Light is seeking an InfoSec & Cybersecurity Lead to define the strategy, architecture, and governance of security across our platform, infrastructure, and internal systems. You will be a core voice in risk decisions and compliance, balancing strategic thinking with hands-on execution to secure our high-growth environment.

What You'll Do

Develop the security strategy, maturity roadmap, and key metrics.
Lead security compliance programs (SOC 2, ISO 27001, PCI DSS, GDPR) and audits using Vanta, and manage third-party and vendor risk.
Review system designs, threat-model new features, secure integrations, and embed security into CI/CD pipelines.
Establish and maintain incident response plans, run simulations, and lead real-world incident triage and remediation.
Drive a security-first mindset through training, awareness, and role-based access controls.
Evaluate and ensure the security of vendors, cloud infrastructure, access controls, and network segmentation.

What We're Looking For

5-7 years’ experience in information security or cybersecurity roles, preferably in fintech, SaaS, or payments.
Proven experience owning security in a fast-moving, high-growth environment.
Deep technical expertise: cloud (AWS, GCP, Azure), network and application security, identity & access, encryption, and threat modelling.
Hands-on in vulnerability management, penetration test oversight, secure code review, and incident response.
Familiarity with compliance on financial systems: SOC 2, ISO 27001, PCI, GDPR, etc.
Excellent risk judgment and ability to balance security with business velocity.
Strong communication skills — able to influence non-technical stakeholders and train engineers.
Experience leading or scaling a small security team or managing security partnerships.