity employer and will not discriminate against any employee or applicant based on age, race, color, national origin, gender, gender identity or expression, sexual orientation, religion, physical or mental disability, medical condition (including pregnancy, childbirth, or a medical condition related to pregnancy or childbirth), genetic information, marital status, veteran status, or any other characteristic protected by federal, state or local law.