- B2B
- Early StageStartup in initial stages
Director of Security
- $100k – $130k • 0.005% – 0.01%
- 2 years of exp
- Full Time
Reposted: 1 month ago
Visa Sponsorship
Available
Remote Work Policy
In office
RelocationAllowed
Skills
Security
HIPAA
Docker
Kubernetes
PCI DSS
HITRUST
About the job
Gridspace is looking for a Security Lead to manage compliance and security operations. The candidate should be organized, thorough, and have a strong technical background in IT, systems administration, and/or network engineering. Most importantly, candidates should have a desire to work with a world-class engineering team to secure massively scaled cloud services.
Technical responsibilities will include:
- Become the primary security expert for multiple product lines, and act as the point of contact for engineering and security.
- Support engineering with implementing security fixes, ensuring security scanners are utilized correctly, and develop strategies to proactively secure the architecture.
- Help to automate common security tasks and patterns.
- Research and analyze the latest capabilities of specific Information Security (e.g. Cloud services, encryption, PKI etc.) and IT technologies (e.g. operating systems, networks, storage, virtualization etc.).
- Manage the IT infrastructure including endpoint management, single sign-on, anti-malware, event notifications, etc.
- Assist co-workers in maintaining security of their devices and processes.
Operational responsibilities will include:
- Familiarize yourself with common private sector security standards including PCI, HITRUST, and SOC2.
- Act as the primary contact with all security compliance audits and client due diligence questionnaires.
- Work directly with partner teams to understand our corporate infrastructure and business operations solutions and serve as subject matter expert to identify key risks to our security posture.
- Create threat models for both external and insider threats that directly influence designs, risk tolerance, and roadmaps.
- Maintain the schedule of daily, weekly, monthly, and annual compliance related tasks.
- Lead the physical security efforts of Gridspace assets and properties.
- Run company-wide phishing tests, security awareness training, and regular status meetings with management.
- Manage and evaluate third party services and vendors.
You have:
- Strong technical aptitude with project management skills, capable of learning emerging products and creating plans to support the business
- Experience with GCP, Kubernetes, or distributed cloud-based environments
- Experience working in a high security and/or highly regulated industry. We would love to have you take the essentials of what you’ve learned and apply them to the unique challenges Gridspace faces
- Experience securing large Python codebases is a plus
- Experience managing a SIEM such as SumoLogic
- Experience with endpoint management and security such as JumpCloud and Crowdstrike Falcon is a plus
- Experience with performing or managing network and application penetration tests
- Experience achieving PCI, HITRUST, SOC2, or FedRAMP certifications are a plus
- Experience with managing outside vendors and customer relationships is a plus
- Military experience is a strong plus
About the company
11-50
Artificial Intelligence
Enterprise Software Company
- B2B
- Early StageStartup in initial stages
Perks
Incredible Healthcare
Among the best healthcare plans in the country.
401k
Retirement with matching.
Stock
Gridspace is primarily owned by its team.
Flexible Vacation Policy
Startups afford a lot of vacation flexibility.
Stocked Kitchen and Bar
A full kitchen, cafe, and bar.
Gym
We offer a nextdoor gym membership for all employees.
Similar Jobs
Gridspace
State of the art voice technology and automation for customers, patients, and call centers
Trade Desk
A media buying platform built for what matters
Turo
Book unforgettable cars from trusted hosts around the world
Rula
Our mission is to make mental healthcare work for everyone