Head of security
About Watershed
Watershed is the enterprise sustainability platform. Companies like Airbnb, Carlyle Group, FedEx, Visa, and Dr. Martens use Watershed to manage climate and ESG data, produce audit-ready metrics for voluntary and regulatory reporting including CSRD, and drive real decarbonization. We are looking for team members who love product-building, want to work hard at a mission-oriented startup, and will collaborate with us in shaping the culture of a growing team.
We have offices in San Francisco, New York, London and Sydney, and remote team members across the US and Europe. We hope that you'll be interested in joining us!
The role
The Head of Security will be responsible for maintaining, scaling and optimizing a comprehensive information security program for Watershed. In this role, you will:
- Develop and implement a comprehensive information security strategy aligned with the company's business objectives and risk appetite and the plan to deploy it.
- Directly manage the Security Engineering team which will work closely with the Cloud Infrastructure team to oversee the design, implementation, and maintenance of security controls, including access management, incident response, data protection, and threat intelligence.
- Manage the company's security risk assessment and management processes.
- Partner with Legal to lead the investigation and response to security incidents.
- Provide guidance and support to Go To Market business units on Security matters.
- Oversee our Governance, Risk, and Compliance Team which:
- Partners with Legal to develop and maintain policies, procedures, and standards related to information security, privacy, and compliance.
- Conducts regular risk assessments and audits to identify and mitigate potential threats.
- Ensures compliance with internal and external audit requirements.
- Provides guidance and support to business units on GRC matters.
You might be a good fit if you have:
- BS in computer science, information security, or a related field or equivalent experience
- Minimum 10 years of experience in information security and GRC roles at Enterprise SaaS companies
- At least 3 years in senior leadership positions
- Strong understanding of cloud security, data privacy, and compliance frameworks
- Experience working closely with Sales/GTM teams talking to customers and prospects
This position is required to be in our San Francisco HQ office.
At Watershed, we strive to design consistent, fair, and competitive compensation programs. The total cash compensation range may be inclusive of several levels at Watershed and final offer will be determined by a number of factors, including the candidate’s skills, capabilities, and location, as well as scope of the role.
The anticipated cash compensation range is in addition to a total rewards benefit package including equity, health/dental/vision insurance, 401(k), unlimited paid time off, paid parental leave, fertility, and mental health programs etc.
FAQ
Where does Watershed work?
We have hub offices in San Francisco, New York and London, and some remote team members in the US and EU. Most of our jobs need to be in San Francisco / New York / London, but certain jobs are open to being remote and will be specifically noted on the jobs page and in the job description.
What’s the interview process like?
It starts the same for every candidate: getting to know the team members through 1 to 2 conversations about Watershed, your experience, and your interests. Next steps can vary by role, but usual next steps are a skill or experience screen (e.g. a coding interview for an engineer, a portfolio review for a designer, deeper experience call for other roles) which leads to a virtual or in person interview panel after that if the screens go well. We prioritize transparency and lack of surprise throughout the process.
Please note Watershed will only conduct interviews via official company channels (Google Workspace, Zoom). We do not use platforms such as Signal, WhatsApp, etc. to conduct official interviews nor to complete any part of our onboarding process. If you are reached out to on these platforms from anyone claiming to be from Watershed please let us know.