Consultant - Information Security - Quince Hyderabad / Bengaluru / NCR Bookmark Share Print 94 0 0

Listing Description

OUR STORY

Quince was started to challenge the existing idea that nice things should cost a lot. Our mission was simple: create an item of equal or greater quality than the leading luxury brands and sell them at a much lower price.

OUR VALUES

EVERYONE SHOULD BE ABLE TO AFFORD NICE THINGS. Quality shouldn’t be a luxury. We’re proud of our mission to bring the world’s highest quality goods to people at affordable prices.

QUALITY IS MORE THAN MATERIALS. True quality is a combination of premium materials and high production standards.

WE FOCUS ON THE ESSENTIALS. From the perfect crewneck sweater to hotel quality sheets, we're all about high quality essentials that bring enjoyment to daily life.

WE’RE INNOVATING TO MAKE UNREAL PRICES A REALITY. Our uniquely developed factory-direct model lets us offer exceptionally high quality goods for much lower prices than our competitors.

ALWAYS A BETTER DEAL. We believe in real price transparency, for both our customers and factory partners. This way, everyone gets a better deal.

FAIR FACTORIES. We are committed to working with factories that meet the global standards for workplace safety and wage fairness.

OUR TEAM AND SUCCESS

Quince is a retail and technology company co-founded by a team that has extensive experience in retail, technology and building early stage companies. You’ll work with a team of world-class talent from Stanford GSB, Wish.com, D.E. Shaw, Stitch Fix, Urban Outfitters, Wayfair, McKinsey, Nike etc.

THE IDEAL CANDIDATE

The ideal candidate is a self-starter, problem-solver and successful in combining technology and data into best-in-class outcomes. The candidate is energized by solving complex business problems and consistently effective in making high-judgement decisions at rapid pace amidst the frequent ambiguity that comes with charting a course of action with no precedent. Moreover, the ideal candidate is energized by an environment where strategy, innovation and decision-making are intentionally distributed, where candor, speed and data are highly valued and colleagues at all levels hold each other to unusually high standards on behalf of Quince customers.

Responsibilities:

Develops and manages Quince’s overall approach to data security and information protection.

Align standards, frameworks and security with overall business and technology strategy.

Design’s security architecture elements to mitigate threats as they emerge.

Audits the collection, use and retention of all personal data within Quince.

Ensures all Quince policies around data protection and information security are up to date and fit for purpose.

Defines, implements, and maintains corporate security policies.

Leads on the identification of data security and information protection risks across the organization and works with stakeholders to develop and implement mitigation plans, escalating issues as appropriate

Acts as a subject matter expert on data security for projects looking to implement new tools, products, or processes.

Supports the Global IT Operations Manager to achieve the highest standards of information security across Quince’s network

Oversees maintenance of systems to protect data from unauthorized users

Develops and maintains process maps, which show how data flows through the organization

Leads and facilitates organizational training and communications around data security and information protection issues.

Oversee incident response planning as well as the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary.

Implements measures to protect digital files and information systems against unauthorized access, modification, or destruction

Technical requirements:

Experience in building Cloud Security Infrastructure on AWS, GCP or other Public Clouds.

Conducting Web/API & Infrastructure Security Assessments.

Conducting Security Architecture review - Threat Modelling.

Scanning Tool Automation into CI Pipeline.

Securing Code Review, Developer Security Education.

Securing Federated Architectures, SAML2.0

Remediation of OWASP Top 10 classes, CWE-25, XSS, XSRF, Command Injection, etc

Conducting Penetration Testing.

Jenkins Pipeline Automation

Good experience with any Scripting language – Python preferred.

Sensitive Data Review - Securing data at rest and in transit

Security Incident Response and Management- Customer Engagement

Experience building Key Management Infrastructure

Experience with Linux OS hardening, OSCAP tools, Redhat STIG/DISA STIG.

Knowledge/qualifications:

Degree in Information Technology, Computer Science, Software Engineering, or related field

Knowledge of Information Technology security issues and approaches to manage Information Technology security.

Knowledge of data protection operations and legislation (GDPR), CCPA

At least one recognized security certification:

Certified Ethical Hacker (CEH)

CompTIA Security+

Certified Information System Security Professional (CISSP)

Certified Information Security Manager (CISM)

Certified Information Systems Auditor (CISA)

Quince seeks to build high-performing teams of people from various experiences and backgrounds who can collectively push our company into new realms. We seek a diverse pool of applicants and consider all qualified candidates regardless of race, ancestry, color, gender identity or expression, sexual orientation, religion, national origin, citizenship, disability, Veteran status, marital status, or any other protected status. If you have a special need or disability that requires accommodation, please let us know.

Listing Details

Citizenship: Not Provided
Incentives: Not Provided

Education: Not Provided
Travel: Not Provided
Telework: Not Provided

Listing Description

Listing Details

About Us

Useful Links

Our Contacts