Director of Security -New York City, NY or Lincoln, NE -CardFlight is seeking a Director of Security to join our Lincoln or NYC office As our Director of Security, you will be responsible for the safety of billions of dollars of small business payments every year. You will work with our software development and DevOps teams to ensure our products continue to be among the most secure in the industry. In addition, you will work on compliance-related projects, privacy controls, education, and penetration testing of our own infrastructure. The Director of Security will report to the Chief Technology Officer, and will work closely with the existing security leadership of the company to maintain CardFlights overall security posture. What Youll Do Monitor Security Threats (40%) -Monitor security of all computing devices and production infrastructure -Maintain security of offices, laptops, cell phones, and other endpoints -Review security incidents and respond where necessary -Detect and actively defend against cyberattacks Penetration Testing (20%) -Perform internal penetration testing -Review penetration tests from external security vendors -Analyze results and work internally to resolve issues Security Education & Awareness (15%) -Evangelize CardFlights security curriculum to regularly educate the team on vulnerabilities and risks -Recommend and implement improvements to software development processes and methodologies -Monitor and ingest industry emerging trends and best practices Compliance Alignment (25%) -Review and ensure compliance with clients need and contracts -Lead CardFlights PCI audit and compliance efforts -Track industry evolution of security standards What Youll Bring to the Table -At least 5 years of professional IT or software experience -At least 3 years of security experience -Experience with AWS or other cloud security management -Experience with a security standard (PCI, HIPAA, etc) Nice to Haves -A history of working with both network and hosted based detection and response technologies -Experience leading successful Level 1 PCI DSS audits -Professional penetration testing experience -8 years of professional IT experience, 5 years of security experience. Associated topics: alarm, canine detection, explosive detection, guard, patrol, patrol officer, protection, public safety, school, security
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.