WeWork is the platform for creators, providing hundreds of thousands of members around the world with space, community, and services that enable them to do what they love and create their life's work. Our mission is to create a world where people work to make a life, not just a living, and our own team members are central to that goal.
WeWork is creating a layer of technology to power our vision of “space as a service”. From identifying and designing a new location, to bringing that space to market in an elastic, easy-to-consume way, to seamlessly operating these spaces to delight our members, we are building state-of-the-art systems to automate, optimize, and enhance the experience. The data we are collecting is being used to dynamically optimize utilization, pricing, even layout and form factor. This technology advantage has allowed WeWork to scale to 200+ buildings in 20+ countries and will be our competitive advantage as the company continues to grow.
The We Company is an organization committed towards helping people around the world make a life, and not just a living. We accomplish this through the thoughtful design of our spaces and technology.
Our mission is to empower The We Company and its members by protecting assets and reducing risk while delivering, building, and supporting transparent and innovative security solutions. We protect and maintain a wide range of technology to support our mission. Our Information Security operations team supports multiple products, teams, and solutions that range from threat intelligence, endpoint detection and response, monitoring and visibility, cloud security and more. The Security Operations team within the Information Security department is critical on protecting what we love by enabling and empowering all of us at WeWork to achieve our goals and passions while protecting assets and reducing risk; delivering transparent and innovative security solutions.
About the Role
The Director of Security Operations will report to the Senior Director of Information Security. You will be responsible for building out, managing, and leading a global team focusing on Operations, Detection, Response with a team of analysts, managers and engineers. You will work closely with multiple teams that make up Information Security, Technology, Legal and Risk to improve controls and drive impactful change to the team, organization, and its members. This position will set the roadmap and vision of the function and be responsible for delivering them to empower The We Company and our members.
- Craft a meaningful vision of Information Security Operations leading and building out the Global team in New York, Singapore, Dublin, San Francisco, and additional remote locations with 2-4 direct managers reporting to you
- Oversee projects, program delivery, daily monitoring, response; review of cloud infrastructure, physical infrastructure, application security event activities and the full life cycle of alerts through incident response; and the threat landscape to ensure ongoing and continued maturity of the organization's security controls in addition to service support
- Strategize and deliver on immediate and long term goals through teamwork and high standards while managing budget and resources within the Information Security Operations program; while setting and driving priorities, goals, and objectives that are measurable
- Drive operational efficiency and excellence leveraging tools, process and automation with appropriate and transparency visibility and metrics that can meet SLAs/SLOs
- Partner closely with cross functional teams to conceive security strategies and features that will help keep The We Company and its members safe
- Recruit, build, attract and mature engineers and analyst within the Information Security team
- Support and implement controls and visibility to meet third party attestations (SOC2, ISO27001, GDPR, SOX)
- Balance being collaborative, open, and approachable while still being firm on security policies and in facilitating progress and compromise
- Mentor managers and team by leading by example, growth will be contagious through the team; develop objectives and key result and being able to be explicit with making effective actionable decisions to empower the team and business
What you should have:
- 5+ years hands-on experience in information security, security operations, threat intelligence and monitoring in a consulting or in house role
- 5+ years of engineering management experience; 2+ years should include managing managers
- Proficient analyzing ambiguous problems, compelling communicator with the ability to receive and analyze information; translating security risk to business risk to driving actionable decisions across multiple levels and departments
- Experience in leading security operations leveraging multiple best practices and frameworks (MITRE, NIST), compliance attestations (SOC2, ISO27001, GDPR, SOX), and with Legal and Global Risk & Compliance teams on incident handling and policy creation
- Proficient experience with common network, system, infrastructure, and web application attack vectors and related mitigation strategies that translate to controls within the organization
- You are highly organized. With many people doing many things in a fast-moving company, strong organizational skills—both for yourself and for the team—will be required