Manager, Information Security
Remote, US
We are looking for an experienced leader to manage the portfolio of Information Security and Compliance initiatives. You will play a key role in spearheading various cross-functional programs and supporting other teams with their growing sets of needs.
The company is backed by strategic investor Foot Locker, Inc. as well as some of the leading names in venture capital including D1 Capital Partners, Accel, Andreessen Horowitz, Index Ventures, Matrix Partners, Upfront Ventures, Webb Investment Network and Y Combinator.
We encourage you to apply even if you feel unsure about whether you meet every single requirement. We look for people who are passionate about what we do, not just those who check off all the boxes.
GOAT Group will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, if applicable. If you are a California resident, please review our California Privacy Rights Notice for Job Applicants.
In this role you will:
- Establish baseline reporting metrics to effectively measure the health of the Information Security and Compliance domain and provide leadership-level reporting of events, incidents, and trends
- Develop systems and processes for monitoring, detecting, and alerting on anomalous behavior within GOAT Group environments
- Analyze known and emerging threats to determine risks against GOAT Group assets and employees
- Create, communicate and maintain security policies and standards across GOAT Group
- Collaborate with key stakeholders and partners (Legal, IT, People, Product, Engineering, Operations) to assess and audit the compliance of said relevant security policies and standards
- Develop and drive various Information Security and Compliance programs (e.g., incident response protocols and procedures, security awareness training for employees, etc…)
- Perform vendor risk assessments in partnership with Legal and Procurement
- Lead the design and development of tools to automate security controls and security workflows
- Ensure business and technology operations align with industry and regulatory compliance controls (e.g., PCI, GDPR, CCPA, IT SOX, SOC 2, etc…)
We are looking for:
- BS degree preferred
- 5+ years of hands-on management experience
- Ability to effectively drive, track and report on adoption of key information security and compliance initiatives internally within an organization
- Experience with various security and compliance technologies and services (e.g., SIEM, IDS, Vulnerability Management, DLP, Network Security, EDR, Pen Testing, Bounty Programs, Security Training Programs, etc…)
- Preferred certifications: CISSP, CISM, CISA, GIACStrong knowledge of industry and regulatory compliance requirements and frameworks (e.g., PCI, GDPR, CCPA, IT SOX, SOC 2, NIST CSF, ISO27001, HITRUST, etc…)
- Experience/skills in documenting risk and compliance policies, standards and activities
- Proven track record of bridging technical and non-technical partners across all levels of the organization in order to drive alignment
- Experience collaborating with engineering teams to develop internal tools and solutions
- Strong communication and stakeholder management skills
- A quick learner, a self-starter, able to work autonomously, and you're willing (and able) to handle the pressures of increasing levels of responsibility
The company is backed by strategic investor Foot Locker, Inc. as well as some of the leading names in venture capital including D1 Capital Partners, Accel, Andreessen Horowitz, Index Ventures, Matrix Partners, Upfront Ventures, Webb Investment Network and Y Combinator.
We encourage you to apply even if you feel unsure about whether you meet every single requirement. We look for people who are passionate about what we do, not just those who check off all the boxes.
GOAT Group will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, if applicable. If you are a California resident, please review our California Privacy Rights Notice for Job Applicants.
Tags: CCPA CISA CISM CISSP Compliance EDR GDPR HITRUST IDS Incident response ISO 27001 Monitoring Network security NIST Pentesting Privacy SIEM SOC 2 Vulnerability management
Perks/benefits: Team events
Regions:
Remote/Anywhere
North America
Country:
United States
Job stats:
20
3
0
Category:
Leadership Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Senior Cyber Security Specialist jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs