Director of Security
At Ocrolus, we believe companies work best when they focus on their core business and let automation do the rest. We’re powering the digital lending ecosystem and help financial services firms make high-quality decisions with trusted data and unparalleled efficiency.
Ocrolus’ Human-in-the-Loop document automation software analyzes documents with over 99% accuracy. We're replacing legacy OCR vendors that cap out at 75-80% accuracy, and augmenting the robotic work that humans are prone to doing all too often – which can be expensive, error-prone, and slow. By empowering lenders to analyze diverse sources of financial data more efficiently, Ocrolus levels the playing field for every borrower, providing expanded access to credit at a lower cost.
We’ve raised over $100 million from blue-chip investors and are working with customers like PayPal, Brex, SoFi, Blend and Plaid. Join us as we build the future of fintech, and make an impact at an award-winning, high-growth startup that Forbes recently dubbed the “Next Billion-Dollar Startup”.
Ocrolus is a fast-growing financial technology organization with many emerging security threats and we are building a world-class security program to keep Ocrolus and our customer’s data secure. We are looking for a diverse set of security practitioners to help us design, build, and scale security at Ocrolus. We value critical thinking, creativity, data-driven and intelligence-driven approaches, and offensive experience. We believe security is a collaborative and open process, where security is a partner to help achieve business goals securely. We believe in saying “yes, and” instead of “no” when recommending security objectives. We don’t believe in using fear or penalty for enforcement of security policies and processes, and we will always provide evidence and justification for security controls.
What you’ll do
- Design, build, and run Ocrolus’ security program
- Own product security, enterprise security, and security operations for all of Ocrolus
- Build processes and technology to identify, prevent, detect, respond, and recover to security risks at Ocrolus
- Manage the people, processes, and technology that secure assets and data at Ocrolus
- Collaborate closely with Product, Engineering, Legal, Compliance, and TechOps to ensure policies, controls, and technology are correctly implemented and effective to protect Ocrolus from cybersecurity threats and attacks
- Own and improve our Data Governance, Third Party Risk Management, Physical Security, Insider Threat, and Indicators and Warnings programs
- Stay on top of the latest industry developments, products, and services. Stay informed of new breaches, security incidents, and adversary activity. Inform relevant stakeholders about emerging risks and new threat intelligence
- Build relationships with stakeholders throughout the organization
- Mentor, teach, inform, and grow Leadership, Security, Compliance, TechOps, and Legal staff
- Teach engineers secure architecture design and secure engineering and cultivate a culture of security within the engineering organization
- Help build a collaborative and enlightening world-class security team at Ocrolus
What you’ll bring
- 12-15 years of experience running, building, scaling, and maturing security programs
- Experience working directly with IT, Compliance, Legal, Finance, Engineering and Product teams
- Experience working with and reporting risks to executive leadership
- Experience working directly with customers, explaining and getting non-technical customers comfortable with security programs and controls
- Experience performing organization-wide threat models, including understanding organization-specific risks and adversaries
- Experience performing tabletop exercises and red team assessments
- Deep knowledge of security technology and processes
- Great communication, prioritization, and project management skills
We take pride in our dynamic, diverse team, unified by shared values of Ownership, Optimism, Objectivity, Humility, Urgency, and Appreciation. We love what we do and the people we do it with, which is why we welcome every individual, provide them with equal opportunity irrespective of their race, gender, gender identity, age, disability, national origin or any other legally protected rights that one has.
We look forward to hearing from you!