Director of Information Security
Vendavo is the leading provider of Commercial Excellence solutions across the “Opportunity to Order” processes for business-to-business companies worldwide. Commercial Excellence looks at each step of this process to ensure our clients are using data and science to improve their financial outcomes. We help some of the world’s biggest companies optimize every step of this process to help improve win rates, pricing strategies, and margin optimization and profitability. We help our customers reduce the time to quote through CPQ, identify the right target price for every deal, better recover cost-to-serve, manage their channel business with the right incentives and enable their sales force with relevant analytical data. Over 100 Leading Fortune 2000 companies across the chemicals, high-tech, industrial manufacturing, and distribution industries leverage Vendavo solutions to drive higher profits. We’re making a difference in business, and we’re looking for energetic, talented professionals to grow our team. If you are someone who is driven to make a global impact and believes in a culture of mutual respect, innovation and a strong focus on customer success, then you need to join us here at Vendavo! Come help us grow! Vendavo is headquartered in Denver, CO and has offices around the globe. Learn more at vendavo.com.
Job Title: Senior Risk and Security Consultant
The Director of Information Security will oversee the daily operations, maintenance and annual recertification of Vendavo’s comprehensive information security program.
Essential Functions
- Oversee the successful engagement of SOC and ISO audit activities.
- Onsite security review/evaluation services for IT Risk Assessment
- Ongoing compliance management
- Provide guidance and material support for Business Continuity Planning
- Perform IT Risk Assessments
- Provide security and awareness training to internal personnel
- Support Business Development by addressing customer security questions and inquiries.
- Provide security expertise and guidance to the architecture, network and application teams
- Act as a trusted advisor to IT and the enterprise on all enterprise IT Security initiatives
- Manage information security risk assessments, and perform internal and external auditing for security and compliance issues
- Oversee and work closely with business and other organizational stake holders to complete 3rdparty RFI / Security questionnaires.
- Aid in the development and design of security infrastructure
- Develop, audit, and enforce IT Security policies, standards and procedures for the organization
Minimum Qualifications
- Minimum of 10 years in a technical related field, with at least 6 years directly involved in Information Security.
- Bachelor’s Degree – Information Assurance/Security, Computer Science or equivalent combination of education and work experience in a related field.
- Current CISSP certification is required.
- Must be able to travel occasionally (up to 10%) to visit offices, and occasionally customers, within the span of our global operations.
Preferred Skills
- Experience managing on-site audits by either regulators or certifying bodies.
- SOC, ISO 27001 and GDPR compliance experience
- Experience with disaster recovery planning, testing, auditing, risk analysis, business continuity planning, contingency planning
- Networking and operating system knowledge of TCP/IP and Windows / Linux
- Working Knowledge of security and infrastructure products from:
- Cisco
- Carbon Black – Red Canary
- Microsoft On Prem and O365 (Azure AD)
- Palo Alto
- Cloud based IaaS – Azure, AWS
- Apple
- Ability to articulate and document security configurations; excellent communication skills
- Strategic thinking skills
- Strong interpersonal “team player” from a highly motivated self-starter
- Strong ability to persuade, convince and influence others through collaboration
- Ability to work and effectively prioritize efforts in a highly dynamic work environment
- Must be able to pass a background check.
How to apply: