Informational Security Manager
Spokeo is a people search engine that both enlightens and empowers our customers. With over 12 billion records and 18 million visitors per month, we reconnect friends, reunite families, prevent fraud, and more. Every day our nimble team takes on enormous challenges in data science that push the limits of the cloud and search architecture.
This role reports to Spokeo’s CIO and co-founder, works across the company’s product teams, corporate functions and devops. The scope of work is part technical and part documentation - but all focused on keeping Spokeo’s systems, team members and customers safe and secure!
- Oversee and provide assistance in the audit of security policies for a highly visible web application.
- Deploy and manage security infrastructure, including IDS, vulnerability detection, SIEM, and other technologies.
- Implement solutions that arise from vulnerability scans.
- Research and implement system hardening standards
- Research and analyze application behaviors and to improve security and stability
- Recommend, monitor, test and report on the state of security controls and infrastructure.
- Create and participate in incident response process.
- Work with internal and external audit teams to deliver timely responses and data collection requests for vulnerability or risk assessments and penetration testing.
- Develop, document and implement security policies based on industry best practices.
- Identify assets and assess risks, threats, and vulnerabilities in accordance with accepted industry, professional, and government standards to ensure security design integrity, availability, confidentiality and contract compliance.
- Risk modeling, and threat and vulnerability assessment.
- Proven consensus building and negotiation skills for coordination with multiple teams
- At least 5 years of relevant experience
- Strong experience with Linux and systems hardening
- PCI Compliance
- AWS or other cloud experience
- College Graduate with degree in engineering, computer science or security related area preferred
- Highly Desirable Certifications: CISSP, CSSLP, GIAC, CEH, GPEN
Recruiters or staffing agencies: Spokeo is not obligated to compensate any external recruiter or search firm who presents a candidate or their resume or profile to a Spokeo employee without 1) a current, fully-executed agreement on file and 2) being assigned to the open position (as a search) via our applicant tracking solution.
Back to top