Truebill logo

Security Lead


Job description

Truebill is a YC-backed startup with offices in San Francisco and Washington, D.C. Our DC office is right on the Silver Spring metro! Hundreds of thousands of people use Truebill to manage their daily finances and take control of their money. We just recently announced our $17m Series C round of funding and are now looking to scale our all star team!

With a mission to improve the financial health of everyday people, Truebill is transforming the way people manage their expenses and grow their net worth. Through helping people cancel unnecessary subscriptions, negotiating bills, and securing refunds, we save our members money while helping them regain control over their finances.

We're looking for a Security Lead to drive all things security here at Truebill. Our users put an enormous amount of trust in us and in exchange we take pride in our dedication to security, ensuring that we're doing everything we can to protect our users' data and money. In this role, you will be taking ownership of the evolution of Truebill's security program. You will ensure top-notch security that actually works, while keeping the company productive.


  • You have experience building a security program at a tech company between 50 and 200 employees.
  • You are hands-on and can work independently. You do not rely on a large security or IT team to execute on the security program.
  • You are familiar with security best practices in AWS, and understand how to secure and monitor the necessary infrastructure to prevent and detect security issues.
  • You understand that most standard pen testing doesn't actually guarantee much security. Similarly, you understand that certifications, such as SOC 2, do not guarantee security.
  • You are able to prioritize the security roadmap by impact of a potential attack as well as likelihood of the attack.
  • You have experience rolling out an SSO solution such as Okta or Rippling.
  • Bonus: You have experience dealing with the security implications of storing sensitive financial information and money movement.


  • Be the primary security specialist at the company, charged with securing our cloud infrastructure as well as our endpoint devices and SaaS services.
  • Make and own security policy to balance employee productivity and desired tooling, project feasibility, risk, cost, and other tradeoffs as appropriate.
  • Direct a small IT team (likely 1 person to start) to ensure employee requests are dealt with in a timely manner without compromising on security. (Most IT requests revolve around SaaS provisioning and RBAC)
  • Create and run programs that ensure “table stakes” security such as patching, authentication, and proper tool selection are done correctly with a high degree of reliability, clear metrics, and are robust to failure.
  • Create threat models for all systems across the company, and use them to prioritize time based on risk impact.
  • Obtain and maintain any compliance-related certifications such as SOC 2 Type II, PCI, ISO 27001/27002, etc.
  • Maintain a clear mapping of where PII is stored, and monitor/restrict access to it as much as possible.
  • Triage and investigate all security reports. Execute the Incident Response Plan if/when an incident occurs.
  • Educate and train teams on security topics and skills.


  • Health, Dental & Vision Plans
  • Competitive Pay
  • Equity
  • Matching 401k
  • Unlimited PTO

Truebill, Inc. is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Apply now

Apply Apply

Please let Truebill know you found this job on Himalayas. This will help us grow!

About this role

Apply before

August 20th, 2021

Job posted on

January 24th, 2021

Job type

Full Time

Hiring timezone

Primary industry
Company size


Founded in


Social media
Visit Visit

About the company

Take control of your money Truebill develops a mobile app that helps consumers take control of their financial lives. Truebill leverages AI to analyze users’ spending habits, identify inefficiencies...
View company profile View company profile

We'll keep you updated when the best new remote jobs pop up.


We care about the protection of your data. Read our Privacy Policy.

Featured remote companies

View all companies View all companies
  • Airtable logo

    Airtable's mission is to democratize software creation.



  • flexEngage logo

    As one of the top E-receipt companies, flexEngage is the leading provider of personalized transactional communications and marketing strategies for retail stores.



  • MeetEdgar logo

    MeetEdgar is a social media scheduling tool like no other.



  • Follow Up Boss logo

    We make real estate lead conversion and sales follow up more efficient and automated resulting in our clients making more sales and having the capacity to grow their business in a calm and organized



  • Linaro logo

    Linaro has driven open source software development on Arm since its foundation in 2010, providing the tools, Linux kernel quality and security needed for a solid foundation to innovate on.



  • Invitae logo

    Invitae is a leader in medical genetic testing, driving genetic information into mainstream medicine to improve healthcare for billions of people.