Head of Cybersecurity & IT Risk Management
Boston, MA
Wayfair Inc.
Shop Wayfair for A Zillion Things Home across all styles and budgets. 5,000 brands of furniture, lighting, cookware, and more. Free Shipping on most items.Wayfair is looking for an experienced Technology Leader to own the vision, strategy and execution of Wayfair’s global Cloud Security and IT Risk Management roadmap across all of our retail brands (Wayfair, Perigold, AllModern, Joss & Main, Birch Lane) and geographies (currently 5 countries - US, CAN, UK, GER, IE). In 2021, Wayfair processed ~$14 billion in net revenue which at our $800+ billion (and growing) total addressable market means we are just getting started.
This team’s mission is to enable and secure our enterprise business through world-class Cloud Security, aiming to create a delightful experience for our customers, employees, and suppliers while managing any cybersecurity risks.
This role empowers a cross-functional team of engineering, product management, program management, and analytics. We’re in the midst of our global cloud migration journey and rapidly expanding our use of GCP to meet customer demand with a focus on efficiency, scalability, and profitability, with real-time impact on the entire business.
What You’ll Do:
- Create and drive a world-class Cloud Security roadmap, devising a strategy that will delight our customers and enable our business.
- Focus a broad, cross-functional team (~55 people) on business outcomes (ie increasing security), developing solutions to real customer problems.
- Collaborate effectively with senior partners (Legal, Employee Technology, Cloud Infrastructure) and C-Suite to ensure cross-Wayfair alignment and support for the cloud security strategy and vision.
- Be a technology decision maker by aligning business objectives with product orientation.
- Foster a team culture of high accountability, trust, collaboration, and empowerment.
- Leverage data to understand risk, impact, scope, and priorities of our business objectives, and enable the team to drive results.
- Contribute meaningfully to the development of software engineering or product fundamentals and execution of technology at large.
- Research the rapidly changing cloud security and IT risk management industries and driving alternate solutions.
What You’ll Need:
- 10+ years of Cybersecurity leadership experience.
- Deep Cloud Security domain experience and a passion for driving a customer-centric experience. Public Cloud experience required (GCP, AWS, Azure). GCP experience would be great!
- Intellectual curiosity about how we can enable the security of our customers, employees, and suppliers via:
- Technical security components including, but not limited to, penetration testing, vulnerability scanning, patch management, security incident management.
- Technical mapping of prioritized compliance and privacy standards, including but not limited to SOC2, CCPA, GDPR.
- Internal security processes and enforcement including warehouse cybersecurity, laptop/mobile security.
- Quarterly tabletop incident response exercises for the executive team, as well as partners with the tech talent team to develop Security training modules for all of Wayfair.
- Track record of delivering on key cloud security KPIs and customer wins.
- Demonstrated ability to grow a technology team, enabling a culture focused on customer happiness, trust, and ownership.
- Communication skills with demonstrated ability to navigate a complex organization, rally people around an exciting vision, and generate buy-in for ideas and plans.
- Strong technical background and ability to partner closely with business, experience design, and analytics.
About Wayfair Inc.
Wayfair is one of the world’s largest online destinations for the home. Whether you work in our global headquarters in Boston or Berlin, or in our warehouses or offices throughout the world, we’re reinventing the way people shop for their homes. Through our commitment to industry-leading technology and creative problem-solving, we are confident that Wayfair will be home to the most rewarding work of your career. If you’re looking for rapid growth, constant learning, and dynamic challenges, then you’ll find that amazing career opportunities are knocking.
No matter who you are, Wayfair is a place you can call home. We’re a community of innovators, risk-takers, and trailblazers who celebrate our differences, and know that our unique perspectives make us stronger, smarter, and well-positioned for success. We value and rely on the collective voices of our employees, customers, community, and suppliers to help guide us as we build a better Wayfair – and world – for all. Every voice, every perspective matters. That’s why we’re proud to be an equal opportunity employer. We do not discriminate on the basis of race, color, ethnicity, ancestry, religion, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, veteran status, or genetic information.
We are interested in retaining your data for a period of 12 months to consider you for suitable positions within Wayfair. Your personal data is processed in accordance with our Candidate Privacy Notice (which can found here). If you have any questions regarding our processing of your personal data, please contact us at dataprotectionofficer@wayfair.com. If you would rather not have us retain your data please contact us anytime at dataprotectionofficer@wayfair.com.
Tags: Analytics AWS Azure C CCPA Cloud Compliance GCP GDPR Incident response KPIs Mobile security Pentesting Privacy Risk management Security strategy SOC 2 Strategy
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs