Your idea of "benefits" includes things like laughing out loud, arguing about the best way to do things, wearing flip-flops to work, playing foosball, consuming caffeine, and working alongside a brilliant team
You're comfortable telling people you work at a company called "BombBomb"
You’re passionate about hacking/breaking things and making things more secure
You’re like working with lots of different people, and you enjoy managing projects that will have a huge impact on the future of our business
At BombBomb, we make it easy to use simple video to build relationships through email, text, and social media. Our offices feature a stunning view of the Rocky Mountains: clean air, low cost of living, ridiculous outdoor adventures in your backyard, and a product you can be proud to champion. Our team is scrappy and intelligent. Competitive and collaborative. Fun-loving and tenacious. We're close-knit and love adding new talent to the mix. Humanizing the planet can't be done without EXCELLENT people and we want to add you to our already “rockstar” team!
Who we’re looking for….
We’re looking for a Security Program Manager who will establish a best-in-class cyber security program and achieve security policy and program compliance across our company.
What you’ll do (responsibilities and outcomes):
Lead the remediation project, based on a recent third-party gap analysis of company security policies, and guide the development and IT staff to achieve 50% completion of gap analysis by the end of 2017.
Achieve a security policy “Statement of Compliance” by the end of 2018 to facilitate BombBomb’s relationship with emerging enterprise markets.
Deploy new products and infrastructure systems to maintain compliance after initial rollout of security program.
Monitor and report compliance to company leadership on a monthly basis.
Create and update ISO policies. Educate company staff on importance and relevance of security compliance.
Identify and proactively remediate security vulnerabilities related to BombBomb’s infrastructure to ensure we protect our customers and staff
Review and audit the efficacy of BombBomb’s Security policies on a regular basis to ensure ISO 270001 compliance.
Train and remediate security incidents with BombBomb staff, ensuring that BombBomb staff recidivism is low
Lead the Change Control and Acceptance Board (CCAB).
Assist the IT Staff in the administration of BombBomb core infrastructure as needed, maintaining core services such as Active Directory, DNS, DHCP and LAN infrastructure.
Maintain and administer the physical security systems and periodically review video footage and access logs for unauthorized access.
How you'll do it (competencies essential for a job well done):
Integrity & Trust - Acts ethically and honestly and builds professional relationships by promoting mutual trust
Communication - Be a good communicator and build relationships with the people you will be working with in the office. The position will depend on communication between multiple people across multiple departments, coordinating to achieve ISO compliance. Communicating deadlines and the relevance of the requirements will be crucial to the project’s success.
Flexibility - Willing to learn new technologies, security protocols and methods of circumventing our security systems. Ability to adapt to new challenges as they arise, and put out fires without being overwhelmed during busy times.
Leadership - Ability to be self-reliant and self-motivated. Leading large, company-wide initiatives with minimal direction.
Detail-Oriented - The position requires attention to detail, as a violation in company policy may result in failure to achieve compliance and ultimately losses in company revenue.