Job Specifications
WHO WE ARE:
ActBlue is a nonprofit organization dedicated to creating cutting-edge technology that fuels Democratic victories and enables progressive causes to thrive.
Our vision is simple: building change through the power of people. Since our founding, we've been building innovative solutions to revolutionize grassroots fundraising - if you've donated to a Democratic campaign or a progressive organization online, you've probably used our platform! We believe in putting power in the hands of small-dollar donors by helping thousands of groups -- from local candidates to national movements -- mobilize their communities and create a lasting impact. Every member of our team is deeply committed to advancing our shared mission and core values. Together, we are shaping the future of democracy.
THE OPPORTUNITY:
ActBlue is seeking a Senior Director, Security & Risk to advance our organization-wide security program. You'll oversee cybersecurity, fraud prevention, and physical security, guiding a talented team that's built modern systems and controls to protect our people, data, and infrastructure. Your leadership will take this our program to the next level - scaling automation, strengthening cross-functional partnerships, and deepening resilience as new challenges emerge.
This role is an opportunity to lead a function at the heart of a mission-driven tech organization, empowering teams to innovate confidently while ensuring our platform remains secure, stable, and trusted.
WHAT YOU WILL DO:
Champion security as an enabler by building engineering solutions that default to creating secure pathways for innovation rather than roadblocks to progress.
Lead the comprehensive Security Engineering vision, including cyber security, fraud prevention, and physical security. Emphasize automated solutions to decrease manual tasks and enhance protection.
People Leadership: Lead the Security team by setting direction for the function and enabling others to achieve ambitious goals. Maintain accountability for team performance and development while ensuring the security function aligns with organizational objectives.
Manage executive-level stakeholders across the entire organization; build trust with leadership through updates on security status and incidents, strategic initiatives, and how they affect the business.
Oversee fraud prevention capabilities that leverage industry-leading machine learning, real-time analysis, and intelligent automation to protect our platform and users.
Architect zero-trust security solutions that enable remote work and protect our distributed infrastructure.
Partner with Platform and Product Engineering teams to embed security capabilities directly into their workflows, making secure development the path of least resistance.
Drive security automation and tooling that eliminates manual security reviews where possible and accelerates secure delivery.
Own our physical security program supporting employee safety across regular workdays, employee travel, and internal/external events
Invest in your team's growth by fostering a culture of continuous learning, security innovation, and engineering excellence.
Contribute to recruiting and management practices that build a diverse security engineering team where all members feel empowered to innovate.
WHAT YOU BRING:
10+ years or equivalent leading security engineering teams with a track record of building security capabilities as engineering products, not advisory services.
5+ years of experience architecting and implementing security automation, CI/CD security integration, and DevSecOps practices.
5+ years of experience leading high-performing teams
A builder's mindset that sees security challenges as engineering problems to be solved through automation, tooling, and platform capabilities.
Deep technical expertise in cloud security (preferably AWS), container security (Kubernetes/EKS), and modern application security.
Experience building fraud detection and prevention systems using data analysis, machine learning, and real-time decision engines.
Outstanding communication skills with the ability to influence without authority and build trust across engineering, product, and business teams.
Experience with payment systems security, PCI compliance, and financial fraud prevention.
A pragmatic approach to risk that balances security needs with business velocity and user experience.
Experience leading physical security programs (access control, badge management, surveillance platforms, protection details, SOC design)
Demonstrated ability to integrate physical and cyber security for unified threat detection
Experience managing security for distributed teams and remote-first organizations
BONUS POINTS IF...
Strong background in electoral politics and/or the political technology space
Experience securing high-volume, high-visibility platforms that are frequent targets of attacks
Background in payments security, financial services, or e-commerce platforms
Exper
About the Company
At ActBlue, we build tech and infrastructure for Democratic campaigns, progressive-aligned causes, and people working to create a better future. We put power in the hands of small-dollar donors and make giving online as easy as possible. And we work with thousands of groups -- from presidential candidates to environmental organizations to local school board members.
Know more