Director – Security
GRC, & Trust
Confirmed live in the last 24 hours
Canada • Remote
- You have a track record of stepping up and leading successful complex security projects including roll-out of security discipline to engineering, operations teams
- Proven track record of customer interaction including support for pre- and post-sales activities and support for customer enablement teams
- Experience with support for internal and external audit activities including evidence gathering and management, interaction with auditors and management of audit timelines
- Experience with application security disciplines including security reviews, testing, and management of findings through to remediation
- Experience with operational security disciplines including asset and inventory management, vulnerability scanning and patch/update disciplines for the management of findings through to remediation
- Experience implementing and/or running an issue management discipline to ensure a robust lifecycle for the management of findings and issues, balancing security standards and operational realities
- Experience with containerized applications, and technologies, such as Docker and Kubernetes
- Experience working in a continuous delivery/continuous deployment environment
- You have a desire to stay ahead of the latest industry trends and technologies; a track record of sharing contributions to the wider security engineering community and a commitment to continuous learning
- You believe security should make it easy to do the right thing
- You are an expert at leading collaborative efforts involving large groups
- Expert at building consensus within and across engineering teams
- 5+ years experience managing high performance security teams with
- Outcome driven results
- Sprint planning and KPI based measurements
- 3+ years of experience
- Managing application and/or operational security, including IaaS, PaaS, SaaS
- Defining/implementing cloud-native based security best practices
- Operationalizing and running governance, issue and risk management disciplines
- Leading or supporting external audit activities including SOC2, ISO27001, and ideally with FedRAMP experience
- Demonstrated history of employee engagement through coaching and mentoring, and leading both individuals and managers
- Excellent written and verbal communication skills
- The ability to identify and effectively communicate the business impact of cybersecurity risk to stakeholders and team members
- The ability to solve security problems without saying "No"
- Responsible for leading and maturing our governance, risk and compliance discipline across application and infrastructure security for on-prem, OSS and cloud-based environments
- Define and implement a robust and business appropriate risk and issue management discipline in support of internal and external cybersecurity risk management
- Interlock with customers to represent PagerDuty's security posture and standards, and bring customer feedback to security and product teams
- Operationalize discipline for ongoing internal and external compliance and maintenance of security audits and evidence including SOC2 Type II and FedRAMP
- Collaborate with cross company teams to drive an environment of continuous security improvement
- Use overall data and findings to identify and recommend enhancements and changes to increase product and infrastructure security posture
- Support security operations to provide the protection of the confidentiality, availability, and integrity of customer data and building/maintaining customer trust
- Partner with product/engineering, corporate operations, and employees to build and maintain a security-aware culture where everyone understands and plays their part
- Provide thought leadership on modern security operations and help lead our infrastructure security organization in creating trust through security
- Embody a continuous improvement discipline for personal and career growth. Mentor and grow infrastructure, application security and cloud security engineers
- Certifications such as AWS Security Speciality, (ISC)2 Certified Cloud Security Professional (CCSP), (ISC)2 CISSP (Certified Information Systems Security Professional)
- Experience with AWS cloud security best practices, and AWS security technologies such as AWS IAM, AWS Organizations, AWS Shield, AWS GuardDuty
Operations performance platform
PagerDuty's mission is to revolutionize operations and build customer trust by anticipating the unexpected in an unpredictable world.
- Health, AD&D, Disability, Vision, Life, and Dental Insurance
- Paternity and Maternity Leave
- Employee Assistance Program
- PTO (Vacation / Personal Days)
- Sick Time
- Remote Work
- Adoption Assistance
- Employee Stock Purchase Program
- Flexible Spending Account
- Student Loan Repayment Plan
Company Core Values
- Champion the Customer: User first. Make it easy. Build great products.
- Take the Lead: Disrupt more. Improve everywhere. Learn forever.
- Run Together: Create belonging. Deepen bonds. Team up.
- Ack + Own: See opportunities. Make it yours. Do right.
- Bring Your Self: Earn trust. Be present. Have heart.