Director of Information Security
Urbint
Job highlights
Summary
Join Urbint as their Director of Information Security, reporting to the CPTO. You will be responsible for developing and implementing a comprehensive information security program to protect Urbint's and its customers' data and systems. This strategic role requires strong technical expertise and leadership skills to collaborate across departments and ensure security is integrated into all operations and products. You will lead a small team of security professionals, manage security monitoring and response, and collaborate with other teams to integrate security best practices into the development lifecycle. The ideal candidate possesses a Bachelor's degree in a related field, 8+ years of experience in information security (3+ years in a leadership role at a software company), and in-depth knowledge of security principles and technologies. This position offers a competitive compensation package and various benefits.
Requirements
- Bachelor's degree in Information Security, Computer Science, or a related field
- 8+ years of experience in information security, with at least 3 years in a leadership role at a software company
- In-depth knowledge of information security principles, technologies, and best practices
- Hands-on experience with security tools such as SIEM, IDS/IPS, firewalls, and encryption technologies
- Familiarity with SaaS cloud security, particularly in GCP, Azure, or AWS environments
- Strong understanding of web application security concepts, including OWASP vulnerabilities and common attack vectors
- Proven ability to lead and develop a security team
- Strong communication and interpersonal skills, with the ability to influence and drive change across the organization
- Ability to balance strategic thinking with hands-on execution
Responsibilities
- Develop and implement a company-wide information security strategy for both Urbint’s products and internal systems
- Establish and maintain security policies, standards, and procedures
- Ensure compliance with relevant regulatory requirements (e.g., SOC 2, ISO 27001)
- Be the designated privacy officer for Urbint
- Conduct regular risk assessments and vulnerability analyses
- Identify and prioritize security risks; develop and implement mitigation strategies
- Develop and maintain an incident response plan to guide the organization’s response to security breaches
- Oversee incident response planning and execution, including post-incident analysis and remediation
- Develop and test the business continuity/disaster recovery plans for Urbint
- Lead the creation and management of responses to customer cybersecurity questionnaires, ensuring accuracy and alignment with our security policies and practices
- Work closely with sales and customer success teams to address customer security concerns and communicate our security posture effectively
- Foster a culture of security awareness, conduct security training
- Build, mentor, and lead a small team of security professionals as Urbint’s needs grow
- Lead the SRE team operating and securing Urbint’s US production SaaS environment, creating a secure platform for all products
- Manage security monitoring, threat detection, and response activities for Urbint’s corporate infrastructure and products
- Ensure regular security testing, including penetration testing, vulnerability scanning, and code reviews
- Spec and manage common security tools (e.g., SIEM), enabling the operations and development teams to use the tools for their product areas
- Collaborate with IT, DevOps, product development, and other teams to ensure security best practices are integrated into the development lifecycle (SDLC)
- Ensure the SDLC covers testing, developing, architecting, and managing secure systems including e.g. penetration and fuzz testing, DAST, SAST, threat modeling, S-BOM generation and management, and data encryption policies
- Assess and manage security risks associated with third-party vendors and partners
- Implement and enforce security requirements in vendor contracts
- Regularly report on the status of the information security program to executive leadership
- Communicate security risks and issues effectively to non-technical stakeholders
- Lead security awareness training for all employees
Preferred Qualifications
Relevant certifications such as CISSP, CISM, CISA, or equivalent are strongly preferred
Benefits
- Competitive compensation package
- Generous Paid Time off, Paid Company Holidays including Mental Health Days
- Premium Medical Insurance including eligible dependants
- Life Insurance, Short Term Disability Insurance, Long Term Disability Insurance
Share this job:
Similar Remote Jobs
- 📍United States
- 💰$180k-$250k📍United States
- 💰$144k-$174k📍Canada
- 📍India
- 📍Worldwide
- 💰$208k-$358k📍United States
- 📍United States
- 📍United Kingdom
- 💰$100k-$150k📍Philippines