This job has expired, please see additional jobs below
Director, Information Security
Billtrust
Lawrenceville, NJ, United States
Job Details - this job has expired, please see similar jobs below
Overview
It's not just cliché. The heart of Billtrust is our people. Our executives know it, our co-workers believe it, and our clients recognize it. Billtrust is enjoying remarkable success with significant year-over-year growth over the past 15 years. And, we're transforming the industry with leading-edge technologies that enable us to deliver our payment cycle management solution from the cloud. Our team members not only drive that expansion, they benefit by it with empowerment and rewarding professional progress.
Billtrust: where talent and opportunity meet. Work Hard. Have Fun. Make History.
We're excited to move into our new, modernized company headquarters - Starting June 2018, our home will be located at 1009 Lenox Dr, Lawrenceville, NJ 08648.
What you'll do
Billtrust is seeking a Director, Information Security to evolve and maintain an enterprise-wide security and privacy program. You will work closely with Systems, Networking, Software Development and other teams to ensure information security is at the forefront of consideration across the enterprise, while working closely with Compliance for activities relating to the availability, integrity and confidentiality of data and compliance with PCI, HIPAA, GDPR, NYDFS and SOC 2.
This opportunity will allow the right candidate to provide leadership and management to a small, growing team, while being hands-on with configuring security appliances and implementing security controls to align tasks with strategic initiatives. If you are passionate about managing information risk, advancing security posture and delivering business value, please apply.
• Mature a comprehensive enterprise information security and risk management program
• Lead, coach and advocate for a team of security engineers; Manage team member performance
• Guide the organization on the appropriate information security services, mechanisms and technologies
• Monitor daily emerging security threats and news, assess company’s risk exposure to them, implement mitigating measures, and communicate this information to key stakeholders on a timely basis
• Participate in risk assessments to ensure compliance with PCI, HIPAA, GDPR, NYDFS and SOC 2
• Conduct regular reviews and provide exception/exposure reporting and remediation plans to leadership
• Develop security-related training programs, awareness campaigns, metrics and skills for the organization
• Implement enterprise wide security controls to ensure the confidentiality of data across multiple geographically separated data centers and endpoints
• Manage and mature security appliances and software including Data Loss Prevention (DLP) Anomalous detection appliances, intrusion detection systems, file integrity monitoring software, 24/7 managed SOC, advanced endpoint protection, vulnerability scanners, source code review, vendor security assessments and internal security
• Ensure security logs are reviewed on a daily basis
• Lead evaluations and implement new technologies related information security
What you'll bring to the team
• Proven ability to lead and apply information security, risk management and privacy practices – 7+ years of relevant, progressive experience
• Demonstrated ability to manage in a way that results in highly-engaged teams
• Ability to communicate and collaborate cross-functionally, with various levels above and below, internally and externally, and to technical and non-technical audiences
• Demonstrated understanding of PCI-DSS, SSAE-18, SOC reporting framework, HIPAA, GDPR, NYDFS regulations, along with various state, federal and other international requirements
• Proven abilities in incident management and response
• Solid understanding with TCP/IP, Windows and Linux servers, along with an ability to implement and configure security applications and hardware
• Ability to lead and manage technical security-related projects
• Familiarity with AWS and/or Azure cloud security
• Certifications such as CISSP, CISA, CISM, CRISC and/or GIAC nice-to-have
• Bachelor Degree in Computer Science, Information Systems, Engineering or related field (or equivalent experience)
What you'll get
• Competitive salary, stock options and 401(k) with company match: We appreciate our employees and we make sure they know it.
• Benefits:We offer full-time employees multiple healthcare packages, including free and low cost options.
• Open PTO: Work-life balance is important. We believe in giving our employees time to truly relax and recharge.
• Paid Parental Leave: To keep our employees and their families healthy.
• A Lively Culture: Ping-pong, bean bag toss, hackathons- we enjoy friendly competition.
• Casual Dress: Every day is “Casual Friday’, we want you to be comfortable when you come to work.
• Minimal Bureaucracy:An entrepreneurial environment of ownership and accountability allows you to get work done.
Not ready to apply? Connect with us for general consideration.