Listing Description
The team responsibilities include the following:
Risk Management: The team is responsible for the management and execution of Oath risk management program. The program encompasses the analysis, documentation and tracking of all Oath security risks.
Security Policies, Standards and Procedures: The team is responsible for the creation and maintenance of Oath security policies, standards and procedures.
Third Party Vendor Risk Management: The team is responsible for the the analysis, documentation and tracking of all 3rd party vendor security risks.
The Sr. Manager is expected to bring new insights and capabilities that will drive the progress of the risk management team at Oath. The technical manager will work directly with the business units and acquisitions to identify acceptable levels of risk, ensure the establishment of segregation of duties/roles and responsibilities, and effective IT controls are in place in regards to Oath security policies and standards.We are looking for a strong Technical Manager/Leader that is exceptionally imaginative, collaborative, and truly excited about Oath’s mission: “To simplify the Internet for consumers and creators by unleashing the world's best builders of culture and code.” ... with a security spin to keep anyone who would try and keep us from obtaining that mission at bay.
Your day:
Manage and lead a team of security leads and analysts to meet the needs in the above description
Provide technical leadership and insights to the team with hands-on involvement as needed
Develop and utilize a risk-based approach to identify and mitigate risks across all areas of responsibility
Manage risk by analyzing security threats and potential impacts to the business and help define solutions to mitigate exposure by leveraging expert analytical and technical skills
Develop and implement plans for effective execution of the risk management team’s responsibilities including risk management, policies and awareness training
Interface with different stakeholders inside and outside Oath to drive progress and make appropriate technical and process changes
See to the performance, recognition and professional development needs of the team
Ensure that Oath security requirements and activities are in compliance with applicable international and domestic laws, regulations, Data Transfer Agreements, etc. to minimize or eliminate risk and findings
Perform project management activities as they relate to the execution and delivery of the risk management team projects and deliverables
Generate and provide reports and metrics on all risk management activities
Minimum Qualifications:
In-depth knowledge in information security concepts, technologies and tools
Solid understanding of information security policies, standards and industry best practices
Deep expertise in risk management activities, including knowledge and application of industry risk management standards and best practices
Able to successfully plan, organize, motivate, and direct resources to get results
Strong leadership, interpersonal, and communication skills
Proven management skills and ability to work with infrastructure teams, development managers and information security teams to make sure that activities meet expected standards and are provided within the required schedule.
Strong analysis and analytics experience necessary, and strong ability to create influential presentations that are able to convey complex risks and issues to different audiences
Minimum Bachelor’s degree in Information systems or related field or an equivalent combination of education and experience
Subject matter expertise on a broad range of IT control and security industry standards and best practices, such as ISO 27001/2, CSF and NIST standards/frameworks
Minimum of 7+ years of hands-on technology risk, security and/or governance experience
Demonstrated ability to drive roadmaps, results, and key initiatives
Preferred Qualifications:
3+ years of leadership experience
Experience in policy and controls creation, distribution, and maintenance at a similar organization
Experience with supply chain and compliance risk
Listing Details
- Citizenship: No Requirements
- Incentives: Not Provided
- Education: Bachelors Degree
- Travel: No Travel
- Telework: No Telecommute