Director, Information Security Engineering
Director of Information Security Engineering
FabFitFun is seeking an experienced Director of Information Security Engineering to drive the evolution of our Security and IT organizations. The Director of Information Security Engineering will be comfortable working with technical teams (Engineering, IT and Information Security), as well as Legal, Finance and Business stakeholder teams. You must also be comfortable with collaborating across different time zones (FabFitFun HQ is in Los Angeles with an engineering presence in Dublin/Ireland, Buenos Aires/Argentina and Vietnam). Additionally, this role will have occasional (up to 15%) travel to Dublin- Ireland, Vietnam, Buenos Aires or domestically across the United States
What You’ll Do:
- You will lead and manage a growing security organization focused on building a strong Application Security foundation. You will be responsible for shaping the architecture, development and deployment of application security tools and technologies to protect FFF's platform and infrastructure particularly against emergent threats in the e-commerce space such as fraud, credit card skimming and bot-scraping/automated attacks.
- Design, develop and deliver application security strategy, throughout the CI/CD lifecycle, moving FFF towards true DevSecOps as we fully mature to a DevOps model. Working with the product teams, ensure that application security risks are effectively identified using market leading tools (SAST, DAST, SCA, etc) and appropriately addressed while maintaining a balance between security & usability.
- Coaching and mentoring FFF’s talented engineers by giving them actionable feedback, setting clear goals, and coordinating project work with other teams and managers. Participate in recruiting, developing, and inspiring individual contributors and managers to take a security-first mindset. Delivering high-quality, impactful projects in record time with thoughtful planning. Applying technical leadership and expertise to both your team and across engineering.
- Counsel on and validate technical designs and architectural decisions as a member of the FFF Architecture Review Board. Influence the FFF product roadmap by being the voice of Security. Contribute back to the Cybersecurity industry and engage in vendor partnerships by serving on Customer Advisory Boards, reviewing and drafting technical industry papers and documenting security-related Intellectual Property on behalf of FFF.
Who You Are:
- 7+ years of technical information security experience with 2+ years experience leading engineering or technical functions as a people manager
- Demonstrated ability to work across disciplines with product, engineering, research, and other business counterparts.
- Experience communicating technical concepts to a non-technical audience.
- Prior working experience in a Software Development Team, especially within a PCI environment.
- Experience interpreting and communicating data in multiple formats.
- Demonstrable teamwork skills and resourcefulness.
- Security architecture experience within an Internet-scale, e-commerce environment.
- Deep technical depth across secure software engineering, internet-scale architecture, encryption, tokenization, authentication, authorization, devops, devsecops and e-commerce frameworks and topics.
- Hands-on experience securing source code and CI/CD pipelines.
- Expertise securing infrastructure in a public-cloud environment such as AWS, including experience securing Kubernetes clusters.
- Ability to quickly and accurately arrive at workable technical solutions to complex, high-stakes problems.
What You’ll Get:
- Competitive Salary + equity + 401k match + flexible vacation policy
- Amazing benefits including medical, dental, vision, FSA
- Daily impact on one of the fastest growing companies in the U.S. that is revolutionizing e-commerce
- Monthly cell phone reimbursement
- Monthly work from home stipend while the company is temporarily remote
- Free FabFitFun subscription and quarterly credit in the Add-Ons store
- A positive, friendly learning work environment where we invest in you and your career including leadership/mentoring programs and management training