CAREERS

Manager, Information Security at C3 IoT
Redwood City, CA, US
Description
The Information Security Manager will have visibility with and accountability to our customers, executive leadership team, and Board of Directors.

Product responsibilities include partnering with the Chief Technology Officer (CTO), Chief Product Officer (CPO), architecture, engineering and operations teams to ensure C3 IoT continues to incorporate appropriate security measures and features within its offerings.

Corporate responsibilities include the development and the adoption of corporate IT security best practices, overseeing and assuring timely completion of risk assessments, certifications, monitoring, protection of information assets, and auditing of our information security across C3IoT.

The ability to maintain a balance between enablement and control while remaining agile, open, productive, and secure will define your success. Exceptional business and communications skills are key, along with a deep technical background in application and operations security.

Responsibilities

Define, publish, and execute the overall corporate IT security strategy with the buy-in from operational and business stakeholders.
Develop and implement processes and tools to ensure C3 IoT is securing its internal and external systems.
Apply deep process and technical domain expertise within security operations as it relates to threat prevention, detection, and mitigation.
Chair the C3 IoT Security Council, bringing together key security and risk stakeholders to develop and review enterprise security solutions, policies, and risk strategy.
Ensure the product organization adheres to an overall product security strategy that enables C3 IoT product and cloud services to be both secure and compliant.
Partner with the sales organization to assure that C3 IoT security practices and policies meet or exceed customer expectations.
Partner with the legal organization to define and execute a risk and compliance roadmap with a governance structure.
Requirements

Minimum 3 years of experience as a Director, Information Security or as a senior information security executive in a larger organization
Minimum 5 years of experience in a medium to large sized IT Organization, preferably with enterprise software product companies
5 years of relevant work experience across product and IT organizations, including cybersecurity incident response, disaster recovery and business continuity management, identity and access management, information privacy, security operations center management and security architecture
Proven track record implementing risk management programs and building collaborative working relationships across functions
Demonstrated experience in designing and implementing programs to secure and maintain systems consistent with principles embodied in ISO, SOX, NIST, SSAE, HIPAA, PCI, FedRAMP, FISMA, GovCloud, FIPS, and comparable US and international standards and frameworks
Must be able to explain complex systems and technical topics to others who may have minimal technical knowledge using oral, written and visual presentations
Experience in overseeing business continuity planning / disaster recovery (BCP/DR) programs
Strong knowledge of IT security concepts including penetration / vulnerability assessment, role segregation, role engineering and security-centric QA
Relevant industry certifications
Prior working experience in security cloud services
Education

Computer Science and/or Engineering degree is required. Technical Master’s degree is preferred.