Head of Information Security (Remote)

Mountain View, CA

Arm Treasure Data logo
Arm Treasure Data
Apply now Apply later

Posted 2 weeks ago

Treasure Data is seeking a Senior Director of Information Security to partner with engineering and IT, leading our Security team to ensure the security of our product and systems.  
Treasure Data offers a Customer Data Platform (CDP) that unifies customer data from disparate sources to deliver a holistic view of the customer enabling insights and actions with the objective of optimizing personalized customer journeys. 
Treasure Data employs differentiated technologies to enable our customers to ingest and unify customer data, run machine learning on customer data and syndicate with 3rd party SaaS products for activation. Numerous large global customers, like Subaru, Panasonic, LG and Canon trust Treasure Data to handle their data complexity, scale and security requirements.
Security is a core component of our SaaS product offering and as such we are seeking strong leader who can lead our Security team to ensure success with our customers, regulators, and internal teams.  Our Security team focuses on ensuring compliance with US government, customer and local country-specific requirements by ensuring; that the environment in which our teams operate enables them to perform their jobs in the most secure manner, adopt and maintain world class capabilities to detect and respond to security incidents, and partner with Engineering, Product and IT to develop secure, world-class solutions.  
If you are a collaborative leader who wants to be part of a fast-paced, growth-oriented company, where you can make a significant positive business impact to the Company, customers and stakeholders, then you’ve come to the right place.  

  • What You Will Do:  
  • •Lead the Security Operations, Governance, Risk, and Compliance team to comply with country-driven requirements and keep our security certifications up to date•Collaborate with the U.S. Security Officer to respond to U.S. Government requests and requirements    •Lead the team on ensuring that Treasure Data has put in place the right tools to detect and react to security incidents  •Head the response to security incidents, guiding management, marketing, IT, product and engineering timely and in a manner that mitigates negative impacts to our customers and to the company  •Build and drive the security road map aligned with the engineering and product road map•Be the go-to leader for engineering in addressing security related product problems •Provide the information and decision-making structures to drive security risk-based decisions in all parts of the organization•You will be a key part of the sales cycle, working with the Sales team to show customers the depth and strength of Treasure Data’s security program, leading security aspects of contract negotiations and be recognized for your security expertise in contract negotiations •Motivate and engage a team of highly skilled security professionals.  
    Your candidacy will be enhanced/strong preference to those who have/do:  •Led a progressive and agile security team operating in a high growth late stage private SaaS data business, with a global footprint•Implemented a robust security framework and compliance practices in a cloud native environment•Demonstrable experience influencing DevOps teams to adopt security best practices in the cloud •Experience integrating with MSSPs to ensure security event detection is approached holistically, while balancing associated impacts to cross-functional teams and cost. •Industry certifications: CISSP, CCSP, OSCP, GCIH•Recruited, retained and developed a high performing security team/org and demonstrates significant progress and drive the evolution of the security environment•Experience and knowledge of one or more of the following:  United Compliance Framework (UCF), NIST 800-171, NIST 800-53, SOC 2, Privacy Mark, ISO 27001, ISMS-P, HIPAA, CMMC•Collaborated with engineering to deliver high impact security solutions•Use a risk-based mentality that’s able to right-size solutions to the size and ambition of a company•Built scalable processes that demonstrate a strong a partnership with customers and vendors on company security policies and road maps•Work with all levels of an organization and are willing to roll-up-your sleeves•Get things done through influence vs. direct authority•Champion building security into, not on top of a business  •Communicate with executive-level written and verbal communication standards that provide clear guidance on strategy, timeline, required investments, and expected results•Led enterprise-level vulnerability management, threat intelligence, continuous monitoring, application security, and data loss prevention•Seamlessly transition between technical domains such as: cloud, network, endpoint, and systems security•Prioritize business outcomes and focus efforts on the best ROI, and key strategic areas•Have experience defining and managing performance using OKRs and KPIs to report on security efficacy•Are creative and react to roadblocks with novel solutions that support proactive planning•Have an uncompromising level of personal integrity that does not affect your ability to be collaborative and flexible in problem-solving using a risk-based, outcome-focused approach
Job tags: CISSP DevOps GCIH Go ISO 27001 Machine Learning NIST OSCP SaaS SOC 2 Strategy Threat intelligence Vulnerability management