Jasper is the leading AI marketing platform, enabling the world's most innovative companies to reimagine their end-to-end marketing workflows and drive higher ROI through increased brand consistency, efficiency, and personalization at scale. Jasper has been recognized as "one of the Top 15 Most Innovative AI Companies of 2024" by Fast Company and is trusted by nearly 20% of the Fortune 500 – including Prudential, Ulta Beauty, and Wayfair. Founded in 2021, Jasper is a remote-first organization with team members across the US, France, and Australia. About The RoleAt Jasper, we are defining the future of AI-driven marketing workflows. As our Director of Security, you will play a critical role in safeguarding our platform, our customers, and our future. We are seeking a thoughtful, experienced leader to oversee our entire security program. In this role, you will balance rigorous compliance standards with the agility required for a high-growth technology company. You will lead a small, high-impact team and serve as the face of security for our enterprise customers. This position is not just about locking down assets; it is about enabling the business to move fast, safely, evaluating risk with nuance, and building trust with our community. This fully remote role reports to the Chief Technology Officer and is open to candidates located anywhere in the continental US. What you will do at Jasper - Own the strategic vision and tactical execution of Jasper’s security program, managing a lean, high-performing team to protect company assets and customer data. Establish program metrics to track effectiveness and champion continuous improvement. - Oversee and guide best practices in product security, collaborating closely with engineering teams to embed security throughout the software development life cycle. Lead security reviews, threat modeling, and ensure secure design and development of Jasper’s products and features. - Partner with leadership and engineering to evaluate risks pragmatically. Your goal is to find "yes, but safely" solutions that allow the business to innovate while managing exposure. - Evaluate organizational risks, prioritize remediation efforts based on real-world impact, or accept risks and exceptions on behalf of the business. Facilitate risk-based decisions. - Lead the incident response life cycle, ensuring we have robust detection, rapid response capabilities, and clear communication protocols in place. - Act as the escalation point for complex customer requests to maintain sales velocity and deal integrity. You will jump on calls with prospective and current enterprise customers to discuss our security practices. - Mentor and guide your direct reports, fostering a culture of continuous learning, accountability, and professional growth. What you will bring to Jasper - 7+ years of experience in information security, with at least 3 years in a leadership role managing teams or security programs. - Deep, hands-on experience with security frameworks (e.g., SOC2, ISO27001, HIPAA) in a cloud-native environment. - Proven ability to communicate complex security concepts clearly to non-technical stakeholders and customers. You should be comfortable representing the company in external meetings. - Strong understanding of risk management principles (e.g., NIST CSF) and the ability to translate technical risks into business language. - Solid foundation in cloud security (AWS/GCP/Azure), application security, and modern SaaS infrastructure. - Exceptional written and verbal communication skills, with a professional and approachable demeanor that invites collaboration. - Experience leading security at a high-growth SaaS or AI startup. - Relevant professional certifications, such as CISSP, CISM, CRISC, or CISA. - Experience with privacy regulations such as GDPR and CCPA. Compensation RangeAt Jasper, we believe in pay transparency and are committed to providing our employees and candidates with access to information about our compensation practices. The expected base salary range offered for this role is $216,000 - $270,000. Compensation may vary based on relevant experience, skills, competencies, and certifications. Benefits & Perks - Comprehensive Health, Dental, and Vision coverage beginning on the first day for employees and their families - 401(k) program with up to 2% company matching - Equity grant participation - Flexible PTO with a FlexExperience budget ($900 annually) to help you make the most of your time away from work - FlexWellness program ($1,800 annually) to help support your personal health goals - Generous budget for home office set up - $1,500 annual learning and development stipend - 16 weeks of paid parental leave Our goal is to be a diverse workforce that is representative at all job levels as we know the more inclusive we are, the better our product will be. We are committed to celebrating and supporting our differences and that diversity is essential to innovation and makes us better able to serve our customers. We hire people of all levels and backgrounds who are excited to learn and develop their skills. We are an equal opportunity employer. Applicants will not be discriminated against because of race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition, or any protected category prohibited by local, state or federal laws. By submitting this application, you acknowledge that you have reviewed and agree to Jasper's CCPA Notice to Candidates, available at legal.jasper.ai/#ccpa.

• The Sr Information Security Engineer is responsible for designing, implementing, and continuously improving the technical security controls that protect internally developed applications, including cloud systems, containerized, and serverless workloads. • This role is a hands-on application security specialist who performs deep secure code reviews, leads threat modeling, and drives remediation of complex vulnerabilities across the SDLC. • Collaborating with other technical teams, this role ensures secure application development, deployment, and operation by assessing maturity, defining security requirements and guardrails, and delivering prioritized recommendations to improve pipeline controls, tooling, and integrations within the DevSecOps pipeline. • Conducting application security assessments, guiding secure software development practices, and advancing the maturity of application security capabilities. • The Information Security Engineer partners with development, operations, and security teams to embed security into development practices and responds as a subject matter expert during application-related security incidents.

About Airwallex Airwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 200,000 businesses worldwide - including Brex, Rippling, Navan, Qantas, SHEIN and many more - with fully integrated solutions to manage everything from business accounts, payments, spend management and treasury, to embedded finance at a global scale. Proudly founded in Melbourne, we have a team of over 2,000 of the brightest and most innovative people in tech across 26 offices around the globe. Valued at US$8 billion and backed by world-leading investors including T. Rowe Price, Visa, Mastercard, Robinhood Ventures, Sequoia, Salesforce Ventures, DST Global, and Lone Pine Capital, Airwallex is leading the charge in building the global payments and financial platform of the future. If you're ready to do the most ambitious work of your career, join us. Attributes We Value We hire successful builders with founder-like energy who want real impact, accelerated learning, and true ownership. You bring strong role-related expertise and sharp thinking, and you're motivated by our mission and operating principles. You move fast with good judgment, dig deep with curiosity, and make decisions from first principles, balancing speed and rigor. You're humble and collaborative; turn zero-to-one ideas into real products, and you "get stuff done" end-to-end. You use AI to work smarter and solve problems faster. Here, you'll tackle complex, high-visibility problems with exceptional teammates and grow your career as we build the future of global banking. If that sounds like you, let's build what's next. Your role As a Staff Corporate Security Engineer, you will be a critical part of defending Airwallex's enterprise systems and employees from threats such as malware, phishing and unauthorised access. This role is a highly technical opportunity to detect, investigate and prevent security issues across a modern corporate environment. You will work on digital forensics, incident response and tool development and deployment, protecting a range of corporate IT platforms from endpoints to identity providers. What you'll be doing - Contribute to incident response for malware, phishing, digital forensics. - Design, develop, test, and evaluate new corporate security controls for a rapidly growing business. - Perform incident response and hunt through log sources to identify new threats. - Design and implement security alerts and workflows to support the incident response lifecycle. - Secure corporate IT infrastructure and remediate issues across identity providers, endpoints, corporate networks and other platforms. - Deploy, configure and operate security tooling with a laser focus on impact. What you'll bring - A passion for solving the complex challenges of high-growth startups. - Self motivation and drive to learn new skills, or dive deeper into existing skills. - Bachelor's degree in Computer Science, Cybersecurity or similar. - 7+ years working in a security engineering or incident response role within a tech company. - Strong experience with Crowdstrike, Splunk or other common security monitoring tools. - In depth understanding of common attacker tools and techniques, how they can be detected and prevented, and ability to respond to incidents with high depth and quality of investigation. - Experience with GCP, Alibaba Cloud or other cloud platforms is preferred. - Experience with Okta, Google Workspace and cloud-based VPN services is preferred. - Experience securing endpoints, including with MDM tooling such as Kandji, Intune - Strong communication skills with the ability to explain technical security and software concepts to a non-technical audience. - Scripting experience such as with Python, Bash, Powershell. Applicant Safety Policy: Fraud and Third-Party Recruiters To protect you from recruitment scams, please be aware that Airwallex will not ask for bank details, sensitive ID numbers (i.e. passport), or any form of payment during the application or interview process. All official communication will come from an @airwallex.com email address. Please apply only through careers.airwallex.com or our official LinkedIn page. Airwallex does not accept unsolicited resumes from search firms/recruiters. Airwallex will not pay any fees to search firms/recruiters if a candidate is submitted by a search firm/recruiter unless an agreement has been entered into with respect to specific open position(s). Search firms/recruiters submitting resumes to Airwallex on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary. Equal opportunity Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit, qualifications, competence and talent. We don't regard color, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status when making our hiring decisions. If you have a disability or special need that requires accommodation, please let us know. #BI-Hybrid

• Advise others on complex security engineering matters • Manage teams for strategic security architecture • Design and implement security controls • Collaborate with business and technical teams