Director of Security
MagicLinks powers social commerce through our exclusive marketplace for video influencers and the world’s leading brands. Our technology enables creators to share the products they love with their fans and serves leading brands seeking scalable, data-backed influencer campaign solutions, with dependable ROI and 100% sales data reporting. We are digital video natives, driven by data, passionate about the influencer community, and committed to excellence.
In 2020, we were named to the annual Inc. 5000 list of the fastest-growing private companies in America and also became a B Corp certified company and a member of 1% for the Planet. Learn more about our Responsible Impact initiatives here: Sustainability, DEI, and Philanthropy.
We work hard, move fast, and have a ton of fun along the way. Come join us!
- We’re part of something bigger. We’re committed to leaving the world better than how we found it. It is this belief that makes the other values possible.
- We’re straight shooters. We mean what we say and say what we mean. #TNT
- We own our actions, regardless of the outcome. May all of our vibes say, “I got this.”
- We move like cheetahs, head stable & purpose driven. Speed and precision in the right moments.
- We give a lot of damns.
- We map out our goals. S.M.A.R.T. execution is key.
- There is a key to success in every failure. We learn from it and keep it movin’.
- We find humor in the little things, and embrace our funk. It’s really. not. that. serious.
- Curiosity feeds our cat. Meowrr.
Role: Director of Security
Seeking: We are looking for a world class cyber security expert to join our organization. This individual should institute and maintain a high level of security and make sure we are compliant with various industry standards.
- Review and perform an audit of existing security architecture and controls
- Provide expertise and knowledge of current industry trends in technology and cybersecurity risk standards to improve the security posture
- Act as a subject matter expert on security best practices for Engineering & Business teams
- Experience implementing security controls and securing workloads in public and hybrid cloud environments
- Respond to prospect and customer questions related to security
- Escalation point for Security Incidents & investigations
- Work with internal teams to resolve security issues arising from investigations and incidents and conduct post mortem’s to ensure issues are properly remediated
- Propose & develop structural/design changes to advance the security posture
- Conduct a thorough evaluation of company security posture, identify gaps, and create/execute a comprehensive security roadmap/program.
- Evaluate and lead appropriate new certifications such as (SOC2, HIPAA, ISO 27K, GDPR, etc.).
- Lead regular security assessments to include internal & 3rd party audits, certification, penetration testing, vulnerability management, and incident response capability testing.
- Implementation of corrective actions resulting from vulnerability/penetration testing and audits.
- Create and manage a targeted information security awareness training program for all employees, contractors.
- Ensure that security program remains continuously up-to-date to face both an ever-changing security threat landscape and evolving regulatory landscape.
- Minimum 8 years experience in IT & 4 years in Cloud Security
- Desired Industry Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.
- Very strong hands-on Security Incident Handling and remediation experience.
- Expert knowledge in internet security protocols and technologies.
- Expertise in Threat analysis and enterprise cyber defense techniques
- Deep understanding of Security Operations.
- Ability to articulate complex issues to executives and customers.
- Self-motivated and driven; ability to perform and excel with little supervision.
- Able to serve as an authoritative source on security.
- Hands on experience leading incident response activities for security events.
- Experience with security on cloud platforms. This includes a deep understanding of offerings from key cloud providers (i.e. AWS, Azure).
- Experience in the evaluation and implementation of industry standard enterprise offerings from leading information security platforms such as Crowdstrike, Carbon Black, Okta, Forescout, Elastic, Rapid 7, etc.
- Significant experience in the application and integration of globally accepted security standards (GDPR, FISMA, NIST 800-53, ISO/IEC 27001, ISO 27018, and GDPR etc.).
- Salary + Bonus + Equity (based on experience)
- Full-time employees are eligible for full health care benefits
A few words on Diversity
We're equally committed to diversity, equity and inclusion in our workplace and in how we show up in this world. To us, diversity means recognizing that different views and experiences are as important as those we're already familiar with. It means taking radical ownership of the things we affect as individuals and as a company - including even inherited ways of doing things which may be destructive or biased and which we must work to change. It means looking at the world and making sure we embody as many of its best qualities as we can, and striving for that as a matter of principle, not as a marketing goal we check off a list.
This is how we strive to practice We define diversity as making sure (1) our table represents people from varying backgrounds, (2) inclusion as making sure our people have a seat at the table, and (3) equity as making sure our people have the same means to get to the table in the first place. Externally, we apply the same policies to partnerships, marketing, and product development.
Ultimately, diversity goes beyond what we look like, who we are, who we love or how we think. Diversity is shorthand for an integrity-driven way of operating and growing every single day, and we wouldn't have it any other way.
You've read this far so now all that's left is hitting us with that boom-boom-pow through a killer resume and cover letter for any of our opportunities that pique your interest.
If you are interested, send us your resume to firstname.lastname@example.org