Director, Information Security
New York, NY or Columbus, OH strongly preferred
Remote, US welcome to apply
ABOUT BARK
Here at BARK, we love dogs & their people. Were looking to make all dogs happy throughout the entire world (were not kidding). Think Disney for dogs -- we make magic for dogs & their people through our products, events, & experiences.
Our ambition level is high, the opportunity is huge, & our love for dogs is through the roof! We launched in 2011 with BarkBox, a monthly-themed subscription of all-natural treats & clever toys. Since then, we've shipped more than 70 million toys & treats to the dogs across the world & use all of that direct customer feedback to inform new initiatives & ways to make magic between dogs & their people. Weve since expanded into other offerings as well, as we aim to become THE Dog Company for every family with a four-legged, belly-scratch-loving, interspecies family member.
THE TEAM
BARKs InfoSec Team manages risk & protects company assets through the assessment of risk, monitoring of vulnerabilities, & collaborating cross-functionally to reduce risk. We provide internal security engineering skills to protect current & future systems by using specialized toolsets & methods to identify vulnerabilities. We work with teams to find the optimum solution that reduces risk without impacting system security or performance.
WHO WERE SNIFFIN FOR
We are looking for a dynamic & highly motivated InfoSec/Cybersecurity expert to join our team. The ideal candidate is a resourceful problem solver who will take ownership of critical security related work. The Director of InfoSec will report directly to the CFO & work closely with the People, Technology & Legal teams to create solutions that balance business requirements with information & cyber security requirements.
KEY DUTIES
- Identify & communicate current & emerging security threats
- Create solutions that balance business requirements with information & cyber security requirements
- Align standards, frameworks & security with overall business & technology strategy & objectives
- Validate reference architectures for security best practices & recommend changes to enhance security & reduce risk, where applicable
- Train end users & technical staff in the implementation, use and/or remediation of systems
- Work with General Counsel to develop policies & processes that comply with state & federal law, including incident response & data retention
- Support PCI & SOX initiatives, internal technology audits, & GDPR/CCPA initiatives
- Responsible for maintaining security & intrusion detection across infrastructure & home grown applications
- Maintain & update the target architecture for information security at BARK; continually update & maintain the security roadmap & track progress year over year
- Work with product owners to influence their products & roadmaps to ensure alignment with target architecture & vision
- Create & maintain security architecture artifacts (i.e. models, patterns, templates, etc) that can be used (and reused) to leverage security capabilities
- Create, communicate & maintain a cyber security training & awareness program for all employees at BARK.
- Manage & develop one direct team member, as well managing within financial budget
EXPERIENCE
A diverse technical background with 10+ years experience in:
- Security architecture, demonstrating solutions delivery, principles & emerging technologies - Designing & implementing security solutions. This includes continuous monitoring & making improvements to those solutions.
- Consulting & engineering in the development & design of security best practices & implementation of solid security principles across the organization, to meet business goals & legal/regulatory requirements.
- Security considerations of cloud computing: including data breaches, incident response, hacking, account hijacking, insider threats, third party/vendors, data loss, DoS attacks & cloud based application delivery.
- Identity & access management - including SSO, employee remote access, third party access & device management.
- Network security - including firewalls, AWS VPC security, multi-site WAN & WIFI security.
- Encryption standards & implementation
- Prefer public company experience including knowledge of SOX
SKILLS & QUALIFICATIONS
- Strong critical thinking & analytical skills
- Demonstrated ability to identify risks associated with business processes, operations, information security programs & technology projects
- Ability to be the security subject matter expert who can explain technical topics to those without a technical background; Exceptional communication skills with cross-functional audiences & senior leaders
- Must demonstrate proven success in working independently as well in a team & exhibit follow-through to understand root causes of issues
- Hard working with a "no task is too small" attitude
- Strong leadership & management skills, with the ability to motivate & inspire a team
- And of course, must love dogs
This position is a full-time, salaried position. It is located on-site at our office in New York, NY or Columbus, OH. We offer health insurance for both you & your pup, 401k, wonderful team lunches, unlimited PTO & a dog to pet anytime you wish.
FOR CO/NJ/NY BASED APPLICANTS:
- The base salary range for this position is $175,000- $220,000
- This position is eligible for equity
**This compensation range is based on BARKs good faith estimate as of the date of this posting & may be modified in the future. Actual pay for this position will depend on a variety of variables including location, travel, internal equity, experience, education, skills & expertise.
|