Senior Director, Cybersecurity

Job not on LinkedIn

October 1

Apply Now

Receive Emails with Similar Jobs

Bugcrowd

WebsiteLinkedInAll Job Openings

Cybersecurity • SaaS • Enterprise

Bugcrowd is a leading platform that provides continuous security testing solutions, enabling organizations to stay ahead of cyberthreats. By leveraging a global community of trusted security researchers, Bugcrowd offers services such as penetration testing as a service, vulnerability disclosure, bug bounty programs, and attack surface management. The company assists industries such as financial services, healthcare, and technology in identifying and prioritizing vulnerabilities, ensuring proactive protection against potential cyber attacks. Driven by data and AI, Bugcrowd's comprehensive approach integrates seamlessly with existing systems to streamline the remediation of security issues, enhancing the overall security posture of its clients.

201 - 500 employees

Founded 2012

🔒 Cybersecurity

☁️ SaaS

🏢 Enterprise

💰 $30M Series D on 2020-04

📋 Description

• Define the Cyber Security Strategy for Bugcrowd and identify areas of improvements to the threat landscape, internal risk tolerance objectives, and/or compliance objectives. • Ensure the technical aspects of vendor acquisitions and tools are safe for Bugcrowd’s use, in unison with the IT and compliance teams. • Assess corporate technology systems, determine strategy for changes, enhancement and improvements; recommend and implement the same, from the perspective of cyber security. • Carry out and fulfill the cyber security strategy of bugcrowd, proactively improving the security posture with time. • Work with GRC to assist in designing, develop, implement and coordinate areas of policies and procedures for compliance with SOC-2, NIST 800-53v4, ISO27001,ISO27018, and FedRAMP. • Represent Bugcrowd in the internal and external audits for SOC-2, ISO27001, and ISO27018.

🎯 Requirements

• Proven work experience leading Cyber Security (penetration testing, red teaming, GRC, IR, secure development, and security architecture) in a startup and growing with the organization. • Excellent knowledge of technical security controls, including cloud, web application, infrastructure, IT, and compliance. • Experience in data governance, data architecture, data flow and system architecture to optimize the same. • Hands-on experience with penetration testing, red teaming, and security patch bypass testing. • Ability to work independently and must have strong organizational and communication skills. • Systems / Software (detailed knowledge of the following stack): Mac OS, Python, JavaScript, Ruby, Golang, Java, Kotlin, Postgres, GSuite, Cisco Umbrella, Netskope, Crowdstrike, GitHub, AWS, Heroku, Cloudflare, DataDog, JAMF, etc. • Familiarity with Jira is a plus. • Experience related to and assistance with ISO27001, ISO27018, NIST 800-53v4, and SOC2 audits is compulsory. • Degree in Computer Science, cyber security, MIS or equivalent experience desirable but not required. • Experience in cyber security with demonstrations of responsibility and technical excellence. • Must be eager to work hard, to learn many new skills, solve problems, and integrate tightly with the rest of the team. • Willingness to support a global organization with limited staff via off hours activity while maintaining a healthy work-life balance.

🏖️ Benefits

• The ideal candidate must be able to complete all physical requirements of the job with or without reasonable accommodation. • Sitting and / or standing - Must be able to remain in a stationary position 50% of the time. • Carrying and / or lifting - Must be able to carry / move laptop as needed throughout the work day. • Environment - remote, work-from-home 100% of the time.