Corporate Security Team Leader

 
What You’ll Be Doing
Develop and maintain-multi year security risk management capability roadmap      
Build and mature policy and control framework supporting various standards including ISO 27001:2013, SOC 2, GDPR, and data protection laws.    
Manage and improve our customer-acing processes including due diligence questionnaires, supporting our sales cycle, and security contract negotiations    
Lead and improve IT Security initiatives including Identity Lifecycle Management, Endpoint Security, DLP, Security of SaaS services in cloud environment    
Drive continuous improvement to third party risk assessment    
Maintain and mature comprehensive security awareness and training programs    
Ensure the security of the organization’s financial, physical and intangible assets through a balanced, holistic and integrated approach to the following: People, Process, and Technology    
Lead our effort to create and enhance ITGC (Information Technology General Controls) compliance    
Collaborates with security vendors, safety, facilities, leadership and human resources to resolve security related matters and issues as necessary    
Lead development of Security KPIs and metrics to track security program effectiveness     
 
Qualifications
Proven leader with a track record of building, growing and mentoring teams to drive results      
4-6 years of security experience in relevant security domains (compliance, IT security, security risk management, etc)    
Thorough understanding of security principles in a SaaS environment, what it takes to secure data, and how to communicate security concepts to customers and stakeholders    
Deep understanding of ISO 27001:2013 and SOC 2 reporting    
Solid fundamentals in Endpoint Security, Cloud Security and Securing SaaS services.    
Understanding of user access management on SaaS platforms – experience with Okta an advantage    
Ability to analyze information security events, identify threats, and articulate findings    
Ability to work both independently and within a team    
Experience in developing security policies, procedures, and operational working instructions    
Experience recruiting and building out high performing security teams – an advantage    
Incident response experience – an advantage    
Native English speaker with excellent written and oral communication skills – an advantage