Job title: VP, Information Security Operations & Engineering (Remote)
Job description: At Emburse our mission is to help make our users’ lives — and their businesses – better. We are dramatically transforming how organizations manage corporate expenses and invoices. We humanize work by automating manual tasks and saving users’ time, so they can focus on what matters most — their family, community, or more rewarding work. We help CFO’s give their employees a simple and amazing experience while ensuring compliance and reducing costs. Our solutions are tailored for companies from start-ups to enterprises. We have more than 16,000 clients and 9 million users globally.
Emburse has offices across North America, including Los Angeles, Montreal, Portland (ME), San Diego, San Francisco, and Toronto, as well as locations in the UK, Germany, Spain, Australia and the Netherlands.
Our core values – Sincerity, Empathy, Empowerment, Individuality, and Teamwork – reflect who we are as a company. They are central to the decisions we make and the interactions we have with our teams, customers, and partners. As a people-focused company, we are seeking candidates who align with our values.
Emburse is a proud recipient of a 2020 Tech Cares Award from TrustRadius and a 2020 IDC SaaS CSAT Award for Travel and Expense. These awards celebrate companies that have gone above and beyond to provide their communities, clients, and front-line workers with support during the COVID-19 pandemic. We are a people-first company, and this award is a testament to our mission to humanize work.
Follow us to stay updated on news and job openings!
The VP, Information Security Operations and Engineering is responsible for the technical aspects of information security. Responsibilities include: leading the global security engineering team, the enterprise security operations, DevSecOps team, and building a Red Team. Building partnerships with technical and non technical teams outside the InfoSec team is critical for the success of this leader.
What You’ll Do
- Build and shape product security capabilities and the overall company security direction working closely with Product and Engineering Teams
- Ensure security quality gates are utilized for CI and CD. Do not allow code to reach production that does not pass these gates
- Provide expertise to project teams on design and application integration with other technologies across the stack (security, cloud, DevOps, etc.)
- Lead discussions across teams, review and complete RCAs, and drive problems to fruition with ease
- Make authoritative decisions over technical issues, project policies, standards, and strategies
- Conduct and assist with investigations, test and deployment activities, identify and mitigate risks in the design process
- Build and lead Red Team efforts
- Build and lead global security operations teams
- Consistently looks to improve MTTR by creating Run/playbooks, consistently looking to improve
- MTTR, documents incidents and is responsible for their life cycle in the SDLC.
- Manage offshore contracting assets
- Strong working knowledge of building, deploying, and maintaining container ecosystems
- Create viable solutions that align with the business needs while meeting company goals and objectives
- Lead technical discussions with the business units on enterprise wide projects
- Collaborate with third party vendors to create solutions
- Ability to lead discussions, RCAs and drive problems to fruition with ease, ability to freely navigate challenges while obtaining the trust of one’s peers, strong listening, negotiation and consensus-building skills required
- Other duties as assigned
What We’re Looking For
- Bachelor’s degree in Computer Science, Information Systems, or equivalent work experience
- 12+ years of industry experience in security architecture, analytics, design, and development of enterprise solutions in multiple technology platforms, frameworks and languages
- Expertise with application security implementations and standard methodologies
- Extensive knowledge of Identity and Access Management (IAM), Cryptography / Key Management, Access Controls and Security Protocols. E.g. Multi-factor, SAML, OAuth, OIDC, API security, PDP, PEPs etc.
- Extensive technology knowledge and recognized expertise in several areas
- Experience with DevSecOps, AWS security and secure code development
- Experience establishing a strategy for and implementing cloud enterprise solutions in AWS
- Extensive experience in tool selection and vendor management
- Experience with Agile delivery
- Financial industry experience is good to have
- Thought leadership in recommending technology selection and strategy formation with a focus on the security domain
- You are an expert with security architecture and secure application development. You understand the value of deploying applications in a cloud environment and how to keep them secure
- Guide design and development of security standard methodologies to all layers of the application stack
- Problem solver and a master of implementing security standard methodologies and principles
- Relevant certifications such as CISSP, CISA, CSIM, CCSP required
- Excellent analytical skills
- Self-starter with the ability to work with minimal supervision
- Excellent verbal and written communication and listening skills
- High level of patience and courtesy is required to deal with individuals and their varied technological skill levels
Emburse provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Emburse complies with applicable state and local laws governing nondiscrimination in employment in every location where the company has facilities. This policy applies to all terms and conditions of employment.
Job date: Sun, 10 Jul 2022 03:16:49 GMT
Apply for the job now!