Director of Information Security

Company: RedShelf
Location: Chicago
Posted on: November 26, 2022

Job Description:

Founded in 2012 and recently named one of the nation's fastest-growing private businesses by Inc. Magazine, RedShelf is a Chicago-based EdTech company helping to make education both more affordable and more effective by replacing yesterday's pricey print publications with today's more dynamic yet far less expensive digital content. Partnering with more than 400+ publishers and 640+ campuses nationwide, we offer leading-edge digital course materials and a seamless, end-to-end Content Delivery System for effectively distributing those materials.Job Summary:As the Director of Information Security, you will work closely with the Product Management and Engineering teams to ensure they are trained and properly leveraging Information Security best practice patterns and procedures. You will both act as a Security Engineer and lead the Security Operations across the company while also supporting the Security Review process for customers and partners. You will lead Security Incident Management with the security team including advising the C-Suite on a roadmap to continually improve security posture across detective and preventive controls.You may be a good fit if:

• You have extensive experience working in IT Security or Information Security and have performed as a hands-on Engineer and coach.
• You have broad experience across Tactics, Techniques and Procedures (TTPs) and use them to execute Cyber Threat Hunting
• Facilitate Digital Forensics investigations leveraging threat intelligence feeds and other data sets and drive incident response across the security team
• You have previously maintained a compliance process for ISO 27001, SOC2, PCI, and/or FERPA, PIPEDA, GDPR.
• You have previously worked closely with Engineering teams to guide architectural and process decisions that protect PII or other sensitive information; preferably within a cloud provider such as Amazon Web Services
• You have previously integrated a Security-focused approach into an Agile development process by combining training programs along with process changes
• You have created and/or maintained a comprehensive security testing plan that includes utilizing third-party security service providers
• You have at least one of the following security-focused certifications: CISSP, CISM, or CISA
• You have managed vendor/supplier relationships, including contract negotiation, ongoing maintenance & support and problem-resolution
• You have previously supported B2B sales efforts with Security Review processesRequired Experience:
  • 5+ years of demonstrated experience leading initiatives on Information Security
  • Operational understanding of cyber-frameworks, standards, and best practices including NIST, PCI-DSS, MITRE ATT&CK, and Cyber Kill Chain
  • Experience using and administering security tooling including LastPass, CrowdStrike Falcon EDR, AWS Guard Duty, and NetSparker Vulnerability Scanner
  • Bachelor's in a technical related field; Masters preferred
  • Hands-on capabilities across the following areas: cybersecurity concepts, network protocols, firewalls, IDS/IPS systems, email security, endpoint security, network security, Windows/Linux/macOS systems, cyber threat hunting, malware analysis tools and techniques, cyber threat intelligence, common threat actor TTPs, application security concepts, cloud security fundamentals, Incident Response methodologies.
  • Experience working as a Software Engineer or QA Engineer is a plusOther Desired Skills and Experience:
    • Experience building, testing, and securing Python web applications
    • Experience securing containerized applicationsWhy RedShelf?RedShelf prides itself on maintaining an informal but fast-moving, hard-working, entrepreneurial culture. Our team members are smart, innovative, and passionate about improving education through digital technology.We offer the best of both worlds: the energy and opportunity of a rapidly-growing organization, coupled with the stability of an extensive client base, strong financial backing, and proven track record of success. In addition to a forward-thinking environment with ample opportunity for professional and personal growth, our team members enjoy competitive compensation and benefit packages, including company stock options.RedShelf is an Equal Opportunity Employer. Women, people of color, individuals with a disability, veterans, and others who would enrich the diversity of RedShelf are encouraged to apply.

Keywords: RedShelf, Chicago , Director of Information Security, Executive , Chicago, Illinois