Director of Security

Earnest

Director of Security at Earnest overseeing security team and strategies to empower confident financial decisions. Engage in compliance and risk management while collaborating with teams on security integration.

Posted 6/15/2026full-timeRemote • California • 🇺🇸 United StatesLead💰 $240,000 - $300,000 per yearWebsite

Tech Stack

Tools & technologies

AnsibleCloudTerraform

About the role

Key responsibilities & impact

Lead and scale the security team: Directly manage, mentor, and grow emerging security leaders and engineers, including a Sr Security Engineer, Security Architect, and your existing team members.
Define and evolve security strategy: Build and mature a comprehensive security program from an early stage, aligning security initiatives with overall business and product goals.
Embed security into engineering workflows: Collaborate closely with engineering and product teams to integrate security early in system designs (such as threat and design reviews) and into CI/CD pipelines.
Govern compliance and third-party risk: Own security architecture, operations, engineering, IT compliance, and third-party risk assessment programs to satisfy regulatory and fintech expectations.
Act as a risk-management partner: Serve as a pragmatic advisor who assesses risk and provides business-enabling guardrails rather than acting as a strict gatekeeper.
Communicate across stakeholders: Effectively translate complex security concepts and major risks to non-technical stakeholders, executive leadership, and cross-functional partners.

Requirements

What you’ll need

Experienced security leader: You have successfully led, mentored, and grown small security teams within highly-regulated, growth-stage businesses.
Public company familiarity: You have likely operated within a public company environment and understand the distinct requirements that come with it.
Strong communicator & influencer: You possess a strong ability to lead through influence, build alignment, and navigate corporate organizational structures effectively.
Pragmatic risk balancer: You have a proven track record of understanding business growth needs and balancing risk mitigation with operational speed and employee experience.
Technical & architectural depth: You understand cloud-native security principles (least privilege, zero trust, segmentation), IAM controls, and practical architectural trade-offs between usability, performance, and security.
Fintech or Insurtech background: You bring direct experience working in growth-stage Fintech or Insurtech companies (such as Upstart, SoFi, Chime, etc.).
IPO experience: You have previously guided a security function through the process of a company going public.
Framework expertise: You possess deep familiarity and hands-on experience with frameworks and regulations such as NIST, CIS, SOX, SOC2, PCI, and CCPA/CPRA.
DevSecOps exposure: You are familiar with infrastructure-as-code (e.g., Terraform, Ansible) and embedding security automated controls into deployment pipelines.

Benefits

Comp & perks

Health, Dental, & Vision benefits plus savings plans
Mac computers + work-from-home stipend to set up your home office
Monthly internet and phone reimbursement
Employee Stock Purchase Plan
Restricted Stock Units (RSUs)
401(k) plan to help you save for retirement plus a company match
Robust tuition reimbursement program
$1,000 travel perk on each Earnie-versary to anywhere in the world
Competitive days of annual PTO
Competitive parental leave

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cloud-native security principlesIAM controlsinfrastructure-as-codeTerraformAnsiblesecurity architecturerisk assessmentcompliance governanceDevSecOpssecurity program development

Soft Skills

leadershipmentoringcommunicationinfluencerisk managementcollaborationalignment buildingstakeholder engagementpragmatic decision-makingorganizational navigation