Director of Security – GRC

🕒 vor 1 Monat

🇺🇸 Vereinigte Staaten – Remote

💵 $180.000 - $220.000 / Jahr

⏰ Vollzeit

🔴 Experte

👮‍♂️ IT-Sicherheitsingenieur

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Censys

WebsiteLinkedInAlle Stellen

51 - 200 Mitarbeiter

Gegründet 2017

🔒 Cybersecurity

🏢 Unternehmen

Cybersecurity • Enterprise • Data

Censys ist eine führende Plattform für Internet-Intelligenz, die sich auf Bedrohungsjagd und Management der Angriffsfläche spezialisiert hat. Sie bietet Sicherheitsteams eine umfassende, genaue und aktuelle Karte des Internets, um Angriffe abzuwehren und Bedrohungen aufzuspüren. Censys bietet Lösungen für Cloud-Asset-Discovery, Exposure- und Risikomanagement sowie externes Angriffsflächen-Management. Die firmeneigene Internet-Karte liefert detaillierte Einblicke und umfangreiche Internet-Scan-Fähigkeiten, die es Organisationen ermöglichen, interne und externe Angriffsflächen kontinuierlich zu überwachen. Gegründet von den Entwicklern von ZMap an der Universität von Michigan, ist Censys tief in der Open-Source-Sicherheitsgemeinschaft verwurzelt und verfügt über eine große Gemeinschaft der Internet-Intelligenz. Censys befähigt Organisationen, einschließlich derer im Finanzsektor, der Regierung und dem Gesundheitswesen, schnell auf sich entwickelnde Bedrohungen zu reagieren und ihre internetgerichteten Vermögenswerte effektiv zu schützen.

Beschreibung

• Own, build, and scale the team and systems for Censys’ corporate security infrastructure • Own company security needs from endpoint provisioning to deploying tools that improve our overall security posture while keeping things simple for all employees • Manage the Security team; delegate day-to-day workloads and ensure coverage of critical functions during PTO to maintain a high SLA • Own the complete endpoint lifecycle including provisioning, application deployment, security controls, and asset retirement • Work closely with internal teams to enforce compliance across endpoints and help users understand how security policies impact their daily work • Manage and secure cloud environments and coordinate security configuration of software and tools • Develop and deliver Security Awareness Training to internal users • Collect and create documentation for security processes and build out a knowledge base for the team • Design, implement, and manage the company’s Data Loss Prevention (DLP) program, including policies, tooling, and enforcement across endpoints, cloud, and email • Own and operate the insider threat program, including behavioral monitoring, investigation workflows, and coordination with Legal, HR, and senior leadership as required • Partner with engineering and infrastructure teams to ensure security telemetry and logging coverage meets both operational and compliance requirements • Lead the development and implementation of Censys’ compliance strategy to achieve and maintain compliance with ISO 27001, SOC 2 Type 2, UK NCSC Cyber Essentials+, and CMMC, in partnership with the Security and Operations teams • Develop, review, and update organizational policies and procedures to align with compliance and governance requirements • Oversee timely responses to security questionnaires and other sales requests relating to organizational and product security and privacy • Validate and respond to inbound legal process as required by federal law • Assist in the procurement process to review proposed purchases for security and privacy concerns • Manage control and process libraries • Conduct ongoing risk assessments • Other duties as assigned

🎯 Anforderungen

• 10+ years of progressive experience in cybersecurity, with at least 3 years in a senior leadership or Director-level role • Demonstrated experience owning and operating enterprise security programs including DLP, insider threat, and detection and response • Deep familiarity with compliance frameworks including ISO 27001, SOC 2 Type 2, CMMC, NIST, and GDPR • Experience building and managing security telemetry, SIEM, and detection engineering programs • Strong understanding of cloud security (AWS, GCP, or Azure), endpoint security, and identity and access management • Proven ability to lead, mentor, and grow a high-performing security team • Excellent written and verbal communication skills, with the ability to convey complex security concepts to executive leadership, legal, and non-technical stakeholders • Experience managing security incident response, including coordination across Legal, HR, and executive leadership • Background in security program development within a high-growth or scale-up environment.

🏖️ Vorteile

• 401k match • health • vision • dental • and more!