AltScore
Head of Data Protection & Security
AltScore
$60k - $120k
Americas (Remote)
Python

Head of Data Protection & Security

Overview

AltScore is seeking a highly skilled and motivated Head of Data Protection & Security to join our fast-growing SaaS company. This leadership role is responsible for ensuring the company's data security, regulatory compliance, and overall protection of sensitive information. The ideal candidate will possess a deep understanding of data security best practices, compliance frameworks, and risk management strategies. Moreover, the Head of Data Protection & Security should demonstrate a customer-centric approach, ensuring that security measures do not impede product functionality, ease of use, or hinder the sales process. This role requires a unique blend of technical expertise, strategic thinking, and business acumen. You’ll work directly with the CTO, product team, company’s legal team, and report to the COO.

Job Description

AltScore is a highly meritocratic company where employees are rewarded based on results. We believe in creating a culture of ownership and accountability, where each team member is empowered to take ownership of their work and drive their own path to success. As a fast-growing company, we offer plenty of opportunities for career growth and advancement, and we are committed to providing our team members with the support and resources they need to succeed. At AltScore, your career growth is only limited by the results you achieve, and we encourage our team members to think big and take risks in pursuit of their goals.

Responsibilities

  • - Ensure compliance with ISO, SOC 2, GDPR, Mexico, Ecuador, California and other relevant data privacy laws
  • - Collaborate with internal teams to establish data minimization practices, consent management processes
  • - Work with product team to ensure that all Altscore’s product is best-in-class from a Data Security perspective
  • - Lead and oversee audits, including SOC 1, SOC 2, and SOC 3 audits
  • - Stay updated on emerging data privacy laws and regulations
  • - Lead incident response efforts
  • - Conduct regular risk assessments and vulnerability assessments
  • - Stay informed about emerging threats, trends, and industry developments
  • - Develop and maintain documentation
  • - Understand cloud technologies and architectures
  • - Apply data security principles, including encryption, anonymization, and pseudonymization techniques
  • - Collaborate with cross-functional teams to embed security considerations
  • - Conduct thorough security assessments of new features, products, and systems
  • - Champion a culture of secure coding practices and security testing
  • - Address security issues related to database technologies
  • - Balance security requirements with customer expectations
  • - Engage with customers, understand their security concerns
  • - Collaborate with customer support and sales teams

Required Skills

  • - In-depth knowledge of data privacy and protection laws
  • - Experience as DPO in fintech or equivalent startup
  • - Experience with SOC 1, SOC 2, SOC 3 audits, and ISO 27001
  • - Familiarity with GDPR, CCPA, PIPEDA
  • - Proficiency in risk assessment methodologies
  • - Ability to develop and maintain documentation
  • - Experience in incident response and data breach notification procedures
  • - Proficiency in Python programming for data analysis
  • - Understanding of cloud technologies and architectures
  • - Knowledge of data security principles
  • - Familiarity with database technologies
  • - In-depth knowledge of data security frameworks
  • - Demonstrated experience in developing and implementing security strategies
  • - Proven track record of successfully integrating security into product development
  • - Familiarity with secure coding practices
  • - Excellent communication and interpersonal skills
  • - Strong analytical and problem-solving skills
  • - Relevant certifications such as CISSP, CISM, or CRISC

Benefits

  • - Base Salary: $5,000 - $10,000 USD per month
  • - Performance Bonus: Based on the achievement of agreed KPIs
  • - Unlimited PTO (at least 3-4 weeks per year off)
  • - Employee stock ownership plan (ESOP)
  • - Remote (Americas Hours)

About the company

Empowering LATAM, One Credit at a Time. See what our customers have to say about their improved Credit Experiences.