Head of Security Operations

Catena Clearing is a universal data API that simplifies and connects logistics data from diverse sources, supporting platforms, fleets, and shippers in streamlining operations and generating actionable insights. With over 125 prebuilt integrations for the most widely used ELD systems in the U.S., it ensures seamless connectivity within the trucking ecosystem. Supported by $8.25M in funding from prominent investors including Shaper Capital and PlugNPlay, the company is a rapidly growing leader in logistics technology.Role Description:We normalize real-time telematics and execution data from millions of devices across trucks and trailers including 200+ providers into a single API. Our customers are directly or indirectly enterprise TMS platforms, brokerages, and large carriers who put us at the center of how freight moves. That means security and trust are not a back-office function for us, they are part of the product, and they unlock every enterprise sale. We are hiring our first Head of Security to own security, trust, and compliance end-to-end. You will run SOC 2 Type II, lead every enterprise security review, harden the platform alongside engineering, and represent Catena to customer security teams and the board. This is a builder role where you write the playbook, then build the team behind post Series A.What You Will Do:Own Compliance & Trust: you’ll complete and maintain SOC 2 Type II, then drive the roadmap to ISO 27001, HIPAA-readiness, GDPR, and any framework our enterprise customers require. You’ll own the policy library, audit cadence, and evidence collection and make sure the program scales with the company, not against it.Run Customer Security Reviews End-to-End: you’ll be the security voice in front of every enterprise customer: questionnaires, architecture deep-dives, vendor risk assessments, DPAs, and contract negotiations. You’ll turn what is usually a sales blocker into a sales accelerant.Build the Trust Center: you’ll create and maintain Catena’s public trust posture, Trust Center, security documentation, certifications page so prospects can self-serve answers and enterprise procurement moves faster.Harden the Platform with Engineering: you’ll partner with engineering on secure SDLC, threat modeling, code review standards, secrets management, and pre-prod gates. Application security for our APIs and customer integrations  the data plane where customer trust lives or dies, is core to the role.Own Cloud & Infrastructure Security: you’ll set the bar for IAM, network segmentation, encryption, logging, monitoring, and vulnerability management across our cloud footprint. You’ll establish the incident response program, detection, on-call, runbooks, customer notification, post-incident reviews and run it when it matters.Protect Sensitive Carrier & Driver Data: you’ll own how we handle HOS, location, telemetry, and PII end-to-end: classification, retention, sharing, deletion, residency. You’ll define the boundaries with our carrier and platform partners and enforce them.Lead the Program: you’ll report to the CEO, brief the board on security posture and risk, and operate as a hands-on player-coach until it’s time to hire the team behind you. You’ll champion security as an enabler across engineering, sales, and CS.Who You Are:A strong candidate is a security leader who has built a program from scratch at a SaaS or data-platform company and earned trust from enterprise customer CISOs while doing it. You’ve owned SOC 2 Type II end-to-end, survived rigorous customer security reviews, and you can read the cloud config and the code, not just the policy doc. You’re comfortable being the first security hire and writing the playbook before the team exists.Specifically, you:Have 10+ years in security: with 3+ years owning the security function at a SaaS or data-platform company. Prior CISO, Head of Security, or equivalent title preferred.Have run SOC 2 Type II end-to-end: and ideally one of ISO 27001, HIPAA, or FedRAMP and you’ve survived enterprise security reviews from Fortune 500 customers.Are hands-on technical: with strong working knowledge of cloud security (AWS preferred), application security, and modern SaaS architectures. You can dig in, not just delegate.Have handled sensitive operational data: in logistics, telematics, fintech, or similarly regulated/high-trust domains.Are a credible security voice: in front of customer CISOs, enterprise procurement, auditors, and the board. You can turn a 300-question security review into a sales win.Write and communicate clearly: because most of this job is influence, internally with engineering and externally with customers, not enforcement.Are comfortable as the first hire: in a function: you build the program, then build the team. Seed-to-Series-B experience is a plus.Experience in logistics, freight, or telematics data is a genuine plus, but curiosity about the domain matters more than prior exposure. Relevant certifications (CISSP, CISM, CCSP, AWS Security Specialty) are welcome but not required.Why Catena? Why Now?Catena has raised $8.25M from Shaper Capital, Floating Point, Plug and Play, Liquid 2, and leading industry angels. Customers are already using us in production including modern TMS platforms (Mastery, Optym), large brokerages, and mid-to-large direct carriers operating 100–1,000+ trucks. Many of them are also investors.Security and trust are now first-class at Catena. SOC 2 is in flight, enterprise customers are pulling us up-market, and the next stage of growth depends on the program this role builds. The Head of Security who joins now will define the function, sit on the leadership team, and have direct access to the CEO, the board, and the customers whose trust we’re earning every day.Compensation: Competitive salary, meaningful equity, full benefits, 401k match.Optional travel for team offsites and occasional customer on-sites. Headquartered in New York City, but 100% remote work is allowed if you are not located in NYC. If in NYC, we try and meet 2-3 times in office a week when we are not on the road.