Listing Description

Reporting to our Vice President of Technology, the Director of Information Security will ensure a security posture across the entire organization that efficiently protects our customers, employees, and the business. This individual will lead the team that defines and implements our company-wide information security program.

Responsibilities:

• Own Paper’s information security program, supporting strategic business objectives such as incident response, risk assessment, data protection, physical security, and security training.


• Maintain and revise corporate policies, controls, and procedures that govern Paper’s global security program.


• Coordinate with internal stakeholders to drive compliance with policies and standards to help ensure consistent application of security practices across the organization.


• Develop and manage corporate-wide control activities, such as vulnerability and penetration tests, and incident response test exercises.


• Be a tireless champion of compliance across the team, asking hard questions and proactively helping define reasonable compliance and business strategy balanced solutions.


• Lead application and cloud security on our platform, ensuring we continue to build and maintain a secure platform that protects our users' data.


• Serve as a subject matter expert on cybersecurity, compliance certifications, and applicable security regulations.


• Lead our pursuit of compliance certifications and regulatory assessments.


• Develop metrics to gauge the effectiveness of our security program.


• Advise senior management on the state of the security program.


• Collaborate closely with the engineering team to ensure that the highest levels of information security are maintained.


• Stay abreast of the latest information security technology and ensure Paper is using the best tooling to support the information security program.


• Effectively communicate Paper’s security program with external parties such as customers and auditors.


• Uphold and embody Paper’s mission, vision, and values.

Qualifications:

• Deep knowledge of information security governance, risk and compliance frameworks, regulations, and industry standards (including SOC 1 & 2, ISO 27001), and a strong understanding of how they apply to SaaS organizations and products.


• Experience leading teams and influencing activities across functions without formal authority to deliver results.


• Comfort with working in large, remote teams.


• Experience responding to customer and prospect vendor security requests / questionnaires.


• Ability to communicate effectively, both orally and in writing, technical and non-technical content to all organization levels.


• Strong project management and organizational skills.


• Strong problem solving and troubleshooting skills.

Job perks:

• Work with a dynamic team that provides support whenever you get stuck.


• Remote first environment.


• Bi-annual company-wide meetups.


• Opportunity for career development with a fast-growing company.


• A unique opportunity to make an impact by making education more equitable.


• Stipend to help support the growth of your home office.


• 24/7 access to Paper for family members K-12.

#LI-ST01 #LI-hybrid