Senior Manager of Information Security

About Blueboard:Blueboard is an employee recognition and incentives platform powered by hand-curated experiences. Our platform makes it easy for companies to give meaningful rewards, incentives, and gifts—from one-of-a-kind to once-in-a-lifetime experiences. From a luxurious spa day to a trip around the world to see the Northern Lights to a family adventure behind-the-scenes at a local aquarium, we make it simple for companies to give their top performers memorable, meaningful, and personalized experiences. With Blueboard, employees enjoy incredible experiential rewards, and our clients increase employee engagement and elevate their team cultures.
Born and raised in San Francisco, Blueboard launched in 2014 and now serves hundreds of clients across the world. Our global team is over 200 Blueboarders strong, and we are thrilled to be a Great Place to Work, as well as one of Fortune’s Top 100 Workplaces. We are venture-backed by Greycroft, Origin Ventures, Bullpen Capital and others, with offices in San Francisco, San Diego, and Europe. Learn more at Blueboard.com.
We are building a team rich in diverse talents and experiences, and we welcome all applicants. If you’re not sure whether you’re qualified, but you’re passionate about Blueboard, we encourage you to apply!

Your Responsibilities Will Include:

• Lead a team of security engineering professionals responsible for planning, design, implementation, attack mitigation, and ongoing support of security systems of high complexity to fulfill the business needs
• Provide deep technical understanding of security systems at different layers - including network, cloud, databases, authentication policies, endpoint connectivity, advanced malware defense, data security.
• Be responsible for effectively and efficiently managing application endpoint protections. In doing so, undertake research of threat vectors and provide mitigation strategies.
• Work with stakeholders, mentoring and providing technical guidance on network security. Stakeholders include cross-functional teams from IT, HR, Legal and Sales departments.
• Partner with Corporate IT Support for establishing best practices around hardware and device security, software evaluation processes in an efficient way.
• Stay up-to-date on current Information Security industry best practices and advise management for upcoming changes and strategies to incorporate within corporate security framework
• Design, document, manage the adoption and enforcement of information security policies and procedures for Internal and engineering systems while collaborating on changes and improvements with a highly influential attitude.
• Develop, nurture, and manage security team staff, including selection, goal setting, annual reviews, compensation planning, and career development.
• Assist in hiring critical talent based on the organization's strategic requirements.
• Serve as a “trusted advisor” and communicator to internal teams, on the corporate security requirements and best practices for compliance and regulations - including but not limited to -  SOC2, GDPR, and CCPA.
• Collaborate and compile a corporate security roadmap by prioritization, planning of projects and features, stakeholder management, and tracking of product and customer requirements.
• Respond to and assist with due diligence and internal/external security audit requests pertaining to Information security Identify and evaluate future security risks to help strike an optimal balance for Blueboard.
• Identify opportunities for future enhancements and refinements to security standards and processes.
• Carry out threat and risk assessments (TRAs) and develop security architecture to mitigate threats.
• Assist in closing sales opportunities that require information security inputs.
• Assess the security qualifications of current and potential vendors.

Your Skills and Qualifications Include:

• Bachelor's engineering degree in a technical field such as computer science, computer engineering or equivalent practical experience.
• Between 8-12 years of years of total experience on all facets of Corporate Information Security.
• Deep understanding of cloud technologies, network security, data security.
• Experience managing/ implementing Crowdstrike, Qualys, Elastic and/or equivalent InfoSec tools.
• At least 5+ years of experience and hands-on expertise in Information security, penetration testing, and security infrastructure tuning/deployment. At least 2+ years of leadership role, which includes leading, mentoring teams of security and information systems professionals meeting business goals as leader. 
• Cross-functional working experience with IT, HR, Legal, Sales departments is a huge plus.
• Excellent foundational understanding of malware analysis, network threats and related security controlsExcellent understanding of  InfoSec Risk Management, Cyber Security, and SOC-2 framework along with controls used for securing a business' computer networks and digital information.
• Good understanding with regulatory compliance requirements such as SOX, PCI-DSS, GDPR compliance, ISO, NIST, and PCIUnderstanding of IT/Cyber security & Networking concepts i.e. DMZ; security zoning; IDAM; Firewall; IDS/IPS; Email Security; DLP; Cryptography; Vulnerability management; SOAR and SIEM tools and platforms, etc.
• Experience delivering large-scale, highly available security solutions.
• Strong business and technical vision. Capability to handle multiple competing priorities in a fast-paced environment.
• Experience demonstrating strong leadership, self-motivation and accountability.
• Experience in leading complex projects cross-functionally and globally.
• Experience in the implementation of best security practices for financial services payment instruments is a huge plus.
• Relevant security certifications such as ISC2 CISSP, SANS GIAC, and Offensive Security OSCP are a major plus.
• Experience planning and leading the activities of a fast-paced, dynamic environment and working with remote teams and global operations across geographies.
• Experience implementing strategic change and initiatives to bring creative, non-standard, and innovative solutions to challenges, communicate complex and diverse data, and manage operational needs and safety needs with an organization's business and cultural goals.
• Ability to influence peers and executive leaders of an organization and communicate ideas and capabilities into effective initiatives that exceed expectations.

As a member of the Blueboard team, you can expect: 
A competitive salary based on experienceMedical and dental benefits, as well as a 401K planA flexible vacation policy and 12 companywide holidays so that you can refresh, relax, and invest time in your interestsAn annual tenure reward each year to go #blueboardingInteresting and fun team events to build meaningful relationships with your colleagues, as well as retreats and occasional work-from-abroad experiencesInternal learning and development programs and a personal budget for your own professional growthA brilliant, inclusive, collaborative, hard-working team to partner withAn incredible opportunity to help build and share an exciting new product that excites and delights people around the world