Director, Information Security
Director, Information SecurityLocation: Bethesda, MDThis is a full-time position in our downtown Bethesda, MD office (easy access from Metro's Red Line).WealthEngine (WE) is seeking a Director, Information Security to work with our Product and Engineering teams in documenting, developing, and reviewing solutions and plans around information security, data privacy, compliance, and risk management.Our technology powers the campaigns of some of the biggest non-profits, universities, financial service firms, and luxury brands in the country. Using actionable wealth and lifestyle insights, WE fuels highly-targeted campaigns that continuously deliver measured outcomes. The WE platform is powered by more than half a trillion data points and uses proprietary learning science to create WE profiles for more than 250M people in the US.If you are passionate about maintaining security systems that protect WealthEngine's information and assets globally against unauthorized access, security risks, data loss, and cyber-attacks, then we want to talk with you right away!Clients use our technology to accelerate their campaigns. We help them find and influence wealthy individuals who have the capacity and propensity to donate to their cause.Here's What You'll Do Serve as a technical advisor and leader for information security solutions Manage incident responses to information security-related concerns and alerts Triage incidents and identify/connect the right teams to develop and manage responses Develop, maintain, train, and communicate WealthEngine's Information Security policies to ensure corporate requirements are met and implement best practices where available Work with engineering teams to ensure that implementations are aligned with the technical & audit requirements Lead the annual SSAE-16/18 SOC II audits Maintain and publish corporate governance including security policies, incident response policies, procedures and protocols, risk management, audit & compliance Implement IT security policies and regulations such as ISO 27001, NIST 800-30A, SOX, SOC2, HIPAA, GDPR, FISMA, and Privacy regulations. Collaborate with engineering teams to architect and implement solutions for Attack Surface Management (ASM), Intelligence & Threat Management (ITM), and Governance, Risk and Compliance (GRC) Provide technical guidance and hands-on support to ensure security tools, network architecture, and server hardening are implemented to support the security objectives Coordinate with 3rd party vendors to review platforms for compliance with security controls Continuously update and manage a security awareness training program for all employees, contractors and approved system users; and establish metrics to measure the effectiveness of this program Manage and contain relevant information security incidents and events to protect customer data, corporate assets, intellectual property, and regulated data Collaborate with sales and contract management to respond to customer inquiries, RFP/RFI security questionnaires, and review contract terms Along The Way, You Will Also Collaborate with engineering teams to build out a security automation strategy to streamline event monitoring and processes Monitor the external environment for emerging threats and advise relevant stakeholders on the appropriate course of action Participate in company training and professional development opportunities - and also in our parties and picnics! What We're Looking For In You Bachelor's degree in Computer Science or equivalent work experience 8+ years of experience in Information Security CISSP, CISM, CCSP, CISA certifications preferred Knowledge of Cloud Security Principles and implementation Experience supporting security solutions "on-premise" and in the "cloud" Strong analytical, communication and leadership skills Perks Medical/Dental/Vision and Flex Spending Account Paid holidays and vacation 401k plan Parking or public transportation travel allowance Lots more! How To Get This JobIf you would like this story to be yours, send us a copy of your resume and a letter telling us why you would be the ideal fit for this role. We think your ability to communicate in writing is very important, so we'll read your letter first.This is a full-time position in our downtown Bethesda, MD office (easy access from Metro's Red Line).