Every developer has a tab open on Stack Overflow.
We are one of the most popular websites in the world - a community-based space focused on increasing productivity, decreasing cycle times, accelerating time to market, and protecting institutional knowledge.
Innovation is at the heart of everything we do. We embrace collaboration, transparency, and believe in leading with empathy; creating an environment where every Stacker knows they belong. We embrace that the unique contributions and points of view of all Stackers contribute to our success.
We are a Best Company to Work For, in addition to being recognized for Best Company Leadership, Best Company Happiness, Best Company Perks and Benefits, Best Company Work-Life Balance, Best Company Compensation, and Best Company Outlook.
We are a remote-first company with Hiring HUBs based in the US, Canada, UK, and Germany.
At Stack Overflow, our mission is to serve developers. We build products that make millions of developers’ lives better every day. Our SaaS product, Stack Overflow for Teams, allows enterprise teams across all business verticals to ask and answer questions on Stack Overflow in a private space. This puts security at the center of our company strategy, so we’re excited to hire a Senior Director of Information Security and Compliance to join our team.
This role will evolve, implement, and ensure alignment with the company's established information security strategy and compliance programs. It will require a deep understanding of the information security landscape, a passion for protecting sensitive data, and the ability to navigate complex technical and organizational challenges. The candidate will also oversee the company's compliance efforts, manage a team of security professionals, and work closely with other departments to ensure that the company's security posture remains robust and aligned with its strategic objectives.
Responsibilities:
-
Strategy Evolution: Continuously refine and update the company's information security strategy to address emerging threats and industry best practices.
-
Trusted Partner: You will ensure strong working relationships across the organization, from working with our Sales team to help customers understand our security and privacy to partnering with IT and Engineering through architecture and design reviews.
-
Implementation and alignment: Ensure that security policies, procedures, and standards are implemented effectively and aligned with the company's overall business objectives.
-
Risk assessment: Evaluate active threats in the world today, create or update our existing security policies to put us on proactive and ready footing, and be responsible for proactive responses to security incidents.
-
Compliance oversight: Oversee the company's compliance with industry standards and regulations, such as SOC 2, ISO, and GDPR.
-
Expert Advisor: Work closely and in sync with our Community Trust and Safety team to protect the integrity of our users and our systems (including gaining a deep understanding of our voting system and the means and methods used by those who would disrupt our network.) Collaborate with Trust and Safety to proactively secure the network against these adversaries
-
Security Awareness: Promote security awareness throughout the organization through training programs, education, and communication initiatives.
-
Ensuring Vendor Security & Compliance: Manage relationships with third-party vendors for compliance and InfoSec and ensure all procured software meets the company's security and compliance requirements.
Qualifications:
- Advanced degree in computer science, information security, or a related field.
- 10+ years of experience in information security, with at least five years in a leadership role.
- Strong understanding of security frameworks and standards, such as ISO 27001, NIST Cybersecurity Framework, and CIS Controls.
- Proven track record of leading and managing security teams.
- Excellent communication and interpersonal skills.
- Strong analytical and problem-solving abilities.
- Ability to navigate complex technical and organizational challenges.
- Passion for protecting sensitive data and ensuring the security of the company's systems.
What you’ll get in return:
- Competitive Base Salary
- Generous paid vacation
- Generous parental leave (16 weeks at 100% pay), family care leave, and unlimited sick days
- Equity for all employees at all levels
- Industry-leading health benefits that are applicable per country of residence for all our full-time employees
- Company-paid Life Insurance
- Home Internet stipend
- Professional allocation for your growth and development
- One-time allowance to assist with your home office setup
- Company-paid access to Calm, Bravely, LinkedIn Learning, MyAcademy and Overdrive
Stack Overflow is proud to be an equal opportunity workplace. We value diversity, inclusion, equity and belonging and these pillars are at the heart of how we work together here at Stack. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.
For individuals based in California, and other locations where required, we will consider employment qualified applicants with arrest and conviction records.