RiskIQ is the leader in attack surface management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk and take action to protect the business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners and MassMutual Ventures. We are looking for a InfoSec Director to join our Product Management team. This position will be based remotely (US).
As a InfoSec Director at RiskIQ, you will:
- Build and maintain RiskIQ’s security compliance program to support SOC 2 and other compliance frameworks.
- Work with outside parties performing assessments against security and privacy standards like SOC 2 and privacy (GDPR/CCPA)
- Work with Development and TechOps teams to assess, then implementing, improve or refine new and existing security controls to enable compliance with standards and regulations
- Work with cross-functional stakeholders to complete security projects and implement new capabilities
- Program management and coordinate internal and external audit activities
- Support sales teams in responding to security RFP questions
- Experience with multiple compliance certifications preferred including: SOC, TrueSight, NIST, ISO, SOX, FedRAMP, HIPAA, HITRUST
- Knowledge of, or experience working with, Cloud technologies/environments, such as GCP, AWS, and Azure
- Experience working with Development and TechOps teams implementing, improving or refining security controls to enable compliance with standards and regulations
- Experience in external facing roles presenting to customers and partners
- Strong listing and presentation skills necessary to understand and communicate with a wide range of audiences
- In depth knowledge of security audit and risk management processes
Why work at RiskIQ?
- Fascinating work - Welcome to the dark underbelly of the Internet. RiskIQ’s ability to help organizations map and monitor their attack surface, detect internet-scale threats, and investigate adversaries led to skyrocketing adoption by security teams around the world. It is the golden age of internet crime, and we are at the forefront of defensive efforts to stem the tide. Internet security is a global growth industry, and the knowledge you acquire here will be a marketable skill for decades to come.
- We’re a company on the forefront of a burgeoning industry - RiskIQ experienced explosive growth in 2018, including a 362.5 percent increase in net new product sales due to the steady adoption of attack surface management across the world. We also experienced a 365 percent increase in registration for RiskIQ community, our freemium entry-level product, showing the increasing role of security outside the firewall to the growth of businesses.
- Top Leadership - Our CEO is a renowned cybersecurity veteran known for his expertise. Our leadership group is poised and experienced with a track record in technology and cybersecurity.
- Unbounded opportunity - We’re growing! At RiskIQ, you’ll be provided with as much responsibility as you can handle—new career development opportunities constantly arise given our rate of growth.
- Flexibility - You’ll have a large workload, but also the freedom to accomplish it on your own terms.