This is a NYC role.
What You'll Do
- Oversee and manage the relationship with our outsourced IT service provider.
- Collaborate with the outsourced IT team to ensure the effective implementation of security measures and compliance processes.
- Conduct regular reviews and audits of outsourced IT activities to ensure alignment with security policies.
- Develop, implement, and manage Information Security policies and procedures in accordance with industry standards and regulatory requirements.
- Lead efforts to achieve and maintain compliance with relevant standards (e.g., ISO 27001, SOC II).
- Coordinate and manage relationships with hardware and software service providers.
- Assess and monitor the security posture of vendors, conducting regular risk assessments.
- Collaborate with data center staff to ensure the security and reliability of hardware systems.
- Implement and enforce physical security measures for data center facilities.
- Develop and implement incident response plans in coordination with outsourced IT and service providers.
- Monitor security alerts and incidents, providing timely and effective responses.
- Conduct post-incident analysis and recommend improvements to security measures.
- Stay updated on the latest security trends and regulatory requirements.
- Conduct security awareness training for employees.
- Foster a culture of security consciousness within the organization.
- Assist in the design and implementation of secure systems and networks.
- Evaluate and recommend security technologies and solutions.
- Collaborate with IT teams to integrate security into the development lifecycle.
- Work with stakeholders to develop and implement risk mitigation strategies.
- Provide recommendations for improving the overall security posture.
What You'll Need
- Bachelor’s degree in Information Security, or a related field.
- 6+ years of experience in Information Security or technology risk management.
- Proven experience in Information Security management, vendor management, and data center operations.
- Strong knowledge of security frameworks, standards, and compliance requirements (ISO 27001, SOC II)
- Familiarity with hardware systems, networking equipment, and security appliances (eg., Meraki Fortigate).
- Excellent project management and organizational skills.
- Effective communication skills for collaborating with internal and external stakeholders.
Certifications (Preferred):
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Vendor-specific certifications (e.g., Cisco, Fortinet)
Benefits & Perks
- Competitive Pay & Equity
- Medical, dental and vision plan participation
- Strong 401K matching program
- In-office free lunch & snacks
- Gym Reimbursement
- But above all, be part of an amazing team! Together, we’ll make this world a safer place!