Director of Information and Data Security jobs in United States
cer-icon
Apply on Employer Site
company-logo

Eltropy · 1 month ago

Director of Information and Data Security

positionSanta Clara, CA
timeFull-time
remoteHybrid
seniorityLead/Staff
money$200K/yr - $240K/yr

Eltropy is seeking a Director of Information and Data Security to establish and lead their IT and cybersecurity function. This role is responsible for developing foundational systems, processes, and governance across infrastructure, data protection, and compliance, while driving security maturity across the organization.

Artificial Intelligence (AI)Financial ServicesSoftware
check
Growth Opportunities
check
H1B Sponsor Likelynote
Hiring Manager
Gabriella Yang
linkedin

Responsibilities

Oversee endpoint management, asset inventory, and identity and access management (IAM)
Establish standards for device hardening, patch management, and secure configuration
Define and manage the budget for all security and IT tools, services, and human capital, ensuring cost-effectiveness and alignment with the overall security roadmap
Implement centralized visibility and control across systems and SaaS applications
Lead threat detection, vulnerability management, and incident response operations
Implement and maintain a Cloud Security Posture Management (CSPM) solution to monitor cloud infrastructure (AWS/Azure) for misconfigurations and compliance issues
Deploy and tune SIEM/XDR solutions to enhance visibility and threat detection across environments
Conduct regular penetration testing, track remediation, and drive security awareness programs
Define and enforce data protection policies covering classification, encryption, and retention
Partner with external GRC consultants to design and operationalize Eltropy’s information security and compliance framework
Translate consultant-driven recommendations into actionable internal controls, policies, and monitoring mechanisms
Manage the Third-Party Risk Management (TPRM) program, including vendor due diligence, security questionnaires, and ongoing risk monitoring
Maintain a centralized risk register and oversee remediation tracking
Own operational compliance for frameworks such as SOC 2, ISO 27001, and GDPR
Work closely with Engineering and Product teams to embed security-by-design principles in SaaS architecture and cloud deployments
Implement automated security testing (SAST/DAST) within the CI/CD pipeline to shift security left and reduce vulnerabilities early in the development lifecycle
Review architecture and third-party integrations to ensure alignment with data security and privacy standards
Establish and operationalize the company’s Incident Response Plan (IRP) and Business Continuity/Disaster Recovery (BCP/DR) framework
Conduct tabletop exercises and post-incident reviews to enhance preparedness and learning
Develop and implement a company-wide security awareness program
Partner with HR and Operations to ensure onboarding/offboarding includes security compliance and periodic training
Foster a security-first culture emphasizing accountability and vigilance across teams
Build and lead a high-performing IT and Security team, including IT administrators and cybersecurity engineers
Define structure, roles, and hiring priorities aligned with the company’s growth stage
Create a phased roadmap for security maturity, including technology adoption and process optimization

Qualification

Cybersecurity leadershipCloud security (AWS/Azure)GovernanceRiskComplianceIncident response managementSIEM/XDR deploymentVulnerability managementData protection policiesEndpoint protectionSecurity awarenessCommunicationStrategic thinkingTeam leadership

Required

Independent, self-starter with strong ownership and execution bias
Ability to prioritize and execute in a resource-constrained, fast-paced SaaS environment
Strategic thinker with operational depth; able to balance long-term maturity goals with immediate risk mitigation
Excellent communication skills with the ability to influence and align cross-functional stakeholders
Proven experience setting up IT or cybersecurity programs in a SaaS or technology environment
Strong understanding of endpoint protection, cloud infrastructure security (AWS/Azure), IAM, and network security
Experience with SIEM and/or XDR deployment and tuning for threat detection and monitoring
Familiarity with CSPM, SAST/DAST, and vulnerability management tools
Knowledge of GRC frameworks (SOC 2, ISO 27001) and translating them into practical, auditable controls

Company

Eltropy

twittertwittertwitter
company-logo
Eltropy is a Credit union and Community bank that offers voice, text messaging, secure chat, and video banking services.
dateFounded in 2013
location
Santa Clara, California, USA
people-size51-200 employees
web-link
http://www.eltropy.com

H1B Sponsorship

Eltropy has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3)
2024 (2)
2023 (1)
2022 (2)
2021 (2)
2020 (2)

Funding

Current Stage
Growth Stage
Total Funding
$25M
Key Investors
K1 Investment Management
2021-06-16Series A· $25M

Leadership Team

leader-logo
Ashish Garg
Co-founder and CEO
linkedin
leader-logo
Saahil Kamath
Head of Products (AI)

Recent News

Finovate
Cobalt Credit Union Teams Up with Eltropy to Deploy AI Voice
2026-01-07
EIN Presswire
Cobalt Credit Union Deploys Eltropy AI Voice, Achieving 83% Session Containment Rate
2026-01-05
EIN Presswire
Eltropy Named Fintech Value Creator of the Year by Curql Collective
2025-12-19
Company data provided by crunchbase