Director of Cloud Security - Toronto
Director of Product and Operations Security
Guidewire is seeking an experienced Director of Product and Operations Security to lead security monitoring and alerting operations, incident response, vulnerability assessments and technical security review efforts. You will help ensure that our services, applications, and websites are secured against the latest threats. The successful candidate will have a good mix of deep technical knowledge and a demonstrated background in Information Security and a positive attitude combined with proven people leadership skill.
We may require you to work nights, weekends or holidays on a rotational basis with the rest of the team to ensure 24x7 coverage.
- Developing security operations processes and procedures to ensure comprehensive threat visibility, monitoring and alerting
- Working with Cloud Operations and Information Security teams to coordinate the implementation and operation of technical security controls
- Providing risk analysis of security infrastructure
- Provide forensic investigation of our technology environments
- Providing ongoing operations metrics for daily management of team and for leadership visibility
- Managing the day to day operations of the team, ensuring high productivity, efficiency, and employee satisfaction
- Enhance the existing security posture of the Guidewire Cloud infrastructure
- Supporting and assisting with external audits/assessments, certifications and accreditations to achieve and maintain compliance
- Collaborate with infrastructure teams as a subject matter expert (SME) to ensure implementation and compliance of control framework
- Participates in the change management process to ensure adherence to compliance and security requirements
- Hiring and training new employees while coaching and developing the existing team.
Skills / Experience
- 3+ years managing/leading Security Operations teams of 6-10 employees
- Experience providing security administration and monitoring services for AWS implementations
- Solid understanding of log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems and encryptions standards
- Strong conceptual and practical understanding of IT Infrastructure designs, technologies, products, and services.
- 3+ years of experience working in a Security Operations Center and performing analysis of security events
- Understanding of frameworks, standards and assessments such as ISO 27001, SOC1, SOC2, PCI, HIPAA, NIST, etc.
- Understanding of Risk Management frameworks (CoBIT, ISO, PCI DSS etc.)
- Bachelor's Degree in Computer Science, Information Technology or equivalent work experience.
- CISSP, CCSP, CISA, CISM, GCIH, GIAC (SANS), CCNP or CCIE and/or other relevant security/network type engineering certifications
Guidewire Software Inc. provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. All offers are contingent upon passing a criminal history and other background checks where it’s applicable to the position.