About

Together we make. Come make with us.

Overview

About us.

At Cricut®, we believe that we’re all born makers. When we built our first cutting machine, we saw the potential for a simple yet powerful tool to completely transform the way people craft, design, and DIY. Since then, we continue to innovate with new machines, platforms, materials, and tools, but that’s just what we do. Who we are is a bustling worldwide community, a means for connection, and an outlet for unbridled creativity. Join us as we place the power of handmade into the hands of ALL.

Life

Love your work. And your coworkers.

Our company is made up of A+ human beings. We ask tough questions, entertain ideas outside of our own, and work together to make something bigger than ourselves. With Cricut® growing in China, the U.K., Australia, New Zealand, as well as Europe and South America, we’re on an unstoppable roll, satisfying that innate creative itch around the world. We train, develop, and celebrate great work with hallway high fives and promotions within. We also throw the world’s best Halloween party.

Enjoy incredible perks.

We take care of our team. From outstanding medical, dental, vision, and retirement benefits, to pet insurance, 401K match, life insurance, incentive programs, paid time off, on-site massages, phenomenal work-life balance, and employee discounts, we offer the best benefits package in the DIY consumer electronics industry. Period.

Like what you see? We can’t wait to meet you.

Cricut is looking for a creative, hardworking, self-motivated person to join our IT team as an Information Security Manager. Cricut is growing quickly and we are looking for someone that has demonstrated the ability to maintain and improve our comprehensive IT Security Program. We are looking for someone who is tech-savvy as well as personable. In this role, you will work alongside IT and software engineering to build and manage the programs supporting our existing compliance control activities and initiatives and make security and privacy an integral part of our processes and culture. You will be customer facing and help our customers with any IT security requests. You’ll monitor security infrastructure and respond to incidents and alerts.

RESPONSIBILITIES

• Manage all internal and external security compliance engagement activities.
• You will build and manage the programs supporting our existing compliance control activities and initiatives.
• Work very closely with many cross-functional teams to communicate and integrate control requirements (IT, SoftDev, HR, Finance, Legal, others, etc.).
• Engage directly with Product Engineering through all phases of product design, implementation and ongoing maintenance of security compliance activities.
• Manage and communicate compliance requirements, timelines, and roadmap to supporting teams and leadership.
• Drive project activities to ensure requirements and schedules are met.
• Identify and manage risks and work with project teams to identify appropriate solutions.
• Manage, track and report compliance-related remediation to project teams and management.
• Develop metrics and reporting to demonstrate compliance status and engagement.
• Communicate the compliance posture and effectiveness to management on a scheduled basis.
• Provide ongoing guidance and consultation to the organization to promote a progressive and sustainable Security Compliance Engagement Program.
• Develop and work with supporting teams to design and implement an automated control strategy and exception reporting process.
• Develop a strategy to implement and maintain a centralized audit evidence repository to support all security compliance evidence gathering and maintenance activities.
• Integrate ongoing changes to laws, regulations, and frameworks as required into daily activities

• • 7-9 years working experience within Data Security & Compliance.
• • 5 years of Data Compliance Management experience that includes managing people (direct people management).
• • BS or MS in Computer Science or related field.
• • Strong understanding of relevant security standards such as PCI-DSS, ISO 27001, SOC2, etc.
• • Expert understanding of cloud controls and environments.
• A strong foundation in IT solutions development and deployment.
• Practical understanding of IT security compliance, risk management and information security principles including access control, network security, information security architecture, information security operations, and leading practices and associated tools in a cloud environment (AWS).
• Strong analytical, diagnostic, critical thinking and project management skills
• Excellent problem-solving, negotiation and decision-making skills.
• Excellent written and oral communication skills.
• Strong Engagement skills (Internal & External).
• Ability to represent data in graphical form.
• Demonstrated experience managing compliance activities as part of a company (not solely in a consulting capacity).
• Experience implementing a common/unified control framework.
• Demonstrated experience managing and working with auditors.
• Demonstrated experience managing and working with internal cross-functional teams and product engineering groups.
• Demonstrated experience communicating and reporting to senior leadership.
• Excellent interpersonal skills with a high degree of empathy and emotional intelligence.
• Articulate individual, possessing solid verbal and written communication skills.
• Proven success delivering results individually and as part of a team in a fast-paced, demanding, high growth environment.
• Continuous improvement mentality with an ability to evaluate processes, seek out and implement internal or external best practices.
• A ‘can-do’ attitude.
• A great collaborator who is highly effective in a team-based environment.
• Creative problem solver with a demonstrated ability to ‘think outside the box’ when confronting challenges.
• Effective time management, organization and prioritizing skills; Ability to manage and prioritize multiple deliverables and to meet deadlines.
• High attention to detail, able to complete tasks quickly.
• Possesses an innate sense of urgency to deliver for the business while also effectively working collaboratively as part of a team.

At Cricut®, we celebrate inclusion and diversity. Cricut is an equal opportunity employer and makes employment decisions based on merit. Cricut prohibits discrimination based on race, color, religion, sex, sexual identity, gender identity, marital status, veteran status, nationality, citizenship, age, disability, medical condition, pregnancy, or any other unlawful consideration. All your information will be kept confidential according to EEO guidelines. Cricut participates in E-Verify.

The intent of this job description is to provide a representative and level of the types of duties and responsibilities that will be required of positions given this title and shall not be construed as a declaration of the total of the specific duties and responsibilities of any position. Employees may be directed to perform job-related tasks other than those specifically presented in this description. Candidates must pass a background check and reference check.

What to Do Next: Please attach your resume, cover letter and include links to your GitHub, portfolio or other social presence. If you want to show your super powers in other ways – include that information too. You can be sure that Cricut® is an employer who values individuality, equality and diversity, so tell us what you’re all about. If you are a Maker or a DIY enthusiast, whether you think you are a good one or not, we would love to hear about it when you send us your information.