Security Director
Do you want to contribute to solving one of the most important issues of our generation? Join us in accelerating the transition to a water-secure world.
Waterplan is a fast-growing startup in the Climate Tech space that develops the world’s leading B2B Enterprise SaaS platform for companies to measure, respond, and report companies´ increasingly changing water risk. See our latest WEF video.
By showing companies the business case for mitigating water risk, Waterplan accelerates the transition to a world where companies are incentivized to save more water, abate the discharge of polluting effluents, conserve watersheds, and preserve shared value.
We are seeking an experienced, strategic, and hands-on Security Director with a strong entrepreneurial background to lead our information security program, ensuring the confidentiality, integrity, and availability of our platform, customer data, and internal systems.
The Security Director will be a key member of the Product team, reporting to the CPO, and will have a crucial role in shaping the company's strategy and risk management initiatives. In addition, the Security Director will be responsible for taking on IT responsibilities as needed, contributing to the overall success of the organization.
Key Responsibilities:
- Develop, implement, and maintain a comprehensive information security strategy, aligning it with the organization's strategic objectives and risk appetite.
- Establish and oversee an effective security governance framework, ensuring compliance with industry standards, laws, and regulations applicable to our SaaS platform and customer base (e.g., GDPR, CCPA, HIPAA, ISO 27001, SOC 2).
- Identify, assess, and manage information security risks, reporting to executive management and the board of directors on a regular basis.
- Lead incident response planning and execution, collaborating with relevant stakeholders to ensure timely and effective resolution of security incidents.
- Foster a security-aware culture within the organization by developing and delivering relevant training, communications, and awareness programs for all employees.
- Manage relationships with external security partners and vendors, evaluating their performance and aligning their services with our security objectives.
- Regularly assess and report on the effectiveness of the information security program, adapting and improving it as necessary to respond to changes in the threat landscape, technology, and business requirements.
- Assume IT responsibilities, including physical devices management, infrastructure management, IT budgeting, and strategic IT planning, as needed to support the organization's growth and success.
Required Qualifications:
- Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field; Master's degree or relevant certifications (CISSP, CISM, etc.) preferred.
- A minimum of 8 years of experience in information security, with at least 3 years in a leadership role, preferably within the SaaS or B2B technology sector.
- Proven entrepreneurial experience, with a demonstrated ability to navigate and contribute to the growth of a startup or early-stage company.
- Strong knowledge of information security principles, risk management, and regulatory compliance requirements, including data privacy laws and industry-specific regulations.
- Demonstrated ability to effectively communicate complex security concepts to both technical and non-technical audiences at all organizational levels.
- Strong leadership skills, with a track record of building and managing high-performing teams in a fast-paced, dynamic environment.
- Willingness and ability to take on IT responsibilities, with a solid understanding of IT management, infrastructure, and strategy.
Preferred Qualifications:
- Experience in an early-stage startup environment, with the ability to scale security programs as the company grows.
- Familiarity with cloud security best practices and experience securing cloud-based infrastructure and applications (e.g., AWS, Azure, GCP).
- In-depth knowledge of cloud-based SaaS security architecture, API security, and secure software development practices.
At Waterplan, you’ll enjoy
- Our Mission. We are building something big, you will be part of an ambitious and impactful company focused on achieving one of the major global sustainable development goals.
- Our Spirit. We are creating something that has never been done before. The entrepreneurial spirit of our team is driving a profound transformation of the water sector.
- Our Team. Our team is our most valuable asset. Waterplanners bring together three worlds: technology, water and science. They are distributed worldwide, bringing their unique perspective to solve complex water resource challenges.
- Our Values: Think Long Term, Iterative Excellence, Thoughtful Discussion, Make Others Successful.