Head of Corporate & Product Security

SecurityScorecard is an industry-leading cybersecurity company backed by Google, Sequoia, and Riverwood. Our mission is to make the world a safer place. We measure your vendors' cyber-health by assigning a security rating of "A" through "F" based on outside-in, non-intrusive data. Our Comprehensive security ratings, advanced data analytics, and actionable insights discover Third-Party Vulnerabilities & Security Gaps In Real-Time.

SecurityScorecard is headquartered in NYC with 450+ employees globally as a remote first company. Our culture has helped us be recognized by Inc Magazine as a "Best Workplace," "Best Places to Work in NYC" by Crain's NY, and one of the 10 hottest SaaS startups in NY for two years in a row.

—-------

Security Scorecard is looking to hire a Head of Corporate and Product Security. This key role will own the protection of our Corporate IT systems and raise the security bar of Security Scorecard’s products. The role is an opportunity to implement security programs from the ground up. You’ll be guiding Security Scorecard to focus on the systems, services, and processes that protect our most valuable resources, communicate with leadership, legal, and software development teams. This role will report directly to the CTO, with access to the CEO, C-suite, and Board of Directors.

• Develop enterprise-wide security programs
• Train our staff about all aspects of Security
• Proactively monitor threats and take preventive measures
• Identify, report, and control incidents
• Own regulatory compliance such as Soc2, FedRamp, GDPR. 
• Integrate security best practices into our SDLC
• Communicate and report risks to Senior Leadership

Please note that you may be required to perform additional job responsibilities as assigned. 

• Hands on in implementing, installing, and operating security tools
• Working knowledge of MITRE ATT&CK techniques and common attack vectors
• Bias towards action. Why wait until tomorrow if something can be done today?
• Experience communicating and partnering with different levels of product organizations
• Passionate about establishing good testing practices, new tools/technologies, and improving processes
• Can influence through partnerships, instead of edicts
• Experience with on-premise and Cloud technologies
• Experience with FedRamp accreditation and compliance nice to have
• Strong strategy and program planning skills
• Passionate and Knowledgeable in security and dedicated to self-development
• Be data-driven and able to quantify impact and changes over time

• Competitive salary
• Comprehensive benefits including healthcare, life, disability, and wellbeing benefits
• Tax advantaged accounts including HSAs and FSAs
• New Parent Leave (after six months)
• Unlimited PTO
• Access to learning platform & company professional development events
• Employee Referral Bonus
• 401(k)  
• Company Wide Employee Monthly Wellness Day 
• Additional benefits including employee stock options, tuition reimbursement, EAP, and more

—-------

Solutions Focused: We identify problems then quickly shift to solutions.

Customer Centric: We are obsessed with making our customers happy.

One Scorecard:  We are one team that embraces diversity, fun and collaboration.

Resilient:  We persevere through obstacles.

Embody #SecurityDNA: We practice what we preach.

https://securityscorecard.com/awards

Top 10 Cybersecurity Experts 2021 - Dr. Aleksandr Yampolskiy

CEO of the Year - Dr. Aleksandr Yampolskiy

Best Cybersecurity Company

Deloitte Technology Fast 500

The Forrester New Wave Leader, Cybersecurity Risk Rating Platforms

If you are a resident of Colorado, New York City, California, or Washington State, please email us at [email protected] to receive compensation information for this role.

SecurityScorecard is committed to Equal Employment Opportunity and embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skill sets, ideas, and perspectives. We make hiring decisions based upon merit and do not discriminate based on race, color, religion, national origin, sex or gender (including pregnancy) gender identity or expression (including transgender status), sexual orientation, age, marital, veteran, disability status or any other protected category in accordance with applicable law. 

We also consider qualified applicants regardless of criminal histories, in accordance with applicable law. We are committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or an accommodation due to a disability, please contact [email protected].

Any information you submit to SecurityScorecard as part of your application will be processed in accordance with the Company’s privacy policy and applicable law. 

SecurityScorecard does not accept unsolicited resumes from employment agencies.