Conga crushes complexity within an increasingly complex world. With our revenue lifecycle management solution, we transform your unique complexities for order configuration, execution, fulfillment, and contract renewal processes with a single critical insights data model that adapts to ever-changing business requirements and aligns the understanding and efforts of every team.
Our approach is grounded in the Conga Way, a framework of entrepreneurial spirit and achieving together to champion our 11,000+ customers. We’re committed to our customers and to removing complexity in an increasingly complex world. Our solutions quickly adapt to changing business models so you can normalize your revenue operations.
Conga IT Security & Compliance Team is hiring! We are looking for talented and experienced individuals like you to join us as we continue our amazing revenue operations growth journey. We have a dynamic culture that encourages entrepreneurship and teamwork. Take a minute to read and listen to our CEO Noel Goggin. Our product strategy is compelling and led by Grant Peterson. We continue to grow both organically and by acquisition. You might want to read about our deepening artificial intelligence (AI) and machine learning (ML) capabilities. We have offices around the globe and significant remote work force. Check out our cool Broomfield, Colorado office. This position can be based out of any of our Corporate locations in San Mateo, CA; Broomfield, CO; Bozeman, MT; Indianapolis, IN, Des Moines, IA; or open to remote anywhere in the US.
ABOUT THE ROLE
Conga is looking for a highly experienced information security professional to provide team leadership in the Security and Compliance team. This individual will rally the team in its mission to keep Conga secure and in compliance with our legal and regulatory obligations and our customer requirements.
We are looking for someone with:
- Deep experience implementing security best practices in cloud environments (including AWS & Azure) as well as in general IT/Operations
- Demonstratable experience in the development and execution of Incident Response, Incident Management, and Incident Resolution processes.
- Experience operating and administering vulnerability scanning and testing tools as well as driving vulnerability management processes and activities.
- A solid understanding of how a world-class security program should function.
- An ability to lead projects that implement or improve security controls and reduce risk for the company.
- Interest and experience in mentoring, guiding, and coaching members of the Security team.
- Application security experience.
- Robust understanding of, and experience with SIEM rule implementation and tuning.
- Lead and mentor security analysts on the team, providing guidance, recommendations, and direction that build a team culture of continuous improvement.
- Partner with Security & Compliance leadership in the setting of security objectives across Conga.
- Evaluate existing security controls for efficacy and gaps, then driving remediation and risk treatment processes across the organization.
- Lead and manage projects to source and implement software solutions (both native and 3rd party) that address security and compliance risks and that improve the efficacy and coverage of existing solutions.
- Participate in the risk assessment process, including cataloging and managing security and compliance risk.
- Strive to ensure effective coverage of application vulnerability identification methods including static and dynamic code analysis, application testing, and penetration testing.
- Evangelize and enforce security best practices and embed security expertise within each technical team.
- Drive security visibility across our products and IT/product operations.
- Continue to enhance existing log monitoring and analysis capabilities, leveraging the 3rd party VSOC and other tools.
- Assist with the growth of more junior security personnel.
Experience, Skills and Competencies:
- 7+ years of experience in security, preferably in a SaaS company focused on Product as well as IT security.
- Well versed with operating security products and services within cloud providers such as AWS and Azure.
- Solid understanding of cloud-native security tools and technologies.
- Experience with compliance frameworks such as SOC1/2 and ISO 27001.
- Self-starter, with experience thriving in a dynamic, growing environment.
- Strong written and oral communications skills.
- Experience managing complex projects including the deployment of security technology solutions, processes, and controls.
- Experience optimizing the value derived from internal or 3rd-party SIEM solutions.
- Proven track record in mentoring junior security personnel.
- Bachelor’s degree or other in-scope structured education desired.
- CISSP or other security certifications are a plus.
Come join our growing team! You'll have great opportunities to grow, learn and make an impact. We move fast, act decisively, and celebrate our progress along the way. We offer a fun and casual environment, great benefits, and a team to help you be set up for success.
In the spirit of the Conga Way, we strive to communicate openly about our compensation programs. They’re intended to be competitive, equal, fair and free of any type of discrimination, clear, and easy to understand. So, in keeping with this approach, we’re committed to delivering a generous compensation and benefits package to all colleagues worldwide. The first component of that package is compensation and, generally speaking, base pay is determined by market location for each role. The following information is provided in accordance with the Colorado Equal Pay Act. The general salary target for this position in Colorado is $139,625.00 per year. However, the base salary offered may increase (or decrease) depending on the candidate’s job-related knowledge, skills, and experience. In addition to base salary, Conganeers receive a full range of perks and benefits, including financial, medical, and dental insurance. We also fund an annual bonus program, with payout based upon annual corporate performance and individual performance