Security and Compliance Manager

The Security and Compliance Manager will be responsible for spearheading all facets of information security, including compliance, risk management, vulnerability management, and daily security operations. They will develop and implement robust security measures, lead policy development, ensure compliance with relevant regulations, manage security risks, and oversee the day-to-day security posture.

Requirements

• Develop, implement, and manage comprehensive security and privacy compliance programs.
• Stay current with relevant laws, regulations, and industry standards, ensuring the organization's adherence to applicable requirements.
• Identify, assess, and prioritize information security risks.
• Collaborate with stakeholders to develop and implement risk mitigation strategies.
• Conduct regular risk assessments and provide recommendations for risk reduction.
• Design and implement security architecture and controls that align with industry frameworks.
• Oversee and continuously improve security tool efficacy.
• Design and implement a robust vulnerability management program.
• Conduct regular vulnerability assessments, analyze results, and coordinate remediation efforts.
• Stay informed about emerging threats and vulnerabilities, ensuring timely and effective response measures.
• Develop and maintain responsive security operations that deliver comprehensive monitoring, advanced detection capabilities, and high-fidelity alerting.
• Oversee day-to-day security operations, including incident response, threat detection, identity and access management, and monitoring.
• Lead the development and implementation of security policies, standards, and procedures.
• Lead incident response exercises to continually fine tune procedures.
• Collaborate with IT and other departments to integrate security measures into the organization's infrastructure and processes.
• Utilize a continuous improvement process for all security related systems, toolsets, services, and procedures to ensure that everything is meeting business needs.
• Develop and enforce data governance policies and procedures.
• Develop and implement safeguards to monitor the use of artificial intelligence.
• Regularly audit data to ensure that policies are properly implemented and utilized.
• Ensure data access controls and encryption are deployed appropriately.
• Provide leadership and guidance to the security team, fostering a culture of continuous improvement and innovation.
• Mentor junior team members and facilitate knowledge sharing within the team.
• Collaborate with other departments to promote a security-aware culture throughout the organization.

Benefits

• $0 Healthcare option
• company contribution to Health Savings Account with enrollment in a qualifying plan
• 401(k) plus company match
• Professional Development funds
• Flexible Time Off (FTO) plus 11 company holidays
• 4 weeks Parental/Caregiver Leave
• company paid family building/fertility benefits through Progyny
• Dental and Vision Insurance
• company paid Life/AD&D, short term and long term disability insurance