Senior Director, Security & Compliance

Senior Director, Security & Compliance

Location: Austin, TX

Reports To: SVP, Operations & Support

inKind is transforming restaurant financing and customer engagement through an innovative fintech platform that provides restaurants with growth capital while helping consumers discover and enjoy dining experiences nationwide.

As a technology-enabled financial platform operating at the intersection of payments, fintech, hospitality, and consumer experiences, security, privacy, and compliance are critical to our continued growth and success.

We are seeking a strategic and hands-on Senior Director of Security & Compliance to build, scale, and lead the organization’s information security, compliance, governance, risk, and corporate IT functions.

The Senior Director of Security & Compliance is the senior leader responsible for inKind’s information security, regulatory compliance, corporate IT operations, and risk and governance functions.

This is a hands-on building role. inKind’s security, compliance, and IT functions are scaling; in the near term the Senior Director will personally operate core programs — audits, risk assessments, security tooling, vendor reviews, and corporate IT systems — while recruiting, developing, and scaling the team that will own them over time. We are looking for a player-coach who leads by doing, not solely by directing.

This role defines and executes the company’s security and compliance strategy while owning the day-to-day corporate IT operations — endpoint and device management, identity and access, internal systems, and support — that keep the company running securely and productively.

This role partners closely with Engineering, Product, Legal, Finance, People, Operations, and Executive Leadership to establish scalable security programs, compliance frameworks, and governance processes, balancing business enablement with risk reduction.

Engineering owns the implementation and security of inKind’s product and platform. This leader sets the enterprise security policy, standards, and governance the product organization builds against, and owns the corporate security, compliance, and IT posture end to end.

The Senior Director will personally execute across each of these areas in the near term, building and scaling the team to own them over time.

Security Strategy & Governance

• Develop and execute inKind’s enterprise security strategy, policies, standards, and operating procedures.
• Lead security planning aligned with company growth, product expansion, and regulatory requirements.
• Set enterprise security policy and standards that the product and engineering organizations build against.
• Serve as a senior advisor to leadership on security, compliance, and risk matters.

Compliance & Audit

• Own the company’s compliance strategy and roadmap.
• Lead audit readiness and certification programs, including:
• SOC 2
• PCI DSS
• Privacy programs
• Vendor and third-party risk management
• Regulatory compliance requirements
• Partner with Legal and Finance on governance and regulatory obligations.
• Ensure compliance programs remain scalable as the business grows.

Security Operations & Risk Management

• Oversee security operations, monitoring, vulnerability management, incident response, and threat detection.
• Establish company-wide risk management and risk assessment programs.
• Develop security metrics, executive dashboards, and reporting frameworks.
• Lead incident response planning, tabletop exercises, and business continuity initiatives.
• Manage third-party security reviews and vendor risk assessments.

Corporate IT Operations

• Own corporate IT operations, including the internal IT team, endpoint and device management, internal systems, and helpdesk support.
• Manage identity and access administration across corporate systems and SaaS applications.
• Establish IT standards, device lifecycle and asset management, and operational service levels.
• Ensure IT operations support a secure, productive workforce across the company’s office and distributed environments.

Product & Platform Security Partnership

• Partner with Engineering and Product to integrate security into the software development lifecycle and define secure development standards.
• Provide governance, policy, and advisory oversight for cloud (AWS) security architecture and application security, with Engineering owning platform implementation.
• Advise on threat modeling, secure architecture reviews, and security testing practices.
• Ensure security requirements are represented throughout the product lifecycle.

Leadership & Organizational Development

• Build and lead a high-performing IT, Security, & Compliance organization.
• Hire, mentor, and develop security, compliance, and IT professionals.
• Establish accountability frameworks and performance metrics.
• Create a culture of security awareness and shared responsibility.

• 10+ years of progressive experience in security, compliance, IT, governance, or risk management.
• Experience leading and developing people across security, compliance, or IT, with the depth to operate as a hands-on technical leader — breadth and capability matter more than the size of organizations previously managed.
• Demonstrated success as a hands-on, player-coach leader in a lean or scaling environment — personally executing core security, compliance, and IT work while building the team to own it, rather than directing from above.
• Proven experience owning compliance programs and audits, including SOC 2 and PCI DSS.
• Experience presenting to executive leadership, auditors, and external stakeholders.
• CISSP, CISM, CRISC, CCSP, or equivalent certifications.

• Bachelor’s degree in Information Security, Computer Science, Engineering, or a related field.
• Experience in fintech, payments, financial services, or regulated industries.
• Experience managing corporate IT and device management platforms (e.g., MDM).
• Experience supporting high-growth startup or scale-up organizations.