Head of Information Security
Getting together with real people in real life makes powerful things happen. Side hustles become careers, ideas become movements, and chance encounters become lifelong connections. Meetup brings people together to create thriving communities. Show up. Change lives.
Meetup’s mission is to help people grow and achieve their goals through human connections. We truly believe that we are stronger when we live this mission together. This influences how we approach software engineering in a very particular way:
- We embrace social coding practices. If you like pairing, mobbing, trunk-based and test-driven development, Meetup is for you.
- We think that remote is the future of development, and we want to work with you wherever you live. We’re building a remote-friendly culture that’s positive, close-knit, and helps us build on our mission of connecting people around the world.
- We’re passionate about making engineering choices that lead to faster feedback loops, including continuous-review security.
- We build full-stack teams, and love it when people pick up new skills along the journey; we’re committed to a vision of Meetup as a place where people explore cross-disciplinary software challenges in every part of our codebase.
- We write new code almost exclusively in serverless technologies like AWS Lambda and strive to ensure that our platform serves our engineers, not the other way around.
As the Head of Information Security, you will anchor Meetup’s capability in this area, help us build trust in the platform, and enable tight-knit, cross-disciplinary teams to ship effective, secure, safe software.
What you’ll be doing:
- Define and drive the overall information security strategy and roadmap for the company. Provide high-level security guidance and leadership to our executive team, engineering leadership, and delivery teams.
- Create a culture of continual improvement on information security from the ground up. Facilitate and guide blameless postmortems and work with teams to build security into the fabric of the code we create.
- Help us build and maintain a stellar reputation with our users for information privacy, security, spam prevention, and account integrity.
- Ensure ongoing compliance with applicable laws and regulations, in coordination with in-house counsel, and establish the policies, procedures, tools, configurations, training, and audits that comprise the program.
- Create, validate and execute information security policies, standards, and procedures with a mix of good governance and high-trust cross-team collaboration.
- Coordinate and track all information technology and security-related audits, including scope of audits, timelines, auditing agencies, and outcomes. Work with outside consultants as appropriate for independent security audits and penetration testing.
- Ensure that security policies and procedures are regularly communicated to all staff.
- Continuously update the organization’s security strategy to leverage new technology or adapt to new and emerging threats.
You're our ideal team member if you have:
- 8-10 years or experience in a technology environment, ideally with hands-on experience in a software engineering role and with consumer-facing systems and services, with 5-7 years of experience in security roles. Startup experience a plus.
- Exposure to both containerization/cluster strategies and serverless architectures, and in security architecture for both applications and infrastructure, including system-level architecture, threat modeling, security assessments, and technical security controls.
- The ability to distill requirements from non-technical staff, build working relations across teams, craft roadmaps and work with leadership stakeholders to continually re-plan and reprioritize.
- A high degree of personal integrity, with the ability to handle confidential and otherwise sensitive matters professionally.
- Have knowledge and experience in evolutionary architecture and patterns for resilient distributed systems.
Our teams use Typescript, Java, and Scala in the backend, Kotlin and Swift on mobile, Gatsby on the web, and write APIs in GraphQL and REST. Knowledge of these technologies isn’t necessary as long as you’re excited to learn about them.
Our team is bold, supportive, and passionate about bringing people together in real life to create community for everyone. We care about moving fast, real-world change, and building diverse, dynamic teams. You in?