Information Security Manager
- Expired: over a month ago. Applications are no longer accepted.
The Information Security Manager works as a leader within our engineering department to a robust cybersecurity and compliance posture across our product portfolio. This team member will help architect sound security principles, position the enterprise to adhere to multiple high-priority compliance frameworks (including FedRAMP, SOC2, and ISO27001), serve as the primary incident response leader, and act as a trusted advisor to senior company leadership for all risk matters. Cybersecurity is one of Bidscale's highest priorities and the ISM will be one of the key hires to building out a full-fledged security team.
What You Bring
- Bachelor's degree in computer science or other related field
- 6+ years of experience operating cybersecurity programs for Federal information systems and/or Software-as-a-Service products
- Experience spearheading compliance initiatives to navigate commercial products to successful accreditation under SOC-2, ISO 270001, FedRAMP, and agency guidelines
- Experience applying expertise to support security assurance activities for AWS-hosted systems, Software-as-a-Service paradigms, and products targeting FedRAMP designation
- Experience advising on the development of system architectures to meet security best practices and enhance our products’ risk postures
- Experience developing System Security Plans (SSPs), supporting security artifacts and evidence, risk reports, and continuous monitoring processes to maintain compliance accreditations
- Experience proactively collaborating with technical and business stakeholders to execute compliance requirements in accordance with security best practices
- Experience persisting through both internal and external blockers in order to ensure successful achievement of strategic security initiatives
- Experience developing a world-class cybersecurity and risk management program for a nascent enterprise engineering department
- Experience managing security personnel and team members including engineers, architects, developers, testers, ISSOs, and TPM to execute key security initiatives
- Experience working within the Risk Management Framework (RMF), NIST SP 800-53, Security Technical Implementation Guides (STIGs), and other relevant Federal/Defense frameworks
- Experience working with stakeholders to resolve computer security incidents and vulnerability compliance
- Experience performing security reviews, identifying gaps in security architecture, and issuing guidance on risk management strategy
- Experience successfully implementing the functionality of security requirements and appropriate IT policies and procedures to be consistent with enterprise objectives
- Experience conducting vulnerability scans (i.e., Qualys, Nessus, etc.) and managing responses to system vulnerabilities
- Experience operating within AWS/Azure services, enterprise networking paradigms, and modern identity management frameworks (Okta, MFA, SSO, etc.)
- Experience mitigating system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting)
- Experience managing incident response, business continuity, disaster recovery, and root cause analysis initiatives
- Experience implementing cyber defense and information security policies, procedures, and regulations
- Experience architecting Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
- Experience configuring network protocols including TLS, TCP/IP, DHCP, DNS, and directory services
- Experience with cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity
- Experience operating security monitoring and SIEM tools (e.g., Splunk, GuardDuty, CloudTrail)
- CISSP and/or SSCP certification preferred
The U.S. federal government is armed with unmatched purchasing power and a mission to drive broad, transformational impacts for the public good. However, government agencies face an uphill battle to fulfill this task. Current procurement systems consist of unwieldy compliance requirements, cumbersome approval chains, and countless administrative workflows. These inefficiencies frustrate government officials and prevent effective partnership with commercial vendors.
Bidscale is a digital platform built to tackle this challenge by helping the government navigate the complexities of federal procurement. Bidscale accelerates procurement to help the U.S. federal government return to the forefront of innovation, drive new standards for societal outcomes, improve commercial competitiveness, and enhance the national security posture. We believe that our work is critically important; if that is the type of company you are looking for, we’d love for you to join us.
What We Offer
- Total compensation up to $175,000 commensurate with qualifications
- US citizenship required; full-time, salaried, exempt only
- 90-100% remote
- Unlimited PTO
- 90% - 100% company coverage for leading options on Health, Dental, Vision, Life, Short-Term Disability
- 100% match up to 6% of 401k contribution, vested immediately
Who We Are (Our Values)
- #MissionFocus: We operate knowing that our work is critically important.
- #MasterCraft: We work together to become masters of our respective crafts.
- #WorkBackwards: We see the future, strategically envision our end state, and work backwards with intent.
- #DoBeautiful: We believe that if it's worth doing, it's worth doing beautifully and elegantly.
- #Perseverance: We overcome the impossible through brilliance, grit, and class.
- #CelebrateUs: We celebrate triumphs, differences, and balance.
- #OneTeam: We are one team and we play to win big.
Bidscale is committed to fostering a diverse, inclusive environment and to encourage these values in everyone on our team. We provide an environment of mutual respect where opportunities are available without regard to race, religion, color, sex, gender, national origin, age, United States military veteran’s status, ancestry, sexual orientation, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.), military and veteran status, and any other characteristic protected by applicable law. We believe that diversity and inclusion for people from all walks of life is key to our success at Bidscale.
This employer uses E-Verify.
Powered by JazzHR
TechnologyView all jobs at Bidscale