Contact Us Log In

Director of Security

New York City, NY or Lincoln, NE

CardFlight is seeking a Director of Security to join our Lincoln or NYC office!

As our Director of Security, you will be responsible for the safety of billions of dollars of small business payments every year. You will work with our software development and DevOps teams to ensure our products continue to be among the most secure in the industry. In addition, you will work on compliance-related projects, privacy controls, education, and penetration testing of our own infrastructure.

The Director of Security will report to the Chief Technology Officer, and will work closely with the existing security leadership of the company to maintain CardFlight’s overall security posture.

What You’ll Do

Monitor Security Threats (40%)

  • Monitor security of all computing devices and production infrastructure
  • Maintain security of offices, laptops, cell phones, and other endpoints
  • Review security incidents and respond where necessary
  • Detect and actively defend against cyberattacks

Penetration Testing (20%)

  • Perform internal penetration testing
  • Review penetration tests from external security vendors
  • Analyze results and work internally to resolve issues

Security Education & Awareness (15%)

  • Evangelize CardFlight’s security curriculum to regularly educate the team on vulnerabilities and risks
  • Recommend and implement improvements to software development processes and methodologies
  • Monitor and ingest industry emerging trends and best practices

Compliance Alignment (25%)

  • Review and ensure compliance with clients’ need and contracts
  • Lead CardFlight’s PCI audit and compliance efforts
  • Track industry evolution of security standards

What You’ll Bring to the Table

  • At least 5 years of professional IT or software experience
  • At least 3 years of security experience
  • Experience with AWS or other cloud security management
  • Experience with a security standard (PCI, HIPAA, etc)
  • Experience with Linux-based Operating Systems

Nice to Haves

  • A history of working with both network and hosted based detection and response technologies
  • Experience leading successful Level 1 PCI DSS audits
  • Professional penetration testing experience
  • 8 years of professional IT experience, 5 years of security experience.
Apply for this position

Other available positions

Mobile Developer

Mobile Developer

Developer

Learn More

Senior Mobile Engineer

Senior Mobile Engineer

Developer

Learn More

DevOps Engineer

DevOps Engineer

Engineering

Learn More

Android Developer

Android Developer

Developer

Learn More