Director of Security & Trust

12 Minutes ago • All levels

Job Summary

Job Description

Attio is seeking a Director of Security & Trust to build and lead its security function, focusing on product and corporate security. This role involves developing a world-class product security program for a high-scale, multi-tenant SaaS platform, ensuring compliance with frameworks like ISO 27001, GDPR, and SOC2, and leading incident response. The ideal candidate will secure sensitive customer data, represent Attio externally on security topics, and recruit a leading security team.
Must have:
  • Build and lead Attio’s Security function, creating policy and implementing compliance programs.
  • Develop and execute a world-class Product Security program for the SaaS platform.
  • Lead Attio’s Corporate Security program, implementing Information Security policy.
  • Drive Attio’s compliance with security frameworks like ISO 27001, GDPR, SOC2.
  • Represent Attio externally on security topics and be a trusted security partner.
  • Lead security incident response, understanding root causes and driving resolution.
  • Experience securing Web applications, REST APIs, and cloud-native architectures.
  • Proficiency in threat modelling and finding security flaws in source code.
  • Strong coding and automation skills, especially in building security into CI/CD pipelines.
  • Full understanding of the Application Security and Data Privacy landscape in a high scale, multi-tenant SaaS context.
  • First-class incident response skills.
  • Ability to recruit, retain and develop a high-quality Information Security team.
Good to have:
  • Experience with TypeScript, Node.js, or Pulumi.
  • Experience running an Application Security program in a high scale, multi-tenant SaaS context.
  • Experience running a Corporate Security or IT Security program in a >100 person organization.
  • Experience hiring and managing a team of Security Engineers.
  • Experience of security certification and re-certification programs.
  • Project or program management experience.
  • Background in software engineering or systems administration.
Perks:
  • Equity in an early-stage tech company on an incredible trajectory.
  • 25 days holiday plus local public holidays.
  • Apple hardware.
  • Private medical insurance through AXA.
  • Pension contribution through Hargreaves Lansdown.
  • Enhanced family leave.
  • Team off-site in fun places! (e.g., Barcelona, Lisbon, Malta, Split).

Job Details

Attio is on a mission to redefine CRM for the AI era.

We’re building the first AI-native CRM — designed for the most ambitious go-to-market teams. We recently announced our $52M Series B, led by GV (Google Ventures), with support from Redpoint, Balderton, Point Nine, and 01A. Our team thrives on solving complex technical challenges, delighting our users, and setting a new standard for the industry.

About the role

Our Engineering team tackles the toughest challenges, so our users never have to. Real-time infrastructure, AI-native architecture, and a frontend that feels effortless — all powered by a team that moves fast, thinks rigorously, and holds an exceptionally high bar for quality.

We’re looking for a Director of Security & Trust who cares deeply about delivering a secure service in a high scale, multi-tenant SaaS context — and wants to help reinvent how millions of people work.

What you'll do

  • Build and lead Attio’s Security function. Create policy and best practice, implement compliance programs, and recruit and develop a recognized leading security team as the company rapidly scales.
  • Develop and execute a world-class Product Security program. Secure Attio’s large-scale SaaS platform, and the sensitive customer data on which it operates, ultimately delivering and safeguarding customer trust in the Attio brand. Ensure that Attio is at the forefront of secure software development and operational practices.
  • Lead Attio’s Corporate Security program. Create and implement Information Security policy and compliance mechanisms; select and implement appropriate security vendors and tools.
  • Drive Attio’s compliance with appropriate security frameworks and certifications, e.g. ISO 27001, GDPR, SOC2.
  • Represent Attio externally on security topics; be a trusted security partner for Attio’s customers, and participate in industry events to build brand awareness.
  • Lead security incident response; deeply understand security issues and their associated root causes and risks, create remediation plans, and drive to resolution.

What you'll bring

  • Experience securing Web applications, REST APIs, and cloud-native architectures
  • Proficiency in threat modelling and finding security flaws in source code
  • Experience with vulnerability management and supply chain security
  • Practical understanding of cryptography, key management, and data protection
  • Strong coding and automation skills, especially in building security into CI/CD pipelines
  • Experience with TypeScript, Node.js, or Pulumi is a nice to have
  • Full understanding of the Application Security and Data Privacy landscape in a high scale, multi-tenant SaaS context.
  • Appreciation of the tools and techniques used to secure SaaS applications, through prevention, detection and remediation of security issues. Understanding of how to integrate those tools into an effective, scalable, cost-efficient program that delivers a secure service and builds customer trust.
  • Understanding of the requirements of the various applicable security certifications and frameworks, and the ability to run programs which deliver compliance.
  • First-class incident response skills, through the entire incident lifecycle of detection, remediation, clean-up, and post-incident corrective action.
  • Ability to communicate Attio’s security philosophy and technical approach to a wide variety of audiences; equally at home discussing technical detail of a security issue with an engineer, and with a Fortune 500 CEO. Ability to understand and contextualize security risks to Attio, and communicate those risks actionably at board level.
  • Ability to recruit, retain and develop a high-quality Information Security team which continues to deliver for the business as Attio scales.

Nice to have’s

  • Experience of running an Application Security program in a high scale, multi-tenant SaaS context.
  • Experience of running a Corporate Security or IT Security program in a >100 person organization.
  • Experience of hiring and managing a team of Security Engineers, and working with cross-functional partners.
  • Experience of security certification and re-certification programs.
  • Project or program management experience.
  • Background in software engineering or systems administration.

What we offer

  • Equity in an early-stage tech company on an incredible trajectory
  • 25 days holiday plus local public holidays
  • Apple hardware
  • Private medical insurance through AXA
  • Pension contribution through Hargreaves Lansdown
  • Enhanced family leave
  • Team off-site in fun places! (We've been to Barcelona, Lisbon, Malta, and Split so far)

What does the hiring process look like?

1. Recruiter Screen ~ 30 minutes

2. Hiring Manager Interview ~ 30 minutes

3. Technical Rounds ~ 3 x 45 minute interviews

4. Final call with CEO ~ 30 minutes

5. Offer Stage

Similar Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Skill Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Jobs in undefined

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

New York, United States (On-Site)

United Kingdom (On-Site)

London, England, United Kingdom (Hybrid)

London, England, United Kingdom (Remote)

New York, United States (Hybrid)

London, England, United Kingdom (Remote)

London, England, United Kingdom (On-Site)

New York, New York, United States (Hybrid)

New York, United States (Hybrid)

View All Jobs

Get notified when new jobs are added by Attio

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug