Information Security & Privacy Manager

Internal Operations Los Angeles, California United States


Description

About EVgo 

EVgo is the nation’s largest public fast charging network for electric vehicles, with more than 800 fast charging locations in 66 markets in 34 states. Powered by 100% renewable energy. EVgo serves more than 200,000 customers nationwide.

EVgo fast chargers are compatible with all fast charge capable EV models currently on the market, including Tesla Models S/X/3 with a CHAdeMO adapter EVgo has the best operating record in the industry – more than 98% uptime – and consistently earns top consumer scores on PlugShare. 

Founded in 2010, EVgo partners with retail hosts, hotels, shopping centers, gas stations parking lot operators and other stakeholders to make it easier to fast charge your EV close to where you live, work and play.

Information Security & Privacy Manager

Position Summary:

This role will be responsible for driving the EVgo's Information Security and Privacy functions. The successful candidate provides vision, leadership, and the ability to develop and support all required security and privacy initiatives. The Manager plans and implements enterprise security and privacy risk and governance initiatives. This individual will also be responsible for auditing existing systems, administrating security and privacy policies, activities, and standards. They will provide information security consulting and strategic support to EVgo's growth and success. The position will report to the VP of Enterprise IT.

Responsibilities:

  • Lead IT security and privacy planning by prioritizing defensive and offensive initiatives and through the design, development, and deployment of secure technical architectures.
  • Develop security policies and controls, such as disaster recovery, business continuity planning, loss prevention, identity and access management, fraud prevention, and privacy.
  • Assist with the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements.
  • Actively participate as a member of the Enterprise IT management team in governance and compliance processes of the organization’s security and privacy strategies.
  • Develop and communicate security and privacy strategies and policies to the executive team, staff, partners, customers, and other stakeholders.
  • Define plans and standards for assessing, acquiring, implementing, and operating new security systems, equipment, software, and other technologies.
  • Ensure enforcement of policies, procedures, IT General Controls, and associated plans for system security and privacy administration and user system access based on industry-standard best practices.
  • Knowledge of and experience in utilizing various methodologies and frameworks, including, NIST, COBIT, COSO, ITIL, ISO 27001/27002 and 27018, SOC 2.
  • Coordinate internal and external resources to safeguard the company's assets, intellectual property, and computer systems.
  • Develop and implement, in coordination with Software Development, Compliance and Controls, Enterprise Systems, and other internal stakeholders EVgo's global security and privacy policies, standards, guidelines, and procedures to ensure ongoing maintenance of security and data privacy.

Information protection responsibilities will include network security architecture, network access, and monitoring, identity and access management policies, employee education, and awareness, amongst others.

  • Work with the VP Enterprise IT to prioritize security initiatives and spending based on appropriate risk management and/or financial methodology.
  • Oversee incident response as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
  • Work with outside consultants as appropriate for independent security audits.

 Skills and Experience:

  • Bachelors in the field of Computer Science or commensurate technical experience as a Risk Manager, Security/Privacy Manager, or IT Manager.
  • Demonstrable IT Security, Privacy, and Compliance planning, development, and ongoing operations.
  • Industry-recognized information security management certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), or equivalents desired.
  • Demonstrated understanding of security, privacy, IT, compliance, and legal security standards, guidelines, and principles.
  • Proven understanding of information technology within a, highly distributed organization that develops Internet of Things and Cloud applications, and utilizes complex commercial enterprise applications.
  • Experience in conducting and/or coordinating technical security scanning, penetration testing, social engineering testing, application security testing, mobile device security analysis, network security analysis/operations.
  • Strong understanding of enforcing secure coding practices, threat modeling, identity, and access management, and/or security incident response/recovery.
  • Demonstrated ability to develop, implement and enhance standards.

Behaviors and Leadership

  • Proven ability to communicate effectively with stakeholders and customers.
  • Comprehensive understanding of strategic planning and program management.
  • The high degree of personal integrity and ethics as well as a passion for securing data systems and networks and ensuring customer privacy.
  • Excellent written and verbal communication and presentation skills for leadership, technical and business audiences.
  • Exhibits strong leadership and management skills, business acumen, and the ability to build relationships to influence and drive change.
  • Prior knowledge and/or experience with budget management.
  • History of results-orientated behavior, ability to remove obstacles, and hold people accountable for achieving challenging business results.
  • Track record of employing judgment and experience to make rapid, complex decisions.

To find out more, or to join the EVgo network, visit www.evgo.com. Connect with EVgo on Facebook and follow us on Twitter. At EVgo, we are committed to creating a more equitable and inclusive workplace where everyone feels welcome. Apply today to join our team and help make a meaningful impact in the fight against climate change. By submitting this form, you acknowledge you are sharing your personal information with EVgo. By proceeding, you consent to EVgo’s Privacy Policy and Privacy Notice for California Residents. More detail regarding personal information we collect, how we use that information, how we share that information, and your rights and choices can be found here.