Director of Security and Compliance at Thrive Global
San Francisco, CA, US

Thrive Global is the leading behavior change technology company helping individuals and companies reach peak performance, ultimately ending the stress and burnout epidemic. We’re leading the global conversation about well-being and performance and creating tools and programs that help people go from knowing what to do to actually doing it.

As our Director of Security and Compliance, you will advocate for the protection of our users’ data; evangelize data privacy and security best practices; establish and operate global regulatory compliance programs; and direct an engineering team responsible for the technical implementation of security and privacy at Thrive. This role reports to Thrive’s Chief Technology Officer.
Who We Are Looking For
This role requires a leader who can think strategically and carry company-wide initiatives from definition through implementation. You will be the person at Thrive who is responsible for assessing the regulatory environment in which we do business—as well as the security needs of our customers—and directing the technical programs that ensure we are compliant and protected. While you won’t be programming, this role requires you to have a technical mind and experience working within a product development organization, so that you can effectively direct your team of engineers and analysts. Here are a few examples of the work you’ll be performing:

  • Lay the foundation for a strategic governance, risk management, and compliance program
  • Leading our initiative to achieve SOC 2 Type II Certification
  • Managing the Security & Compliance team of analysts and engineers
  • Tasking and collaborating with your team of Security & Compliance analysts to work through customer security audits
  • Establishing standards and workflows that ensure our product development teams are building and maintaining secure, compliant software systems
  • Working with the rest of the product development leadership to define security-related infrastructure and feature roadmap initiatives, and then directing your team to execute on those initiatives

Required Experience
  • 6+ years of combined experience working on the security of software products as an engineer or product manager, in hands-on and/or leadership roles
  • 2+ years in a management role
  • 2+ years working in cloud-based environments
  • Prior experience with AWS
  • Prior experience with B2B SaaS product development
  • Prior experience establishing and maintaining compliance with regulations or certifications such as GDPR, SOC 2 Type II, HIPAA, PCI DSS, etc.

Desired Skills
  • Proficiency with AWS
  • Experience building large-scale distributed systems, especially data pipelines and data lakes
Thrive Global’s mission is to end the stress and burnout epidemic by offering companies and individuals sustainable, science-based solutions to enhance well-being, performance, and purpose, and create a healthier relationship with technology. Recent science has shown that the pervasive belief that burnout is the price we must pay for success is a delusion. We know, instead, that when we prioritize our well-being, our decision-making, creativity, and productivity improve dramatically. Thrive Global is committed to accelerating the culture shift that allows people to reclaim their lives and move from merely surviving to thriving. 
  • ­Being part of a mission­-driven company that’s truly making a difference in the lives of people around the world ­ 
  • Ability to develop within the company and shape our growth strategy
  • A human-centric culture with a range of wellness perks and benefits
  • A competitive compensation package
  • Medical, dental and vision coverage + 401k program with company match
  • Generous paid time-off programs