Auth0 is a unicorn that just closed a $120M Series F round of funding, with total capital raised to date of $330M and valuation of nearly $2B. We are growing rapidly and looking for exceptional new team members to add to our exceptional talent pool - and who will help take us to the next level of success. One team, one score. 

Our vision is to provide people with secure access to any application in one click or less. And our promise is to make identity work for everyone—whether you’re a developer looking to innovate, or a security professional looking to mitigate. We are looking for curious, excited, boundary-pushing team members. So, if you’re a big thinker who is nimble and adaptable, Auth0 may be an ideal place for you to shine.

We are growing the Auth0 Administration Experience Engineering team and are looking for a Full Stack Engineer to help us design and build an amazing product. You would be a great fit for the team if you enjoy working on challenging problems and care deeply about the product’s end-user experience. Not only are we looking for a talented engineer, but we are also looking for someone who will contribute to our culture.

Many of our customers are larger enterprise organizations. The administrators in these companies care about security and want to make sure their employees access vendors' platforms with the minimum privileges required, using their enterprise credentials and complying with their security policies. At the same time, they need to manage their relationship with Auth0 in a centralized way. The Administration Experience Engineering team is committed to providing administrators in large organizations the seamless, transparent, and secure experience they expect from an enterprise-ready SaaS product.

You will

• Shape the direction of the system architecture and ensure our services are appropriately scalable.
• Influence the team culture and iterate upon the ways we work together.
• Collaborate across teams to solve technical and non-technical challenges.
• Iterate on new and existing features by contributing across the whole technical stack.
• Debug and resolve production issues and implement fixes for them.
• Be a part of the team's on-call rotations.
• Evaluate new technologies and techniques to improve overall practices.
• Mentor other engineers and help them grow on a technical path.

You'd be a good fit if you

• Have 7+ years of software development experience.
• Are customer-focused.
• Have previous experience using Node.js (JavaScript or Typescript).
• Have experience building software and services, with distributed systems complexities and their challenges.
• Are passionate about working on systems that are highly-reliable, maintainable and scalable.
• Have a thorough understanding of security principles and concerns.
• Tend to deliver work incrementally to get feedback and iterate over solutions.
• Communicate well, accept feedback assuming positive intent, and are OK not always doing the most glamorous tasks.
• Excel when working autonomously, and know when to seek help from your team members.

Also useful if you have

• Knowledge of security engineering and application security.
• Experience working in distributed teams and work environments.
• Knowledge in the identity and access management space.
• Experience with building SaaS products for enterprise.
• Experience with Cloud environments from several vendors.
• Experience with Kubernetes and containerized architectures.

Preferred Locations:

• #GMT-CA; #AR; #PL; #ES;

Auth0 safeguards more than 4.5 billion login transactions each month and its top priorities are availability and security.

We like to think that we are helping make the internet safer. Our team is spread across more than 35 countries and we are proud to continually be recognized as a great place to work. Culture is critical to us, and we are transparent about our vision and principles. 

Auth0 is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will confirm work authorization for candidates residing in the United States.

Overview

GrammaTech is seeking a skilled software engineer to work on a new product for assessing the risk of security vulnerabilities in the software supply chain. The successful candidate will have primary responsibility for the creation and curation of databases that relate code to security vulnerabilities. Close attention to detail is paramount.

Location

Preference is to be in Bethesda, MD or Ithaca, NY but will consider remote candidates with the specific requirements and skills of the role.

Responsibilities

• Create and maintain scripts to harvest raw data from package managers and vulnerability databases
• Curate the contents of the product database
• Work with an agile team to deliver the product to customers in both SaaS and on-premises contexts
• Explore innovative ways to expand the scope of the database, its production, and its management

Qualifications

Required:

• BS or better in Computer Science
• At least 3 years of experience in agile software development
• Experience in code-level software security
• Experience with SaaS products deployed with Docker containerization under Kubernetes

Skills:

• Python
• Databases – both SQL and noSQL
• Package managers
• Building open-source projects from source for different platforms

 Bonus skills:

• C/C++
• Compiler internals and machine code

Contrast Security is the world’s leading provider of security technology that enables software applications to protect themselves against cyberattacks, heralding the new era of self-protecting software. Contrast's patented deep security instrumentation is the breakthrough technology that enables highly accurate assessment and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Only Contrast has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production. 

About the Position 

We are looking for a talented Software Engineer with at least 3 years of experience developing Node.js applications using popular frameworks, such as Express, Loopback, and Fastify.  You will get exposure to a variety of impactful projects from day one. You will be asked to contribute in a meaningful way from the minute you fire-up your laptop and sync with our Git repositories.  Our Node.js agent software engineers are some of the best and brightest individuals working with Node.js.  We integrate deeply into the Node.js internals and instrument many popular web application frameworks and database connectors.  An ideal candidate should have a solid understanding of the Node.js single-threaded event loop and some exposure/experience with C++ and the development of Node.js native modules.   Take a look out our Join The Team Page or our StackOverflow Page for more details about working in our Engineering department at Contrast Security. Please include a link to your GitHub or Bitbucket account, or any links to some of your projects, if available.

Responsibilities

• Provides technical leadership and insight to members of the Node.js team
• Collaborates with the UI/UX and support teams to implement features and enhancements
• Actively contributes in agile ceremonies, code reviews, and agent releasesInvestigates third-party web frameworks and servers to research and implement instrumentation approaches
• Builds web applications to test our agent in our automated pipeline
• Participates in the Node.js open source community

About You

• Software development background in Node.js
• At least 5 years of industry experience as a software engineer and 3 years working with Node.js 
• Writing and troubleshooting Node.js services built with one or more popular frameworks, such as Express, Hapi, Loopback, Koa, or Fastify
• Agile software development processes and ceremonies
• Software pipeline and collaboration tools such as GitHub, Jira, Confluence, and Slack
• DevOps experience with AWS to support automated functional testing or application operations
• Linux, Docker, and cloud-based deployment 
• You’ll wow us if you have experience with:
• You are an active contributor to one or more open source projects
• Development of Node.js native modules
• Experience with Terraform for creating test environments as code
• Application security practices and concepts
• You are comfortable working remotely and collaborating virtually
• You approach problems from a product perspective, thinking through how the user will interact with what you're building
• You have strong communication skills. You ask questions, let others know when you need help, and tell others what you need
• You're a problem solver. You believe the best work is the result of finding the simplest elegant solutions to complex challenges
• You see the big picture. You like to understand how the code you write interacts with systems and services, both internally and externally
• You think about algorithms and regular expressions while you sleep
• You love all things String-related... specifically String literals and String objects (this is how we track vulnerabilities).You want to become a Node.js expert and assimilate a deep understanding of the Node.js architecture and internal features.

What We Offer

• The opportunity to work with some of the highest performing individuals in the world with the goal of establishing memories of the best part of your career ever
• Competitive compensation
• Daily in-office team lunches (when offices are open)
• Meaningful stock plans
• Medical, dental, and vision benefits
• Flexible paid time off

As a Senior API Platform Engineer, you will work to modernize Citizens’ API Management Platform. Working alongside a team of accomplished engineers, you will use cloud technologies to facilitate some of the organizations most complex business operations, ranging from commercial banking to private wealth management.
The successful candidate will drive the API management platform and toolset that supports applications inside and outside the bank.  This includes creating, publishing, support and consuming APIs – notably REST, SOAP and new technologies like GraphQL, Webhooks, OAuth/OpenID Connect, analytics and the devops tools to support APIs across the bank.  The ideal candidate will have a multi-disciplinary background and be capable of managing an API platform while helping software teams within the organization focus on development producing and consuming APIs for the greater bank and strategic FinTech partners.  Additionally the candidate will also work to implement industry best practices and develop go-forward strategies.
Primary responsibilities include:

• Develop, configure and support the enterprise API Management platform for the organization.

• Producing solution designs and implementation plans for cloud-based and on-premise API management solutions and infrastructure; incorporating innovative solutions into designs.

• Lead the organization to mature internal API development and management best practices working in conjunction with Strategy & Architecture, Software Development and Operations partners

• Serve as an API advocate; offering guidance to teams consuming and producing enterprise APIs within the bank.

• Establish monitoring key metrics necessary to understand and maintain performance of overall API traffic i.e. volume, availability, throughput and health.

• Participating in knowledge sharing sessions; offering relevant API management expertise to cross-functional teams; participating in solution design reviews.

• Collaborating with cyber security and software engineering teams to ensure the security of API-focused solutions.

• Discover and capitalize on automation opportunities that provide business value.

Qualifications

Required Skills/Experience:

• 5+ years of working experience with API management platforms; developing API-based solutions

• Experience developing and implementing API management platforms and supporting API-based applications

• Experience with API technologies: REST, SOAP, Webhooks, Kafka, GraphQL, etc.

• Experience with API Management Platforms: IBM API Connect, Apigee, WSO2, Kong, etc.

• Experience with API security mechanisms: OpenID Connect, OAuth, Client-ID/secret, etc.

• Programming/Scripting: Java, Python, BASH shell, Drupal 8, PHP

• Experience working in an agile development environment

Preferred Skills/Experience:

• Experience working in the financial services industry; understanding of the role of custodial and consumer banks; experience managing sensitive financial data

• DevOps CI/CD experience using: Jenkins, Bamboo, Terraform, Ansible, SonarQube

• Working experience with cyber security; cyber security coursework, experience or certifications

• Experience with infrastructure architecture; cloud-applications to infrastructure

Education, Certifications and/or Other Professional Credentials:

• Bachelor’s degree in Computer Science or related discipline

Hours and Work Schedule

Hours per Week: 40
Work Schedule: M-F 

Why Work for Us

At Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.

Equal Employment Opportunity

It is the policy of Citizens to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, colleague or a dependent’s reproductive health decision making, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, genetic characteristic, citizenship, veteran or military status, marital or domestic partner status, family status/parenthood, victim of domestic violence, or any other category protected by federal, state and/or local laws.

Equal Employment and Opportunity Employer/Disabled/Veteran

Citizens is a brand name of Citizens Bank, N.A. and each of its respective affiliates.

About us

At iFit we do remote teams right. Join a great company that is growing fast and with the right work/life balance.

iFit empowers people to change their lives and achieve sustainable, healthy results. iFit's focus is to connect everybody to everything fitness. We believe a healthy lifestyle should be fun, so we constantly push the limits to bring our customers state-of-the-art products that will help them in every aspect of their lives.

Summary

Looking for an individual who is passionate about learning new things and solving problems. Must possess an extensive and deep understanding of AWS, and the ability to pick up and learn new AWS offerings often. Join us and help our organization practice DevOps methodologies!

Essential Duties and Responsibilities 

• 
  

  Help architect, design, and implement AWS services at all levels of the organization

• 
  

  Work with and enable a large variety of teams and their AWS needs

• 
  

  Create an manage infrastructure 100% through CloudFormation and code

• 
  

  Focus on scaling our platform

• 
  

  Optimize network traffic through various AWS services

• 
  

  Monitor and tool stability/performance metrics

• 
  

  Analyze DB performance and bottlenecks

• 
  

  Share on-call rotation duties

• 
  

  Support innovation efforts and identify technology and solution roadmaps to improve mission capabilities

Organizational AWS Areas of Focus 

• 
  

  Security

• 
  

  RDS

• 
  

  IoT

• 
  

  Lambda/API Gateway

• 
  

  Containerization (Docker, Beanstalk, ECS)

• 
  

  Elemental

• 
  

  Business Intelligence (Redshift, QuickSight, Kinesis)

• 
  

  Machine Learning (SageMaker, ETL items)

Required Qualifications 

• 
  

  Passionate about learning new things and solving problems

• 
  

  12 or more years of experience in software development and solution architecture

• 
  

  Extensive and deep understanding of AWS, and the ability to pick up and learn new AWS offerings often

• 
  

  A focus on performance, stability, and security in every task

• 
  

  Superior written and communication skills with ability to interface with various groups such as project team, and senior executives

• 
  

  Strong capability and extensive experience in developing and writing technical solutions

• 
  

  Strong organizational skills and the ability to independently execute work tasks in a rapidly changing, fast-paced environment

Bonus Qualifications

• 
  

  TypeScript and Node experience 

• 
  

  Postgres/MongoDB/Redis experience 

About the Role

This individual is responsible for our QA process, test plan creation, test automation and executing tests. This system will be built from the ground up so we’re looking for an individual contributor who can also help grow the team. 

Why work at Vidaloop?

• Make an impact
• Grow with an early-stage startup
• Thrive in a flexible, autonomous environment
• Work with a modern tech stack

What You’ll Do

• Develop test automation infrastructure, both frontend and backend
• System integration test design and execution
• Manually test the places automated tests can’t reach
• Identify system regressions
• Production readiness & release 

Skills & Qualifications

Technical Requirements

• 5+ years of relevant software testing experience in fast paced environments
• Familiar with our tech stack
• Experience with automation frameworks
• Experience with build tools like: Jenkins, CircleCI, or GitLab
• Experience automating tests for REST APIs
• Experience writing large scale test and integration suites
• Comfortable on any *nix command line

Strong Pluses

• Excellent understanding of blockchain fundamentals
• Experience testing blockchain networks and/or products
• Security testing experience such as penetration testing, static and dynamic code analysis, compliance testing and load testing

Other Requirements

• Thrive in early-stage startup environment
• Demonstrated leadership ability and personal accountability
• Self-motivated and resourceful individual
• Curious, life long learner who enjoys solving interesting problems
• Bonus: Politically and socially engaged; excited about elections industry

Perks of the Job

• Robust health benefits (medical, dental, vision)
• Company-paid life insurance
• 401(k) with employer contributions
• Generous PTO, sick, and parental leave
• Flexible work hours
• Fully-stocked kitchen, including beer & wine
• Technologically advanced environment

User Research International is a research company based out of Redmond, Washington. Working with some of the biggest companies in the industry, we aim to improve your experience via paid research studies. Whether it be the latest video game or productivity tools, we value your feedback and experience. These studies provide a platform for our researchers to receive feedback for an existing or upcoming products or software.

We will be running an series of upcoming research studies looking for Full-Time IT System Engineers and IT Professionals. The series of studies will be held Remotely via web meeting and will range anywhere from 60 minute – 2 hour long sessions. Depending on the length for a particular study given, we will provide $150 - $250 gratuity for participation in the study. We have included the survey sign up link for the study below. Taking the survey will add you as a potential participant to be selected for our upcoming series of studies. Once the study series kicks off we will send you a qualification survey.  If you are a match for one of the studies, we'll reach out with a formal confirmation and any additional information.

In order to be considered, you must take the survey below. Thank you!

Survey: Sign Up to Participate in Upcoming IT System Engineers Research Studies!

Background

The future will be distributed. This is important because the centralized powers of today extract our data and sell it to the highest bidder, to our detriment. We can fix that. Federated protocols for messaging, microblogging, as well as distributed network architectures for payments, identity and organization are well underway. We are missing a consumer product that enables users to move away from data repositories centralized in the hands of big tech so they can safely and privately interact with digital technology. We need a new personal computing platform that enables this. And we need your help to build that platform.

Our organization is a values driven cooperative that prioritizes people and our planet over profit. We aim to have a global and positive impact on people’s lives by creating technology that works for people, instead of trying to extract data or money from them. We value open and open source software We look for strong values-driven people who share our vision. We look forward to telling you more about our vision, our values and what we are building.

Requirements

• *Nix experience
• CI/CD development
• Ability to independently architect an application
• Proficiency in multiple programming languages (e.g. javascript, python, C)
• Ability to learn a new language quickly (e.g. rust)
• Community participation and management
• Security minded (ability to architect for security)
• Analytic communication skills
• [Optional] Ability to work remote
• [Optional] Machine learning affinity

Role

We are looking for a fun and skilled full-time backend engineer to join our diverse and distributed team. We are bound by our common vision and strong values. You will help our team to design and develop the backend for our privacy-by-design data platform. We are looking at using a graph database in combination with security focussed language (e.g. rust) and possibly modules written in other languages (e.g. python, swift). You will join an existing organization of machine learning and distributed technology (e.g. blockchain) researchers. We are just transitioning from research to productizing our solution and look forward to working closely with you to see our common vision come alive. 

Values

We are strongly values driven. We believe that this provides the structure to scale our organization, innovate our technology and attract top talent as we strive to change the world towards a better future. These values apply to how we work and the philosophy of the solutions we create. 

What we offer

As an early organization we offer a base salary with a large stake in the future upside of our effort. Our leadership has successfully started and sold previous startups. We offer a creative, highly participatory environment without the classical top-down hierarchy. We value that each candidate brings their own unique mix of skills and experience. 

We have a preference to hire in Amsterdam or to offer relocation to Amsterdam. We believe your life outside your professional commitments should be enjoyed, and time to rejuvenate is critical to thriving: we offer 5 weeks paid holiday time.  

Location: Remote. Candidates must be located between UTC-6 and UTC+2 time zones.

Summary

Hypothesis is seeking a Senior Site Reliability Engineer to join our product delivery team and lead our work to help us build efficient, reliable, secure, and scalable infrastructure and code. This role combines the activities of development and site reliability engineering to ensure Hypothesis technologies and services support our vision of a world where annotation is as common as comments, but more useful and engaging. Join us as we extend what the web can do.

About the role

Reporting to the Engineering Manager, the Senior Site Reliability Engineer leads the work to build, document and maintain efficient, reliable, scalable, secure and easy-to-use operations including deployment, QA and production environments, and monitoring.

• Infrastructure:
  
  • Provision and administer infrastructure (hosts, cloud services, monitoring tools, etc.) for highly reliable and scalable web applications and data stores
  • Document our operations systems so that the whole team can understand and operate them. 
  • Oversee deployment of Hypothesis application servers
• Automation:
  
  • Build automated tooling to configure and maintain our systems and services
  • Guide the team in the best way to use configuration management to grow and administer our services
• Performance, reliability, security, and scaling:
  
  • Identify and solve performance, reliability, security, and scaling issues in our stack
  • Stress test our stack to find cracks in the system and help us scale
• Auditing for security vulnerabilities at regular intervals, and enacting the practices set forth in our security policy.

Skills and experience you possess

• You have experience in software development, site reliability, and backend/infrastructure engineering for an organization experiencing fast-paced growth.
• You are knowledgeable in configuration management with a framework such as Ansible or Terraform.
• You understand the ins and outs of AWS, Linux, and PostgreSQL well enough to teach others how to use them, and can comfortably operate all of them from the CLI.
• You are proficient with a programming language like Python or Ruby, and with shell scripting.
• You are familiar with security best practices and have helped to audit for and remediate security vulnerabilities in infrastructure.
• Your documentation and verbal communication skills are excellent, and you’re able to collaborate and rally support with people on and off your team.
• You are inclined to automate, but can discern when automation isn’t the best solution and present alternatives.
• You’ve worked with continuous integration and deployment systems, and have ideas about how to build and improve them.
• You strongly believe in the importance of security, and enjoy the idea of partnering with engineers to ensure the integrity of our customers’ data.
• You have experience with remote work and understand the importance of good time management, self-motivation, and self-discipline as a remote worker. 

About you

You are someone who loves problem solving. You value simplicity over complexity. You take great satisfaction in helping others be more successful and productive and wouldn’t think to move on without documenting your work so 6-months-from-now you (or anybody else for that matter) can drop back in and understand it. We are interested in someone who wants to help everyone around them better understand how to operate software at scale and who is eager to take on the responsibilities outlined for this role. 

You will be successful at Hypothesis if you:

• Love learning new things,
• Unafraid to ask questions 
• Are committed to improving both as a technologist and a human being,
• Are tenacious, self-directed, and highly motivated,
• Enjoy helping others around you grow as developers and be successful,
• Communicate clearly and effectively (this is especially important in a remote organization), and
• Approach your work with a mindset that allows for growth and change.

What’s next

Does this sound interesting? Drop us a line to tell us what about this role intrigues you and why you think you would be great for Hypothesis. Resumes are helpful, but so are examples of your recent work. We can’t wait to hear from you!

Auth0 is a pre-IPO unicorn. We are growing rapidly and looking for exceptional new team members to add to our teams and will help take us to the next level. One team, one score. 

We never compromise on identity. You should never compromise yours either. We want you to bring your whole self to Auth0. If you’re passionate, practice radical transparency to build trust and respect, and thrive when you’re collaborating, experimenting and learning – this may be your ideal work environment.  We are looking for team members that want to help us build upon what we have accomplished so far and make it better every day.  N+1 > N.

Are you interested in building an amazing customer experience at scale? Do you want to improve your knowledge of security? Would you like to help our customers make their applications more secure? Are you ready to make the internet safer?

The IAM Authorization team at Auth0, develops and maintains the Authorization capabilities of our platform. We work on designing and developing new features and improvements related to security, scalability, performance and functionality to protect and empower our users and take our platform to the next level.

You will have the opportunity to gain a greater understanding and context about how Auth0 works and deepen your knowledge of authorization, security, databases and how to build reliable, highly-available distributed systems.

You will:

• Collaborate with other developers and teams to develop new features, APIs, improvements and fixes to handle our current and future scale.
• Strive to ensure the quality and customer value of our product.
• Learn more, and in depth the domain of IAM.
• Be a part of the team's on-call rotations to make sure we offer our client the best availability for our services.
• Identify and resolve production issues and implement fixes for them.

You might be a good fit for this role if: 

• You have 3+ years of software development experience.
• You have previous experience using Node.js (JavaScript).
• You have created or enjoy creating public APIs.
• Are passionate about working on systems that are highly-reliable, maintainable and scalable.
• You have experience and passion for good engineering practices and testing.
• You have knowledge and experience of data modeling and principles of database systems (relational and non-relational).
• You are a good communicator and enjoy interacting with people.
• You excel when working autonomously, and know when to seek help from your team members.
• You always strive to learn and are interested in improving your security knowledge.
• You are located between UTC-5 and UTC+2

Preferred skills:

• Have 2+ years of experience in the identity and access management (IAM) domain.
• Have front-end development knowledge and some experience with frameworks such as React.
• Have solid experience with cloud environments (e.g: AWS).
• Know about security engineering, authentication and federation protocols, cryptography, and application security.
• Have experience with OAuth2 and/or SAML auth protocols.
• Have solid NodeJS experience.
• Have experience running PostgresQL in a large-scale production environment.

Preferred locations:

• #GMT; #US-E; #AR;

Intergiro is a Swedish FinTech company with a purpose - we’re here to help businesses grow.

We are looking for an Information Security Officer to our HQ in Stockholm or someone to work for us remotely. The person must be citizen or resident of Sweden, Norway, Denmark, Finland, Germany, Netherlands, Portugal (Lisbon), UK or Ireland  

Role Description

The Information Security Officer (ISO) provides the vision and strategies necessary to ensure the confidentiality, integrity, and availability of electronic information by communicating risk to senior administration, creating and maintaining enforceable policies and supporting processes, and ensuring compliance with regulatory requirements.

To support these activities, the ISO coordinates activities with other services, including the evaluation, procurement, and deployment of security-related products and develops and coordinates information security awareness and education programs. Additionally, the ISO ensures that system-wide disaster recovery and incident response plans are in place.

Experience and Qualifications:

• Education: Bachelor’s degree is preferable.
• At least 8 years of varied experience within Information Technology
• At least 2 years of direct experience in information security-related duties
• Experience with computer and networking infrastructure including operating systems, network troubleshooting, firewall administration, Kubernetes configuration, network protocols, routers
• Experience in working with corporate functions and processes including project management, regulatory compliance, risk management, information security policy, and providing training.

Skills:

• Ability to understand hardware and software systems
• Ability to maintain confidentiality in regard to information processed, stored, or accessed by the company’s information systems
• Ability to manage multiple concurrent projects and to reason analytically
• Ability to work with and train people possessing differing levels of technical knowledge
• Effective English verbal and written communication skills and proficiency in writing technical documentation

Essential Duties and Responsibilities:

• Creates information security strategies, both short-term and long-term, in support of the company’s goals and strategies.
• Directs an ongoing, proactive risk assessment program for all new and existing systems and remains familiar with the company’s goals and business processes so effective controls can be put in place for those areas presenting the greatest information security risk.
• Communicates risks and recommendations to the CIO and wider exec team, to mitigate risks by communicating in non-technical, cost/benefit terms and in a format relevant to senior administrators, so decisions can be made to ensure the security of information systems and information entrusted to the company.
• Oversees all ongoing activities related to the development, implementation, and maintenance of the company’s information security policies and procedures by ensuring these policies and procedures encompass the overall security of electronic information at rest or in motion within our environment, assisting all service in local process and procedure development, ensuring alignment to company and regulatory policies.
• Assists all services within the company to ensure regulatory compliance in the area of PCI DSS, GDPR and any other compliance areas that apply over time.
• Ensures vulnerabilities are managed by directing periodic external vulnerability scans of our external facing servers and services.
• Develops information security awareness training and education programs for company staff and contingent workers and participates in awareness and education events, as appropriate.
• Evaluates security incidents and determines what response, if any, is needed and coordinates responses, including technical incident response teams, when sensitive information is breached.