The VP, Security will report to the Chief Technology Officer and lead our security organization that is responsible for our product security operations and compliance. You will provide strategic direction, technical expertise, and operational leadership to ensure that our company’s information security and compliance programs are effective, efficient, and aligned with our business objectives. You also have a strong technical background and experience in bringing technical solutions to address security-related issues while communicating and managing security risks across the leadership teams.
You will work closely with many departments across Calendly including Product, Engineering, Legal, Sales, and IT to manage identified risks and partner to mitigate vulnerabilities in software, systems, architecture, processes and practices.
On a typical day, you will be working on:
- Developing, managing and setting the vision for the Information Security Program
- Designing the strategy and architecture for security programs that includes: Audit and Compliance functions, Risk Governance, Security Policies and Procedures, Security Awareness Training, Security Information and Event Management, Incident Response Management and Business Continuity Processes
- Developing an end-to-end understanding of all Calendly systems, tools and processes to identify areas of risk and exposure and a roadmap to remedy them
- Ensuring security architecture deliverables reflect and support business, technical, operational, and compliance objectives
- Building out the Security function at Calendly to keep pace with the growth acceleration and industry demands
- Developing and maintaining detailed Security Architecture Plans and Designs
- Reviewing Threat and Vulnerability reports and creating detailed Action Plans to address risks
- Maintaining awareness of IT/ Security industry trends, evaluating new solutions and techniques, and staying aware of emerging threats
- Promoting awareness of Information Security Best Practices and adequate representation across lines of business
- Prioritizing and delegating Risk Assessment activities and ensuring their completion
- Overseeing newly implemented technologies and coordinating internal/external audits
- Ensuring compliance of the Information Security and Risk Management programs with all Regulatory, Contractual, Association, and Client requirements
- Leading compliance efforts consisting of HIPAA, HITRUST, GLBA, SSAE 18 SOC 1 and 2 reporting, client audit responses (For IT, Security, and related items), PCI, and other compliance requirements
What you bring to the Calendly
- Bachelor’s degree in related field at a minimum and a master’s degree in related field highly desirable
- 12+ years of progressive experience in managing Security department staffing, budgets and invoicing, contractors, vendors, and corporate security programs and projects
- CISSP, CISM, or other equivalent security certification required
- CRISC, CISA, CISM preferred
- ITIL Certification preferred
- Hands-on technical experience with telecommunications and network security solutions (Firewalls, IDS/ IPS, SIEM, Vulnerability Assessment Tools), access control systems, cryptography, physical security systems, and secure SDLC methodologies
- Experience working in a remote first corporate environment as Calendly promotes remote first working
- Authorized to work lawfully in the United States of America as Calendly does not engage in immigration sponsorship at this time
Share
Facebook
Twitter
LinkedIn
Telegram
Tumblr
WhatsApp
VK
Mail