Director of Security & IT Operations

The Role

Pilot is looking for a Director of Security to establish a world-class security program that protects our customers’ financial data and ensures our internal systems remain secure and resilient. As an established and growing startup that serves thousands of customers, we handle highly sensitive financial information every day to delivery a high quality service to our customers. In this role, you will set the vision, define the strategy, and lead the execution of all things security—including application security, cybersecurity detection and response, corporate IT cloud infrastructure, and business technology systems. Your work will enable a secure, seamless financial experience for our customers and employees and uphold our commitment to trust and integrity.   You’ll also collaborate closely with other executives to shape the future of security at Pilot. This is a unique opportunity to blend hands-on technical expertise with strategic leadership, building a team and culture of security from the ground up. We are looking for a passionate, experienced security leader who’s excited to jump in at all levels of the stack.   If you’re passionate about safeguarding critical financial data and excited to grow and mentor a security function in a fast-paced environment, we want to hear from you!

Key Responsibilities

• Cloud, network, and hardware security roadmap & strategy
• Develop and implement an end-to-end security roadmap that aligns with Pilot’s priorities, risk profile, and compliance needs
• AI-specific security strategy and considerations
• Cybersecurity detection & response
• Hands-on security implementation
• Oversee threat assessments, vulnerability scans, and remediation efforts across our cloud infrastructure and corporate IT systems.
• Oversee core security controls (e.g., MFA, SSO, endpoint protection, identity & access management).
• Compliance and customer trust
• Ownership over security compliance programs.
• Guidance for any necessary audits and ongoing certifications (e.g. SOC 2 Type II). 
• Partnership with legal teams to ensure we meet all regulatory and contractual security requirements. 
• Evaluation of proactive security programs such as regular penetration tests
• Security Awareness & Training
• Develop and roll out security awareness training programs to educate employees on cybersecurity best practices (phishing prevention, data handling, etc.). Provide guidance and training to developers on secure coding. Foster an environment where employees value and prioritize protecting customer data.
• Architecture & Product Security
• Work closely with product and engineering teams to embed security into product design and development. 
• IT leadership & Business Systems
• Responsible for end-to-end IT function: managing physical hardware, SaaS application configuration and IT systems engineering
• Oversight over IT systems: Okta and SaaS integrations
• Ownership and support of Pilot’s business systems needs

About You

Security Leadership Experience:

• You have 8+ years in security roles, with at least 3–5 years leading security programs or teams in a dynamic environment. Experience at a fast-growing startup or tech company is strongly preferred.

Technical Depth & Hands-On Mentality:

• You’re comfortable building and advocating for a company-wide security strategy alongside diving into the day to day work of keeping a company secure. You keep your eye on the 6-12mo plan but no work is beneath you.

Effective Communicator:

• You can explain complex security concepts to both technical and non-technical stakeholders. You excel at building trust within a company, as well as with external customers or auditors.

Team Builder

• You enjoy mentoring and coaching. You’re excited to grow and retain top-tier security talent, and you thrive on seeing others develop their skills.

Startup Mindset

• You thrive in an environment where you can move fast, adapt quickly, and create processes from scratch. You’re resourceful, autonomous, and know how to balance security best practices with business needs.

About Pilot

Pilot launched in 2017 to bring the back office into the modern era. We are on a mission to create a more open and accessible financial system by helping startups and small businesses handle one of their biggest operational hurdles—bookkeeping and the entire financial back office. We’re backed by top investors like Sequoia and Index Ventures, and we serve thousands of customers who trust us to handle their books, taxes, and CFO services with precision and care.

Why Pilot?

• We invest in our employees’ development and happiness because our employees are the keys to our success and ensuring happy customers
• The opportunity to join a seasoned founding team that has led companies through two prior successful startups and acquisitions (by Oracle and Dropbox).
• Flexible vacation/time-off policy
• All federal holidays are observed
• 100% coverage of employee only (individual) benefits
• Parental leave for birthing or non-birthing parents – 100% pay for 12 weeks
• 401(k) plan

The base pay range target for the role seniority described in this job description is $195,000 - $263,000 in San Francisco, CA. Final offer amounts depend on multiple factors such as candidate experience and expertise, geographic location, total compensation, and market data. In addition to cash pay, full-time regular positions are eligible for equity, 401(k), health benefits, and other benefits; some of these benefits may be available for part-time or temporary positions.

Pilot commits to provide a work environment free of discrimination and harassment, as well as equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. You may view all of Pilot’s recruiting notices here, including our EEO policy, recruitment agency policy, recruitment scam notice, and important E-Verify information. You may view our job candidate privacy policy here.