Signifyd is seeking a Director of Information Security and Compliance to develop, lead and manage security initiatives. Reporting directly to the SVP of Engineering, this critical leadership role will evolve Signifyd’s capabilities and manage a talented technical team with a forward-thinking and proactive approach to information security. Partnering closely with IT, DevOps, Legal and other company executives, you will continue development of a system security infrastructure that is built on high-quality standards, adheres to guidelines and controls that are regularly tested and reported, and meets compliance standards.
Responsibilities
- Work cross-functionally with leaders of technology and business teams to evolve our robust security program
- Identify and champion security projects to address identified risks and meet business security requirements
- Provide sales materials and representation for customer-facing RFP responses, relating to security and compliance questions
- Manage all 3rd party vendor relationships related to security efforts
- Manage all compliance schedules and ensure audits are completed successfully
- Manage a team of security engineers to provide guidance on cloud security architecture to ensure security-by-design
- Lead investment in threat detection and response systems used as a part of the overall security operations
- Lead technical security incident response efforts from identification to post-mortem
- Evolve threat and vulnerability management activities, identification of risk tolerances, recommended treatment plans, and communication on residual risk
- Attract and retain talent, and provide leadership, mentoring, and coaching, including technical and career development guidance for team members
- Own key internal processes for
- Security Event Management
- Vulnerability Threat Management (VTM)
- Investigations, Incident Response & Forensics
- Malicious Program Detection & Prevention
- Security Intelligence
- Security Assessments & Penetration Testing
Qualifications
- 7-10+ years of work experience in leading security teams with a deep understanding of incident response processes, cloud security, and vulnerability management
- Direct experience managing two or more compliance certifications for an organization
- Extensive experience working with legal teams, particularly privacy counsel
- Direct experience in high-pressure situations managing and responding to complex technical security incidents
- Demonstrated ability to communicate complex subjects from a strategic and tactical perspective to project stakeholders of varying technical levels
- Comprehensive understanding of and experience navigating GDPR and CCPA requirements in a global company
- Experience influencing key stakeholders to further our team security goals by design, detailed visibility, telemetry, and a proactive approach to addressing risk
- Excellent people and project management skills
- Bachelor's degree in Computer Information Systems, Information Technology, or related field (preferred)
#LI-Remote
(Colorado only*) Minimum salary of $200,000 + bonus + equity + benefits. *Note: Disclosure as required by sb19-085 (8-5-20) of the minimum salary compensation for this role when being hired into our offices in Colorado.
Benefits in our US offices:
- 4-day workweek
- Discretionary Time Off Policy (Unlimited!)
- BetterHelp Online Therapy Membership
- Dedicated learning budget through Learnerbly
- 401K Match
- Stock Options
- Annual Performance Bonus or Commissions
- Paid Parental Leave (12 weeks)
- Health Insurance
- Dental Insurance
- Vision Insurance
- Flexible Spending Account (FSA)
- Short Term and Long Term Disability Insurance
- Life Insurance
- Company Social Events
- Signifyd Swag