Business Security Partner, Security Engineer

About Playlist

At Playlist, we believe life's richest moments happen when people step away from screens to move, connect, explore, and play. We are building the definitive platform for intentional living, connecting people with inspiring experiences in fitness, wellness, and beyond. With popular brands like Mindbody and ClassPass, Playlist empowers businesses and individuals, making it effortless for aspirations to become actions. Join us in reshaping technology's role to foster meaningful, real-world connections.

The Role You'll Play as a Business Security Partner, Security Engineer

As a Business Security Partner, Security Engineer, you will serve as a crucial connector between the Cyber Security team and the broader business. Your role involves helping various teams understand and effectively apply security best practices across our vertical SaaS ecosystem. You will collaborate closely with product and go-to-market teams to integrate security considerations throughout development cycles and operational workflows.

Key responsibilities include:

• Translating complex technical risks into clear, actionable insights for non-technical partners, enabling informed decision-making across teams.
• Supporting remediation plans for identified risks by coordinating efforts with Product Security, Cyber Defense, GRC, and Enterprise Systems teams.
• Tracking, managing, and escalating security risks and exceptions to ensure stakeholders are consistently aligned and informed.
• Supporting security assessments, audits, and control implementations to maintain compliance with relevant standards such as PCI DSS or HITRUST.
• Helping to drive strategic security initiatives and measuring progress against long-term organizational goals.
• Staying continuously informed about evolving trends, tools, and emerging threats within cybersecurity, particularly those impacting SaaS and wellness technology environments.

The Experience You’ll Bring

To succeed in this role, you should possess 2–4 years of experience in information security or technical roles, ideally within SaaS or product development environments. Key qualifications include:

• Familiarity with cloud security principles, secure SDLC practices, DevSecOps methodologies, and adherence to key frameworks like PCI DSS or HITRUST.
• Strong communication skills and a natural ability to build effective relationships across both technical and non-technical teams.
• Proven experience working cross-functionally to assess, advise on, or mitigate security risks.
• A self-starter mindset, comfortable managing day-to-day tasks independently while understanding when to seek input and collaboration.
• Genuine curiosity for understanding how different teams and systems function, coupled with a desire to continuously expand your security knowledge.
• A passion for purpose-driven security work that actively protects user trust and enables innovation within the company.
• A collaborative spirit that thrives in fast-moving, cross-functional team environments.

Key skills/competency

• Information Security
• Cloud Security
• Secure SDLC
• DevSecOps
• PCI DSS
• HITRUST
• Risk Management
• Cyber Defense
• GRC (Governance, Risk, and Compliance)
• Stakeholder Communication