Empowering consumers to control their personal data
Optery is a privacy-focused SaaS company headquartered in SoMa, San Francisco, CA, specializing in opt-out software that empowers consumers to manage their personal data. With over 1.5 million customer opt-outs, Optery's patented search technology provides users with insights into their digital foot...
Optery offers a stipend for home office setup, a flexible paid time off policy, and the ability to work remotely from anywhere. Team offsites foster c...
As a remote-first company, Optery emphasizes flexibility and work-life balance. The culture is driven by a commitment to privacy and empowering users ...
Optery, Inc. • Remote - United States
Optery is seeking a hands-on, entrepreneurial CISO to lead and extend our security program end-to-end. This is a hands-on builder role for someone who not only sets the strategy, but also executes the plan, manages controls, reviews data, and interacts directly with employees, customers and auditors. You will partner closely with company leadership to advance our security, privacy, compliance, and controls programs.
Optery’s security program is already well-established, having successfully completed its SOC 2 security audits every year since 2022 through to today.
You will be responsible for policies, risk, security operations, third-party/vendor security, application/product security, incident response, and supporting customer/security questionnaires. You will also be the internal champion for securing the organization and its people, customers, systems, and processes.
Own Optery’s information security strategy, roadmap, and policies, aligned to our industry-leading security and privacy products
Lead and extend Optery’s security program mapped to common frameworks (SOC 2, ISO 27001, CIS, NIST), appropriate for a high-growth, remote-first company
Partner with engineering to embed secure SDLC practices: threat modeling, code scanning, secrets management, access controls, and secure cloud configuration
Design and run an incident response program, including playbooks for data handling, data broker interactions, ransomware/social engineering scenarios, and customer notifications
Oversee identity and access management across core systems (SaaS, cloud, data, admin apps) following least-privilege principles
Lead vendor and third-party security reviews, especially for data- or privacy-impacting services
Partner with GTM, finance, ops, and sales to complete security questionnaires, DPAs, and customer diligence to unblock deals
Work with product/legal to ensure our data flows and retention/erasure practices align with CCPA, GDPR, and other consumer privacy laws we help our customers exercise
Define, track, and report security KPIs/KRIs to leadership and the board
Train and evangelize security practices across a distributed team so security is part of onboarding and day-to-day work
8+ years in information security, with increasing ownership across GRC, security engineering, and/or product/app security
Experience building or maturing a security program at a SaaS, data, cybersecurity, or privacy-focused company
Practical experience with SOC 2 and/or ISO 27001 (authoring policies, gathering evidence, working with auditors, driving remediation)
Strong understanding of cloud security (preferably AWS): networking, IAM, secret management, logging/monitoring
Comfortable meeting with customers, prospects, and partners to explain Optery’s security posture and win trust
Excellent written and verbal communication skills; able to write policies people can actually follow
Startup-friendly mindset: willing to prioritize, right-size controls, and make progress quickly
Experience at a company that handles PII
Experience securing distributed/remote teams and mixed contractor/employee environments
Background in data protection technologies (DLP, EDR, MDM, SSO, CASB) and how to roll them out in stages
Experience supporting enterprise sales cycles by answering security questionnaires
Recognized thought leader in security, fluent public speaker, and active participant in public-facing security communities and conferences
Optery is a fully remote global team. This role is based in the United States and requires working U.S. business hours (Eastern, Central, Mountain, or Pacific).
Base Salary: $200,000 - $220,000
Competitive Equity
Health, dental, and vision insurance
401(k) with employer match
Paid time off
Home office stipend
Optery values diversity and is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, sexual orientation, marital status, disability, genetic information, age, parental status, military service, or any other non-merit factor.
Apply now or save it for later. Get alerts for similar jobs at Optery, Inc..
