Director of Information Security and Compliance

Signifyd is seeking a Director of Information Security and Compliance to develop, lead and manage security initiatives. Reporting directly to the SVP of Engineering, this critical leadership role will evolve Signifyd’s capabilities and manage a talented technical team with a forward-thinking and proactive approach to information security. Partnering closely with IT, DevOps, Legal and other company executives, you will continue development of a system security infrastructure that is built on high-quality standards, adheres to guidelines and controls that are regularly tested and reported, and meets compliance standards.

Responsibilities

• Work cross-functionally with leaders of technology and business teams to evolve our robust security program
• Identify and champion security projects to address identified risks and meet business security requirements
• Provide sales materials and representation for customer-facing RFP responses, relating to security and compliance questions
• Manage all 3rd party vendor relationships related to security efforts
• Manage all compliance schedules and ensure audits are completed successfully
• Manage a team of security engineers to provide guidance on cloud security architecture to ensure security-by-design
• Lead investment in threat detection and response systems used as a part of the overall security operations
• Lead technical security incident response efforts from identification to post-mortem
• Evolve threat and vulnerability management activities, identification of risk tolerances, recommended treatment plans, and communication on residual risk
• Attract and retain talent, and provide leadership, mentoring, and coaching, including technical and career development guidance for team members
• Own key internal processes for
• Security Event Management
• Vulnerability Threat Management (VTM)
• Investigations, Incident Response & Forensics
• Malicious Program Detection & Prevention
• Security Intelligence
• Security Assessments & Penetration Testing

Qualifications

• 7-10+ years of work experience in leading security teams with a deep understanding of incident response processes, cloud security, and vulnerability management
• Direct experience managing two or more compliance certifications for an organization
• Extensive experience working with legal teams, particularly privacy counsel
• Direct experience in high-pressure situations managing and responding to complex technical security incidents
• Demonstrated ability to communicate complex subjects from a strategic and tactical perspective to project stakeholders of varying technical levels
• Comprehensive understanding of and experience navigating GDPR and CCPA requirements in a global company
• Experience influencing key stakeholders to further our team security goals by design, detailed visibility, telemetry, and a proactive approach to addressing risk
• Excellent people and project management skills
• Bachelor's degree in Computer Information Systems, Information Technology, or related field (preferred)

#LI-Remote

(Colorado only*) Minimum salary of $200,000 + bonus + equity + benefits. 
*Note: Disclosure as required by sb19-085 (8-5-20) of the minimum salary compensation for this role when being hired into our offices in Colorado.

Benefits in our US offices:

• 4-day workweek
• Discretionary Time Off Policy (Unlimited!)
• BetterHelp Online Therapy Membership
• Dedicated learning budget through Learnerbly
• 401K Match
• Stock Options
• Annual Performance Bonus or Commissions
• Paid Parental Leave (12 weeks)
• Health Insurance
• Dental Insurance
• Vision Insurance
• Flexible Spending Account (FSA)
• Short Term and Long Term Disability Insurance
• Life Insurance
• Company Social Events
• Signifyd Swag