
Posted 14 days ago
Head of Security & Compliance
CascaHead of Security & Compliance
Requirements
5+ years in progressive security roles, 2+ years in B2B tech, fintech, or regulated SaaS, Strong fundamentals in secure SDLC and cloud security, Experience owning SOC 2 Type II or ISO 27001, Experience in fintech or banking
Skills
AWSGCPDevSecOpsSOC 2ISO 27001
About the role
Responsibilities
- Build security tooling and processes, including appsec, identity and access management, and threat detection that integrate into engineering workflows.
- Manage and mentor a team of application security engineers while maturing Secure SDLC, threat modeling, and vulnerability management.
- Secure the agent execution surface by partnering with Engineering and Product to establish robust architecture for AI-driven workflows and data privacy.
- Drive customer trust by owning and expanding the compliance roadmap, including SOC 2, SOC 1, and ISO 27001.
- Lead incident response and detection, acting as the primary commander and driving systemic improvements following events.
Requirements
- 5+ years in progressive security roles, with at least 2+ years in B2B tech, fintech, or highly regulated SaaS.
- Strong fundamentals in secure SDLC, cloud security (AWS/GCP), Web security, and DevSecOps practices.
- Proven track record of owning SOC 2 Type II and/or ISO 27001 compliance.
- Experience in fintech or banking.
- Ability to develop lightweight, durable security policies and data governance frameworks.
- Experience leading incident response and remaining calm and methodical under pressure.
Preferred Qualifications
- Experience securing LLM usage for both coding and in-product use cases.
- Experience mitigating risks specific to agentic systems, such as prompt injection and data poisoning.
Benefits
- Competitive compensation including base salary and equity.
- High impact and ownership in shaping the future of AI-native banking.
- Collaborative environment with a talented, passionate team.
- Opportunities for professional growth and strategic influence.
About the Company
Casca is building AGI for banking. We are replacing decades-old legacy systems with AI-native technology that automates the manual work traditionally required in the financial sector.
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeHead of Security & Compliance
Casca · San Francisco
