Information Security Manager

Information Security Manager

At Zero Hash

Date Posted:

Location: USA Only, TELECOMMUTE

About the Role

Zero Hash is looking for an experienced and passionate Information Security Manager to join our Infrastructure team. In this role, you will help secure our systems by designing and creating software, processes and policies, and championing their adoption across engineering and the rest of the company. You are responsible for ensuring that Zero Hash's corporate and production systems exceed industry security and compliance standards by implementing security measures to monitor and protect sensitive data and systems.

What you will do

  • Develop and maintain Zero Hash's security roadmap
  • Perform security risk assessments to identify gaps, come up with recommendations and drive the gaps to completion
  • Conduct company-wide information security awareness training
  • Draft and maintain information security standards, policies and best practices
  • Develop processes and procedures that mitigate and prevent vulnerabilities
  • Advise teams on developing pragmatic solutions that achieve business requirements and also maintain acceptable levels of risk
  • Evangelize security best practices across the organization
  • Collaborate with dev teams to apply a shift-left security strategy in the development lifecycle
  • Respond to security audits and security assessment requests
  • Get your hands dirty managing and improving our security operations tooling and architecture

Desired Skills

  • Minimum 3 years of experience in a combination of risk management, information security and security engineering roles
  • Direct experience leading and managing Information Security Management Systems to support SOC 2 and ISO 27001 compliance
  • Relevant experience managing security on cloud computer platforms (e.g. AWS).
  • Proven experience implementing and managing technical controls to support observability for potential security events.  E.g. SIEM, end point protection, etc
  • Experience with common security monitoring, log analysis and forensic tools
  • Understanding of blockchain technology, signing, encryption and common attacks
  • Fantastic communication skills in both spoken and written forms to explain complex ideas to various audiences; such as, internal stakeholders and external customers and auditors
  • You thrive in an environment where collaboration and communication are paramount but are able to solve problems on your own
  • Certification in one or more technical information security disciplines (e.g. CISSP, CISM, CISA, SSCP, CCSP)

Projects you might work on

  • Lead SOC 2 and ISO 27001 certification audits
  • Test and validate controls as part of our Information Security program
  • Expand our BC/DR procedures
  • Support building security into all of our products, processes, policies, and procedures
  • Help us build features that will protect our customers
  • Create forensic tooling and capabilities for detection and alerting of irregular and/or anomalous internal activities
  • Work on sensitive security and blockchain-related issues, including securing blockchain transactions and personal information
Apply for the job