Point is a technology and design company that transforms everyday spending into a delightful and rewarding experience. We’re re-thinking the payment experience with an emphasis on transparency, delight, and personalization.
With the best benefits of both debit and credit, Point Card earns you points on every purchase redeemable for instant cash-back. Point App works side by side with Point Card to create an elegant, easy-to-use experience.
Backed by top investors like Peter Thiel (Valar Ventures) and Y Combinator, we’re well-funded and ready to make a positive impact on people’s daily lives.
We’re looking for a Head of Information Security to join our specialized team. We have the vision and resources, and need your talent and skills.
About this role
You will develop, implement and manage Point's corporate security and privacy practice. Reporting to the General Counsel, this team member will build the foundation of risk reduction and security practices, policies, procedures, and reporting at Point. You’ll work cross functionally to advocate for security and privacy across the company with the goal of instilling trust in Point from our customers, partners, regulators, and employees.
Roles + Responsibilities
- Proactively protect the availability, integrity, and confidentiality of all customer and company data.
- Directly responsible for policies, procedures, and controls to assure compliance with applicable regulatory, legal and audit requirements as well as good business practices.
- Develop and drive implementation of near- and long-term security strategy and goals in alignment with Point's business objectives and culture.
- Prepare and present accurate and timely information in response to audits and inquiries; institute a proactive culture to align activities and measurement with internal policy and regulatory requirements.
- Oversee management of cybersecurity tools, contracts, documentation, standards, and processes to ensure an operating environment that is sound, sustainable, and compliant with company policies and requirements.
- Advocate for all company security-related issues, across Point's enterprise. Work with senior stakeholders to embed security expertise in other functions.
- Develop and drive security risk analysis, mitigation, and remediation plans. Plan for and lead security incident response and recovery efforts.
- 6+ years of security, governance, risk, and compliance within a fast growing start-up environment.
- Prior experience establishing and managing infosec and customer data policies and standards in a growing company, preferably in fintech.
- Broad knowledge of applicable regulatory rules and requirements and curiosity to expand your knowledge.
- Familiarity with relevant security and compliance frameworks, standards, and regulations (such as SOC2, NIST, COBIT, PCI, ISO270xx).
- Engineering background strongly preferred.
Bonus Points (no pun intended):
- Strong interest in the fintech space.
- Join a fast-growing brand that is building thoughtful spending products.
- Competitive salary, stock options, and 401K.
- Full health benefits (medical, dental, and vision insurance).
- Unlimited vacation policy, paid company holidays, and WFH flexible. We shut down the office at the end of the year for a winter holiday.
- Free Point Card membership + 10,000 ($100) monthly points.
- Monthly stipends on your Point Card to use for lunch, commuting, and other essentials.