About The Role
Dialpad is looking for a strategic and experienced Director to head our Security and Compliance aka Trust team. The individual will lead efforts in the areas of corporate security, product security, infrastructure security, standards compliance, and risk management. An ideal candidate is someone who has strong knowledge and experience in leading implementations of security technologies, policies, and procedures within a corporate security environment, and can work with engineers to secure web applications, cloud infrastructure and on-prem infrastructure. As a leader in the organization you will be working across various operational and business teams such as Legal, Sales, IT, Support and Engineering in implementing and maintaining a comprehensive security and compliance program to protect our organization's data, systems, and assets while ensuring adherence to relevant regulations and industry standards. The role will report to the SVP of Engineering.
Key Responsibilities
- Lead the security and compliance team including GRC Analysts and Security Engineers, to foster a culture of security awareness and partnership across the organization.
- Integrate security and compliance measures in the product development and deployment processes.
- Build and maintain effective security controls across the organization which meet industry standards such as SOC2, ISO 27001, ISO 27017, 27018, PCI HIPAA, GDPR, etc.
- Plan and coordinate with executive staff across disciplines to achieve compliance with additional standards and to make adjustments as required by existing standards.
- Report regularly to executive staff and board leadership on control maturity, gaps and risks.
- Lead incident response efforts across the organization for incidents associated with confidentiality and security.
- Ensure the company stays up to date with modern security practices, attack vectors, industry trends, defensive tools and regulatory changes.
Key Skills
- At least 8 years of leadership experience in security and compliance.
- At least 4 years of experience in direct people management of individuals working within security, engineering, or IT.
- Familiarity with quantifiable risk assessment methodologies and maturity models.
- Experience implementing and monitoring security and privacy controls within an agile software company. Building automation frameworks for implementation and monitoring of controls across multiple systems.
- Experience with AICPA Trust Service Principles for SOC2, Cloud Security Alliances Common Controls Matrix, and ISO 27001, 27017, and 27018. objectives.
- Excellent organizational and communication skills to prioritize tasks based on risk levels and communicate with different parts of the organization on the business impact of risks.
- Working with remote teams across global time zones.
Nice to have
- Bachelors in Information Security, Information Systems, Computer Engineering or related field.
- Advanced degree or relevant certifications such as CISSP, CISM, CISA, etc.
- Experience with Google Cloud Platform for technical controls implementation and monitoring
- Experience with PCI or FedRAMP Compliance
- Experience within an IT Audit or Advisory role
Dialpad benefits and perks
Culture
We’ve been named a Top Workplace seven times, and a big part of this is because of our collaborative culture that elevates our teammates, celebrates wins, and brings together passion and talent.
Compensation and equity
Teamwork makes the dream work, and Dialpad offers competitive salaries in addition to stock options because each and every Dialer participates in our success.
Benefits, time-off, and wellness
An apple a day keeps the doctor away—and it doesn’t hurt that we offer flexible time off and great options for medical, dental, and vision plans for all employees. Along with that, employees also receive a monthly stipend to help cover your cell phone bill, home internet bill, home office equipment, gym membership costs, a variety of wellness events, and more!
Continuing education
Dialpad offers a yearly stipend for continued learning and education expenses.
Please mention the word **INTELLIGENCE** and tag RMTg4LjE2Ni4xMDAuMTkx when applying to show you read the job post completely (#RMTg4LjE2Ni4xMDAuMTkx). This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.
Tags
security
technical
support
software
director
web
education
cloud
leader
management
lead
operational
engineering
executive
Apply to job