We are Bugcrowd. Since 2012, we’ve been empowering organizations to take back control and stay ahead of threat actors by uniting the collective ingenuity and expertise of our customers and trusted alliance of elite hackers, with our patented data and AI-powered Security Knowledge Platform. We specifically seek a hands-on, technical security leader. You bring experience building security monitoring, reference architectures, deploying tools, integrating platforms, assessing modern cloud-native applications and infrastructure - and leading teams executing that mission successfully. Key Responsibilities Define the Cyber Security Strategy for Bugcrowd and identify areas of improvements to the threat landscape, internal risk tolerance objectives, and/or compliance objectives. Ensure the technical aspects of vendor acquisitions and tools are safe for Bugcrowd’s use, in unison with the IT and compliance teams. Assess corporate technology systems, determine strategy for changes, enhancement and improvements; recommend and implement the same, from the perspective of cyber security. Carry out and fulfill the cyber security strategy of bugcrowd, proactively improving the security posture with time. Work with GRC to assist in designing, develop, implement and coordinate areas of policies and procedures for compliance with SOC-2, NIST 800-53v4, ISO27001,ISO27018, and FedRAMP. AppSec and Product Security Leadership Manage Bugcrowd’s bug bounty program, ensuring that clients have a standard to aspire to, when running their own bounty programs. Analyze new features prior to development or launch, to ensure the security measures in place are sufficient for the project. Manage the access controls for Bugcrowd’s production codebase (GitHub). Security Operations, Detection and Incident Response Perform IR for all parts of the business (on-call 24x7) and perform root cause analysis upon the incidents to properly mitigate them in the future. Perform threat intelligence to proactively find issues relating to Bugcrowd’s security posture. Management and Team Leadership Lead and manage a team of internal cybersecurity professionals. Train and grow the security team with objectives that are defined, measured and monitored. Knowledge, Skills, and Abilities Proven work experience leading Cyber Security in a startup and growing with the organization. Excellent knowledge of technical security controls, including cloud, web application, infrastructure, IT, and compliance. Experience in data governance, data architecture, data flow and system architecture to optimize the same. Bugcrowd is an EOE, Disability/Age Employer. We are committed to the full inclusion of all qualified individuals.

#J-18808-Ljbffr