Director of Information Security
Information Security & Security Engineering at Klaviyo:
Klaviyo is a fast-growing and profitable startup located in the heart of downtown Boston. Our mission is to use data science to help ecommerce brands grow faster. We love taking on tough engineering problems such as building real-time analytics systems to process billions of events every day.
We believe in ownership and autonomy and look for engineers and technical leaders who are passionate about building, operating & scaling features end to end and breaking through technical challenges to have outsized impact on our customers and on Klaviyo.
Klaviyo’s most important asset is our people and we are committed to raising the bar for what it means to be a Klaviyo and to investing in and leveling up our people.
Read more about our tech and teams at https://klaviyo.tech
The Information Security team at Klaviyo is a contingent of the Site Reliability Engineering team. We are looking for a leader to build the team responsible for the practice of information security within Klaviyo into a best in class group. We expect this leader to be incredibly hands on and technical and share our passion for designing and driving to closure efficient solutions to complex security problems, while minimizing employee friction and maximizing productivity.
What you'll be doing
- Grow and lead a team of information security professionals to operate a world-class organization
- Define the best practices, processes and enforcement mechanisms for protecting Klaviyo’s business, our products, and our customer data
- Create and execute project plans to achieve desired compliance attestations and certifications
- Educate all Klaviyo employees in their responsibilities under a shared security model
- Partner with product & engineering to define and execute a security roadmap
- Partner with sales & marketing to ensure we have the appropriate collateral and processes in place to respond to relevant RFPs
- Build and operate the Klaviyo Security Operations CenterAct as Information Security’s incident commander for any declared incidents or investigations
- Represent Klaviyo publicly in conversations with key customers and in community events
- Influence the design and implementation of solutions using open-source/third party tools and automation focused on the prevention of and response to security threats
Requirements
- 8+ years of work experience in information security and security engineering, including 3+ years of proven hands-on technical management experience of software engineers and information security professionals
- Experience leading information security teams at hyper-growth SaaS technology companies
- Have led multiple organizations through achieving compliance attestations and certifications such as SOC Type II, PCI, HIPAA, etc.
- Demonstrated mastery of Amazon Web Services (AWS) security models and infrastructure patterns
- Passionate about DevSecOps and facilitating innovation and engineering velocity even as security & compliance goals are achieved
- History of growing teams of infosec professionals through both rigorous hiring as well as mentoring
- Strong hands-on technical chops including experience with programming languages such as Python, Linux systems, manipulating APIs and configuring systems using configuration management tools
Life at Klaviyo:
Klaviyo is a team of people who are crazy motivated by growth.
It’s what we help our customers do: grow their businesses by making it possible and easy for them to use their data to power better marketing.
It’s how we behave as individuals: we’re all deeply passionate about learning.
It’s how we manage our business: we have 10,000+ paying customers, we’re profitable, and we’re growing insanely fast.
And it’s what our culture is all about. Working at Klaviyo means you’ll work on things you never imagined you would; you’ll grow in ways you didn’t consider possible; and you’ll do the best work of your career with people who are just as motivated and talented as you are.
Your curiosity has led you this far, so if this sounds like your ideal place to work, apply now!
No phone calls or agency submissions, please.