Manager of Security Engineering

April 5

PrizePicks

WebsiteLinkedInAll Job Openings

PrizePicks is the fastest-growing sports company in North America according to the 2023 Inc. 5000 rankings, two years running, and the largest independent skill-based fantasy sports operator in the country.

Spectator Sports

201 - 500

Description

• Develop and Implement IT Security Strategy: Design and execute an organization-wide IT security strategy, in alignment with business objectives, to proactively address potential security threats and vulnerabilities. • Manage Security Policies and Procedures: Develop and enforce comprehensive security policies, standards, and procedures to ensure compliance with industry best practices and regulatory requirements. • Risk Assessment and Compliance: Conduct regular risk assessments to identify areas of vulnerability, evaluate potential risks, and implement appropriate controls to mitigate them. Ensure compliance with relevant data protection laws and industry regulations. • Incident Response and Management: Develop and maintain a security incident response plan, including security incident reporting, investigation, and resolution. Lead the response to security incidents, coordinate with internal stakeholders, and implement necessary remediation measures. • Vulnerability Management: Oversee vulnerability assessment programs to identify potential security flaws and weaknesses. Coordinate the timely remediation of vulnerabilities and provide guidance on security enhancements to systems, networks, and applications. • Security Awareness Training: Develop and deliver security education and awareness programs to educate employees on security best practices, proper handling of sensitive data, and emerging security threats. • Vendor and Third-Party Risk Management: Assess and manage the risks associated with third-party vendors, contractors, and partners. Establish security standards for vendors and perform regular audits to ensure compliance. • Security Incident Monitoring: Implement and manage security tools and technologies for real-time monitoring of systems, networks, and applications. Stay up-to-date with the latest security trends, vulnerabilities, and industry developments to proactively address potential risks.

Requirements

• Bachelor's degree in Computer Science, Information Systems, or a commiserate experience. Relevant certifications such as CISSP, CISM, or CISA are highly desirable. • Proven experience (5+ years) in IT security, information security management, or a related field, preferably within a technology startup environment. • Strong understanding of security frameworks, industry best practices, and regulatory compliance requirements (e.g., SOC2, PCI, ISO 27001). • In-depth knowledge of network security, cloud security, application security, identity and access management

Benefits

• Opportunity to make a significant impact in a high-growth technology startup • Work in an inclusive culture that values individuals from diverse backgrounds • Competitive salary and benefits package