Information Security

Summary

Join Benevity, a B Corporation committed to purpose and profits, as an Associate Vice President (AVP) of Information Security. Reporting to the CISO, you will lead and grow the security program, overseeing Security Operations, Product and Application Security, Governance, Risk & Compliance (GRC), Fraud Operations, and Security Training & Awareness. This high-impact role involves managing a team, collaborating with various departments, and ensuring security is integrated across all operations. You will define and lead Benevity's security strategy, embed security best practices, and manage a comprehensive GRC program. As a key ambassador for trust, you will safeguard clients, users, and data while fostering a security-first culture. You will also deliver regular security updates to leadership and the Board of Directors.

Requirements

• Proven experience (10+ years) in Information Security leadership roles, with direct accountability for security operations, product security, compliance, and fraud management
• Experience leading and scaling security programs in a SaaS, fintech, or regulated environment
• Deep understanding of security frameworks, standards, and regulations (e.g., SOC 2, ISO 27001, NIST, GDPR, AML, CCPA)
• Strong technical acumen across cybersecurity domains, with the ability to balance strategic oversight and technical depth
• Demonstrated success in building high-performing teams and fostering inclusive, collaborative environments
• Exceptional communication skills, with the ability to translate complex security topics into clear, actionable insights for technical and non-technical audiences
• A strong commitment to cultivating trust with clients, customers, and partners
• Bachelor’s degree in Computer Science, Information Security, or a related field; relevant certifications (CISSP, CISM, CISA, etc.) are an asset

Responsibilities

• Define and lead Benevity’s security strategy, ensuring alignment with business objectives, client needs, and regulatory requirements
• Oversee daily security operations, including incident response, threat detection, and vulnerability management
• Embed security best practices into the software development lifecycle in close partnership with Engineering and Product teams
• Lead fraud prevention and detection efforts to safeguard the integrity of the non-profit ecosystem and ensure secure, traceable fund movements
• Manage a comprehensive GRC program covering enterprise risk, privacy, financial reporting, charitable disbursements, AML, sanctions, and regulatory compliance
• Ensure compliance with industry standards and frameworks such as SOC 2, ISO 27001, and GDPR
• Foster a security-first culture through impactful training and awareness programs across the organization
• Act as a trusted advisor to clients and internal stakeholders, ensuring transparent communication about security practices and performance
• Lead, support, and develop a high-performing, inclusive security team focused on growth and continuous learning
• Collaborate across departments to embed security and fraud prevention into product development, operations, and client engagement
• Deliver regular updates on security posture to the CISO, executive leadership, and Board of Directors

Benefits

• Innovative work
• Growth opportunities
• Caring co-workers
• And a chance to do work that fills us with a sense of purpose
• At Benevity, we embrace a flexible hybrid approach to where we work that empowers our people in a way that supports great work, strong relationships, and personal well-being