Information Security Manager - Remote / WFH
Smarsh is seeking an Information Security Manager to join our fast-growing Vendor Risk Management team. This candidate will help design, and deliver operational excellence for our clients who purchase Vendor Risk Management and Cybersecurity solutions from Smarsh. Smarsh partners with a wide breadth of mobile (i.e., AT&T, Verizon), social (i.e., LinkedIn, Facebook) and collaboration (i.e., Slack, Microsoft) partners to deliver vital governance and compliance solutions for companies in highly regulated industries. Someone who embraces new opportunities, is motivated by professional advancement, demonstrates curiosity, enjoys problem solving, delivers excellence, and thrives in a changing, fast-growth environment is the ideal candidate. The candidate will work cross-functionally with the larger Smarsh team on several high-impact and high-visibility projects.
Information Security Manager will oversee and is part of the delivery of these solutions and works with clients to ensure quality and satisfaction.
Who are we?
Smarsh empowers its customers to manage the risk and unleash the intelligence in their digital communications. Our growing community of over 6500 organisations in regulated industries counts on Smarsh every day to help them spot compliance, legal or reputational risks in 80+ communication channels, before those risks become regulatory fines or headlines. Relentless innovation has fueled our journey to consistent leadership recognition from analysts like Gartner and Forrester, and our sustained, aggressive growth has landed Smarsh in the annual Inc. 5000 list of fastest-growing American companies since 2008.
How will you contribute?
Manage day-to-day delivery for vendor risk management clients, including managing and reviewing vendor security assessments, providing suggestions to establish or enhance their VRM program when needed, delivering our AutoAssess solution, and hosting regularly scheduled calls.
- Manages a team of security analyst(s) and/or assessment reviewers
- Review compliance reports and cybersecurity documentation on behalf of clients
- Establish and design processes as well as monitor quality for risk assessment solutions for existing Smarsh clients
- Own the AutoAssess solution, a solution where Smarsh assists and advises clients with responding to security questionnaires they receive.
- Support enterprise customer vendor risk assessment processes including the review of questionnaires such as the SIG Lite, AITEC DDQ, etc.
- Presents and explains key security control recommendations in formal and informal settings to clients when discussing vendor assessment reviews
- Technical knowledge including the ability to explain and advise on the impact of security vulnerabilities or other identified items for remediation
- Provides overall direction for complex activities and processes
- Develops strategic plans and provide direction setting on multiple projects. Includes application of knowledge to practical issues often relating to more than one functional area.
- Other duties as assigned
What will you bring?
- Passion for helping customers succeed.
- Excellent verbal, written, and interpersonal communication skills.
- Strong diagnosis and problem-solving abilities.
- 4+ years related experience.
- S. in Cybersecurity, Risk Management, Computer Information Systems, Management Information Systems, Computer Science, or equivalent combination of education and experience.
- Experience evaluating vendors from a security and risk management perspective and managing remediation workflows
- Significant experience (and an understanding of) information security risk management and compliance activities (e.g., SSAE18, ISO 27001).
- Experience implementing and operating successful compliance and examination programs, performing risk assessments, and maintaining an issues management system.
- Familiarity with cloud security concepts and technologies
- Knowledge and familiarity with the financial services industry and associated regulations (e.g., GLBA, FFIEC IT Examination Handbooks, etc.).
Nice to Have(s)
- At least 1 current security-oriented or risk management certification (e.g., CISSP, CISM, CISA, CIPP, etc.)
What do we offer?
We provide medical, dental, and vision insurance, and a flexible spending account that allows you to set aside pre-tax dollars to pay for eligible out-of-pocket expenses.
Personal time off
A healthy work-life balance is critical to your success at the office. Smarsh offers a “take-what-you-need” time off policy as well as flexible work arrangements
Smarsh provides a 4% 401K match for which employees are fully vested on day one.
The Smarsh sabbatical program provides a time to recharge, to study or simply a time to do something you are passionate about away from the workplace. Employees are eligible after six years of service.
We’re big on kudos for a job well done. Our employee-recognition program enables co-workers to nominate their peers who best embody our core values for recognition.
About our culture
Smarsh hires lifelong learners with a passion for innovating with purpose, humility and humor. Collaboration is at the heart of everything we do. We work closely with the most popular communications platforms and the world’s leading cloud infrastructure platforms. We use the latest in AI/ML technology to help our customers break new ground at scale. We are a global organization that values diversity, and we believe that providing opportunities for everyone to be their authentic self is key to our success. Smarsh leadership, culture, and commitment to developing our people have all garnered Comparably.com Best Places to Work Awards. Come join us and find out what the best work of your career looks like.