Senior Manager of Information Security
Remote, US
Applications have closed
Blueboard
Ready to reimagine your employee rewards and recognition program? Blueboard's unique experiences help increase employee engagement and retention. Discover how.Born and raised in San Francisco, Blueboard launched in 2014 and now serves hundreds of clients across the world. Our global team is over 200 Blueboarders strong, and we are thrilled to be a Great Place to Work, as well as one of Fortune’s Top 100 Workplaces. We are venture-backed by Greycroft, Origin Ventures, Bullpen Capital and others, with offices in San Francisco, San Diego, and Europe. Learn more at Blueboard.com.
We are building a team rich in diverse talents and experiences, and we welcome all applicants. If you’re not sure whether you’re qualified, but you’re passionate about Blueboard, we encourage you to apply!
Your Responsibilities Will Include:
- Lead a team of security engineering professionals responsible for planning, design, implementation, attack mitigation, and ongoing support of security systems of high complexity to fulfill the business needs
- Provide deep technical understanding of security systems at different layers - including network, cloud, databases, authentication policies, endpoint connectivity, advanced malware defense, data security.
- Be responsible for effectively and efficiently managing application endpoint protections. In doing so, undertake research of threat vectors and provide mitigation strategies.
- Work with stakeholders, mentoring and providing technical guidance on network security. Stakeholders include cross-functional teams from IT, HR, Legal and Sales departments.
- Partner with Corporate IT Support for establishing best practices around hardware and device security, software evaluation processes in an efficient way.
- Stay up-to-date on current Information Security industry best practices and advise management for upcoming changes and strategies to incorporate within corporate security framework
- Design, document, manage the adoption and enforcement of information security policies and procedures for Internal and engineering systems while collaborating on changes and improvements with a highly influential attitude.
- Develop, nurture, and manage security team staff, including selection, goal setting, annual reviews, compensation planning, and career development.
- Assist in hiring critical talent based on the organization's strategic requirements.
- Serve as a “trusted advisor” and communicator to internal teams, on the corporate security requirements and best practices for compliance and regulations - including but not limited to - SOC2, GDPR, and CCPA.
- Collaborate and compile a corporate security roadmap by prioritization, planning of projects and features, stakeholder management, and tracking of product and customer requirements.
- Respond to and assist with due diligence and internal/external security audit requests pertaining to Information security Identify and evaluate future security risks to help strike an optimal balance for Blueboard.
- Identify opportunities for future enhancements and refinements to security standards and processes.
- Carry out threat and risk assessments (TRAs) and develop security architecture to mitigate threats.
- Assist in closing sales opportunities that require information security inputs.
- Assess the security qualifications of current and potential vendors.
Your Skills and Qualifications Include:
- Bachelor's engineering degree in a technical field such as computer science, computer engineering or equivalent practical experience.
- Between 8-12 years of years of total experience on all facets of Corporate Information Security.
- Deep understanding of cloud technologies, network security, data security.
- Experience managing/ implementing Crowdstrike, Qualys, Elastic and/or equivalent InfoSec tools.
- At least 5+ years of experience and hands-on expertise in Information security, penetration testing, and security infrastructure tuning/deployment. At least 2+ years of leadership role, which includes leading, mentoring teams of security and information systems professionals meeting business goals as leader.
- Cross-functional working experience with IT, HR, Legal, Sales departments is a huge plus.
- Excellent foundational understanding of malware analysis, network threats and related security controlsExcellent understanding of InfoSec Risk Management, Cyber Security, and SOC-2 framework along with controls used for securing a business' computer networks and digital information.
- Good understanding with regulatory compliance requirements such as SOX, PCI-DSS, GDPR compliance, ISO, NIST, and PCIUnderstanding of IT/Cyber security & Networking concepts i.e. DMZ; security zoning; IDAM; Firewall; IDS/IPS; Email Security; DLP; Cryptography; Vulnerability management; SOAR and SIEM tools and platforms, etc.
- Experience delivering large-scale, highly available security solutions.
- Strong business and technical vision. Capability to handle multiple competing priorities in a fast-paced environment.
- Experience demonstrating strong leadership, self-motivation and accountability.
- Experience in leading complex projects cross-functionally and globally.
- Experience in the implementation of best security practices for financial services payment instruments is a huge plus.
- Relevant security certifications such as ISC2 CISSP, SANS GIAC, and Offensive Security OSCP are a major plus.
- Experience planning and leading the activities of a fast-paced, dynamic environment and working with remote teams and global operations across geographies.
- Experience implementing strategic change and initiatives to bring creative, non-standard, and innovative solutions to challenges, communicate complex and diverse data, and manage operational needs and safety needs with an organization's business and cultural goals.
- Ability to influence peers and executive leaders of an organization and communicate ideas and capabilities into effective initiatives that exceed expectations.
A competitive salary based on experienceMedical and dental benefits, as well as a 401K planA flexible vacation policy and 12 companywide holidays so that you can refresh, relax, and invest time in your interestsAn annual tenure reward each year to go #blueboardingInteresting and fun team events to build meaningful relationships with your colleagues, as well as retreats and occasional work-from-abroad experiencesInternal learning and development programs and a personal budget for your own professional growthA brilliant, inclusive, collaborative, hard-working team to partner withAn incredible opportunity to help build and share an exciting new product that excites and delights people around the world
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CCPA CISSP Cloud Compliance Computer Science CrowdStrike Cryptography Firewalls GDPR GIAC IAM IDS IPS Malware Network security NIST Offensive security OSCP Pentesting Qualys Risk assessment Risk management SANS SIEM SOAR SOC SOC 2 SOX Vulnerability management
Perks/benefits: Career development Competitive pay Flex hours Flex vacation Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs