Head of Security

Merge is poised to power all B2B integrations, and in doing so, are powering data movement for some of the most secure companies in the world. Working with these powerhouses requires us to follow industry leading security practices and constantly protect ourselves.

As the Director of Security at Merge, you will manage our security programs, including infrastructure, compliance, and security automation. While you don’t need specific experience with all of the above, we’d expect you to be excited to learn and grow, and tackle any challenges that may come your way.

• →Create and drive the security roadmap
• →Manage our compliance automation programs (SOC 2, ISO 27001, HIPAA, etc.). We’ve already achieved these using Drata, and while you have a team to support you, you will take the lead.
• →Ensure all engineers and employees of Merge treat security as a core part of our practices
• →Manage our Bug Bounty Program
• →Implement security controls across Merge, from infrastructure to CI
• →Implement and run manual and automated security practices to mitigate vulnerabilities
• →Assist with security reviews, threat modeling, disaster recovery practice, and code reviews

• 4-6+ years of security engineering experience
• Ownership or leadership within areas of security at previous organizations, infosec being a plus
• An overall excitement around building a more secure engineering function and organization
• Ability to manage security programs
• Experience with and a desire to code in at least one major programming language
• A thorough understanding of networking and infrastructure, including load balancing, VPNs, Zero Trust, HTTPS, DNS, etc.
• Experience with multi-tenant cloud environments