This job has expired, please see additional jobs below
Paranoids Director, Security Program Management
Yahoo!
Sunnyvale, CA, United States
Job Details - this job has expired, please see similar jobs below
Director, Security Program Management
Yahoo is a guide focused on making users' daily habits inspiring and entertaining. By creating highly personalized experiences for our users, we keep people connected to what matters most to them, across devices and around the world. In turn, we create value for advertisers by connecting them with the audiences that build their businesses.
A Little About Us
When you impact millions of people every day, you become a large target for adversaries in all layers of the stack. Our job is to keep our users safe and make Yahoo one of the safest places on the Internet.
We are the information security team at Yahoo. People call us “The Paranoids”.
Reporting to the CISO, the Director of Security Program Management leads both tactical and strategic initiatives in support of our security programs. In this role you’ll coordinate projects within the Paranoids, and with other teams throughout the company. You will be responsible for managing technology, strategy, governance, and architecture programs and processes company-wide.
You’ll partner with teams across the company including IT, Network, Engineering, and Legal to help us protect over a billion users.
A Lot About You
Your Day
• Working with the Paranoid leadership team, you’ll plan initiatives accounting for headcount needs, budgets, and other resources to meet our security objectives
• You’ll drive large programs across the company to address security needs
• You’ll be accountable for the successful, on-time, and on-budget delivery of the security project portfolio
• You’ll measure progress against goals and report to the team and up to executive leadership
• Manage a small team of project managers
• Drive security improvements into the company through partnerships with other PMO/Chief of Staff leads
• Represent the CISO and the Paranoids internally
You Must Have
• Solid knowledge of software development lifecycles and methodologies
• Experience leading programs to completion, including conducting postmortems or retrospectives
• Strong hands-on knowledge of ticketing and workflow systems such as Jira, including generating metrics and reports
• Experience collecting, analyzing, and presenting security metrics
• Experience with technologies and processes such as networks, encryption, vulnerability management, identity and access management, endpoint management, risk management, and cloud services
• Working knowledge of attacker lifecycles and defender strategies
• Familiarity with security frameworks such as the NIST Cybersecurity Framework or ISO 27001/2