Rockefeller Philanthropy Advisors is hiring a Head of Security to lead and shape the security function for our fast-growing digital asset platform. You will own the organisation’s product, infrastructure, and internal systems security, balancing hands-on technical work with strategic leadership.

What You'll Do

Own and manage the organisation’s overall security posture, including product, infrastructure, and internal systems.
Secure CI/CD pipelines, container workflows, infrastructure-as-code, and deployment tooling.
Define and enforce access controls, auditing, and logging for internal services.
Evaluate, deploy, and manage security tools such as EDR, vulnerability scanners, and SCA solutions.
Lead internal authentication, SSO, MFA, and identity lifecycle management.
Implement endpoint security, employee training programs, and awareness campaigns.
Drive compliance with SOC 1/2 and other relevant frameworks, and manage relationships with auditors, vendors, and pentesters.
Develop internal security policies, operational processes, and playbooks to ensure organisational resilience.

What We're Looking For

5+ years of hands-on experience in security engineering, ideally within a SaaS or tech environment.
CISSP or equivalent certification.
Strong expertise in cloud security, secure software development, and common vulnerabilities.
Proven experience securing production environments and CI/CD systems.
Familiarity with security compliance frameworks such as SOC 2 or ISO 27001.
Experience deploying and operationalising security tools.
Excellent communication and collaboration skills across cross-functional teams.
Pragmatic, system-oriented mindset balancing risk management and business agility.