Tuesday, April 03, 2012

Director, Information Security and Compliance, Cloud, SaaS, PaaS, Palo Alto, CA

Director, Information Security and Compliance

Location: CA, Palo Alto
Relocation: Yes
Education: BA/BS Preferred
Compensation: Mid $100s package

SecurityRecruiter.com has been engaged to help build an information security / cyber security department in a high-tech company where protecting their systems and intellectual property is taken seriously.  This company of 400 employees has recently gone public and is in a solid position for continued growth.


This role reports to a Sr. Director whose career has followed a deeply technical information security career path.  He understands the work you’ll be doing for this company.   In recent years, this Sr. Director’s path looks like a technical / business intersection.  If you’re passionate about technology and you’re ready to work for and with people who are prepared to mentor and coach you to the next level in your career, this could be your next career move.

The Opportunity:

This newly created role exists as a result growth and as a result of this company having recently gone public. This is an opportunity to build a cyber security program from the ground up.  You’ll work closely with internal lines of business as well as with external customers.  As a result of your deep information security foundational background supporting your security expertise, you’ll likely be called on to support the sales team to attest to the company’s security structure during the sales process.

ISO certification could be in this company’s future but whether it is or not, programs are being built on an ISO framework.    You’ll need to bring depth and breadth in Regulatory Compliance experience on top of a technical information security background to qualify for this role.  If you have this experience, you’ll be relied on to build a Compliance Program.


·         Information Security professional possessing over 12 years of information security related experience.
·         A BS/BS degree is desirable.
·         Demonstrate a deep working knowledge of compliance and regulatory environments such as SOX, ITIL, SAS70, ISO 27001 / 2:2005 and SSAE 16.  A deep level of ISO framework understanding is required.
·         Desirable candidates will likely have progressed through Security Engineer, Security Analyst,  tiles to become Risk Management / Compliance specialists. 
·         Prior experience conducting vulnerability assessments / security assessments is desirable.
·         Knowledge and/or have worked in an environment where the company has developed software; possesses knowledge of Agile & Scrum methodologies desirable.
·         Ability to provide risk assessments and solutions options on technology architecture in a dynamic environment.
·         Deep understanding of all things security such as: security operations; logging & monitoring; incident response; vulnerability management; and configuration management as it applies security and regulatory compliance requirements.
·         Possess outstanding customer-facing skills including the ability to discuss and evaluate customer security requirements and map them to internal standards.
·         Ability to be cross-functional with various teams within the company and have the ability to relate security requirements to these various teams.
·         Demonstrate a deep understanding of SaaS (Software as a Service), PaaS (Platform as a Service) or IaaS (Infrastructure as a Service) from either working in this type of environment in the past or working with these types of companies where they were your customers.
·         Certifications such as the CISSP, CISA, CISM, CRISS or others appreciated.

Palo Alto Security Jobs, Bay Area Security Jobs, Cloud Security Jobs, Security Director Jobs, Executive Security Jobs, California Security Jobs 

SecurityRecruiter.com's Security Recruiter Blog