CyberSecurity Engineering Director at Thrasio
Sorry, this job was removed at 1:26 p.m. (EST) on Monday, April 11, 2022
Hop on the Rocketship
Thrasio is a next-generation consumer goods company reimagining how the world’s most-loved products become accessible to everyone. We use a deep understanding of rankings, ratings, and reviews to identify and acquire quality brands and use world-class expertise and data science to make their products better or create new ones to meet changing customer demand.
We’ve got huge goals, and every Thrasher plays an integral part in getting us to the stratosphere. That’s why we only bring on people who think positively. Who look out for the team. Who tell their egos to take a hike while they get the job done right.
From the moment you hop on our rocketship, we give you the freedom you need to take big swings and push what’s possible to get us there. And if you fail, it’s cool—we know you’ll grow spectacularly. What matters is that you’re helping impact millions of people around the world who use our products everyday.
Because with every new spatula, pillow, or marker brand we acquire, with every coffee roaster or body wash we develop, our goal is to provide people everywhere with what they need to make the most of every moment - ensuring that what gets delivered to their door delivers.
We are looking for a CyberSecurity Engineering Director to help validate that our services, applications, and websites are secured against the latest threats. You will be responsible for managing a team of security engineers conducting security reviews and threat modeling, evolving the security assurance process, and creating metrics to demonstrate your team’s performance. You will help set the direction for a team of security professionals that is responsible for all internally developed (or acquired) products and services. The CyberSecurity Engineering Manager oversees engineers and architects in the development and implementation of security standards and controls in order to ensure that the organization's products are secure. This role combines long term strategic planning to raise the bar on security across the enterprise with the excitement and challenge of quickly reacting to new threat scenarios.
• Serve as a technical expert for project teams throughout the implementation and maintenance of assigned information security solutions
• Define and oversee the documentation of detailed standards (e.g., guidelines, processes, procedures).
• Provide CyberSecurity subject matter expertise to the day-to-day operational aspects of the engineering team including improvement of current security controls; identify areas of improvement, etc.
• Design and manage the technical evaluation of new security technologies
• Threat hunting for Cybersecurity:
‣ Identify security gaps across the IT and Engineering environments and develop solutions to rectify those gaps
‣ Design and manage internal and external penetration testing
What You Bring to the Party:
- Minimum of 7 years of relevant technical experience, with the majority of this in a formalized information security team
- Bachelor's degree in Information Security, Computer Science or related field preferred
- Strong understanding and familiarity with cloud security controls and best practices;
- Strong experience in security automation and tool development to secure the cloud;
- Familiarity with common security libraries, security controls, and common security flaws;
- Experience with OWASP, static/dynamic analysis, and common exploit tools and methods;
- Strong understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Certifications: Information Security certifications (CISSP, SANS GIAC, CISA, etc.)
Projects and Delivery:
- Strong background in technical engineering and architecture, such as infrastructure/cloud engineering or software development
- Proven ability to build partnerships and collaboration between stakeholder teams
- Strong written and verbal communication skills and ability to outline security risks and technical concepts to stakeholders in user-friendly language
- Experience managing security vendors and managed services providers
- Experience managing a team
Approach to Work:
- Experience working in a fast-paced, high-tech and customer obsessed environment
- Demonstrated leadership, team management, and decision-making skills
- Ability to manage and participate in an on-call rotation performing weekend and after-hours support
Not Sure You Check Every Box?
Research shows that while men apply to jobs when they meet an average of 60% of the criteria, women and other marginalized folx tend only to apply if they meet 100% of the qualifications. At Thrasio, we need people who think rigorously and aren’t afraid to challenge assumptions, so we’re looking for diverse perspectives, as long as you meet the minimum criteria.
You’re encouraged to apply even if your experience doesn’t precisely match the job description. Join us!
THRASIO IS PROUD TO BE AN EQUAL OPPORTUNITY EMPLOYER AND CONSIDERS ALL QUALIFIED APPLICANTS FOR EMPLOYMENT WITHOUT REGARD TO RACE, COLOR, RELIGION, SEX, GENDER, SEXUAL ORIENTATION, GENDER IDENTITY, ANCESTRY, AGE, OR NATIONAL ORIGIN. FURTHER, QUALIFIED APPLICANTS WILL NOT BE DISCRIMINATED AGAINST ON THE BASIS OF DISABILITY, PROTECTED CLASSES, OR PROTECTED VETERAN STATUS. THRASIO PARTICIPATES IN E-VERIFY.
Thrasio does not accept agency resumes. Please do not forward resumes to our jobs alias, Thrasio employees or any other organization location. Thrasio is not responsible for any fees related to unsolicited resumes.