Senior Cybersecurity Lead

Summary

Join Waterplan, a Series A Y Combinator-backed Climate Tech startup, as a Senior Cybersecurity Lead. You will lead the implementation of our information security program, ensuring the confidentiality, integrity, and availability of our platform and data. This key role involves developing and maintaining a comprehensive security strategy, managing risks, leading incident response, and fostering a security-aware culture. You will also contribute to IT responsibilities as needed. The ideal candidate possesses strong entrepreneurial experience, information security expertise, and leadership skills. Waterplan offers a remote working environment with unlimited PTO and a commitment to diversity and inclusion.

Requirements

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field
• A minimum of 3 years of experience in information security, preferably within the SaaS or B2B technology sector
• Proven entrepreneurial experience, with a demonstrated ability to navigate and contribute to the growth of a startup or early-stage company
• Strong knowledge of information security principles, risk management, and regulatory compliance requirements, including data privacy laws and industry-specific regulations
• Demonstrated ability to effectively communicate complex security concepts to both technical and non-technical audiences at all organizational levels
• Strong leadership skills, with a track record of building and managing high-performing teams in a fast-paced, dynamic environment
• Willingness and ability to take on IT responsibilities, with a solid understanding of IT management, infrastructure, and strategy
• Advanced English is required for this position
• Be located in Buenos Aires, Argentina

Responsibilities

• Develop, implement, and maintain a comprehensive information security strategy, aligning it with the organization's strategic objectives and risk appetite
• Establish and oversee an effective security governance framework, ensuring compliance with industry standards, laws, and regulations applicable to our SaaS platform and customer base (e.g., GDPR, CCPA, ISO 27001, SOC 2)
• Identify, assess, and manage information security risks, reporting to executive management and the board of directors on a regular basis
• Lead incident response planning and execution, collaborating with relevant stakeholders to ensure timely and effective resolution of security incidents
• Foster a security-aware culture within the organization by developing and delivering relevant training, communications, and awareness programs for all employees
• Manage relationships with external security partners and vendors, evaluating their performance and aligning their services with our security objectives
• Regularly assess and report on the effectiveness of the information security program, adapting and improving it as necessary to respond to changes in the threat landscape, technology, and business requirements
• Assume IT responsibilities, including physical devices management, infrastructure management, IT budgeting, and strategic IT planning, as needed to support the organization's growth and success

Preferred Qualifications

• Master's degree or relevant certifications (CISSP, CISM, etc.)
• Experience in an early-stage startup environment, with the ability to scale security programs as the company grows
• Familiarity with cloud security best practices and experience securing cloud-based infrastructure and applications (e.g., AWS, Azure, GCP)
• In-depth knowledge of cloud-based SaaS security architecture, API security, and secure software development practices

Benefits

• Remote working environment
• Unlimited PTO