Security Manager

We use state-of-art AI plus intuitive UI to eliminate useless paperwork and make the whole world go faster. The business documents we are processing include invoices, contracts or healthcare records – our customers need to be sure they stay confidential and that makes security critical to our business.

We are already processing up to hundreds of documents per minute. But this volume grows exponentially, and the scope of our product only slightly slower. Meanwhile, we are striving to maintain a security mindset and responsibility in all our teams through rapid growth, and need your help coordinating that.

Our Tech Stack

Rossum is a cloud & Python company (not uncommon for an AI startup).

  • Our backend services are written in Django or Flask.
  • All our services are deployed in Kubernetes clusters, currently in AWS. (But we avoid relying on the AWS ecosystem too much.)
  • Our deployments and releases are 98% based on GitOps, with infrastructure defined as code and managed by GitLab-based CI+CD pipelines.
  • We already implement all the basic security best practices, from SSO/MFA everywhere, over strict encryption of all data at motion and at rest, to centralized logging in ELK stack. But we have a long security roadmap ahead of us. 🙂

About you

We are all geeks and hackers who like to engineer beautiful systems, all the way to Rossum’s CEO. You will fit right in if you:

  • Think about security from the first principles – you care more about actual impactful risk mitigation than a paper certificate.
  • Have a “better done than perfect” mindset but are able to refuse to compromise where it really matters.
  • Have shown great communication skills to educate others about the importance of security choices we make when they affect them.
  • Are comfortable interacting with the customer security teams and educate them about our security, both in spoken and written form.
  • Were responsible for timely security incident responses from investigation to resolution and long-term improvements.
  • Aren’t afraid to develop and implement security policies, protocols and procedures within the company (we currently use Tugboat Logic as our compliance platform, have ISO 27001, HIPAA and are working on SOC 2 Type II).
  • Demonstrated the ability to manage significant security implementation projects that include both technical implementation, non-technical compliance aspects (such as HR and legal processes) and rollout to non-technical teams.
  • Are honest and bullshit-free. You base your opinions on data, but don’t cling to it in the face of good arguments.
  • Are passionate about your work for both technical merits and its strong purpose.

What we offer 

We are building a hyper-growth SaaS startup following the best Silicon Valley practices in Prague.

  • The chance to build a Security & Compliance team from the ground up.
  • Employee Stock Option Plan, which we designed as the fairest in Prague.
  • Enjoyable working environment in the very diverse team (21+ nationalities) and direct cooperation with Rossum’s founders, mainly Rossum’s CTO Petr Baudiš.
  • A laptop of your choice & necessary tech is a given.
  • 5 weeks of vacation, flexible working hours and home office setup.
  • Tasty snacks & the best coffee and tea in Prague.
  • English language lessons on all levels.
  • Multisport card to get your workout at any of 2 700 places in Czechia.
  • Beautiful office with 200 m2 terrace and a view of the Prague castle in the heart of Karlin.

About Rossum

We are automating document communication. Thousands of lifetimes per day are burned on manually dealing with documents in enterprise back offices. It’s a terrible job, and it makes the whole world go slower. Right now, we already process up to hundreds of documents per minute to save our users 85% of this work, serving some of the world’s best companies. Our mission is to create a world that builds rather than types, as companies that switched from email to Slack and Teams for internal communication next switch to Rossum for their orders and invoices.

We raised money from some of the best VCs in Europe and top American angel investors who backed startups like Airbnb, Revolut, or UiPath before. We are now pre-Series-A in terms of funding and grow 300% a year. (Learn more)