Menu

Director, Security Governance and Compliance

Apply Now

Developing innovative technologies to revolutionize the payments industry while helping customers transact in global marketplaces is not for the faint of heart. We have big goals and are looking for people to join our team who want to leave a legacy. Just as you are committing to do your best work, Tom our CEO, commits to making this the best place you’ve ever worked. It’s a partnership from the very beginning. If you are looking to step outside your comfort zone, learn new things, apply your skills, collaborate with brilliant people and have fun along the way, then you might be our next Yapster! We promise to provide you with an amazing journey along your career. At Yapstone, we don’t just accept difference — we celebrate it, we support it, and we thrive on it for the benefit of our employees. Yapstone is proud to be an equal opportunity workplace.



Primary Responsibilities

  • Defines security policies, practices, training programs and standards that govern security functions associated with information technology systems, networks, applications, voice and data communications, computing services within the company – including employee, vendor and customer use and access to information assets.

  • Partners with Engineering and Operations teams to drive adoption and implementation of information security policies, procedures, standards, and incident handling processes.

  • Serves as liaison with leadership, legal, compliance, and corporate risk management, to analyze new requirements, standards, and capabilities and to determine feasibility and timing of implementation of new programs and capabilities.

  • Delivers and continuously improves the Information Security and Risk Management processes – providing guidance and oversight to the functional / business teams, and leading the reporting and mitigation of any findings

  • Evaluates and monitors external and internal threat levels, assesses the organization’s defensive posture, associated risks, and implements mitigating controls and remedies.

  • Works collaboratively cross-functionally with internal business units & IT organization on the implementation of strategy.

  • Responsible for managing the compliance program which currently includes SOX & PCI

Primary Responsibilities

  • Defines security policies, practices, training programs and standards that govern security functions associated with information technology systems, networks, applications, voice and data communications, computing services within the company – including employee, vendor and customer use and access to information assets.

  • Partners with Engineering and Operations teams to drive adoption and implementation of information security policies, procedures, standards, and incident handling processes.

  • Serves as liaison with leadership, legal, compliance, and corporate risk management, to analyze new requirements, standards, and capabilities and to determine feasibility and timing of implementation of new programs and capabilities.

  • Delivers and continuously improves the Information Security and Risk Management processes – providing guidance and oversight to the functional / business teams, and leading the reporting and mitigation of any findings

  • Evaluates and monitors external and internal threat levels, assesses the organization’s defensive posture, associated risks, and implements mitigating controls and remedies.

  • Works collaboratively cross-functionally with internal business units & IT organization on the implementation of strategy.

  • Responsible for managing the compliance program which currently includes SOX & PCI

Requirements

  • A bachelor’s degree in Information Systems Management, Computer Science, Engineering or related discipline. An advanced degree is preferred.

  • Professional certification in information security (for example, CISSP, CISM or CISA) required

  • 10 to 15 years IT experience with 8 to 10 years in a combination of risk management, IT Leadership information security and information technology.

  • Experience with PCI DSS and SOX compliance.

  • Deep and best-in-class understanding of foundational IT networking, operating systems, application development and specific experience with implementing security technologies.

  • Experience leading and driving large, complex IT Security and Compliance functions in a hospitality and/or retail organization

Requirements

  • A bachelor’s degree in Information Systems Management, Computer Science, Engineering or related discipline. An advanced degree is preferred.

  • Professional certification in information security (for example, CISSP, CISM or CISA) required

  • 10 to 15 years IT experience with 8 to 10 years in a combination of risk management, IT Leadership information security and information technology.

  • Experience with PCI DSS and SOX compliance.

  • Deep and best-in-class understanding of foundational IT networking, operating systems, application development and specific experience with implementing security technologies.

  • Experience leading and driving large, complex IT Security and Compliance functions in a hospitality and/or retail organization

Apply Now

Our Benefits

  • We offer comprehensive health, dental, and vision wellness plans for you and your family with low employee premiums.
  • You work hard every day to build the future of our company, so we’ll help you build your future with a 401(k) plan that features employer match.
  • We encourage and support our teams to take time off to recharge and reboot because changing how the world pays is no easy task.
  • We care about the community where we work. Through YapCares, you get 8 hours of paid volunteer time off each year to make a difference.
  • Enjoy food, fun and camaraderie with breakfasts, dinners, snacks, social hours and events.
  • A great location in the Easy Bay that is a reverse commute for many Yapsters, and we’re right across the street from BART.