Director of Information Security

What you will do:

You will be a key member of our Engineering team, responsible for security infrastructure. You will act as a lead to coordinate and participate in multiple security efforts. You will proactively identify and assess security risks and advise engineering teams on mitigation strategies. You will be a core player in coordinating compliance audits. In addition, you will define security guidelines, audit, and strengthen Snap! Mobile’s security posture and improve our defensive capabilities in response to identified threats.

Responsibilities:

• Partner with the DevOps team to design a secure infrastructure
• Develop and ensure security guidelines and best practices are being followed via technical controls, automation, and auditing
• Create policies and automation to ensure all systems follow regulatory security standards and compliance.
• Develop strategies to handle security incidents and trigger investigations
• Regularly perform penetration testing and coordinate with engineering teams to address vulnerabilities
• Participate in architecture and design reviews to mitigate security and privacy risks
• Create hardening standards for our infrastructure to minimize attack vectors
• Coordinate compliance audits and assist auditing teams in automation and collection of evidence
• Participate in architecture reviews to represent security concerns.
• Champion and educate the organization about the latest security strategies and technologies
• Manage and drive work related to obtaining and maintaining various security related certifications (e.g: PCI, HIPAA).
• Audit and deploy security tooling for code, network, and resource intrusion detection systems.
• Triage security alerts and take appropriate action

Preferred Experience, Skills, and Abilities:

• Bachelor’s Degree in Computer Science, Cybersecurity, or equivalent experience
• 5+ years of experience using cloud-based infrastructure and experience working specifically with AWS
• 4+ years of experience building systems to secure and monitor infrastructure, deployment, and network communication
• 4+ years of experience writing code in Python, Ruby, or Java
• 2+ years of experience leading and collaborating with cross-functional teams of engineers organized around a particular goal
• Participated in security assessments and advised on both internal and customer security and privacy needs (e.g. SOC2, ISO 27001, GDPR, penetration testing)
• Familiarity with native mobile application security concerns
• Experience with securing Kubernetes clusters (EKS, AKS, or GKE)
• Experience with Terraform and IaC tooling a plus
• Familiarity with native mobile application security concerns
• Strong communication and writing skills

Snap! Mobile is proud to offer the following benefits:

• Medical, Dental, Vision
• 401K with a 4% match from the company
• 13 Paid Holidays
• Unlimited PTO
• Professional Development Opportunities