Remote Senior Manager, Infrastructure Security

Summary

Join our team at Scribd as we create a world of stories and knowledge, democratize the exchange of ideas and information, and empower collective expertise through our three products: Everand, Scribd, and Slideshare. We support a culture where our employees can be real and be bold; where we debate and commit as we embrace plot twists; and where every employee is empowered to take action as we prioritize the customer.

Requirements

• 10+ years of progressive Engineering and Security experience, with 4+ years in a leadership role
• Proven experience in developing an Infrastructure Security strategy, building Security teams in a SaaS environment, and implementing cybersecurity controls
• Expertise with Infrastructure Security control Platforms, including defining and implementing Security controls such as access control policies, vulnerability management, security training, PCI, and SOX
• Strong leadership skills, with excellent written and spoken communication abilities, enabling effective engagement with stakeholders at the Director, VP, and Executive levels
• Proven ability in identifying and remediating security gaps and vulnerabilities, with a strong engineering background that enables a deep understanding of complex architectures and technologies
• Ability to articulate Security issues and recommendations in non-technical terms
• Familiarity with Security governance such as NIST’s Cybersecurity Framework
• Knowledge of project management and systems development methodologies, including waterfall and Agile approaches
• Strong technical expertise in Security architecture, data integration, and networking infrastructure
• Experience integrating and optimizing solutions based on cloud-native SaaS platforms, and proficiency in maintaining SaaS Infrastructure applications, including AWS, Datadog, GCP, and more
• Strong team-building, organizational, and staff development skills
• High degree of initiative and ability to make informed decisions based on industry best practices and standards

Responsibilities

• Develop and execute the strategic vision for the Infrastructure Security department
• Advocate for Security’s importance in our organization, prioritize mitigating risk exposure, while endorsing technology to boost efficiencies and, where feasible, augment cost savings
• Collaborate with Executive Management to align both strategic and tactical plans with business goals and priorities
• Collaborate across multiple teams within Engineering including our Product and IT Security teams to manage the organizational Security vision and co-lead the maturation of our security posture
• Establish an effective Infrastructure Security Governance function, prioritizing Security tasks and defining service-level agreements
• Develop reporting and metrics to measure Security impact and value while ensuring compliance with regulatory requirements and internal policies
• Design and implement an integrated security solution for cloud-native SaaS applications, ensuring their robustness and scalability
• Evaluate and optimize solutions based on SaaS platforms, such as AWS, Datadog, and other security vendors
• Ensure data accuracy and integrity, including the use of vulnerability tracking systems, to support timely and accurate business decisions, for the implementation of security measures to protect against cyber threats
• Collaborate with our Engineering, IT, and Legal teams to mature our Security Platform and implement controls to meet regulatory requirements, including access control policies, vulnerability management, security training, PCI, and SOX
• Develop and implement Infrastructure Security operational processes, including improvements to change management and incident/service request management
• Ensure the secure operation of infrastructure and application systems, including our cloud SaaS platform, with a focus on proactively addressing vulnerabilities and mitigating risks
• Recruit, lead, and mentor a high-performing Infrastructure Security team, fostering growth and maturity within the department
• Define roles, responsibilities, and team structure for the Infrastructure Security team

Benefits

• 100% paid for employees Healthcare Insurance Coverage (Medical/Dental/Vision)
• 12 weeks paid parental leave
• Short-term/long-term disability plans
• 401k/RSP matching
• Tuition Reimbursement
• Learning & Development programs
• Quarterly stipend for Wellness, Connectivity & Comfort
• Mental Health support & resources
• Free subscription to Scribd + gift memberships for friends & family
• Referral Bonuses
• Book Benefit
• Sabbaticals
• Company wide events
• Team engagement budgets
• Vacation & Personal Days
• Paid Holidays (+ winter break)
• Flexible Sick Time
• Volunteer Day
• Company-wide Diversity, Equity, & Inclusion programs