Director of Security at Deputy

Security, Full Time, Sydney sydney full-time
Posted 16 days ago

At Deputy we’re on a mission to change the way the world works & we are looking for fantastic people to help us do that. Our mission is to simplify shift work, with a future state vision to enable thriving workplaces in every community.

Deputy is a SaaS Workforce Management Product company. HQ'd in Sydney (AU), with offices in Melbourne, London (UK), Atlanta and San Francisco (USA). We’ve helped hundreds of thousands of people across all industries in 70+ countries save time and money managing their hourly workforce so they can focus on what they do best, and be amazing.

Currently, our employees are predominately working from home and this role will also be remote for the time being. We anticipate employees will be returning to the office, in a flexible capacity, during 2022 as appropriate & when it is safe to do so.


Due to Deputy's success and growth around the world, we're seeking a Head of Security to ensure we keep growing into an extraordinary team delivering more of what our customers love. Securing our application, infrastructure, customer data and intellectual property is critical to executing our mission. In this role, you will lead all aspects of information and application security for Deputy, relentlessly protecting our application, business, customers’ data and stakeholders. As we continue to grow you will continue to build, lead and be a steward for the team to ensure that security always remains a top priority. This is an amazing opportunity for you to be an instrumental part of Deputy’s journey to scale a world-class product.


  • First, you will be a beacon of courage and protection to the people of Deputy leading by example and with humility to shape a brave, dependable, trustworthy function.
  • You will define and drive a security roadmap and strategy to support Deputy’s business goals. 
  • An expert in multiple facets of security, including SaaS Infosec, Appsec, Cloud Security, Corporate Security and incident response.
  • A true business partner, coordinating alignment of security and business initiatives.
  • Drive and influence a culture of security awareness. 
  • Hands-on where needed and an expert advisor to the wider company - That may include providing mitigations for pen test results, setting up tools and processes for threat detection, educating people on secure coding practices such as OWASP & CWE/SANS25, responding to customer security RFIs, advising engineers on how to protect against certain attacks, working with agile delivery methodologies and performing on-call / triaging responsibilities. 
  • Brief the executive, board sub-committees and stakeholders on cyber risks.
  • Develop, maintain and publish up-to-date security policies, standards and guidelines.
  • Educate our employees on company security policies and best practices.
  • Work in unison with our development and product disciplines to ensure security is always a first-class citizen.
  • Lead the Security and GRC team and work closely with our Legal team to ensure Privacy and Compliance are handled throughout the business. 
  • Continuously find ways of being a better, more secure and dependable organisation.
  • Establish key measurements on how secure our company and products are and use those measurements to ensure we are at our best.
  • Consistently question the value of what we are doing and why we are doing it. Is this the right thing for Deputy?
  • Take a leadership role in assessing Deputy’s partners and third party suppliers to ensure the security and privacy of Deputy’s corporate and customer data.
  • You will communicate exceptionally well and help the whole company buy into the vision of the security of Deputy and our products.
  • Accountability for maintaining the company’s ISO 27001:2013, PCI-DSS (and similar) certifications.
  • You have a passion for technology keeping abreast of where the rest of the world is headed.

  • You have the utmost integrity, be open and honest, collaborative in nature, have a growth mindset and not be afraid to speak your mind when it is in the best interest of Deputy and its customers.
  • You're more interested in being a leader than a manager. You pride yourself in establishing security as a forethought and constant presence in what you do.
  • You're balanced, both personally and professionally, who acts with good humour and positivity.

  • 7+ years leading security initiatives and company-wide secure practices in leading technology companies.
  • A track record of owning the security function for a fast-growing company.
  • Experience influencing business leaders and stakeholders, helping them understand security risks as they pertain to business strategy and practices.
  • Experience managing security incident response, disaster recovery and business continuity planning, information privacy, security operations centers and security architecture. 
  • Experience developing processes and protocols around embedding security, privacy, and compliance into a company’s development process. 
  • A technical background and CISSP, CCSP, CEH or OSCP certifications are preferred.
  • Experience working with large-scale cloud-based environments – AWS, Google Cloud, Azure, etc.
  • Experience working with frameworks such as ISO27001, PCI, SOC2 and GDPR to manage requirements for Governance, Risk, Compliance and Privacy.
  • Experience developing and implementing Security Awareness Programs.
    - Australian Hyper-Growth Startup - Head Office in Sydney
    - Why IVP Invested in Deputy
    - Deloitte's #21 Fastest Growing Technology Startups in Aus 2018
    - Raised $111M Series B Round led by IVP, OpenView (our Series A investor), Square Peg Capital and EVP.
    - Global Growth across APAC, America and EMEA.

    - Share Options
    - Paternity/Maternity Leave Policies
    - Personal Learning & Development Fund
    - Flexible Work Policy
    - Company wide Development & Coaching
    - Hackathons
    - Awards - "Your Time to Shine & Celebrate Success"
    - Social Events & variety of social clubs (Books, LGBT, Games, Sports)
    - Mental Health Support
    - Munch & Learns


    At Deputy we’re on a mission to change the way the world works. Since 2008 over 200 million shifts have been rostered on Deputy, in over 90 countries, and across 245 different industries.

    We’re making it easier for businesses and teams to roster staff, manage leave, complete payroll and take the admin out of work so that our customers can focus on doing what they love. We hire amazing people to do what they’re best at, and work with some incredible businesses all around the world.

    Check out this video: Deputy Explained

    Check out why our customers love us: GetApp and G2Crowd. 

    Deputy believes in equal opportunity and that inclusiveness and diversity promotes innovation. Our global team members are from a variety of cultures. And we welcome different perspective and skills. 

    Interested? Apply now