Head of Security – IT

Job not on LinkedIn

October 27

Apply Now

Receive Emails with Similar Jobs

Skylight

WebsiteLinkedInAll Job Openings

Hardware • B2C • Retail

Skylight is a company that offers digital picture frames and calendar devices designed to bring families together and simplify household organization. Their products include a Skylight Frame, which allows users to share photos and videos with loved ones through an anti-glare touchscreen display, and the Skylight Calendar, which displays everyone's schedules in one interactive device. These products are easy to set up, do not require a subscription, and aim to keep users connected and organized. Skylight frames and calendars are touted as great gifts, especially for keeping family memories alive and ensuring ease of communication among multiple family members.

11 - 50 employees

Founded 2015

🔧 Hardware

👥 B2C

🛒 Retail

💰 Venture Round on 2020-09

📋 Description

• Define and own Skylight's end-to-end security strategy and roadmap. • Balance long-term planning with hands-on execution as a solo practitioner. • Ensure ongoing compliance with all adopted frameworks and certifications. • Manage relationships with security vendors and partners: pen testers, bug bounty programs (we currently work with Hacker One), auditors, SaaS providers (Okta, Google, etc.), and more. • Build playbooks for identifying, responding to, and recovering from any future security incidents. • Triage and lead responses to reports, alerts, and potential threats. • Ensure that customer service has the information, training, and support they need to respond to questions about data privacy and security. • Drive initiatives in areas like device management, endpoint protection, etc. • Oversee identity and access, endpoint protection, monitoring, and incident response practices. • Implement security training that is genuinely helpful and approachable for every employee. • Partner with Engineering and Product to further embed best security practices into our development cycles without slowing velocity. • Clearly communicate risks, posture, and progress to stakeholders and leadership.

🎯 Requirements

• 7+ years in cybersecurity or a related field. • Proven track record designing and scaling security programs in fast-growing environments. • Solid foundation in identity and access, endpoint/device management, detection and response, and governance. • Experience managing bug bounty programs, identity security, and phishing-prevention tools/campaigns. • A+ communication skills: you can engage engineers, customer service reps, and executives with clarity and pragmatism. • Passion about protecting customer data as an act of rigor and care, not just compliance. • Pragmatic and resourceful autonomy: You are able to prioritize, sequence, and execute without over-engineering and without explicit direction. • Genuine enthusiasm for serving our customers by protecting their precious data.

🏖️ Benefits

• Competitive Salary + Equity Package • 401K matching • Wellness, learning, and home-office budgets • Health, Dental & Vision Medical Plans • Tremendous autonomy to set the direction of your work • Unlimited PTO • Company holidays on the first Friday of every month (Except November & December)