Head of Security & IT

Join to apply for the Head of Security & IT role at Jump - Advisor AI

Get AI-powered advice on this job and more exclusive features.

This range is provided by Jump - Advisor AI. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

$/yr - $/yr

Hey there! We are Jump, AI for Financial Advisors. We are growing super fast, have a culture of kindness and ownership, and we’re looking for someone who is absolutely obsessed with security to take ownership of it at Jump.

This is currently a 70/30 player/coach role where you’ll manage a small security team while helping with the work yourself. Of course, this could change as we grow.

• Manage a team of security engineers (ranging in skill from IT, GRC, Cloud Sec & App Sec)
• Provide guidance, training, and tools to developers on secure coding principles, common vulnerabilities, and secure design patterns.
• Analyze, fix, and test vulnerabilities.
• Do code reviews, audit and analyze source code for vulnerabilities.
• Monitor the security industry for new developments.
• Evaluate, recommend, and implement security tools and technologies to improve our application security posture.
• Conduct threat modeling exercises for new and existing applications and systems.
• Ensure systems and processes adhere to relevant security standards, regulations (e.g., ISO 27001, SOC 2, GDPR, HIPAA), and internal policies.
• Implement and manage security controls for cloud environments (e.g., AWS, GCP), including identity and access management (IAM), network security, and data protection.
• Maintain comprehensive documentation for security processes, tools, and configurations.

• SOC 2 Type II report continues to be delivered with zero high‑risk exceptions.
• Mean‑time‑to‑detect (MTTD) < 15 min and mean‑time‑to‑resolve (MTTR) < 2 hrs for priority‑1 security events.
• ≥ 90 % of employees complete annual security training and phishing tests.
• Security is a documented, automated part of CI/CD (build fails on critical vulns).
• Our largest enterprise customers cite security as a strength in renewals.
• Our sales team loves working with you because you kick butt in sales calls and help us close deals.

• Have 5+ years hands‑on security engineering in cloud‑native (AWS/GCP/Azure) product environments.
• Can demonstrate end‑to‑end ownership of at least one compliance framework (SOC 2, ISO 27001, HIPAA, PCI DSS, etc.).
• Are fluent in modern Dev Sec Ops  tooling (Terraform, Kubernetes, Git Hub Actions, OIDC/OAuth).
• Write code well enough to build internal tooling or fix a critical bug (we use Elixir & Terraform).
• Communicate complex risks in plain language to engineers, execs, and customers.
• Are comfortable being a “team of one” at first and progressively hiring/mentoring teammates.

Nice‑to‑haves: experience with multi‑tenant data isolation, SAML/SCIM integrations, or selling to regulated industries (Fin Tech, Health Tech, Gov Tech).

Base salary (USD) $220 k – $270 k

Benefits Health/dental/vision, 401k (no match yet) Time‑off Flexible PTO with manager approval Gear Top‑spec laptop, stipend for home office/security hardware Learning $2,000 annual training/certifications budget

• 30m interview — Where we can answer your questions about the role
• Longer interview (60 min) — with CTO
• Paid Trial — Come work with us for a few days on site. Help with DDQs, go to lunch, etc.
• 5 reference checks
• Offer

Director

Full-time

Other, Information Technology, and Management

Software Development