Fresha
Tech / AI / Software
HeadofSecurity
“Head of Security at Fresha. Skills: security strategy and roadmap, controls and protections, penetration testing and vulnerability management, incident response, threat intelligence and threat modelling, security training and awareness, automation and AI, security advisory. Own security strategy and roadmap. Deploy and run security controls”
Industry & Context.
Triage findings and close them; Prioritize vulnerabilities; Analyze internal telemetry; Inform decisions with threat intel data; Inform roadmap prioritisation; Solve security questions across the business
On-call model, Tabletop exercises
What They're Looking For.
Must Have
led security at a company operating under real regulatory pressure — payments, healthcare, financial services, or similar, run incident response for real incidents, not just exercises, and you've written the post-mortems, understand modern attack surfaces: cloud, SaaS, identity, supply chain, application, built or meaningfully improved a threat intel or threat modelling capability, fluent with AI tools and comfortable building automation, comfortable co-owning strategy with a VP — bringing opinions, challenging when it matters, and aligning once a direction is set, hold your own with engineers on technical depth and with execs on business framing
Nice to Have
experience with payments/PCI environments, offensive security background, track record of measurably reducing manual security work through automation
What You'll Do.
Own security strategy and roadmap
Deploy and run security controls
Run penetration testing and vulnerability management
Own incident response end-to-end
Stand up a threat intelligence capability
Run threat modelling as a routine practice
Keep a forward view on emerging threats
Own security-specific training content
Automate recurring tasks
Be the go-to person for security questions across the business
How You'll Work.
Team & Collaboration
Shape the security strategy alongside the VP; Work alongside the Head of Compliance as a peer; Partner with Engineering and IT to get controls in early; Work with the Head of Compliance on the evidence side; Partner with the Head of Compliance for training programs; Work closely with the VP on strategy; Work with the Head of Compliance, IT, Engineering, Infrastructure, and Product on execution
Communication Scope
Translate roadmap into something the exec team can actually read and fund; Make the call on where to invest day-to-day; Be the person in the room when something real happens, and the person writing the honest post-mortem afterwards; Give engineers a straight answer and a path forward, not a ticket queue and a policy link; Hold your own with engineers on technical depth and with execs on business framing; Be in front of customers and auditors often enough that polish matters
Process & Methodology
Translate roadmap into something the exec team can read and fund, Manage tooling, headcount, external services, automation
Applying for this Head of Security role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Lever
- Lever uses a streamlined one-page form — apply in under 5 minutes.
- LinkedIn import works well; review parsed data before submitting.
- The cover letter field is optional but visible to reviewers — use it to differentiate.
- Referral codes from employees can significantly boost visibility of your application.
ANONYMOUS · UNFILTERED
What do employees actually say about Fresha?
Real rants from real employees. Read before you apply.