KODE Labs is seeking a visionary and strategic Director of Security & Compliance to lead and mature our established security function, ensuring the continued protection of our innovative platform while enabling our ambitious growth. Our mission is to change the way people, buildings, and systems operate by providing the best smart building technology experience possible.

As we scale globally and enter new markets like the US federal sector, maintaining and enhancing our world-class, proactive security and compliance posture is critical to our success and reputation. This role is fundamental to upholding trust with our clients and partners.

WHAT YOU WILL DO:

• Lead & Evolve Security Strategy: Oversee, refine, and continuously evolve KODE Labs' cybersecurity strategy. Ensure ongoing alignment with business objectives, product roadmap, and emerging threats.
  

• Maintain Compliance & Lead Certification Efforts: Oversee adherence to existing compliance standards and spearhead the initiatives to achieve FedRAMP authorization. Ensure continuous monitoring for SOC 2 Type 2 and other relevant frameworks (e.g., ISO/IEC 27001 alignment, GDPR, CCPA, relevant IoT standards). Design and operate any required FedRAMP-specific environments.
  

• Lead & Develop High-Performing Security Teams: Provide strategic direction and leadership for the existing security organization structure. Mentor, inspire, and lead dedicated teams responsible for Blue Team, Red Team, GRC and IAM
  

• Drive Proactive Risk Management: Oversee and mature the enterprise risk management framework. Ensure regular threat modeling and risks assessments are conducted, tailored to our cloud-native SaaS platform, microservices architecture, IoT landscape, and technology supply chain.
  

• Optimize Security Posture & Tooling: Oversee the selection, implementation, optimization, and management of security technologies across cloud, corporate, and IoT environments. Ensure the maturity of the vulnerability management program and manage the Responsible Disclosure process.
  

• Champion Data Security & Privacy: Maintain and enhance Data Loss Prevention (DLP) controls and ensure ongoing adherence to global data privacy regulations (SOC2 GDPR, CCPA) and data handling best practices.
  

• Guide Secure Product Lifecycle & Architecture: Partner closely with Engineering and Product teams to ensure security principles (DevSecOps) are embedded throughout the SDLC. Lead security architecture reviews and provide ongoing guidance on secure design for new features and platform enhancements.
  

• Manage Budget & Resources: Develop and manage the security budget, ensuring efficient allocation of resources to meet strategic objectives and mitigate risks effectively.
  

• Enable Customer Trust & Assurance: Act as a key security liaison for enterprise and government clients. Oversee the response to security questionnaires, support the sales process with security expertise, and manage customer-facing security audits to maintain and build trust.
  

Requirements

• Proven Strategic Leadership: 8+ years in cybersecurity with significant demonstrated experience leading, scaling, and maturing multi-faceted security programs and teams (Blue Team, Red Team, GRC, IAM).
  

• Compliance Mastery: Deep, hands-on experience maintaining SOC 2 Type 2 environments and leading successful FedRAMP authorization projects from initiation through continuous monitoring. Expert understanding of the operational requirements, audit processes, and control frameworks. Strong familiarity with ISO 27001, NIST CSF, GDPR, and CCPA.
  

• Deep Technical & Strategic Expertise: Ability to develop and execute a forward-looking security strategy. Strong understanding of cloud security (GCP highly preferred), Kubernetes security, microservices architecture, application security (DevSecOps leadership), modern security tooling (SIEM, WAF, EDR, DLP, SAST/DAST), cryptography, and IAM principles.
  

• IoT Security Acumen: Demonstrable understanding of IoT security principles, risks, and mitigation strategies (e.g., device lifecycle security, secure communication protocols, firmware security, network segmentation).
  

• Risk Management Acumen: Proven experience implementing and maturing risk management frameworks (e.g., NIST RMF) and conducting effective threat modeling in complex technical environments.
  

• Exceptional Communication & Influence: Excellent communication skills with the ability to articulate complex security concepts, risks, and strategies to technical teams, executive leadership, auditors, customers and external partners.
  

• Pragmatic Problem-Solving: Critical thinking skills combined with a practical approach to implementing security solutions and leading incident response efforts effectively under pressure.
  

• Educational Background: Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience. Relevant certifications (CISSP, CISM, CISA, CCSP, etc.) are strongly preferred.
  

Benefits

• Competitive salary based on experience
  

• Discretionary Bonus Program
  

• Career Development Program
  

• Comprehensive Health Insurance Package
  

• Dynamic team and challenging projects
  

• Flexible Paid Time Off
  

• Welcoming and friendly work environment
  

• Regular social events and activities
  
  

JOIN THE TEAM:

KODE Labs is a real estate technology company founded in 2017 with a mission to change the way people, buildings and systems operate. Headquartered in Detroit, Michigan, we are a driving force behind the adoption of smart building technology. To scale our presence across numerous cities and countries, we depend on our team of talented, ambitious people who go above and beyond to create value for our clients. We foster a culture of urgency, accountability, and impact.

When you join the KODE Labs team you can create your own career. Whether you have years of experience or are just starting, we help you realize your full potential and achieve your goals.

If KODE Labs sounds like the place for you, we'd love to hear your story, so please apply through our online application form. Only shortlisted candidates will be contacted.

Location: Detroit, MI (Full-time, In-Office)