Head of Security

Summary

Join Linear, a fully remote company building a leading issue tracking and project management tool, as our Head of Security. Lead and own security initiatives across the company, collaborating with engineering, infrastructure, and customer-facing teams. Build out the security function, hire and manage a team, and define product security vision and strategies. You will manage pentesting, compliance, and incident response, working closely with go-to-market teams. This role requires extensive experience in application and infrastructure security, secure software development, and strong communication skills. Linear offers competitive salary and equity, excellent benefits, and a supportive remote work environment.

Requirements

• 10+ years of experience in product or application security with demonstrable expertise in secure software development and infrastructure security
• Startup experience
• Strong communication skills and ability to interact with customers
• Deep understanding of threat modeling, risk management, and vulnerability assessment methodologies
• Experience with secure API development, infrastructure security, and addressing emerging security challenges
• Background in Javascript/Typescript and Node.js, and familiarity with secure coding practices
• Hands-on experience with security tools and experience integrating automated security testing into CI/CD pipelines

Responsibilities

• Own application and infra security (GCP, k8s), and drive improvements to our overall security posture and practices
• Hire and manage for security and related functions as we grow
• Define and drive the product security vision, strategies, and best practices across product and infrastructure teams
• Help build best-in-class security controls for Linear’s product
• Manage pentesting and other security and compliance related partners
• Work closely with go-to-market teams to communicate our security posture to customers
• Assess and improve the security posture of supporting infrastructure and third-party integrations
• Coordinate security incident response efforts, conduct root cause analyses, and coordinate remediation across teams
• Collaborate with operations on SOC2 compliance and vendor security audits

Preferred Qualifications

Strong AWS or GCP (preferred) experience

Benefits

• Interesting and challenging work
• Work-life balance
• Competitive salary and equity
• Employee-friendly equity terms (early exercise, extended exercise)
• Paid lunch and coffee during workdays
• Work remotely, no commuting to the office
• Paid co-working space/desk at an office
• Health, dental, and vision insurance (US)
• Regular team events and off-sites
• 5 weeks of paid vacation
• 4 months of paid parental leave