Information Security Manager
ezCater is the world’s largest online marketplace for catering – a $60+ billion market in the U.S. We make it superbly easy for businesspeople to find and order great food for meetings and events, and we help our catering partners grow their business. We’re backed by $320 million in venture funding and in early 2019 were valued at $1.25 billion. Our mission is to power the world’s catering, and we’ll make it happen – even more surely if you come help us.
We are looking for an Information Security Manager who will be responsible for actively supporting the availability, integrity, and confidentiality of ezCater information assets. The Information Security Manager will participate in building out the functions needed to execute the Information Security strategy and roadmap. We’re seeking someone with the passion to get things done and the experience to help us do things more effectively.
What you’ll do:
- Manage, grow, and mentor a team of 2 - 4 analysts.
- Lead team initiatives that achieve the vision for our InfoSec program, including vulnerability management and incident detection & response.
- Be a subject matter expert to other teams and assist as necessary on the design, implementation, deployment, and maintenance of scalable security controls and processes.
- Work with other teams to identify, resolve, and mitigate vulnerabilities and risks.
- Work to solve security challenges at scale while balancing usability, stability, scalability, and performance.
- Create and maintain SecOps metrics for cross-functional stakeholders at every level to provide transparency into the effectiveness of our security operations.
- Provide responses to external vendor security due diligence questionnaires (DDQs) and internal and external auditors regarding information security topics.
- Lead Security projects either standalone or together with our other InfoSec members and multi-functional teammates in IT, SRE, and Engineering.
- Stay up-to-date with news and trends in information security including new vulnerabilities, methodologies, and products.
This is a great opportunity if you have:
- Five (5) or more years of experience in the IT Security or Information Security domain and two (2) or more years managing a team
- Understanding of Mitre ATT&CK matrix
- Understanding of scrum/agile framework
- Solid understanding of hardening, patch management, pen testing, networking, vulnerability testing, open systems, applications, and web and public facing systems
- Experience with centralized logging infrastructure and SIEMs
- Experience in building, deploying and maintaining security assets
- Experience working with leadership to design, implement, and manage security programs, roadmaps and initiatives
- Experience taking a creative and pragmatic approach to security problems and integrating scalable security workflows with development teams
- Experience with open source technologies and environments
- Experience with tools such as Nessus (or Metasploit related tool), OSSEC, WAF, IPS/IDS, firewalls, and SIEMs
- Experience with one of the following compliance regulations or standards: PCI, SOC2, GDPR, and/or ISO 27001
What you’ll get from us:
Importantly, you’ll get a tremendous amount of authority and autonomy. You’ll own your outcomes and see measurable results for your efforts. With ezCater’s radical transparency and trust, you’ll have open access to the data that drives our decisions. ezUniversity sessions will provide plenty of opportunities to expand your mind.
At the same time, you’ll get sane working hours and a huge amount of flexibility around work/life balance. Have people in your life – of any age – who always, often, or sometimes need your help? We make room for that. Have a bad thing or a good thing happen to you? We make room for that, too.
Oh, and here’s what else you’ll get: Market salary, stock options you’ll help make worth a lot, the usual holidays, all-you-can-eat vacation, 401K, health/dental/FSA, long-term disability insurance, subsidized T-passes, a great office in the heart of Boston, a tremendous amount of responsibility and autonomy, wicked awesome co-workers, cupcakes (and many more goodies), and knowing that you helped get this rocket ship to the moon.
ezCater is an equal opportunity employer. We embrace humans of every background, appearance, race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, and disability status. At the same time, we do not employ jerks, even brilliant ones.