Technical Program Manager, IT Security
- San Francisco, CA, USA
Optimizely is the world's leader in customer experience optimization, allowing businesses to dramatically drive up the value of their digital products, commerce and campaigns through its best in class experimentation software platform. By replacing digital guesswork with evidence-based results, Optimizely enables product and marketing professionals to accelerate innovation, lower the risk of new features, and drive up the return on investment from digital by up to 10X. Over 26 of the Fortune 100 companies choose Optimizely to power their global digital experiences. Optimizely’s impressive customer list includes eBay, FOX, IBM, The New York Times and many more global enterprises.
Technical Program Manager, IT Security
Security is in the foundation of over 3000 customers’ trust in Optimizely. In this role, you will drive our Information Security program that facilitates security being baked into all of the business processes and IT infrastructure at Optimizely. The responsibilities are a blend of IT security analysis and project management. If you’re a security engineer or program manager looking to get into a leadership position, this is a great opportunity for you to have impact across an entire company and build a world-class information security program.
Support the development of a compelling security vision and strategy for the company
Create company wide security policy, standards, procedures and guidelines
Participate in a cross-departmental security committee to systematically identify and address top risks to Optimizely
Partner with department leaders to measure and grow security maturity across the organization
Review and respond to new security threats
Maintains the security incident response program and lead security incident response activities
Review existing IT security architecture, identify design gaps, and recommend security enhancements
Provides analysis and input into security investment decisions, strategies and security budget
Initiates, facilitates, and promotes activities to create information security awareness throughout the organization
Serve as an escalation point for reviewing customers’ security questionnaires and contract security provisions
Manage the design and operationalization of processes or security technology controls required by SOC 2, PCI, ISO 27001, and other applicable regulatory or compliance frameworks
Support Business Continuity, Vendor Management and Change Management Programs
Manage the design and operationalization of key security processes including
Threat and Vulnerability management
Identity and Access Management
Lead the design, management, and processes, and operationalization of threat and vulnerability management (e.g., network security scanning, vulnerability scanners, threat intel feeds)
Lead the design, management, and processes, and operationalization of Security Information and Event Management (SIEM)
7+ years experience in IT Security
3+ years experience in project management
CISSP, CISA, CISM or similar industry certification
Knowledge of information security frameworks, such as ISO 27001 or NIST
Experience working with cloud services
At Optimizely, we embody inclusion and embrace diversity. Optimizely is an equal opportunity employer and makes employment decisions on the basis of merit. Optimizely prohibits discrimination based on race, color, religion, sex, sexual identity, gender identity, marital status, veteran status, nationality, citizenship, age, disability, medical condition, pregnancy, or any other unlawful consideration. All your information will be kept confidential according to EEO guidelines.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.