Director of Engineering, Security & Privacy

Company Description
Etsy is the global marketplace for unique and creative goods. We build, power, and evolve the tools and technologies that connect millions of entrepreneurs with millions of buyers around the world. As an Etsy Inc. employee, whether a team member of Etsy, Reverb, or Depop, you will tackle unique, meaningful, and large-scale problems alongside passionate coworkers, all the while making a rewarding impact and Keeping Commerce Human.

Salary Range:

What’s the Role? 

As the Director of Security and Privacy, you will play a critical role in securing our enterprise, protecting our data, and preserving the privacy of our customers and employees. You will be responsible for driving overarching security, privacy, and compliance strategies. You’ll collaborate cross-functionally with teams such as Legal, Engineering, and Product to ensure security and privacy are integral to our culture and product development. 

This is a full-time position reporting to the Sr. Director of Security and Privacy Engineering. In addition to salary, you will also be eligible for an equity package, an annual performance bonus, and our competitive benefits that support you and your family as part of your total rewards package at Etsy. 

For this role, we are considering candidates based in the United States. Candidates living within commutable distance of Etsy’s Brooklyn Office Hub or in the San Francisco Bay Area may be the first to be considered. For candidates within commutable distance, Etsy requires in-office attendance once or twice per week depending on your proximity to the office. Etsy offers different work modes to meet the variety of needs and preferences of our team. Learn more details about our work modes and workplace safety policies here.
 

What’s this team like at Etsy?

At Etsy, we believe that code is craft, and that the work we do is part of a larger creative culture represented by the artists and designers who make Etsy such a unique marketplace. We believe that small, empowered, self-motivated teams can do big things. We measure and test our work, take advantage of our pioneering continuous deployment system, and cultivate a blameless culture based on trust and a commitment to learning. Learn more about our engineering philosophies, tools, and some of the challenges we’ve been solving on our Engineering blog: http://codeascraft.com/
 

What does the day-to-day look like?

• Lead the planning, design, and delivery of an ambitious strategy, roadmap and OKRs for aligned with business goals.

• Advise internal stakeholders on emerging risks, regulations, and industry trends.

• Foster a healthy and supportive team culture, providing coaching and mentorship. 

• Oversee compliance efforts and risk assessments and ensure timely remediation of identified issues.

• Oversee the design, implementation, and management of security tools and technologies. 

• Identify and prioritize opportunities for improving the security and privacy posture throughout the development lifecycle.

• Work closely with Engineering, Legal, Compliance, and other business units to align security and privacy initiatives with business goals. 

• Stay connected to the broader industry community, keeping up to date on trends, threats, and technology to enhance our posture.  

• Of course, this is just a sample of the kinds of work this role will require! You should assume that your role will encompass other tasks, too, and that your job duties and responsibilities may change from time to time at Etsy's discretion, or otherwise applicable with local law.

Qualities that will help you thrive in this role are:

• 10+ years in information security and relevant security/privacy domains with 6+ years in leadership roles. 

• Versed in incident response and related procedures. 

• Experience with cloud security (GCP a plus) and secure architecture frameworks.

• Familiarity with secure and privacy preserving software development practices and threat modeling.

• Excellent communication and interpersonal skills; calm under pressure 

• Exceptional attention to detail and a proactive approach to problem-solving.

• Strong leadership and stakeholder management abilities.

• Familiarity with relevant compliance standards (SOX, PCI, GDPR, CCPA, etc.) and risk management in a consumer-focused environment.

Additional Information

What's Next
If you're interested in joining the team at Etsy, please share your resume with us and feel free to include a cover letter if you'd like. As we hope you've seen already, Etsy is a place that values individuality and variety. We don't want you to be like everyone else -- we want you to be like you! So tell us what you're all about.

Our Promise
At Etsy, we believe that a diverse, equitable and inclusive workplace furthers relevance, resilience, and longevity. We encourage people from all backgrounds, ages, abilities, and experiences to apply. Etsy is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If, due to a disability, you need an accommodation during any part of the interview process, please let your recruiter know. While Etsy supports visa sponsorship, sponsorship opportunities may be limited to certain roles and skills.