IT Security Manager

Summary

Join HopSkipDrive as an Information Security Manager and leverage your expertise to safeguard our technology and sensitive information. You will administer a comprehensive information security program, ensuring compliance with industry standards and best practices. This role requires strong technical skills in IT security, experience with data loss prevention, and a proven track record of success. You will collaborate with various departments and stakeholders to achieve information security program objectives. HopSkipDrive offers a competitive compensation package, including equity, flexible vacation, comprehensive benefits, and the opportunity to work for a fast-growing, VC-backed company.

Requirements

• 8+ years of experience in IT security with a strong understanding of security principles and best practices
• Relevant security certifications (e.g., CISSP, CISM, SANS)
• Strong skills in assessing application misconfigurations, testing effects of secure configuration, and implementing in Production
• Experience with data loss prevention (DLP) technologies and hands-on administration
• 5+ years of hands-on IT administration tasks, including application management, endpoint management, and patch management
• Experience with data classification and labeling
• Track record of success in an environment with similar technologies and processes
• Strong understanding of SaaS security best practices
• Excellent communication, interpersonal, and problem-solving skills

Responsibilities

• Administer a comprehensive information security program encompassing configuration and monitoring of device management solution
• Administer system and application monitoring
• Implement a Data Classification program
• Configure Data Loss Prevention
• Configure Patch Management
• Manage Vulnerability management
• Conduct Security Audit Logging Review
• Manage Incident Response
• Ensure compliance with SOC2 requirements, NIST CSF Framework, and CIS Controls
• Support employee onboarding and offboarding processes and application provisioning and de-provisioning through automation
• Act as primary internal contact for IT matters/decisions with our outsourced IT vendor
• Secure, standardize, and optimize business processes through technical controls in various company projects
• Document procedures and guidelines in coordination with IT vendors
• Manage orders for computer equipment and supplies for new and existing employees, manage expense reporting
• Provide backup for urgent IT matters outside business hours

Preferred Qualifications

• Experience in client incident response
• Experience effectively managing AI Security assessments
• Experience successfully navigating contracts and RFP responses and contract negotiation about information security requirements, ensuring robust protection and compliance

Benefits

• Equity for every full-time employee
• Competitive market compensation
• Flexible vacation
• FSA
• Medical, dental, and vision insurance
• 401(k)
• Opportunity to work for a uniquely positioned, VC-backed company in a hugely attractive space with significant upside potential
• Equity stock options
• Fully remote role in one of the following states: AZ, CA, CO, CT, DC, FL, GA, IL, IN, KS, MA, MD, MI, MN, MO, NC, NJ, NM, NV, NY, OH, OK, OR, SC, TN, TX, UT, VA, WA, WI