Director of Information Security

IT Administration San Francisco, California


Description

ON24 is on a mission to transform the way companies engage their prospects and customers with data-rich, digital experiences that deliver real-time, actionable insights to drive revenue. In a digital-first world, ON24 is where business gets done.

Its patented cloud-based platform features interactive and immersive user interface and industry-leading webinar analytics for events, campaigns and benchmarking. Providing one-click access from any computer or mobile device, ON24’s award-winning solutions are integrated with leading CRM and marketing automation platforms, enabling marketers to optimize demand generation, enhance lead qualification and accelerate opportunities in their sales pipelines.

The Director of Information Security will be responsible for developing and managing ON24’s information security management system to safeguard customer, employee, and company data in accordance with industry standards for a global enterprise SaaS company.  

You will lead the effort to determine and implement appropriate standards and controls and that inform procedures and policies, select security technologies, manage security audits with enterprise customers, and address security incidents.  

Responsibilities:

  • Build, deploy, maintain, and enforce information security risk management standards, policies, and procedures to maintain and enhance the compliance posture
  • Lead customer, partner, and vendor InfoSec audits and risk assessments, communicate results to information security stakeholders or business partners, and ensure remediation of outstanding issues
  • Perform internal risk assessments and analysis to identify opportunities to improve risk posture, and develop solutions for remediating or mitigating risks and assessing residual risk • Anticipate new security threats and stay-up to date with evolving industry, regulatory, and legal requirements relevant to security, compliance, and privacy
  • Monitor security vulnerabilities, threats, and events in network and host systems
  • Develop strategies to handle security incidents and coordinate investigative activities
  • Promote a culture of information security throughout the organization, providing subject matter expertise, guidance, and training
  • Assess, document, and report security risks and control gaps. Collaborate with internal groups to direct compliance issues to appropriate channels for investigation and resolution.
  • Help design and promote an effective security awareness and communication program for the organization
  • Prioritize security projects based on costs, benefits, resources, and alignment with business goals.
  • Execute internal assessments to ensure compliance with existing Information Security policies and identify areas for improvement.

 

Required Skills and Experience

  • 5+ years of experience in Information Security
  • Strong knowledge of security risk management standards such as ISO27001 and SOC 2
  • Has built security management program and led certification efforts
  • Works with management and across departments to enhance the security posture of the company
  • Strong communication skills with ability to effectively communicate security concepts to stakeholders throughout the company.
  • Knowledge and hands-on experience with a variety of security management tools such as Data Loss Prevention and Vulnerability Scanning solutions.
  • Analytical thinker and problem solver
  • Industry certification in IT Security (e.g. CISSP, CISM)
  • Demonstrated experience of working in a SaaS environment with experience in driving SOC2 certification for customer facing applications


ON24 is proud to be an equal employment opportunities (EEO) workplace to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, ON24 complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Pursuant to the San Francisco Fair Chance Ordinance, ON24 will consider for employment qualified applicants with arrest and conviction records.