Head of Security

Linear
Summary
Join Linear, a fully remote company building a leading issue tracking and project management tool, as our Head of Security. Lead and own security initiatives across the company, collaborating with engineering, infrastructure, and customer-facing teams. Build out the security function, hire and manage a team, and define product security vision and strategies. You will manage pentesting, compliance, and incident response, working closely with go-to-market teams. This role requires extensive experience in application and infrastructure security, secure software development, and strong communication skills. Linear offers competitive salary and equity, excellent benefits, and a supportive remote work environment.
Requirements
- 10+ years of experience in product or application security with demonstrable expertise in secure software development and infrastructure security
- Startup experience
- Strong communication skills and ability to interact with customers
- Deep understanding of threat modeling, risk management, and vulnerability assessment methodologies
- Experience with secure API development, infrastructure security, and addressing emerging security challenges
- Background in Javascript/Typescript and Node.js, and familiarity with secure coding practices
- Hands-on experience with security tools and experience integrating automated security testing into CI/CD pipelines
Responsibilities
- Own application and infra security (GCP, k8s), and drive improvements to our overall security posture and practices
- Hire and manage for security and related functions as we grow
- Define and drive the product security vision, strategies, and best practices across product and infrastructure teams
- Help build best-in-class security controls for Linearβs product
- Manage pentesting and other security and compliance related partners
- Work closely with go-to-market teams to communicate our security posture to customers
- Assess and improve the security posture of supporting infrastructure and third-party integrations
- Coordinate security incident response efforts, conduct root cause analyses, and coordinate remediation across teams
- Collaborate with operations on SOC2 compliance and vendor security audits
Preferred Qualifications
Strong AWS or GCP (preferred) experience
Benefits
- Interesting and challenging work
- Work-life balance
- Competitive salary and equity
- Employee-friendly equity terms (early exercise, extended exercise)
- Paid lunch and coffee during workdays
- Work remotely, no commuting to the office
- Paid co-working space/desk at an office
- Health, dental, and vision insurance (US)
- Regular team events and off-sites
- 5 weeks of paid vacation
- 4 months of paid parental leave