The Team & Role

We’re looking for an experienced information security professional who will be responsible for enhancing SevenRooms’ overall security posture. This individual will establish observability across the organization, mature and manage our incident response, foster a leading security awareness program, and maintain the trust of our customers and prospects. This role will start as an individual contributor with the opportunity to build out a team in the near future.

What You'll Do

Leadership

• A strong influence on the organization’s cybersecurity strategy to protect our information assets and safeguard our organization from internal and external threats
• Partner with business stakeholders to be the subject matter expert on technical security concepts, latest security risks, and mitigation strategies
• Own and lead the education of our organization on security awareness and upskill individuals to execute our security objectives
• Build and mentor a team responsible for ensuring adequate security processes and solutions to mitigate or remediate identified risks sufficiently to meet business objectives, contractual and regulatory requirements
• Utilize a measured approach to security, prioritizing our commitments to confidentiality, integrity, and availability based on risk.  
• Discover our information assets, develop a  register and drive the process to establish visibility and telemetry, and develop indicators of compromise/attack.
• Develop and maintain forward-thinking information security policies that are practical yet effective
• Responsible for the implementation of OKRs, and KRIs to track the implementation of the Information Security policy framework and processes that will protect SevenRooms assets
• You will build out the following functional areas:
• Cloud Security
• Platform security
• Corporate security

Platform Security

• Own and lead the assessment, architecture, design, and implementation of secure by default practices and solutions needed to build and operate security in a cloud-first SaaS product
• Take ownership of our SAST tool and liaise with engineering managers to enhance our application security
• Own our security tooling and solutions including security architecture, establishing a SIEM, and security engineering
• Own and lead the implementation of the vulnerability disclosure and bug bounty program 
• Influence and product security roadmap and features

Corporate & Cloud Security

• Partner with IT and our platform squad to ensure that endpoints and mobile devices are appropriately protected from malicious activity and system vulnerabilities
• Own and manage our inbound security questionnaire process, bringing innovative methods to reduce Security friction in the business and increase velocity
• Design and develop an effective vulnerability management program using our GRC tool and work with various stakeholders to articulate risk and prioritize workload for remediation
• Own and enhance our incident response plans and processes  

Who You Are

You’re passionate about information security and remain up to date on the latest security threats, trends and methods. You take a practical yet effective approach toward security concepts that align with our organization’s risk exposure. You’re an enthusiastic individual who tackles all challenges head first and has a willingness to go above and beyond to deliver positive results. You enjoy learning new things, working as a team, and gaining satisfaction and accomplishment from solving complex problems together. You want to make a real difference.

• Thrive in working with high growth, fast-paced environment of 250 - 500 employees
• Experience managing teams of 2 or more direct reports, mentoring and growing a mature and results-driven security team from the ground up
• Practical working experience building and managing effective teams for AppSec, DevSecOps, Corporate Security, and Infrastructure Security 
• Practical experience in securing and configuring GCP (i.e., App Engine, Cloud Datastore, Bigquery, ) and AWS environments  
• Organized and detail-oriented, with strong analytical, problem-solving, and project management skills 
• Critical thinker who can design practical security solutions that add value to the business and achieve our security and compliance commitments
• Effective communicator who can distill complex security concepts into basic terms based on the audience 
• Hands-on experience with compliance requirements and security frameworks that impact IT (SOC2, PCI, ISO2700x, MITRE ATT&CK, NIST-CSF, CIS for GCP) preferred
• CISSP, CCSP, CISM, GIAC, OSCP, CEH or other relevant security-related designation certifications preferred
• Bachelor's degree in Computer Science, Engineering, or Information Technology or equivalent related work experience required

What We Offer

• A fresh start with a flexible and independent working schedule: SevenRooms provides all employees with their first two (2) weeks of employment as paid time off to relax and recharge before starting their journey with us. You’ll also have access to unlimited paid time off, including tenure-based PTO minimums, paid parental leave, and the option to work anywhere at any time.
• Fair and equitable compensation: Our compensation packages are competitive based on external market data. At SevenRooms, you can expect fair pay for your hard work and dedication to helping us transform the hospitality industry. In addition, we also offer equity in our growing organization.
  • The salary range for this role is $165,000 - $180,000. This is the range SevenRooms in good faith believes is the range of possible compensation for this role at the time of the posting. This range is only applicable for jobs to be performed remotely in any US state. Base pay offered may vary depending on, but not limited to education, experience, skills, geographic location, travel requirements, sales or revenue-based metrics, and business needs. This range may be modified in the future. This job is also bonus eligible. No amount is considered to be wages or compensation until such amount is earned, vested, and determinable.
• Comprehensive benefits package: We offer a full slate of benefits for our employees and their families: comprehensive medical, dental, and vision benefits, commuter benefits, gym reimbursement, 401K plan, and unique wellness offerings that include One Medical, Spring Health, Carrot, and Headspace.  
• Employee programs and recognition: Through our Roomie’s Choice program, all employees at SevenRooms receive a monthly stipend to spend however they see fit. You’ll receive an additional monthly dining credit to use towards SevenRooms clients and a unique milestone reward for every year you’re a part of our team.
• Opportunities for training and professional development: Your manager will partner with you on establishing quarterly objectives that not only benefit the company but aid in your overall career development and advancement. SevenRooms also provides financial support for continuing education, certifications, or participation in external training programs.

About SevenRooms 

SevenRooms is a guest experience and retention platform that helps hospitality operators unlock the full revenue potential of their data. From neighborhood restaurants and bars to international, multi-concept hospitality groups, the end-to-end platform enables operators to build direct guest relationships, deliver exceptional experiences and bring more guests back, more often. The full suite of products includes reservation, waitlist and table management, online ordering, mobile order & pay, review aggregation, and marketing automation. SevenRooms empowers operators to own, analyze and optimize every step of the guest journey, enabling a more data-driven approach to hospitality. 

Founded in 2011 and venture-backed by Amazon, Comcast Ventures, PSG and Highgate, SevenRooms has dining, hotel F&B, nightlife, sporting and entertainment clients in more than 250 cities worldwide, including: Bloomin’ Brands, MGM Resorts International, Mandarin Oriental Hotel Group, Jumeirah Group, Hilton Hotels, The Cosmopolitan of Las Vegas, Harrods, Wolfgang Puck, Michael Mina, sbe, LDV Hospitality, Bagatelle, Altamarea Group, AELTC (Wimbledon), Giordano’s, D&D London, The Wolseley Hospitality Group, Zuma, Live Nation and Topgolf. 

SevenRooms has been recognized as a top employer for its people-first approach by publications including:

• Inc. Best Workplaces (2022, 2020)
• Inc. 5000 (2022)
• Ragan’s Platinum HR Awards Finalist (2022)
• Built in Best Places to Work NYC (2022, 2021, 2020) 
• Built in Best Place to Work NYC - Midsize Companies (2022) 
• VentureFizz Unique PTO (2022)
• Forbes Best Startup Employers (2022) 

SevenRooms is an equal opportunity workplace and an affirmative action employer. We welcome all qualified applicants regardless of race, color, ancestry, religion, sex (including pregnancy and related conditions), national origin, sexual orientation, age, marital status, disability (physical or mental), gender identity, gender expression, genetic information, veteran status, citizenship, immigration status, or any other classification, category or characteristic protected by applicable federal, state or local laws.  We understand the importance of creating a more diverse and inclusive workplace and celebrate our employees for their differences.

View our Prospective Employee Privacy Notice by visiting https://bit.ly/2P6ey4M

#LI-Remote

#BI-Remote