Head of Security
New York City (On-site)
Applications have closed
Brigit
Get cash fast. Build credit while saving. No credit check, no late fees, no tipping. Join over 4 million Brigit app users.Hi, we're Brigit! A holistic financial health company helping everyday Americans build a brighter financial future. With a business model that is aligned with our customers, we create transparent, fair, and simple financial products that put money back in the hands of our members, help them spend wisely, avoid unfair fees and build their credit quickly. If autonomy, ownership, and having meaningful input at the company you work for is important to you, come join our growing team!
Brigit is doing innovative and exciting work, but don’t just take our word for it, our work is being recognized by others:
Role overview
The Head of Security will be responsible for developing, implementing, and managing security strategies that protect our organization from threats. This role requires a hands-on leader with a mix of technical expertise and strategic thinking, someone who can balance the immediate needs of securing the company with long-term planning. As this is our first security hire, the ideal candidate should be comfortable working independently and scaling the security function as the company grows.
What you’ll be doing
Security Strategy Development:
Create and implement the company’s overall security strategy, covering physical, network, data, and cloud security.
Develop security policies, standards, and best practices that align with industry compliance and regulatory requirements.
Risk Management & Incident Response:
Identify potential security risks, vulnerabilities, and develop mitigation plans.
Build and maintain an incident response plan, including processes for investigation and reporting.
Lead incident management during security breaches, ensuring proper containment and remediation.
Security Infrastructure & Operations:
Implement security measures for software, hardware, and cloud-based infrastructure.
Oversee identity and access management protocols and ensure robust controls are in place.
Manage security tools and systems such as firewalls, SIEM, and intrusion detection/prevention systems.
Collaboration & Training:
Collaborate with engineering, IT, and product teams to ensure security is baked into development processes.
Conduct internal security training to promote security awareness across the company.
Engage with external partners, vendors, and third-party auditors to assess and improve security posture.
Compliance & Governance:
Ensure compliance with industry regulations such as GDPR, HIPAA, or SOC 2, depending on the company’s sector.
Maintain appropriate documentation and reporting for audits and certifications.
Growth & Leadership:
Lay the foundation for a scalable security team, including the future hiring and development of security personnel.
Serve as a trusted advisor to the leadership team on all security-related matters.
What you have
7+ years of experience in security, preferably within a fast-growing tech company or startup environment.
Strong understanding of security frameworks such as NIST, ISO 27001, or similar.
Hands-on experience with cloud infrastructure security (ideally GCP).
Proven ability to lead incident response efforts and manage risk in dynamic environments.
Experience with implementing security tools and monitoring systems.
Excellent communication and leadership skills, with the ability to work cross-functionally.
Ability to balance long-term strategic initiatives with day-to-day operational security needs.
Certifications such as CISSP, CISM, or equivalent are a plus.
Compensation
The anticipated annual base salary for this position is $170,000 - $200,000. This range does not include any other compensation components or other benefits for which an individual may be eligible. The actual base salary offered depends on a variety of factors, which may include as applicable, the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, and the location in which the applicant lives and/or from which they will be performing the job.
Our Benefits & Team
Medical, dental, and vision insurance
Equity participation
Flexible PTO Policy
401k plan
Paid Parental Leave
Physical and mental wellbeing benefits including Wellhub for access to virtual workouts and discounted gym memberships, and Headspace for covered virtual therapy sessions and unlimited on demand health support
Monthly reimbursements to use against wifi and cell phone bills
Annual reimbursement for Learning & Development
Help hard working Americans build a brighter financial future
High-growth company at an early stage
A dynamic, flexible and collaborative start-up work environment with a highly talented team
Brigit is committed to providing equal employment opportunities for all applicants and employees without regard to race, religion, color, sex, pregnancy (including breast feeding and related medical conditions), national origin, citizenship status, uniform service member status, age, genetic information, disability, or any other protected status in accordance with all applicable federal, state and local laws. We are proud to be an equal opportunity workplace.
If you require reasonable accommodation in completing an application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please email accommodations@hellobrigit.com.
Tags: Audits CISM CISSP Cloud Compliance FinTech Firewalls GCP GDPR Governance HIPAA IAM Incident response Intrusion detection ISO 27001 Monitoring NIST Risk management Security strategy SIEM SOC SOC 2 Strategy Vulnerabilities
Perks/benefits: 401(k) matching Career development Equity / stock options Flex hours Flex vacation Health care Insurance Medical leave Parental leave Startup environment Unlimited paid time off
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.