Principal Business Information Security Officer

Rocket

$238K — $356K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • 10 years of experience in information security or related leadership roles
  • Bachelor's degree in computer science, information security, or equivalent experience
  • Experience in a Business Information Security Officer or similar role
  • Expertise in AWS-native security controls and cloud governance
  • Familiarity with AI security and emerging technology risks
  • Proven knowledge of security and compliance frameworks like NIST or ISO 27001

Responsibilities

  • Serve as Redfin's primary security liaison with Rocket Companies' Information Security team
  • Develop deep understanding of Redfin's operational processes
  • Translate security requirements into actionable guidance for teams
  • Communicate Redfin's risk profile to leadership
  • Identify security gaps in architecture and practices
  • Maintain visibility into Redfin security risks and their remediation
  • Collaborate with engineering teams on secure architecture and controls

Benefits

  • Health and well-being support for employees and families
  • Comprehensive perks and benefits for eligible team members
  • Individualized support to help employees live their best life
  • Commitment to emotional and financial well-being
Full Job Description
As the Principal Business Information Security Officer, you will translate enterprise security requirements into practical guidance that reflects how Redfin operates-from real estate agent workflows to AWS infrastructure to emerging AI use cases. This senior individual contributor role requires strong security judgment, technical credibility, business acumen, and the ability to communicate complex risk to executives. As the BISO, you will help leadership understand Redfin's risk profile while helping teams implement security controls that work within their actual business context.

About the role

  • Serve as Redfin's primary security liaison to Rocket Companies' Information Security organization and enterprise governance forums
  • Develop deep expertise in how Redfin operates, including real estate agent workflows, customer-facing products, internal tools, AWS infrastructure, data usage, and engineering delivery
  • Translate security, compliance, and policy requirements into clear implementation guidance for engineering, product, and business teams
  • Represent Redfin's business and technology risk profile to Redfin and Rocket leadership
  • Identify gaps between enterprise security expectations and Redfin's current architecture, practices, tooling, or processes
  • Maintain visibility into material Redfin security risks, remediation plans, owners, timelines, compensating controls, and risk acceptance decisions
  • Partner with engineering teams on secure architecture, AWS security controls, identity and access management, data protection, vulnerability management, logging, incident readiness, and operational resilience
  • Participate in architecture reviews, AI adoption reviews, technology evaluations, major platform decisions, and integration planning where security risk is material
  • Communicate risk in business terms, including potential impact to customers, agents, operations, engineering delivery, regulatory exposure, public-company obligations, and company reputation
  • Streamline operating rhythms for security reviews, risk reporting, remediation tracking, policy adoption, and escalation management


About you

Minimum qualifications
  • 10 years of experience in information security, security architecture, cloud security, technology risk management, compliance, or related technical leadership roles
  • Bachelor's degree in computer science, information security, cybersecurity, business administration, or related field (or equivalent professional experience)


Preferred qualifications
  • Experience as a Business Information Security Officer (BISO), security business partner, principal security architect, security risk leader, or similar embedded security leadership role
  • Experience in a publicly traded company, regulated environment, consumer technology, fintech, mortgage, real estate, or other data-sensitive business
  • Deep familiarity with AWS-native security controls, cloud governance, infrastructure security, and modern software engineering practices
  • Experience supporting enterprise integrations, mergers, acquisitions, or subsidiary operating models
  • Familiarity with AI security, responsible AI governance, data governance, privacy, and emerging technology risk
  • Familiarity with common security and compliance frameworks such as NIST, ISO 27001, SOC 2, SOX, PCI, or similar


What you'll get

Our team members fuel our strategy, innovation and growth, so we ensure the health and well-being of not just you, but your family, too! We go above and beyond to give you the support you need on an individual level and offer all sorts of ways to help you live your best life. We are proud to offer eligible team members perks and health benefits that will help you have peace of mind. Simply put: We've got your back. Check out our full list of Benefits and Perks.

This job description is an outline of the primary responsibilities of this position and may be modified at the discretion of the company at any time.

Similar Jobs

More Jobs at Rocket

More Information Technology Jobs

Find similar Principal Business Information Security Officer jobs: