Listing Description

Forward's advanced software delivers a "digital twin" of the network, enabling network operators to verify intent, predict network behavior, avoid outages, and simplify network management. Our platform can be implemented on premises, in the cloud, and in hybrid environments.  The results? More reliable networks, reduced outages, and reduced business risk.

At Forward Networks, you will drive security strategy, policy, and implementation, plus execute all of the compliance activities that relate to our corporate and production environments - covering questionnaires, certifications, and audits on production and corporate sites,  in the cloud and  on-prem.

This is a unique growth opportunity to ensure organizational security and compliance, but also directly contribute your knowledge and dogfooding time to a product that already serves many InfoSec and SecOps users.   We move fast, and you will too.

Responsibilities:

• Evaluate, select and deploy security software and policies to protect systems and information infrastructure


• Drive CorpSec, ProdSec, and AppSec strategies, covering all endpoints, servers, networks, and cloud systems.


• Drive internal compliance efforts (SOC2, ISO 27001, …)


• Drive external compliance efforts (VSCs, audit requests, …)


• Own vulnerability assessment and management


• Own incident investigations and response


• Develop and distribute company-wide best practices for IT security, plus run occasional internal training


• Internally audit and document security risks and status


• Dogfooding-type activities: a portion of time will be expected to go to product- and sales- related activities (dogfooding, early mock feedback, customer-facing presentations, webinars, etc.)

Required background:

• Minimum 3 years experience in enterprise InfoSec


• Computer Science Degree or related equivalent


• Demonstrated interest in the latest security methods and systems


• Understanding of security concepts, including authentication, authorization, VPNs, encryption, certificates, and related best practices


• Understanding of network connectivity concepts, including IP address allocation, tunneling, L2/L3, firewalls, IDS


• Experience conducting security-relating forensics and analysis


• Experience with log analysis, event correlation, incident management procedures and systems

Nice-to-have:

• Scripting and automation experience


• Cloud deployment and management experience


• Security certifications (Security+, CISSP, CEH, SANS, etc.)


• Team leadership and managerial experience


• Experience with setting up and operating security-oriented systems:




• SSO/identity systems


• Endpoint System Management software


• Credential management systems


• Log analysis systems


• Scanning software


• Incident management software