|
Gridspace is looking for a Security Lead to manage compliance and security operations. The candidate should be organized, thorough, and have a strong technical background in IT, systems administration, and/or network engineering. Most importantly, candidates should have a desire to work with a world-class engineering team to secure massively scaled cloud services. About Gridspace
We are machine learning startup focused on long-form conversational speech. We process over a billion minutes of speech data per year. Technical responsibilities will include: Become the primary security expert for multiple product lines, and act as the point of contact for engineering and security.
Support engineering with implementing security fixes, ensuring security scanners are utilized correctly, and develop strategies to proactively secure the architecture.
Help to automate common security tasks and patterns.
Research and analyze the latest capabilities of specific Information Security (e.g. Cloud services, encryption, PKI etc.) and IT technologies (e.g. operating systems, networks, storage, virtualization etc.).
Manage the IT infrastructure including endpoint management, single sign-on, anti-malware, event notifications, etc.
Assist co-workers in maintaining security of their devices and processes.
Operational responsibilities will include: Familiarize yourself with common private sector security standards including PCI, HITRUST, and SOC2.
Act as the primary contact with all security compliance audits and client due diligence questionnaires.
Work directly with partner teams to understand our corporate infrastructure and business operations solutions and serve as subject matter expert to identify key risks to our security posture.
Create threat models for both external and insider threats that directly influence designs, risk tolerance, and roadmaps.
Maintain the schedule of daily, weekly, monthly, and annual compliance related tasks.
Lead the physical security efforts of Gridspace assets and properties.
Run company-wide phishing tests, security awareness training, and regular status meetings with management.
Manage and evaluate third party services and vendors.
You have: Strong technical aptitude with project management skills, capable of learning emerging products and creating plans to support the business
Experience with GCP, Kubernetes, or distributed cloud-based environments
Experience working in a high security and/or highly regulated industry. We would love to have you take the essentials of what you’ve learned and apply them to the unique challenges Gridspace faces
Experience securing large Python codebases is a plus
Experience managing a SIEM such as SumoLogic
Experience with endpoint management and security such as JumpCloud and Crowdstrike Falcon is a plus
Experience with performing or managing network and application penetration tests
Experience achieving PCI, HITRUST, SOC2, or FedRAMP certifications are a plus
Experience with managing outside vendors and customer relationships is a plus
Military experience is a strong plus If interested email hiring@gridspace.com |