Head of Information Security at Skilljar
Skilljar is looking for a head of information security and IT operations. You will work cross-functionality across the entire Skilljar organization to manage and oversee all aspects of application and corporate security and infrastructure, maintaining a thorough understanding of the current threat and attack landscape and latest security trends and principles. We will rely on your wide-ranging experience in this role as you perform a large variety of tasks - from strategy through implementation. You must be comfortable talking with customers, coordinating audits, and implementing internal policies and procedures across a fast-growing software company. Prior management experience is required, as you grow a team focused on security and IT operations.Responsibilities
- Own strategy and vision around IT enterprise security, application security, vulnerability management and incident management, including owning and maintaining all security policies and procedures for a growth stage SaaS company
- Collaborate and communicate effectively with product and engineering teams to ensure application security is championed throughout our processes, including regular vulnerability scans and 3rd party penetration testing
- Drive business results by representing Skilljar security in prospect & customer conversations
- Respond to customer & prospect security assessments / questionnaires
- Participate in security review calls w/ customers & prospects
- Manage SOC2 audit process and assess other certifications (e.g. ISO 27001) as appropriate, designing plans to satisfy regulatory and compliance requirements related to security and privacy.
- Own the partnership with external auditors and legal
- Review and update existing controls to best balance agile startup environment and meet the security requirements of our customers
- Coordinate audit processes
- Cross functional collaboration with HR and Finance for a successful audit
- Develop and Conduct annual information security awareness training for employees
- Work with HR to ensure security on Skilljar employee computer systems
- Work with Executive Leadership to strategize and recommend changes and updates to company-wide processes and policies relating to security.
- Ensure Skilljar’s continued compliance with existing privacy standards, including GDPR and CCPA.
- Own and develop other miscellaneous infosec policies and programs outside of compliance
- Lead and develop team that owns both corporate IT and security functions
- Grow and Manage IT and security team / strategize and think through team structure and growth
- 10+ years in security management function, leading initiatives across an organization. Previous company-wide leadership experience is required
- 5+ years of people management experience, leading teams to build systems, practices and policies that comply with important security standards
- High-growth startup experience is required, enterprise SaaS experience preferred
- Experience leading SOC2 audits and managing external service providers
- Experience reviewing potential corporate vendors with regards to security and compliance with privacy laws (GDPR, CCPA, etc) and conducting audits of existing vendors.
- Able to communicate security risks in business terms that can be clearly understood at all levels of the organization
- Deep familiarity with with distributed web applications, and security processes and procedures of agile engineering teams
- Experience managing and configuring web applications hosted on AWS
- Experience with MacOS, MDM and endpoint management solutions like Jamf
- Security configuration and management of corporate productivity software including Google’s GSuite, Slack, SFDC
- Bachelor’s degree in Computer Science or related field
- CISSP certification preferred
- US work authorization and criminal background check are required
- Comprehensive Medical Coverage: Skilljar pays 100% of our employee premiums for medical, dental, vision, disability, and life insurance. (PTO and family leave)
- Flexible Time Off: We believe in a healthy work/life balance and trust our employees to take the time off they need to bring their A-game to work.
- Benefits Package: Skilljar employees receive a monthly technology reimbursement for remote work, 401K savings plan, stock options, and access to an Employee Assistance Program.
- Inclusive Culture: We are intentional about creating a culture that is fun and inclusive. Join us for Fun Committee events, trivia nights, Bingo, and more!
Backed by prominent financial institutions, including Mayfield, Shasta Ventures, and Trilogy Equity Partners, Skilljar is the leading enterprise customer training platform, transforming the way organizations onboard, engage, and retain their customers. Trusted by leading global companies like Zillow, Slack, Tableau, Liberty Mutual, Cisco, Verizon, and U-Haul, Skilljar provides the essential tools and foundation for successful customer and partner engagement and enablement.
We are a team of bright, dedicated Skillets with startup drive and a passion for education. Headquartered in Seattle, WA, Skilljar is currently operating remotely, with employees based in Washington, Oregon, California, and Colorado.