Job Description

• Opportunity to work with fast paced startup
• Opportunity to create greater impact

About Our Client

The company empowers companies to train, onboard, collaborate, and track deals and opportunities with partners. In short they make it easy to work with partners, helping everyone stay on the same page. Is a Saas based B2b product

• Works closely with and provides technical expertise to compliance, business units, and supporting departments in implementing, certification, and maintaining compliance standards (NIST, ISO 27001/ISO27701, SOC2, GDPR, CCPA, etc.)
• Author and maintain policies, standards, and procedures that demonstrate strong organizational governance
• Maintain documentation of security controls and respond to requests from customers (internal and external)
• Collaborate with Engineering and other lines of business to identify threats and design technical controls
• Contribute to security/privacy-related processes during the pre-sales phase by helping address security concerns of future Allbound customers.
• Responsible for security operations including threat prevention, detection, and incident response strategy to include a formalized incident response process, declaring security incidents, coordinating and assisting in the investigation of potential incidents, assisting in the recovery from attacks, coordinating with legal, compliance, and other stakeholders, law enforcement agencies (where applicable), and developing the post-response control strategy
• Lead security risk management activities, including assessing, tracking, and mitigating risks.
• Forecast security and privacy expenditures and execute within budget.
• Develops, trains, and mentors the Information Security team to grow their technical and professional capabilities.

The Successful Applicant

• 10+ years of experience in relevant security domains (e.g., security risk management, access control, audits, etc.), with 3+ years of management experience.
• Should have solid risk management skills, experience with SOC2, ISO 2700x frameworks, third-party auditing, and (cloud) risk assessment methodologies.
• Knowledge and understanding of relevant legal and regulatory requirements, such as GDPR, SOC2, FedRAMP, ISO/IEC 27001/27701, and NIST security principles
• Presentation and communication skills to support security and privacy company-wide.
• Familiarity with Linux-based cloud environments with open source development, virtualization, and containerization technologies.
• Knowledge of and experience in managing day-to-day security operations with the ability to prioritize multiple projects.
• Must be comfortable operating in a collaborative, shared leadership environment.
• Must possess a personal presence characterized by a sense of honesty, integrity, and caring with the ability to inspire and motivate others to promote the organization\'s philosophy, mission, vision, goals, and operating imperatives.

What\'s on Offer

• Competitive Compensation
• Best industry vacation policy
• Medical & Vision Insurance
• Wellness Benefits