The Director of Security & Infrastructure is a hands-on technical leadership role responsible for maintaining a robust security posture and reliable infrastructure operations across Highway's technology platform.
This role owns the security of our application, AWS environment, and endpoints while ensuring the performance, scalability, and availability of our infrastructure.
You'll work closely with the VP of Engineering and senior engineering team to embed security into development practices and maintain operational excellence.
This is not a pure policy or compliance role - we need someone who can architect solutions, configure tools, and respond to incidents while also building frameworks and processes that scale with our growth.

Requirements

5-7+ years in security engineering, infrastructure operations, or similar technical roles
Hands-on AWS experience - you should be comfortable configuring security groups, IAM policies, CloudWatch, and other AWS services
Security expertise across application security, network security, and endpoint protection
Infrastructure operations background - you've managed production systems and understand reliability, monitoring, and incident response
Proven ability to balance security with business needs - you know when to say "no" and when to find pragmatic solutions
Strong communication skills - you can explain technical security concepts to non-technical stakeholders
Self-directed and comfortable with ambiguity - you can prioritize and execute without constant direction
Experience in SaaS or financial services environments (preferred)
Relevant certifications (CISSP, AWS Security Specialty, CEH, OSCP) (preferred)
Familiarity with security frameworks (NIST, OWASP) (preferred)
Experience with infrastructure-as-code (Terraform, CloudFormation) (preferred)
Background in DevSecOps practices (preferred)
Experience preparing for or maintaining security certifications (SOC 2, ISO 27001) (preferred)
Mortgage or fintech industry background (preferred)
Prior experience at a company in the 50-150 employee range (preferred)

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security engineeringinfrastructure operationsapplication securitynetwork securityendpoint protectioninfrastructure-as-codeDevSecOpsincident responsemonitoringAWS configuration

Soft Skills

strong communicationself-directedability to balance security with business needscomfortable with ambiguityprioritizationexecution

Certifications

CISSPAWS Security SpecialtyCEHOSCPSOC 2ISO 27001