компания "wrike" n.b. please respond in english only. as a head of security you will be responsible for leading and managing all aspects of information security and security engagements, such application security, information security, compliance, incident response, vendor management and others. you & your team will provide cybersecurity subject matter expertise, often interfacing with client security stakeholders, product and data teams, it stakeholders. you will be heading up an internal team of skilled security professionals and will be responsible for their growth and development. wrike is a leading saas platform with a strong focus on security, holding major certifications such as soc2 type 2, soc3, iso 27001/27017/27018/27701, csa star what wechr(39)re looking for: a solid cyber security experience, strong understanding of application and information security. experience with risk management, compliance, hands-on experience working with auditors and achievement of relevant certification levels. hands on managerial & leadership experience be able to work creatively and analytically in a problem-solving environment. an innovative and strategic driven mindset. strong communication skills, being able to work effectively with staff and colleagues across all departments. experience with hardening of it and production (onprem, cloud) infrastructure. security engineering background is highly beneficial. daily: develops and manages security compliance metrics and reporting for technical and non-technical stakeholders. directs multiple information security functions in support of a business to ensure that all applications, infrastructure, procedures, contracts, and services comply with rules and regulations, internal standards and policies for information security. identify and recommend changes to the security controls, assessing potential risks to data and systems, and provide recommendations on mitigation of these risks to acceptable levels and shоwownership in following through implementation. work with auditors, vendors and enterprise customers to support and expand security scope, certification and obligations. team management security team general responsibilities: responsible for monitoring, analyzing, triaging and escalating internal security events for cloud and on prem. application security, code review, architecture reviews. tracking indicators of attack and indicators of compromise across the organization regardless of environment, including but not limited to cloud, on-premise etc. in addition, collaborates with cross-functional technical resources to identify and develop workflow automation, tool integration, configuration of security alerts, and automated monitoring. responds to cybersecurity events, identifies attack vectors, isolates, and removes unauthorized access. researches and evaluates cybersecurity threats and performs root cause analysis as part of event triage. assists in the creation and implementation of security solutions as well as reporting & applicable management / business impacts information reporting.
Адрес
Санкт-Петербург