Thank you for checking out our careers page and for your interest in working for Truebill! Truebill is dedicated to providing the best candidate experience possible. We will only reach out to you through official channels with a truebill.com email. Please only apply to roles through our careers page: https://www.truebill.com/careers/.
Protect yourself from job scams! A reminder Truebill will never ask for any personal information until we have extended an offer from a @truebill.com verified email.
ABOUT TRUEBILL 🔮
As a Y Combinator top company, Truebill’s mission is to improve the financial health of millions by transforming the way people manage their expenses and grow their net worth. Through finding and canceling unnecessary subscriptions, lowering bills, and securing refunds, we save our members hundreds a year while helping them regain control over their finances.
We just announced a $17 million Series-C round of funding and have over 1 million users and counting. We are now looking to scale our all-star team in both San Francisco and the Washington, DC area. Come join the fun! 😃
We're looking for a Security Lead to drive all things security here at Truebill. Our users put an enormous amount of trust in us and in exchange we take pride in our dedication to security, ensuring that we're doing everything we can to protect our users' data and money. In this role, you will be taking ownership of the evolution of Truebill's security program. You will ensure top-notch security that actually works, while keeping the company productive.
ABOUT YOU 🦄
- You have experience building a security program at a tech company between 50 and 200 employees.
- You are hands-on and can work independently. You do not rely on a large security or IT team to execute on the security program.
- You are familiar with security best practices in AWS, and understand how to secure and monitor the necessary infrastructure to prevent and detect security issues.
- You understand that most standard pen testing doesn't actually guarantee much security. Similarly, you understand that certifications, such as SOC 2, do not guarantee security.
- You are able to prioritize the security roadmap by impact of a potential attack as well as likelihood of the attack.
- You have experience rolling out an SSO solution such as Okta or Rippling.
- Bonus: You have experience dealing with the security implications of storing sensitive financial information and money movement.
IN THIS ROLE, YOU WILL 🤹
- Be the primary security specialist at the company, charged with securing our cloud infrastructure as well as our endpoint devices and SaaS services.
- Make and own security policy to balance employee productivity and desired tooling, project feasibility, risk, cost, and other tradeoffs as appropriate.
- Direct a small IT team (likely 1 person to start) to ensure employee requests are dealt with in a timely manner without compromising on security. (Most IT requests revolve around SaaS provisioning and RBAC)
- Create and run programs that ensure “table stakes” security such as patching, authentication, and proper tool selection are done correctly with a high degree of reliability, clear metrics, and are robust to failure.
- Create threat models for all systems across the company, and use them to prioritize time based on risk impact.
- Obtain and maintain any compliance-related certifications such as SOC 2 Type II, PCI, ISO 27001/27002, etc.
- Maintain a clear mapping of where PII is stored, and monitor/restrict access to it as much as possible.
- Triage and investigate all security reports. Execute the Incident Response Plan if/when an incident occurs.
- Educate and train teams on security topics and skills.
WE OFFER 💫
- Health, Dental & Vision Plans
- Competitive Pay
- Matching 401k
- Unlimited PTO
Truebill, Inc. is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.