Upstart is a leading AI lending platform partnering with banks to expand access to affordable credit. As we transitioned to being a public company, we’re now poised to leverage our domain expertise and revolutionize every aspect of lending and credit risk evaluation. We’ve recently expanded our offerings to include automobile refinancing and we plan to take on more verticals as the business grows.
By leveraging Upstart's AI platform, Upstart-powered banks can have higher approval rates and lower loss rates, while simultaneously delivering the exceptional digital-first lending experience their customers demand. Upstart's patent-pending platform is the first to receive a no-action letter from the Consumer Financial Protection Bureau related to fair lending. Upstart is based in San Mateo, California and Columbus, Ohio.
Most Upstarters join us because they connect with our mission of enabling access to effortless credit based on true risk. If you are energized by the impact you can make at Upstart, we’d love to hear from you!
We’re looking for a Senior Manager to join our growing Information Security team. Your primary function will be to work with Upstart’s engineering and product management teams to ensure that our product platform is secure, safe and reliable. As a strategic leader, you will have direct responsibility for Corporate & Network Security, Product Security and Infrastructure Security and support Upstart’s hyper growth while guarding the platform and its assets, people and processes.
You’ll have the latitude to touch every aspect of our security strategies, with the opportunity to specialize as the team grows. As one of the key resources on the Security team, you will have significant influence over the design of Upstart's Security program. This role will report directly to our Chief Information Security Officer.
Position Location - This role is available in the following locations: San Mateo, Columbus, Remote
Time Zone Requirements - This team operates across all US time zones.
Travel Requirements - This team has regular on-site collaboration sessions. These occur 3 days per Quarter at alternating offices. If you need to travel to make these meetups, Upstart will cover all travel related expenses.
How you’ll make an impact:
- Inform and oversee the development and execution of a comprehensive strategy for application, infrastructure and corporate security
- Ensure that security resources and practices align to business needs, priorities and requirements
- Evangelize the product security roadmap and seek alignment with stakeholders
- Manage and report on security engineering KPIs and metrics
- Help identify Upstart’s internal and external attack surface in a dynamic environment
- Lead a high performing staff of security professionals
- Work closely with our engineering and data science teams to securely design and implement new products and features
- Set up a regular vulnerability scanning tools and manage remediation of identified issues
- Assess the threat model for cloud native infrastructures and applications
- Establish and mature the secure software development lifecycle
- Design and implement automated controls and tools that maximize security impact
- Operate as an integral member of the engineering team and advocate for security best practices across the organization
- Work with engineering and operations teams to secure production environments and maintain security of our products in development and production environments
What we’re looking for:
- Demonstrable track record as an influential leader, delivering security solutions with multiple stakeholder groups
- Extensive security engineering background, with experience and knowledge in infrastructure security concepts, web application security, encryption, penetration/vulnerability tools and endpoint security
- Understanding of Information Security policies, procedures, privacy rules & regulations
- Experience managing multiple and simultaneous, significant information security initiatives and programs
- 10+ years of experience in a high-security environment, at least 5 years in a management capacity
- Leadership experience managing geographically dispersed teams
- MS degree or equivalent knowledge
- Certification in IT or cybersecurity (e.g. CISSP, CISM, GSLC, OSCE)
- Experience conducting infrastructure security audits, penetration tests, and periodic access reviews to applications and infrastructure
- AWS, K8s and CI/CD pipeline experience
- Contributions to the security industry (e.g. Whitepaper, OSS projects, Patents)
What you’ll love:
- Competitive Compensation (base + bonus & equity)
- Comprehensive medical, dental, and vision coverage
- Personal Development and Technology & Ergonomic Budgets
- Life insurance and disability benefits
- Clubs and Activities (Game Nights, Fitstarters, Superwomen, Book Club, Investing Club, Money Discussions, Photography Club and Basketball teams)
- Generous vacation policy
- Catered lunches + snacks & drinks
Upstart is a proud Equal Opportunity Employer. We are dedicated to ensuring that underrepresented classes receive better access to affordable credit, and are just as committed to embracing diversity and inclusion in our hiring practices. We celebrate all cultures, backgrounds, perspectives, and experiences, and know that we can only become better together.