What you’ll do:
You will be the senior security leader at Uptake tasked at continuously improving the security postures while reducing risk in an ever changing threat landscape. You will be leading a team of seasoned security practitioners across multiple and unique functions focused on Product Security and Corporate IT Security. You’ll interface with other senior leaders to obtain buy-in and feedback on your vision and goals for maturing the established program. You will also find yourself working in a client / public facing capacity in both public discussion on security at Uptake and during the client engagement process.
Security Strategy / Culture
- You will drive the future of Uptake’s security program to anticipate future threats by working with your team to map out a vision and rolling roadmap of risk reducing activity.
- You will be the security cultural ambassador and cheerleader to encourage active participation in the security program from all employees.
Risk and Compliance
- You will be responsible for the active maintenance of the company’s security risk register and reporting top risks and remediations to executive leadership and the board.
- The company has achieved ISO 27001 compliance and maintaining this certification is paramount as a business currency with industrial customers.
- The company is pursuing FedRamp Authorization and you will play a key role in driving this forward across all functions.
- You will also be responsible for the maintenance, evolution and enforcement of the companies security policies.
- You will lead all future compliance and security certification efforts.
Security Operations / Threat Management
- Uptake has multiple offices, data centers, and cloud environments. The security of these environments including the security architecture of new environments falls under your area of responsibility.
- The security monitoring of all of these environments falls under your area of responsibility.
- Uptake maintains a robust and mature Secure Software Development Life Cycle (SDLC) which includes training, development monitoring, static code analysis, dynamic code analysis, penetration testing.
- You will lead the vision for Security in SDLC including the specification of analysis tools, execution of penetration tests and risk assessment.
- You will be responsible for the management, resolution, reporting and security bug tracking across all of Uptake’s products.
- You will engage with a team that is responsible for the monitoring the entire Uptake environment and reacting to each and every security alert.
- When a security alert is escalated into an actual incident, you will be responsible for being the executive leader for coordinating and incident response plans.
What We Are Looking For:
- 12+ years of experience leading security teams at an enterprise software / SaaS company
- Technical understanding / mastery of the areas of responsibility across multiple security domains
- A deep understanding of cloud computing and the security risks associated with deploying and managing microservice architecture
- Experience tracking security metrics and mapping them to business outcomes
- Experience working with senior business leaders internally and externally
- Outstanding written and oral communication skills and proven ability to influence externally and internally
- A curiosity for driving accelerated solutions in the industrial space
- Comfortable in internal/external client facing engagements
- Demonstrated ability to influence both up and across at a super-charged high growth company
Nice to Have:
- Industrial experience
- An active participant in the security/infosec community
- Managing security professionals with a hacker mentality
Uptake welcomes and encourages applications from all individuals, without regard to any prohibited ground of discrimination, including from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.