"The front page of the internet,” Reddit brings over 430 million people together each month through their common interests, inviting them to share, vote, comment, and create across thousands of communities. Come for the cats, stay for the empathy.
The Reddit Security team is rapidly developing, and this is an opportunity to get in and have an outsized impact on a highly skilled and motivated team. We look for humble experts with a relentlessly resourceful and entrepreneurial, “can do” view of security. We want to deliver facts and not FUD to the business to enable Reddit to manage risk more effectively. Culture is important to us and a learning and developing mentality is vital regardless of the work assigned.
- Develop tools and processes to analyze and measure the effectiveness of Reddit's security program
- Define security policies and controls, and map them to industry standard frameworks
- Perform hands-on gap and risk assessments to identify, document, and track security issues
- Establish security remediation efforts and drive them to completion
- Collaborate with teams across the organization to translate security risk mitigation needs into actionable plans
- 7+ years working in the security GRC space
- Demonstrated experience with controls definition, development, implementation and assessment
- Functional knowledge of multiple security domains and information security industry standards and best practices
- Deep understanding of security frameworks and standards such as SOC 2, ISO 27001, PCI, NIST
- Experience working with both technical and non-technical teams
- Strong written and verbal communication skills