Information Security Manager

Denver, Colorado, United States - Remote

Full Time Mid-level / Intermediate USD 114K - 170K

About the Company

Here at Skedulo we’re on a mission to support the 2.7 billion people in the world—and the companies that employ them—who do not work at a desk every day. Our global teams are collaborative, ambitious, innovative, and passionate about helping our customers realize their fullest potential by enabling their mobile workforces.

The Skedulo team is a tight-knit group of builders who are passionate about shaping the future of how work gets done outside of the traditional office setting. We are looking for motivated, self-starters who share our values, challenge the status quo, and push the pace of innovation in order to accelerate growth. If you’re drawn to solving hard problems and want to help develop software that will make a difference in people’s lives, Skedulo is for you. Visit our website to learn more about what Skedulo does and to learn more about our people and team.

About the Role

The Information Security Manager is responsible for managing Skedulo’s technology environment in-line with
agreed policies, frameworks and standards. Develops, manages, and executes security processes, policies,
and procedures in collaboration with the Head of Information Security. Leads complex cross-functional
projects that require an in-depth understanding of multiple security domains and threat modeling. Works in
conjunction with engineering, IT, and operations functions to identify and respond to threats to the
organization. Assesses risks proactively and expresses concerns to engineering and operations teams.


Job Responsibilities

  • Manages regulatory compliance tasks and requirements; researches and identifies industry compliance standards and develops compliance policies
  • Manages security awareness training activities for all staff
  • Leads vulnerability assessments on product developments - potential for penetration testing
  • Manages vendor relationships with security partners
  • Assists in developing Skedulo’s information security strategy and threat modeling
  • Enables field teams and advocates for Skedulo’s security posture across the company
  • Mentors and advises IT and cross-functional teams on security modeling

Requirements

Minimum Qualifications

  • Must have at least 5-7 years in a prior information security role (e.g., GRC, SOC, Incident Response, Penetration Testing)
  • Must have at least 2-4 years in managing regulatory compliance framework requirements (e.g., SOC2, ISO27001, NIST, GDPR)
  • Must have experience in security vendor ownership and managing operational processes.
  • Must have working knowledge of Mobile Device Management security policies
  • Must possess a thorough understanding of threat modeling and risk evaluation as it pertains to SaaS, and the ability to develop mitigation strategies.

Desired Skills/Experience

  • Formal education in Computer Science, Information Technology, Cybersecurity.
  • Working knowledge in AWS cloud infrastructure and ability to look at an existing landscape and interpret it
  • Familiar with Cloud Native infrastructure - container orchestration knowledge, particularly Kubernetes● One or more Certifications (CISSP, GWEB, GPEN, GWAPT, OSWE, OSCE, OSCP)
  • Knowledge of rules and regulations related to information security and data confidentiality (GDPR, HIPAA, CIS, ISO 27K, etc.)
  • Software development or scripting experience (Python, Shell, Java, JSON, Jira, etc.)


Additional Requirements

  • This position will require no more than 10% travel from time to time as set forth by the Company
  • Must have an authorized US work visa upon hire.


Pay Range: This position pays between $114,000 - $170,000 depending on regional location and experience.


We encourage you to apply

If you read through the requirements as a checklist and haven’t ticked every box, please don’t rule yourself out just yet. We’ve seen the research that women and other people in underrepresented groups tend to only apply when the checklist is all ticks and no crosses. Don’t self reject!

Skedulo is proud to be an Equal Opportunity Employer. We believe that a diverse makeup of our workforce is a reflection of the communities we care about and serve. We are committed to creating a diverse workplace and inclusive culture. All qualified candidates are considered for employment regardless of race, color, ancestry, age, religion, gender identity, gender expression, sexual orientation, national origin, veteran status, marital status, mental or physical disability, or any other characteristic protected by applicable law.


If you require assistance or accommodation due to a disability, please contact us at peopleops@skedulo.com.

Benefits

  • Fun, creative and fast-paced working environment
  • Competitive Healthcare Benefits
  • Competitive salary
  • 7 paid sick days per year
  • 4 weeks paid leave per year
  • 10 days paid public holiday per year
  • 8 Mental Health/Refresh paid days off per year
  • Mental Health Support/Resources through Modern Health
  • 3 Paid Volunteer Days per year
  • Working from Home Stipend
  • Stock Options/ Equity
  • 401k - 4% Company Match
  • Paid Parental Leave for both carers
  • Learning & Development Stipend
  • Employee Referral Bonus

Tags: AWS CISSP Cloud Compliance Computer Science GDPR GPEN GWAPT HIPAA Incident response ISO 27000 ISO 27001 Java Jira JSON Kubernetes NIST OSCE OSCP OSWE Pentesting Python SaaS Scripting Security strategy SOC SOC 2 Strategy

Perks/benefits: 401(k) matching Career development Competitive pay Equity Health care Home office stipend Parental leave Salary bonus Team events

Regions: Remote/Anywhere North America South America
Country: United States
Job stats:  39  4  1
Category: Leadership Jobs
  • Share this job via
  • or

Explore more InfoSec/Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.