Who We Are:
Why You’ll Love Working at Omaze:
Big Impact: You will be a part of a passionate team of world changers, dedicated to making a meaningful impact in the world.
Growth: Omaze is growing rapidly. If you’re excited about a high-growth, fast-paced environment, or about scaling something that’s never been done before, we’d love to talk to you.
Unique Culture: We live by our virtues. We believe in: we before me, growing together, taking ownership, spreading joy, and dreaming giant.
Perks: If raising millions of dollars every year to support charities isn’t a perk enough, we’re excited to offer unlimited PTO, summer Fridays, weekly meditation, and the opportunity to work with a phenomenal team that makes a global impact every day.
Who We’re Seeking:
TOmaze is seeking a creative and versatile information security professional to help operationalize and improve on our existing security tooling and processes. This is a very hands-on operational role that will allow you to expand your skills and knowledge in a number of security disciplines and will provide ample room for career growth. This role will interface with key organizations across the company, including IT, SRE, Data Engineering, Legal, Product, and Marketing. This role reports directly to the CTO.
What You’ll Do:
- Vulnerability Management - Own and execute the vulnerability management process (inventory, assess, report, monitor and close)
- Application Security - work closely with development teams to communicate and remediate application security vulnerabilities from both internal and 3rd party testing platforms (e.g., OWASP)
- Vendor Security Reviews - review and provide recommendations in our vendor security management program using our tools and templates
- Corporate IT - partner with IT to develop and execute solutions for securely provisioning systems and software (e.g., MDM, endpoint security, etc.)
- Security Tools - assist in research, design, and implementation of information security solutions. Ensure tools are monitored/audited regularly and any findings are appropriately prioritized.
- Security Awareness - Administer the platform used for security awareness and partner with relevant departments to provide annual security and data privacy training
- Security Roadmap - Work with the CTO to create and maintain the company’s security roadmap
- Security Backlog - Work with the CTO to manage the company’s security backlog and ensure critical items are prioritized across the organization
Our Ideal Candidate:
- 5+ years of information security experience
- Strong experience with networking and systems administration concerns
- Strong organizational, communication and time management skills
- Understanding of security controls related to cloud-based offerings
- Knowledge of commercial security vulnerability management tools such as tenable.io/nessus, cloudcheckr, etc.
- Understanding of software development tools and processes (e.g., Git, JIRA, etc.)
- Working knowledge of internal IT tooling such as MDM, GSuite, SSO providers, etc.
- Ability to work effectively with non-technical stakeholders and to partner across a large number of departments.
- Excellent work ethic, attention to detail, pro-active.
Competitive salary and benefits including medical/dental/vision insurance, 401k matching, fertility support, parental leave, mental health support, and employee stock options.
Our office is dog-friendly (but for now we enjoy our furry friends over video calls).
We're committed to putting the health of our employees first and are currently working from home. We offer a monthly stipend to support employees’ remote office set up and we continue to find creative opportunities to connect and socialize virtually.
We actively seek out diversity of thought and experience to drive innovation. We welcome all backgrounds, identities, and perspectives and work hard to ensure that every Omazer can bring their authentic self to work at all times.