Head of Security

What you'll do

• Build and execute Tatari's security roadmap across application, infrastructure, and corporate security
• Own incident response end-to-end (detection, containment, communication, post-mortem), and serve as the Security representative to executives
• Own detection and monitoring across our AWS environment
• Run our risk management program (intake, triage, acceptance, reporting), ensuring leadership receives clear and actionable visibility into our risk posture
• Lead our Security Policy Advisory Group and develop internal policies, external-facing documentation, and security training
• Partner with Legal on our privacy program as it evolves to meet AdTech-specific obligations (CCPA and other US state privacy laws)
• Partner with Engineering teams to enable seamless integration of security best practices throughout the development lifecycle
• Own customer-facing security: questionnaires, due diligence, compliance attestations, and security review calls
• Report up to exec staff and board on posture, incidents, and program maturity
• Manage relationships with external cybersecurity vendors

Requirements

• Meaningful time leading information security teams at a high-growth SaaS company
• Strong AWS and Kubernetes security expertise (IAM, networking, data protection, and threat detection)
• Led incident response, including stakeholder communication and post-mortems
• Built or significantly scaled a security risk management program
• Track record of hiring, developing, and retaining security engineers
• Broad knowledge across application, infrastructure, and corporate security, with deep expertise in multiple areas
• Succeeded in leading security programs through SOC 2 and additional frameworks
• Hands-on use of AI in security workflows (threat detection, vulnerability management, security automation), including working knowledge of how LLMs introduce new attack surfaces
• Industry-recognized security certifications (e.g., CISSP, CISM) are a plus

Tech stack

Benefits