Collectors Logo

Collectors

Director of Information Security

Posted An Hour Ago
Be an Early Applicant
In-Office or Remote
Hiring Remotely in US
212K-312K Annually
Expert/Leader
In-Office or Remote
Hiring Remotely in US
212K-312K Annually
Expert/Leader
Lead and operationalize the enterprise information security program across AppSec, CloudSec, SecOps/IR, and GRC. Own SOC/detection and response, application and cloud security, risk registers, compliance (SOC2/ISO/NIST/HITRUST), security KPIs, and build a high-performing security organization partnered with engineering, IT, legal, and privacy.
The summary above was generated by AI

Collectors is the leading creator of innovative technology that provides value-added services for collectors worldwide. We grade, authenticate, vault, and sell millions of record-setting collectibles, all while modernizing and digitalizing the process to further our mission of helping collectors pursue their passions. We’re always on the lookout for talented people to join our growing team.


Our services span collectible trading cards, autographs, comic books, coins, video games, event tickets, and memorabilia. Our subsidiaries include PSA, PCGS, Beckett, SGC, and Card Ladder.


Since our founding in 1986, we have graded and authenticated millions of items. We employ more than 3000 people across our headquarters in Santa Ana, California and offices in New Jersey, Texas, Florida, Japan, Shanghai, Hong Kong, Canada, Mexico, Germany, and France.


As part of our interview process, we request that candidates have their cameras on during video interviews. This helps foster meaningful conversation and allows us to create an experience that closely resembles our standard working environment. Certain interview steps may take place by phone. For remote roles, and at our discretion, candidates may be asked to participate in an on-site interview as part of the final stages of the process.


We understand there may be occasional circumstances requiring accommodation and are happy to discuss them as needed. Your recruiter will be able to clarify expectations and answer any questions you have.


We’re transforming the collecting experience with technology that brings authentication, grading, and trading into the modern era. Our products are equalizing the playing field by providing tools that make complex research analytics — including pricing, scarcity reports, and historic sales data — accessible to every collector, old or new. Our engineering mission is to democratize technology while promoting innovation, collaboration, and continuous learning throughout the organization. We're seeking engineers to utilize advanced technology in agile settings, with a focus on improving the customer experience for every collector.

We’re looking for an Information Security Director to join our Cybersecurity team to prioritize the right risks for the organization and partner with cross functional stakeholders to ensure security is incorporated into all aspects of the business.

You’ll report to the VP of Engineering, Information Security and Platforms. Collectors is committed to utilize cybersecurity, risk and privacy best practices across our environment to protect our customers, employees and our brand.

 

Remote or hybrid candidates will also be considered. We believe that there is significant value in in-person collaboration. If you live within a 1 hour commuting distance to one of our offices, you will be required to be onsite most of the time. This will be discussed further as part of the recruiting process.

What You’ll Do:

  • Lead the information security program across application security, cloud security, security operations, and GRC, serving as the operational leader responsible for refining and driving the information security roadmap into executed outcomes. We’re focused on ensuring that we’re prioritizing risk reduction over checkbox security and proactively incorporating emerging threats and trends.

  • Own the security operations function, including detection and response, threat intelligence, incident management, and SOC maturity, ensuring the organization can rapidly identify, contain, and recover from security events.

  • Drive the application security program, embedding secure development practices, code analysis tooling, and vulnerability management into the SDLC in close partnership with product and platform engineering teams.

  • Establish and mature cloud security capabilities, defining and enforcing security standards across cloud environments including architecture review, configuration management, workload protection, and cloud-native detection and response.

  • Oversee governance, risk, and compliance activities, including regulatory and framework alignment (SOC 2, ISO 27001, NIST, HITRUST, or similar), risk assessment processes, policy lifecycle management, and audit coordination.

  • Partner with Internal Platform teams to define and implement appropriate security guardrails within the environment.

  • Build and maintain the organization's security risk register, providing the stakeholders with clear, data-informed visibility into the threat landscape, control gaps, and residual risk across the enterprise.

  • Collaborate cross-functionally with engineering, IT, legal, and privacy stakeholders to embed security into organizational processes and decision-making rather than operating as a gatekeeping function.

  • Define and track security KPIs and program metrics — such as mean time to detect/respond, vulnerability remediation SLAs, and compliance posture — to measure program effectiveness and define target risk postures across applications.

  • Lead, develop, and scale a high-performing security organization, managing team leads across multiple disciplines, investing in professional development, and building a culture that balances security rigor with operational pragmatism.

Who You Are:

  • An experienced security leader with 10+ years in information security, including 5+ years leading security teams across multiple disciplines and at least 2+ years managing managers or cross-functional security functions.

  • Broad and deep across the security domain. You've built or matured programs spanning AppSec, CloudSec, SecOps/IR, and GRC — and you're comfortable operating across all of them without losing depth in any single area.

  • Strong in security operations and incident response. You've led or directly overseen SOC teams, detection engineering, and incident response processes, and you understand what it takes to build a mature, metrics-driven detection and response capability.

  • Technically credible in cloud and application security. You have hands-on familiarity with securing cloud environments (AWS, Azure, or GCP), modern application architectures, CI/CD pipelines, and container-based workloads, and you can engage meaningfully with engineering teams on technical trade-offs.

  • Well-versed in governance and compliance frameworks. You've led organizations through SOC 2, ISO 27001, NIST CSF, HITRUST, or similar frameworks and can manage audit cycles and regulatory requirements without letting compliance become the sole definition of security.

  • A strategic partner to the CISO. You're skilled at operationalizing security strategy, translating executive-level priorities into roadmaps and team-level execution, and surfacing risk with clarity and context.

  • Collaborative by default. You build productive relationships with engineering, IT, legal, and privacy teams, and you approach security as an enabling function rather than a blocker — while still holding firm on non-negotiable standards.

  • Metrics-oriented and outcome-driven. You use data to measure program health, prioritize investment, and communicate risk to technical and non-technical audiences alike.

  • A strong people leader and culture builder. You attract and retain top security talent across disciplines, create clear career pathways, and foster an environment where analysts, engineers, and GRC professionals all feel ownership over the mission.

  • A clear, confident communicator who can brief executives on risk posture, walk engineering teams through threat models, and represent the security organization in cross-functional forums with equal effectiveness.

Salary Range: 

The salary range for this position is $212,000 to $312,000. Actual compensation on this range varies based on a variety of non-discriminatory factors, including location, job level, experience, and skill set. This role may be eligible for bonuses, commissions, or other forms of compensation, please ask your recruiter for details.

Reasons To Join Us:

  • Health Insurance: All full-time employees are eligible to enroll in Medical, Dental, and Vision.

  • Additional Benefits: Full-time employees are eligible for fertility, commuter, and educational assistance benefits.

  • 401(K) Matching Plan: We are proud to offer a competitive 401k matching plan to our employees to support their future financial goals.

  • Vacation: All salaried employees are eligible for flexible time-off.

  • Holiday Pay: All regular, full-time employees are eligible for ten company paid holidays.

  • Employee Discounts: Employees receive discounts on select grading services for approved submissions.

  • Flexible Hours: Many of our teams offer flexible schedules with varying shifts and will work with you to accommodate your needs.

  • Fun Working Environment: Our team members are invited to participate in celebrations, holiday events, and team building activities.

  • Additional Resources: Collectors Tech Blog, PSA.

Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. 11

Candidates must be authorized to work in the United States. 


Collectors uses e-Verify to validate your ability to work legally in the United States.


We are aware that there are instances where individuals are receiving job offers that fraudulently allege to be from Collectors or one of our business units. This type of fraud can be carried out through false websites, through fake e-mails claiming to be from the company or through social media. We never ask for personal information such as your bank account, Social Security numbers or National IDs, nor do we send or request payments for the purchase of business-related equipment. If you suspect fraud, please reach out to [email protected].


We are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity or expression, sexual orientation, age, citizenship, marital or parental status, disability, veteran status, or other class protected by applicable law. We believe that a team that represents a variety of backgrounds, perspectives, and skills will better service the diverse community of collectors we support.


If you require an accommodation to apply or interview with us due to a disability or special need, please email [email protected].


U.S. residents: for disclosures relating to personal information we collect during the employment application and recruitment process, please see our Privacy Notice for U.S. Applicants.


If you are based in California, you can read information for California residents here.

Similar Jobs at Collectors

Yesterday
In-Office or Remote
28-39 Hourly
Junior
28-39 Hourly
Junior
Consumer Web • eCommerce • Machine Learning • Software • Sports • Analytics
Provide frontline TA operations support to recruiters and HR partners, maintain and improve process documentation, own quality control of offers and requisitions, partner with HRIS on ATS matters, track TA operations tasks (referral reporting, internal postings, interviewer training), and identify cross-geography process improvements to ensure operational excellence.
Top Skills: Applicant Tracking Systems (Ats)Google DocsGoogle SheetsGoogle SlidesGoogle WorkspaceHrisSlackWorkday Recruiting
2 Days Ago
In-Office or Remote
190K-300K Annually
Senior level
190K-300K Annually
Senior level
Consumer Web • eCommerce • Machine Learning • Software • Sports • Analytics
Serve as the legal lead for Collectors' bank-originated lending program and payments ecosystems. Draft and negotiate loan, partner, program, and disclosure documents; advise on consumer lending regulation, AML/BSA, OFAC, KYC, and payments compliance; partner with outside counsel and cross-functional teams to design, govern, and scale lending and payments products.
2 Days Ago
In-Office or Remote
23-23 Hourly
Entry level
23-23 Hourly
Entry level
Consumer Web • eCommerce • Machine Learning • Software • Sports • Analytics
Provide in-person customer service at hobby shop submission centers: intake, package, and ship collectibles; resolve customer issues via phone and email; solicit business; support events and trade shows; track submission center performance; collaborate with shop management to improve processes and drive revenue.

What you need to know about the Chicago Tech Scene

With vibrant neighborhoods, great food and more affordable housing than either coast, Chicago might be the most liveable major tech hub. It is the birthplace of modern commodities and futures trading, a national hub for logistics and commerce, and home to the American Medical Association and the American Bar Association. This diverse blend of industry influences has helped Chicago emerge as a major player in verticals like fintech, biotechnology, legal tech, e-commerce and logistics technology. It’s also a major hiring center for tech companies on both coasts.

Key Facts About Chicago Tech

  • Number of Tech Workers: 245,800; 5.2% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: McDonald’s, John Deere, Boeing, Morningstar
  • Key Industries: Artificial intelligence, biotechnology, fintech, software, logistics technology
  • Funding Landscape: $2.5 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Pritzker Group Venture Capital, Arch Venture Partners, MATH Venture Partners, Jump Capital, Hyde Park Venture Partners
  • Research Centers and Universities: Northwestern University, University of Chicago, University of Illinois Urbana-Champaign, Illinois Institute of Technology, Argonne National Laboratory, Fermi National Accelerator Laboratory

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account