Information Security Manager - Knotch Remote - US Bookmark Share Print 132 0 3

Listing Description

About Knotch
Knotch is a Content Intelligence Platform that enables brands to drive business growth through content. We build products for people who use content to drive performance. We also offer Strategic Consulting services which enable brands to achieve new levels of efficiency and effectiveness through ongoing and ad hoc support. Knotch gives marketers a holistic view of content’s performance and provides insights and actions that drive performance and increase efficiency.

As our Information Security Manager you’ll focus on our Application, Infrastructure, and Data Security/Privacy efforts. You will be responsible for setting enterprise-level security direction in alignment with our business strategy. You will bring a wide range of experience in the security domains of Security Operations, Risk, Compliance and Identity Management and the tools and philosophical approaches associated with each. You will be a subject matter expert on all aspects of an Information Security Program, ensuring initiatives introduced meet business objectives and are aligned with our security architecture. You will also act as a change agent within the department and company by continually implementing industry standards and best practices across teams. You’d best contribute to security architecture and business strategic planning by providing objective feedback, insight, and recommendations for Knotch. You’d also be responsible for leading investigations for incident response and reviewing system logs. As an active contributor to internal departmental process improvement, you’d become a role model and mentor to your many colleagues.

Your first 90 days
  • In your first 30 days… (i) Understanding of what we do and how we do it; (ii) Review current state of affairs on security; (iii) Understanding of gaps in security for SOC2 compliance
  • In your first 60 days…(i) Taking ownership of SOC2 compliance (ii) Closing out gaps and getting ready for audit (iii) Begin setting up best practices 
  • In your first 90 days… (i) Complete ownership of everything security (ii) Begin SOC2 audit and remediations (iii) Becoming the default escalation point

    • How you will add value at Knotch
  • Design, build and implement enterprise-class security systems
  • Lead planning, implementation, and testing of security systems, policies, procedures and standards
  • Provide advice and assistance to management concerning information security, privacy, and related matters
  • Proactively identify, assess, manage, and mitigate potential threats to security
  • Ensure that security policies and directives are consistently applied
  • Evaluate information security systems, methods, and practices
  • Develop and implement programs for employee security awareness
  • Architect cloud security solutions using the AWS ecosystem
  • Lead secure software development discussions with clients and their infosec teams/questionnaires
  • Ensure data on our information system is protected to prevent unauthorized access
  • Provide technical security leadership at the enterprise level
  • Design solutions that balance security and business requirements
  • Lead technical teams through the investigation, RCA, remediation and documentation of security incidents
  • Effectively work with engineers, product managers, and other stakeholders. Collaboration is the name of the game!
  • Act as a point of escalation to individual contributors and Business leadership team
  • Deliver dashboards and reports to a wide audience demonstrating our current program state and adherence to framework standards
  • Provide data privacy regulations, NIST standards, GDPR, CCPA, and others while implementing processes to ensure effective data protection controls
  • Stay current with industry trends, attacks, mitigation measures, and application security standards 
  • Respond to client and vendor security assessments
  • Train engineering teams and others at Knotch on security best practices

    • You will successful if you bring:
  • 8+ years of information security experience
  • 3+ years experience architecting/developing/maintaining cloud solutions SaaS/PaaS/IaaS environments
  • A history of policies, standards, and best practices that you’ve developed from ground up in collaboration with other engineering and product leadership teams
  • A self-starter mentality with the ability to lead and work with cross-functional teams
  • Communication skills, empathy and expertise to instill confidence with external clients on data privacy and systems security
  • A pragmatic approach to balancing security, user, and business requirements
  • Knowledge of industry standard control frameworks (e.g. NIST, SOC2 etc.)
  • Knowledge of what it takes to be GDPR/CCPA compliant
  • The mindset to work in a dynamic, fast paced environment, prioritizing and delivering on evolving timelines
  • Dependability traits and show a sense of urgency about getting results
  • Excellent documentation skills and a care for tracking context and purpose

    • Bonus points if you have:
  • Relevant certifications (e.g. CISSP, CISM, CCSP)
  • Interest in writing technical blog posts on Knotch’s security and privacy capabilities
    • Benefits & Perks:

    Benefits include medical, dental  and vision insurance eligibility, a 401(k) plan, unlimited PTO plus 10+ company-paid holidays, a daily company break, and a wellness allowance, just to name a few!

    Equal Opportunity Employer:

    Knotch is an equal opportunity employer. We strive to provide equal opportunities in all of our processes, including our hiring and employee experience. We pride ourselves on our three values: transparency, relentlessness, and inclusiveness. We commit to daily work towards leading with empathy, reducing bias through periodic training, and engaging with and uplifting communities of marginalized groups. We condemn all forms of racism and discrimination on the basis of race, religion, ethnicity, nationality, gender identity, sexual orientation, age, marital status, pregnancy or parenthood status, veteran status, disability status or any other identifier. We encourage all employees, clients, investors, candidates, vendors, and friends of Knotch to show up as their authentic self and deliver honest feedback (directly or anonymously) so that we may always seek to improve as an organization that is dedicated to diversity, equity, inclusion, and belonging. Share your thoughts with us, and you will be heard.

    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!