Director of Information SecurityAt Wonderschool
US Pacific Timezone
Wonderschool is a two-sided childcare marketplace whose mission is to ensure every child has access to child care that helps them realize their potential. We are doing this by building a suite of tools to support passionate early care and education professionals to start and run quality and sustainable child care programs, as well as building tools that make it easy for families to easily find programs that are the perfect fit for the needs of their children. Our tools allow providers to easily manage their students, parents, and school all from one dashboard. Our community allows providers to seek advice, support, and a sense of belonging with a group of like-minded peers.
We are looking for a Director of Information Security (remote) to implement, test, and audit information security best practices across our engineering team and company. This role will report to the CTO and collaborate with stakeholders across the company to ensure smooth adoption. Part of this role will involve analysis of certifications (SOC 2, FedRamp) as well as planning and auditing compliance. This role will also be responsible for threat analysis, prioritization, mitigation, and incident response.
Wonderschool is a San Francisco-based company that has a fully distributed engineering team with employees in several countries. We believe in giving our employees maximum flexibility, which is why you can work from anywhere, as long as you have a good internet connection and overlap with US Pacific Time working hours.
- Analyze engineering processes and architecture, plan changes, manage implementation, drive testing and auditing of results.
- Design standard-compliant processes for change management, access to PII, employee onboarding and offboarding, etc.
- Select and integrate tools for single sign-on, role-based access, audit logging, threat detection, and data loss prevention.
- Select and engage with third-party firms for compliance audits and penetration testing.
Required Skills and Experience
- 7+ years of relevant professional experience with information security.
- 3+ years as head of information security (or equivalent role) for a SaaS product.
- Experience running process compliance, audits, and penetration testing.
- Completed SOC 2 or FedRamp certification, or similar.
- Experience working in a cloud-based architecture using AWS, Azure, Google Cloud, or similar.
- Experience integrating and managing cloud-based SSO (Okta, OneLogin, etc.)
Desired Skills and Experience
- CISSP certification.
- Familiarity with SAML.
- Experience with high-scale, consumer web applications.
- Previous experience working with early stage startups.
- Working with a distributed team.
Wonderschool is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We plan and structure our interviews to directly assess skills and talent.