Director of Information Security

Added Apr 05 from StackOverflow Careers

Job Details:

At Stack Overflow, our mission is to serve developers. Whether we’re helping developers get answers to their questions or find new jobs, we build products that make millions of developers’ lives better every day. Our newest product, Stack Overflow for Teams, allows teams to ask and answer questions on Stack Overflow in a private space. This puts security at the center of our company strategy.


As our first Director of Information Security, your job is to design, implement, and monitor a security program that keeps our customers’ information safe. You’ll work directly with the CTO to evaluate risk and make decisions that will drive the business forward. You’ll build relationships across the company and work collaboratively, combining your security expertise with our experienced teams to rapidly roll out new security mechanisms and controls. And you’ll interface with our clients, to give them absolute confidence that their data is safe with us.


What you’ll do:



  • Design, implement and manage our overall information security program

  • Collaborate with devs and site reliability engineers to identify threats and design technical controls

  • Create and run security training programs for a variety of teams across the organization

  • Maintain documentation of security controls and respond to inquiries from clients, regulators (including on GDPR), and other third-parties

  • Work towards a goal of SOC 2 type II certification


What we're looking for:



  • 5+ years of hands-on experience in information security

  • 3+ years in a leadership role within information security, with a demonstrated ability to break down large problems and get things done

  • Knowledgeable on a broad range of threats and security topics including secure software development practices, networking, encryption, cloud security, etc.

  • Experience working in a technology company with fast-moving software development teams

  • Experience implementing security compliance frameworks and processes such as ISO 27001/2, NIST, and SOC II

  • Ability to work cross-team and communicate effectively with people from a variety of different backgrounds and different levels of security awareness

  • Certifications (preferred): CISSP, CISM, CISA or CRISC


What you’ll get in return:



  • Ability to work remotely, with flexible hours

  • 20 days paid vacation + holidays

  • Completely free health insurance - no copay, no premiums (US residents)

  • Generous parental leave (10-16 weeks at 100% pay), family care leave, and unlimited sick days

  • Employees will never be poked with a sharp stick


If you want to work remote…. We’ll help you set up a great home office, with an ergonomic chair, standing desk, and any other equipment you need to do your job.


If you want to work in our office… You’ll get your own private office in our headquarters in New York City, and enjoy additional benefits like free lunch every day prepared by our own in-house chefs, transportation reimbursement, and all the espresso you can drink.



Stack Overflow is the largest, most trusted online community for developers to learn, share their knowledge, and build their careers. More than 50 million professional and aspiring programmers visit Stack Overflow each month to help solve coding problems, develop new skills, and find job opportunities.


We partner with businesses to help them understand, hire, engage, and enable the world's developers. Our products and services are focused on developer marketing, technical recruiting, market research, and enterprise knowledge sharing.


We believe in hiring smart people and getting out of their way. We have an office in New York with some of the best amenities of any New York startup, and we have people who work remotely all over the world.  We keep meetings and ceremony to an absolute minimum.


Diverse teams build better products.


Legally, we need you to know this: 
Stack Exchange, Inc. does not discriminate in employment matters on the basis of race, color, religion, gender identity or expression, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, disability, or any other protected class. We support workplace diversity. 

But we want to add this:
We strongly believe that diversity of experience contributes to a broader collective perspective that will consistently lead to a better company and better products. We are working hard to increase the diversity of our team wherever we can and we actively encourage everyone to consider becoming a part of it.

So, Not Remote? Let us know!