Uphold

About Uphold

Uphold is a financial technology company that believes on-chain services are the future of finance. It provides modern infrastructure for on-chain payments, banking, and investments. Offering Consumer Services, Business Services, and Institutional Trading, Uphold makes pioneering financial services easy and trusted for millions of customers in more than 140 countries.

Uphold strips away the complexity and lack of transparency to open up Web3 finance for everyone.

To learn more about Uphold, please visit

https://uphold.com.

The Opportunity

Uphold is seeking a Head of Product, Information Security and Identity to lead the vision, strategy, and execution of its cybersecurity and Identity and Access Management (IAM) functions. This director-level, hybrid role—based in New York City with a required weekly in-office presence—blends product leadership with deep technical expertise to deliver secure, scalable solutions that protect users, systems, and data.

The ideal candidate will have a strong background in fraud detection and prevention, with demonstrated experience designing, implementing, and managing IAM solutions that safeguard sensitive information while proactively mitigating access-related fraud risks. Expertise in authentication protocols, role-based access control, and privileged access management is essential, along with hands-on experience using IAM tools and analytics to detect anomalies and prevent identity-based threats.

This role will collaborate closely with cybersecurity, compliance, and fraud teams to establish policies and controls that ensure secure and compliant access across the organization. Reporting to the VP of Product, the Head of Product will be responsible for defining product strategy, aligning cross-functional teams, and delivering solutions that meet the evolving needs of customers, regulatory frameworks, and emerging security threats—all while maintaining a seamless customer experience.

What you'll be doing primarily:

• Define and lead the product vision, roadmap, and strategy for information security and identity products, including authentication, access management, data protection, and threat detection.
• Collaborate with Engineering, Security, Legal, and Compliance teams to ensure product security, privacy, and regulatory compliance (e.g., GDPR, SOC 2, CCPA).
• Own the product lifecycle from discovery through delivery, including customer research, requirements definition, prioritization, and go-to-market planning.
• Build and manage a high-performing product team with expertise in security, IAM, and cloud infrastructure.
• Analyze market trends, competitive landscape, and emerging technologies to inform product direction.
• Serve as the voice of the customer and advocate for intuitive, secure, and scalable identity experiences.
• Partner with internal stakeholders (IT, security operations, DevSecOps) to ensure enterprise-grade security standards are applied across products.
• Represent the product function in executive discussions, customer briefings, and industry forums.

Required Qualifications:

• 10+ years of experience in product management with at least 5 years focused on information security, identity, or access management.
• Proven leadership experience managing product teams and cross-functional initiatives at scale.
• Ability to translate technical security concepts into user-friendly experiences through user stories, wireframing, and journey mapping.
• Experience using LLMs and other AI tooling to improve efficiency and productivity.
• Deep understanding of IAM protocols (e.g., OAuth, SAML, OpenID Connect), security frameworks (e.g., NIST, ISO 27001), and cloud-native security practices.
• Experience with enterprise SaaS platforms, security services, or developer-focused products.
• Strong analytical, communication, and stakeholder management skills.
• Bachelor’s degree in Computer Science, Engineering, or a related field, or equivalent hands-on experience.
• Experience working in regulated industries (finance, healthcare, government) and coordination with control functions. Crypto industry experience is a big plus!
• Ability to travel globally as needed.
• Experience working with global teams
• Self-starter: able to work asynchronously and independently
• Hybrid role: This role requires you to be in person in our NY office weekly.

Bonus if you have:

• Empathy for consumer and business user security experience and implementation considerations.
• Familiarity with DevSecOps, zero trust architecture, and security automation.
• Understanding threat modeling, data privacy, risk management, and fraud prevention.

Salary: $150K + DOE/Bonus/Options/Benefits/Lunch Provided in Office

What we have to offer you:

• An amazing work environment in a company that continues to grow, driven by extraordinary and passionate people that keep up innovating and challenging more each day.
• An international team, in a cutting edge field, working on the most fascinating projects.
• Growth and career opportunities, and the chance to be proactive and creative.
• A flexible and enthusiastic work environment that offers you snacks, a lot of coffee and other great benefits.
• Open and transparent culture - we get together on a weekly basis to share updates, strategic plans, and engage with each other informally over food and drinks.
• Interesting events that keep you connected with the team and celebrate our success.

EEOC Employer

We're proud to be an Equal Opportunity Employer and we celebrate our employees' differences, including race, color, religion, gender identity, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, disability, and any other protected classes. Difference makes us stronger and better - together.