The Director of Security is the primary resource tasked with leading overall security and risk management efforts across all Localytics organizations. This role initiates and leads risk management and security initiative discussions across all lines of business to drive continuous improvements to Localytics overall risk posture. This role should have the skills necessary to assemble and manage policies and procedures that are aligned with Localytics’ corporate mission and vision, as well as aligned to organizational cultures.

The Director of Security will plan, direct and coordinate activities relating to the protection, safeguarding and security of company assets, employees, invitees and others; as well as protection of the data and assets managed for our customers. This role ensures that established goals and objectives are accomplished with prescribed priorities, time limitations and with fiscal responsibilities. The Director of security advises, makes recommendations, assists in the formulation of goals and objectives; working with engineering leadership and leaders across all business units, designs, implements and monitors security policies, procedures and programs; and exercises independent judgment in the course of carrying out overall responsibilities and other activities as assigned.

Security Director Essential Functions: 

• Collaborating with executive leadership to align business vision and goals with information security, privacy and risk management program policy and procedure goals, and direction.
• Work with organizational leaders across all lines of business to define and draft policies, practices aligned to corporate goals and policy structures.
• Work with all product and service organizations to define, scope and prioritize security focused product features and development requirements.
• Work with Engineering to design, develop and deliver security-focused product features.
• Work with product, engineering and devops to ensure security best practices are built into every facet of Localytics development, operations, environment, product, etc.
• Communicate policy and practice roles and responsibilities to ensure compliance
• Provide ongoing, formal training, awareness and guidance relevant security and privacy for all staff.
• Direct and document any Security Incidents
• Audit and confirm compliance with policies.
• Perform Risk Management reviews and planning
• Perform Vulnerability Scanning, pentesting and associated reporting, remediation planning.
• Support Sales, and customer-facing staff with respect to:
• Customer security assessment and compliance activity
• Privacy/security product and RFI guidance
• Customer meetings
• Contract, Security and privacy terms review/redline
• Providing security and privacy collateral and sales enablement information
• Support any Sales, Service or Account Management teams interacting with customer specific security, privacy, risk requirements.
• Vendor Risk Management

• Ongoing monitoring of the state of Localytics Security initiatives, risk posture and evolution of security program.
• Provide corporate, executive and organizational status reports on Localytics overall security program
• Support General Counsel with any security or privacy related contractual requests.

Education, Experience and Competencies:

• 5+ years of experience in Security and Risk Management or Security Architecture and Engineering
• Extensive data privacy and privacy regulations experience
• Vulnerability Management experience
• Bachelor's degree in computer science, cybersecurity or related discipline
• Hold current relevant security industry certifications such as CISSP, CISM, CompTIA-Security+, etc.
• Excellent business skills including communication, presentation and project management
• Technical competency in cloud architecture and SaaS infrastructure with the ability to solve both technical and non-technical challenges.