Director of Information Security – Mountain View, CA
We are looking for a full-time Director of Information Security to work from our headquarters in Mountain View, CA.
The Director of Information Security will be responsible for all things security. Partnering with Engineering, Product, Compliance, Legal, and the senior leadership team to protect sensitive company and customer information, you’ll be accountable for designing, implementing, managing and reporting on security controls. Be the leader of an effective information security management program and manage multiple security service providers that enable Redis Labs to meet security best practices. This role will interact with both internal and external auditors to ensure that Redis Labs maintains the highest compliance standards.
Our ideal candidate will be a hands-on self-starter who is able to present to senior leadership and the board of directors. You will have a background with high-growth SaaS companies, experience with U.S. Government and general Public Sector and regulatory information security management. You must have high integrity, strong analytical and communication skills, and the ability to operate in a fast paced, startup environment.
You will provide insights and sound business advice to the CFO and executive management team.
- Manage the delivery of all day-to-day information security operations, policies, architecture and governance.
- Manage and enhance the Security and Network Operations Centers systems, procedures, training and remediation protocols.
- Work with outside vendors as appropriate for items such as scanning, incident response and penetration testing.
- Partner with Legal, Compliance, Finance, IT, HR and other departments to enhance Information Security and Data Privacy standards and policies, while using consistent metrics to measure effectiveness.
- Partner with IT, Legal and Compliance to develop Incident Response and Insider Threat Detection and Response programs, teams and committees.
- Maintain relationships with external regulators such as SOC 2 auditors, ISO27001, and FINRA associations.
- Maintain ownership of the development, compliance and exceptions to information security policies, standards and procedures.
- Partner with Engineering to implement Privacy by Design and “shift left” secure development practices in the Software Development Life Cycle.
- Advise all departments in the identification, development, implementation and maintenance of security policies, processes and programs designed to reduce company risk, quickly respond to any security incidents, and limit exposure to liability in all areas of physical, government regulatory and information security.
- Direct the development and enforcement of information security and privacy policies in compliance with industry standards, as well as federal and state regulations.
- Be responsible for the development of an ongoing Information Security Awareness and Knowledge program to ensure that employees are aware of threats and privacy risks.
- Execute key tasks and projects by the Security team, ensuring that they stay on track with goals and timelines.
- Manage relationships with 3rd party providers of service delivery and security monitoring and/or tools to ensure assets are being protected.
- Identify and recommend potential areas where existing data security policies and procedures require change, or where a supplement is required to mitigate key security risks. Partner with various business areas to enhance security policies and procedures.
- Facilitate internal and external penetration testing and audit participation (where applicable).
- Lead Incident Management, including the identification, response, investigation and remediation of potential breaches of and issues surrounding information security.
- Develop and maintain a knowledge base for frequently asked questions about Security.
- Minimum of 10 years of experience in information security, with increasing leadership responsibilities and strong business acumen
- Certification(s) in CISSP-ISSMP, CISA, CISM, GCIA or CCM
- Experience with industry and regulatory standards, especially SOC2, ISO 27001, ITIL, COBIT, PCI DSS, GDPR and NIST
- Experience with the identification, handling and safeguarding of Controlled Unclassified Information (CUI), Covered Defense Information (CDI) and Cyber Incident Reporting as prescribed in NITS 800-171
- Experience with Facility Security Clearance (FCL) and Defense Security Service (DSS) security frameworks, Incident and Insider Threat protocols as prescribed in Technology Control Plans (TCP) or Special Security Agreement (SSA)
- Bachelor’s or Master’s degree in Computer Science (or equivalent)
- Must have a diverse security background with knowledge in several areas including: developing and implementing layered security architecture; internet protocols; firewalls; VPN technologies, anti-virus and spam technologies; risk and vulnerability assessments; compliance, etc.
- Ability to work collaboratively and effectively with a cross-section of the Information Technology team and the business organizations to implement information-security-related standards and initiatives
- Working knowledge of systems auditing concepts
- Ability to evaluate risks to the company, articulate issues, develop consensus, raise awareness, and provide and implement solutions
- Strategic thinking and planning; capable of building a roadmap for achieving strategic business goals
We have been named one of the “Best Places to Work in the Bay Area” and ranked the fastest growing Enterprise Software company in Silicon Valley. We offer a competitive compensation package; an employee stock option program; medical, dental and vision coverage; unlimited PTO, 401K and more. For more info visit: https://redislabs.com/
As an equal opportunity employer, Redis Labs Inc. is committed to a diverse workforce. Employment decisions regarding recruitment and selection will be made without discrimination based on race, color, religion, national origin, gender, age, sexual orientation, physical or mental disability, genetic information or characteristic, gender identity and expression, veteran status, or other non-job related characteristics or other prohibited grounds specified in applicable federal, state and local laws. It is also our policy to comply with all applicable federal, state and local laws respecting consideration of unemployment status in making hiring decisions. For more information about equal employment opportunity protections, please view the ‘EEO is the Law’ poster.
To ensure reasonable accommodations are provided to individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans’ Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact email@example.com or (415)930-9666 for assistance.
Location: Mountain View, CA