TheDirector of Securitywill report to the Chief Technology Officer.

As the Director of Security, you will:

Lead and scale the security team: Directly manage, mentor, and grow emerging security leaders and engineers, including a Sr Security Engineer, Security Architect, and your existing team members.

Define and evolve security strategy: Build and mature a comprehensive security program from an early stage, aligning security initiatives with overall business and product goals.

Embed security into engineering workflows: Collaborate closely with engineering and product teams to integrate security early in system designs (such as threat and design reviews) and into CI/CD pipelines.

Govern compliance and third-party risk: Own security architecture, operations, engineering, IT compliance, and third-party risk assessment programs to satisfy regulatory and fintech expectations.

Act as a risk-management partner: Serve as a pragmatic advisor who assesses risk and provides business-enabling guardrails rather than acting as a strict gatekeeper.

Communicate across stakeholders: Effectively translate complex security concepts and major risks to non-technical stakeholders, executive leadership, and cross-functional partners.

About You:

Experienced security leader: You have successfully led, mentored, and grown small security teams within highly-regulated, growth-stage businesses.

Public company familiarity: You have likely operated within a public company environment and understand the distinct requirements that come with it.

Strong communicator & influencer: You possess a strong ability to lead through influence, build alignment, and navigate corporate organizational structures effectively.

Pragmatic risk balancer: You have a proven track record of understanding business growth needs and balancing risk mitigation with operational speed and employee experience.

Technical & architectural depth: You understand cloud-native security principles (least privilege, zero trust, segmentation), IAM controls, and practical architectural trade-offs between usability, performance, and security.

Even Better:

Fintech or Insurtech background: You bring direct experience working in growth-stage Fintech or Insurtech companies.

IPO experience: You have previously guided a security function through the process of a company going public.

Framework expertise: You possess deep familiarity and hands-on experience with frameworks and regulations such as NIST, CIS, SOX, SOC2, PCI, and CCPA/CPRA.

DevSecOps exposure: You are familiar with infrastructure-as-code (e.g., Terraform, Ansible) and embedding security automated controls into deployment pipelines.

Where:

• This role will be based in the US.

Compensation:

A little about our pay philosophy: We take pride in compensating our employees fairly and equitably. We are showcasing a range of your potential base salary based on the roles location. The successful candidate's starting pay will also be determined based on job-related qualifications, internal compensation, candidate location and budget. This range may be modified in the future.

Salary Range: $240,000 - $300,000USD.Employees are also eligible for an annual performance-based bonus and equity.

#LI-KB

Earnest believes in enabling our employees to live their best lives. We offer a variety of perks and competitive benefits, including:

• Health, Dental, & Vision benefits plus savings plans
• Mac computers + work-from-home stipend to set up your home office
• Monthly internet and phone reimbursement
• Employee Stock Purchase Plan
• Restricted Stock Units (RSUs)
• 401(k) plan to help you save for retirement plus a company match
• Robust tuition reimbursement program
• $1,000 travel perk on each Earnie-versary to anywhere in the world
• Competitive days of annual PTO
• Competitive parental leave