Director of Information Security

About Adaptiva 

Adaptiva, the Autonomous Endpoint Management Company, delivers the fastest way to patch and manage endpoints at scale. The company offers OneSite, the first fully adaptive autonomous endpoint management (AEM) platform. IT and cybersecurity leaders use OneSite to gain a hands-free, fully automated approach to speeding the continuous delivery of software, patches, and vulnerability remediations. Hundreds of today’s largest global organizations choose Adaptiva to increase operational efficiency, reduce risk, and maximize patching velocity across millions of endpoints. Learn more at https://adaptiva.com/, and follow the company at LinkedIn, Facebook and Twitter.

About this role  

Adaptiva is looking for an experienced Director, Information Security to oversee and secure our information and technology systems.  This role involves defining the technical strategy and architecture for the security controls required our information security management system (ISMS), and developing the necessary security standards, policies, and procedures. 

The Director, Information Security will be a key partner to system owners’ across the company, providing collaborative leadership and extensive expertise to help develop security controls and risk mitigation strategies.   

The ideal candidate will have strong experience in security compliance, risk management and governance, including hands-on experience with ISO 27002 implementation and audits, SOC2 readiness, and FedRAMP. 

Responsibilities  

• Lead and manage the execution of the information security and privacy program strategy and governance. 

• Provide technical leadership for information security projects. 

• Oversee an information security operational program, including technical and physical safeguards to protect information assets. 

• Develop risk management strategies to identify and mitigate threats and vulnerabilities. 

• Drive the development and management of the information security plan that contains safeguards designed to protect information assets. 

• Manage incidents involving information assets. 

• Oversee day-to-day information security operations, including monitoring, triage of security events, anomaly analysis, threat hunting, and tuning of security systems and tools. 

• Manage and oversee the process of gathering, analyzing, and assessing the current and future threat landscape, providing a realistic overview of risks and threats. 

• Develop, implement, and enforce information security requirements and solutions. 

• Lead the development, adoption and enforcement of information security policies, procedures, and standards. 

• Promote information security within Adaptiva. 

• Leads the education and awareness program of the company’s ISMS. 

• Obtain and maintain ISO 27001 and ISO 27002 certifications for Adaptiva internal IT environment, and penetration testing and SOC 2 Type II certification for Adaptiva’s cloud hosting and datacenter environments.   

• Obtain and maintain FedRAMP certification for the Adaptiva IT environment. 

• Collaborate with other IT engineering and administration disciplines to ensure security best practices are incorporated into the design, implementation and sustainment of systems and services within the company. 

• Advise and consult with internal customers on risk assessment, threat modeling, and vulnerability mitigation. 

• Participate in customer engagements during pre-sales and assist the sales team in closing large enterprise contracts. 

• Lead the design, implementation, proactive management, and troubleshooting of technology infrastructure solutions, including IT infrastructure, network, telecom, security system, surveillance systems, cloud storage, end user devices, management & monitoring solutions. 

• Establish partnerships with internal and external stakeholders and vendors to facilitate problem resolution and identify opportunities for using technologies to automate and streamline business processes, ensuring they are secure, reliable, efficient, and cost-effective. 

Requirements 

• Bachelor’s degree in Computer Science, Information Security, or a related field.   

• 5+ years of experience in a combination of Risk Management, Information Security, and Information Technology positions. 

• Professional security management certifications such as CISSP, CISM, CISA, or equivalent are strongly preferred. 

• In-depth knowledge of information security principles, risk management, and regulatory requirements (e.g. FedRAMP). 

• Skilled in implementing risk management frameworks e.g. ISO/IEC 27001. 

• Experience with contract and vendor negotiations and management, including managed services. 

• Expertise in global and industry-specific compliance requirements, such as GDPR, SOC2. 

• Self-starter with excellent multi-tasking and time management skills. 

• Excellent communication and presentation skills with the ability to convey complex security concepts to non-technical audiences. 

• Strong decision-making, problem-solving skills. 

How to apply 

Send your resume and cover letter in .PDF format to careers@adaptiva.com   

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status.   

Adaptiva does not provide visa sponsorship for this position and participates in E-Verify for work authorization.   

The annual base salary range for this position is between $160,000 – $185,000.  The range provided is broad and takes into consideration a wide range of factors that are reviewed when making a hiring decision, such as years of experience, skills, location, and other business needs.   

The base salary is one component of the total compensation package, which for some roles may include a performance bonus and very generous benefits.   

Adaptiva does not accept unsolicited head-hunter and agency resumes.