Head of Technical Security
About Greenboard
At Greenboard, we’re building the future of financial compliance. Greenboard is the unified, AI-native compliance operating system for RIAs, fintechs, private funds, hedge funds, and more. It replaces the fragmented mix of legacy tools and automates more than previously possible. By centralizing data and workflows, Greenboard helps firms reduce regulatory risk, simplify their technology stack, modernize how they run compliance, and save money.
Our founding team includes engineers who have scaled products at Amazon, Google, and multiple unicorn startups. We’re backed by Y Combinator, General Catalyst, Base10, and other top-tier investors, and have raised over $20M to date. Brand-name financial institutions already rely on Greenboard — and we’re growing fast.
About the Role
We're looking for a hands-on security engineer to own and scale our security posture as we grow. You'll be the first dedicated security hire on our engineering team, which means you'll have a direct hand in shaping how we think about security — from compliance frameworks and vendor diligence to infrastructure hardening and secure development practices.
This is a high-impact, high-autonomy role. You'll work closely with engineering, product, and business teams to make sure we're building securely, meeting the compliance bar our fintech customers expect, and staying ahead of threats as we expand internationally.
What You'll Do
Technical Security
Detect, triage, and drive remediation of vulnerabilities across the stack — infrastructure, application, and network.
Manage third-party penetration tests and coordinate internal response to findings.
Integrate security into the development lifecycle: code review guardrails, SAST/DAST tooling, dependency scanning, and developer security guidance.
Own credential and secrets management, including rotation policies, vault configuration, and access controls.
Manage infrastructure patching and hardening, working with engineering to keep systems current without disrupting delivery.
Security Compliance & Frameworks
Own our SOC 2 compliance program end-to-end, including audit preparation, evidence collection, and remediation tracking.
Maintain and mature our GDPR compliance posture, partnering with legal and product to ensure data protection requirements are met.
Lead our ISO 42001 certification efforts, establishing and maintaining the required AI management system controls.
Research and implement additional compliance frameworks as we expand into new markets, acting as the internal authority on what's required and when.
Vendor & Customer Security Diligence
Manage inbound security diligence requests that arise during client sales processes — completing questionnaires, coordinating evidence, and joining calls as needed.
Build and maintain a vendor security review process for evaluating third-party tools and services before they're adopted.
Maintain a library of up-to-date security documentation (policies, SOC 2 reports, architecture diagrams) to accelerate deal cycles.
IT & Device Security
Manage endpoint security across the company — MDM, disk encryption, OS patching, and device compliance policies.
Maintain and enforce access control policies for corporate tools and systems (SSO, MFA, least-privilege access).
What We're Looking For
3–7 years of experience in security engineering, application security, or infrastructure security roles.
Hands-on experience with SOC 2 audits and at least one other compliance framework (GDPR, ISO 27001, PCI-DSS, or similar).
Strong technical foundation — you're comfortable reading code, reviewing AWS infrastructure, and working in a CI/CD environment.
Experience with vulnerability management tooling (e.g., Snyk, Semgrep, Qualys, Burp Suite, or equivalents).
Familiarity with AWS Secrets Manager and IAM best practices.
Experience managing or coordinating third-party pentests.
Clear, low-ego communication style — you can explain a risk to an engineer and a compliance requirement to a salesperson with equal clarity.
Comfort with ambiguity and ownership. This is a build-it role, not a maintain-it role.
Nice to Have
Prior experience at a fintech or other regulated-industry startup.
Familiarity with ISO 42001 or AI governance frameworks.
Experience with MDM platforms
Background supporting international expansion from a security/compliance perspective.
Benefits
Salary range: $185,000–$300,000 + meaningful equity
401(k) with 5% company match
Medical, dental, and vision coverage
15 days PTO + 11 company holidays + flexible sick time
2 additional PTO days for each year of service (up to 10 additional days)
10 remote days per year plus additional around the holidays
Bi-annual off-sites and team retreats
Front-row seat to building the operating backbone of modern finance
Average salary estimate
If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.
Provide white-glove technical support to senior leadership at RRS Group, ensuring secure, reliable devices and flawless meeting/AV experiences across office, remote, and travel settings.
Experienced Workday Developer needed to lead integrations and reporting workstreams for Daikin Applied’s Workday platform in a hybrid/remote role supporting manufacturing HR systems.
Lead and inspire a web technologies team at Fortune Brands to deliver enterprise e-commerce and digital experiences using modern web stacks and best practices.
Support and optimize critical clinical and enterprise applications in a fast-paced healthcare IT environment, translating business needs into reliable technical solutions.
An experienced Senior Network Engineer is needed to design, maintain, and secure Kaseya's datacenter and edge network infrastructure while driving automation and operational excellence in a fully remote role.
DYOPATH is hiring a SNOC Engineer II (Security) to lead incident detection and response while improving operational reliability across security, network, systems, and cloud in a remote capacity.
AbbVie is hiring a Senior Application Security Engineer to lead implementation and integration of application security tooling and DevSecOps practices for development teams across the organization.
Saalex Corporation is hiring Field Service Engineer II to lead on-site installation, integration, and sustainment of mission-critical IT and network systems for Navy and DoD field operations.
Support Kestra’s leadership teams as an AI Enablement Intern by creating tailored training, workshops, and a prompt library to accelerate adoption of M365 Copilot and other generative AI tools.
Adoreal is hiring a hands-on Senior Manager of IT & Engineering to build the IT/security function, lead HIPAA compliance, and provide .NET technical leadership in a hybrid US-remote role with preference for candidates near Chicago, IL.
Provide Tier 1 technical support across corporate, distribution, and retail channels for Abercrombie & Fitch, resolving incidents, fulfilling requests, and helping associates use supported systems and devices.
Lead Elanco's SAP S/4HANA Settlement Management efforts by designing, implementing, and supporting Condition Contract and Settlement Management solutions that enable Pricing, Rebates, and Master Data capabilities across the business.
Crusoe is seeking a Senior Systems Engineer - IAM to lead Okta-based identity lifecycle, automation, and secure access integrations for its global technology infrastructure in San Francisco.
🔮
Hi, I'm Risa! Your AI Career Copilot
you, just ask me below!
