With the mission of capturing the biggest market share in the area of cyber security, network security, endpoint security, threat research, malware research, cloud security, we work together for a common goal of shaping the company’s future by designing and building the best in class robust and scalable security products for consumer and enterprise customers. As industry top performers, we aim to develop optimized high performance system software solutions with high availability and reliability.
This is where you come in. We are looking for a new team member who defined by his/her unique and innovative skills, style or point of view. You can be an architect, scientist, threat researcher, or a coder as long as you design things that matter.
The Manager, IT and Compliance will deliver day-to-day technical and managerial leadership to a small team (coaching, team building, mentoring, and technical guidance). Support 24x7x365 for desktop hardware, software and applications used by the entire organization. Provide onsite support for major marketing & sales events. Also, participate in planning meetings for new offerings and requirements as defined by the VP of Technical Operations. You will also be responsible for managing annual budget of all software and hardware assets. Handle contract and vendor management for various IT SaaS applications, tools and technologies. Support SSAE audits compliance process and procedures. Also, develop and implement end user policies and procedures and ensure security of data, network access and backup systems.
You will also be responsible for:
• Architecting and maintaining the security of our hosted environments, developing tools to manage and automate the security best practices, and advising teams on how to make use of security features.
• Working with Compliance to define unified requirements across multiple compliance efforts (ex: ISO, SOC2)
• Identifying practices or procedures that don’t adhere to existing compliance requirements.
• Working with those impacted teams to identify a path forward that meaningfully satisfies compliance requirements.
• Influencing the roadmaps of security, engineering, and other teams to enable compliance work.
• Establishing a program and a set of processes and procedures that ensure that we’re consistently compliant as the business grows and changes.
• The ideal candidate has a strong technical background and can reason about when a compliance challenge should be solved via policy, procedures and/or technology. This ensures we hit or exceed compliance requirements and maintain our ability to achieve business objectives.
Required Experience and Skills:
• Degree in Engineering, Computer Science, Information Systems, IT Security, Computer or Systems Engineering or equivalent combination of education and related industry experience resulting in demonstrated ability to perform major duties.
• 8+ years of experience in IT support and technologies with at least 2 years of experience working in a start-up
• 5+ years of experience working on security implementation or related experience
• Experience deploying and administering SaaS applications, specifically with Google Apps for work, Box, WebEx and Okta.etc.
• Experience with networking as it applies to Microsoft technologies and architecture (DNS, DHCP, Firewalls, Juniper Switching, Wireless Routing)
• 2+ years of experience supporting mixed Windows and Mac environments
• Basic knowledge of communications technologies, including internet, private networks, virtual networks and others.
• Ability to work with and analyze data-intensive and detailed information and to draw meaningful conclusions from that information.
• Excellent organizational skills with an ability to work on multiple projects simultaneously.
• Demonstrated experience in collaborating with teams and groups of technical specialists.
• Ability to work independently on multiple tasks while maintaining deadlines.
• Ability to manage projects with attention to detail for timely and accurate completion.
Desired Skills and Abilities:
• Led multiple large cross-organizational initiatives, ideally in support of security compliance (e.g. ISO 27018, ISO 270001, and SOC2). Specific experience working with Engineering, Ops, Legal, and Finance teams is a plus.
• Assess cyber security and physical security risk and controls of member organizations in preparation for scoping of compliance monitoring activities.
• Assess risk of possible non-compliance and recommend enforcement actions appropriate to the assessed risk posed by the violation.
• Review and analyze potential instances of non-compliance with CIP (Critical Infrastructure Protection) Standards.
• Assess the adequacy of a member organization’s mitigation plan and completion of mitigation plans.
• Following established guidelines, perform an inherent risk assessment and Compliance Oversight plans for the member organization.