<link id='css--app'rel="stylesheet" href="/dist/css/app.min.css"> Opportunities – Trilogy

Opportunities

Manager of Security and Compliance at Skilljar
Seattle, WA, US

Skilljar is looking for a Manager of Information Security and Compliance. You will work cross-functionality across the entire Skilljar organization to manage and oversee all aspects of application and corporate security and infrastructure, maintaining a thorough understanding of the current threat and attack landscape and latest security trends and principles. We will rely on your wide-ranging experience in this role as you perform a large variety of tasks - from strategy through implementation. You must be comfortable talking with customers, coordinating audits, and implementing internal policies and procedures across a fast-growing software company. Prior management experience is required, as you grow a team focused on security and IT operations and compliance.

Responsibilities

  • Own strategy and vision around IT enterprise security, application security, vulnerability management and incident management, including owning and maintaining all security policies and procedures for a growth stage SaaS company
  • Collaborate and communicate effectively with product and engineering teams to ensure application security is championed throughout our processes, including regular vulnerability scans and 3rd party penetration testing
  • Drive business results by representing Skilljar security in prospect & customer conversations
    • Respond to customer & prospect security assessments / questionnaires
    • Participate in security review calls w/ customers & prospects
  • Manage SOC2 audit process and assess other certifications (e.g. ISO 27001) as appropriate, designing plans to satisfy regulatory and compliance requirements related to security and privacy.
    • Own the partnership with external auditors and legal
      Review and update existing controls to best balance agile startup environment and meet the security requirements of our customers
    • Coordinate audit processes
    • Cross functional collaboration with HR and Finance for a successful audit
  • Develop and Conduct annual information security awareness training for employees
  • Work with HR to ensure security on Skilljar employee computer systems
  • Work with Executive Leadership to strategize and recommend changes and updates to company-wide processes and policies relating to security.
  • Ensure Skilljar’s continued compliance with existing privacy standards, including GDPR and CCPA.
  • Own and develop other miscellaneous infosec policies and programs outside of compliance

Requirements

  • 5-7 years in security management function, leading initiatives across an organization. Previous company-wide leadership experience is required
  • High-growth startup experience is required, enterprise SaaS experience preferred
  • Experience leading SOC2 audits and managing external service providers
  • Experience reviewing potential corporate vendors with regards to security and compliance with privacy laws (GDPR, CCPA, etc) and conducting audits of existing vendors.
  • Able to communicate security risks in business terms that can be clearly understood at all levels of the organization
  • Deep familiarity with with distributed web applications, and security processes and procedures of agile engineering teams
  • Experience managing and configuring web applications hosted on AWS
  • Experience with MacOS, MDM and endpoint management solutions like Jamf
  • Security configuration and management of corporate productivity software including Google’s GSuite, Slack, SFDC
  • Bachelor’s degree in Computer Science or related field
  • CISSP certification preferred
  • US work authorization and criminal background check are required

Our Benefits

  • Comprehensive Medical Coverage: Skilljar pays 100% of our employee premiums for medical, dental, vision, disability, and life insurance. (PTO and family leave)
  • Flexible Time Off: We believe in a healthy work/life balance and trust our employees to take the time off they need to bring their A-game to work.
  • Benefits Package: Skilljar employees receive a monthly technology reimbursement for remote work, 401K savings plan, stock options, and access to an Employee Assistance Program.
  • Inclusive Culture: We are intentional about creating a culture that is fun and inclusive. Join us for Fun Committee events, trivia nights, Bingo, and more!