Director Application Security & IT Compliance
Greater Denver Area
About SRS Acquiom
At SRS Acquiom, our sole focus is on making M&A deals happen more efficiently. Since 2007, we have been continuously innovating to solve issues for some of the industry’s most sophisticated buyers, sellers, and counsel. Our top-tier team has supported more than 2,000 deals including high-profile transactions such as Google’s acquisition of Nest, Facebook’s acquisition of Oculus and Yahoo’s acquisition of Tumblr. We are looking for extraordinary people to help drive our continued success. If you are looking to join a growing, entrepreneurial environment in an established company, we want to hear from you! Visit www.srsacquiom.com to learn more.
We are looking for a Director of Application Security and IT Compliance that is a security expert, who drives decisions based on risk and business impact. The role will lead a team of Security & Compliance specialists focused on application security, compliance and controls assurance. This role will be the focal point for designing security practices and tools into our development and deployment processes. In addition, this role is responsible for all aspect of IT Compliance and partnering with the Manager of Corporate Risk to ensure regulatory and industry statues are met. Ability to assist in oversight and execution of the Company’s IT related audits, risk assessments, testing, and monitoring efforts to ensure compliance with regulatory requirements and internal policies is needed.
- Act as the key decision maker on IT Application Security and IT Compliance activities and member of the IT leadership team.
- Managing a team of Security & Compliance specialists which are chartered with enhancing the security profile of the SRS Acquiom product & application portfolios.
- Analyzing the state of security within the organization and developing, communicating and optimizing a roadmap to address challenges
- Developing and implementing comprehensive best practices across the application security discipline. Institutionalizing, measuring and monitoring the security effectiveness across the portfolio.
- Creating an Application Security multi-year strategy, assessing current state and driving the organization toward higher levels of maturity and efficiency.
- Guiding Application Security Analyst in establishing security requirements for all new features and services while assessing and driving security enhancements across existing solutions.
- Developing the Security Assurance program for SRS Acquiom, extending beyond traditional Compliance into security effectiveness and continuous assessment.
- Identifying and eliminating manual processes using automation, especially in the areas of CI/CD and Compliance.
- Prioritize and manage quarterly goals, projects and translate to Agile Sprint objectives
- Develop reliable metrics for Application Security and IT Compliance activities to identify trends and develop action plans to drive continuous improvements.
- BS/MS in Computer Science or related field, or a combination of education/experience equivalent.
- Minimum 8 years in technology organizations with 3-5 years of success leading a security discipline
- 4+ years experience leading compliance management within a regulated environment (SOX, GDPR)
- 4+ year’s experience in Secure Software development, with experience in a Continuous Integration / Continuous Deployment / DevOps environment
- Must have thorough knowledge of information security components, principles, practices, and procedures.
- Must have thorough knowledge of web application, infrastructure, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development.
- Require one of the following certification: CISSP, CISM, CISA or equivalent
- Proven leadership experience that demonstrates an ability to encourage and guide others.
- Excellent listening skills and an open mind for new ideas.
- A proven track record of execution, the candidate must be able to deliver the Security & Compliance strategy by defining a clear vision of desired outcomes tied to business needs.
- Technical acumen and experience across the “full application stack.” Must have a technical background and demonstrated ability to understand the holistic impact of security within the environment.
- Ability to develop executive-level relationships with business leaders and their teams.
- A “working IT manager” who gets into the details and is experienced in managing multiple medium to large scale initiatives and cross functional teams.
- Equally comfortable with executives, manager-level stakeholders, architects and developers-this is a hands-on position with regards to people and detail.
- Ability to identify and marshal resources (people, funding, support) to get projects initiated and completed.
- Ability to influence a significant transformation in the security management & development landscapes.
- Practical knowledge and applied experience related to Security & Compliance principles
- Understands the principles and practices of Security Management and can effectively proceed through review boards activities.
- Must display strong communications skills – both verbal and written.
- Experience in Financial and/or Fin Tech organizations preferred.
- Experience with regulatory compliance standards (HIPAA/PCI/SEC/FINRA, etc.) preferred
- Strong knowledge of penetration testing and security assessments is highly desirable.
A few benefits our employees enjoy
- Comprehensive benefit plans (medical/dental/vision) starting on day 1
- 401(k) with 4% matching
- Discretionary time off
- Fitness credit
- Several pre-tax plans (dependent care, transportation, flexible spending)
- Transportation reimbursement
- Benefits reimbursement
Read Full Job Description