Director of Security - NYC
About Kustomer
Kustomer is the omnichannel SaaS platform reimagining enterprise customer service to deliver standout experiences– not resolve tickets. Built with intelligent automation, Kustomer scales to meet the needs of any contact center and business by unifying data from multiple sources and enabling companies to deliver effortless, consistent and personalized service and support through a single timeline view.
Today, Kustomer is the core platform of some of the leading customer service brands like Ring, Rent the Runway, Glossier, Away, Glovo, Slice and UNTUCKit. Headquartered in NYC, Kustomer was founded in 2015 by serial entrepreneurs Brad Birnbaum and Jeremy Suriel, raised over $173.5M in venture funding, and is backed by leading VCs including: Coatue, Tiger Global Management, Battery Ventures, Redpoint Ventures, Cisco Investments, Canaan Partners, Boldstart Ventures and Social Leverage.
About the Role
Taking care of our customers includes securing their data and ensuring business operations are resilient to threats. Reporting to the CTO, the Director of Security will be responsible for ensuring security and privacy across our organization. You will lead cybersecurity initiatives that enable safe, secure digital business operations by collaborating with all business units, in particular engineering, IT, and Support & CX. You will implement standards and maintain compliance including SOC 2, HIPAA, GDPR, & CCPA. You will audit each department’s practices and create & implement the strategy and tactics that will help us reduce risk as we scale.
You'll be responsible for:
- Build our short and long term information security strategy as well as tactically set objectives and create initiatives that move us towards those goals
- Develop pragmatic policies and security solutions, where every individual is aware of standards and collectively work together to uphold them.
- Lead the team in developing and maintaining cyber incident response planning
- Evangelize changes to policies and procedures on a regular basis to create broad alignment among employees and leaders
- Provide leadership, technical expertise and administrative support for the development of Disaster Recovery and Business Continuity programs for the company. Ensure that Disaster Recovery and Business Continuity plans are in place and tested.
- Accomplish business security goals while minimizing the impact on employees’ productivity and happiness
- Develop, maintain, and regularly test the cyber security incident response planning process
- Regularly review logs, policies, processes, controls, role descriptions, identity and access policies, and training programs with the aim of reducing risk
- Develop and roll out improvements to firewalls, mobile device management, endpoint security, email security and data protection in partnership with IT and DevOps.
- Lead application security innovation, and provide technical direction to product teams for securing applications and development processes
- Work closely with the engineering team to ensure proper application security best practices are being applied throughout the SDLC.
- Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities
- Ensure compliance with the changing laws and applicable regulations
- Schedule periodic security audits
- Oversee identity and access management
- Manage all teams, employees, contractors and vendors involved in security
- Provide training and mentoring to security team members
- Communicate best practices and risks to all parts of the business
Your qualities:
- Bachelor’s degree in Information Technology, Computer Science, Engineering or equivalent work experience
- 8+ years experience in security engineering, or a combination of time spent in software engineering and application security experience, with at least 3 years experience supervising and leading security professionals
- Experience drafting security policies and driving pragmatic information security strategy at a growing company, including conducting security training, rolling out process improvements and counseling leadership around security risks
- Strong communication skills and the ability to comfortably articulate your thoughts and decisions to both technical and non-technical leaders
- Demonstrated track record of driving improvements to a company’s security profile
- Effective in analyzing and developing options to balance business needs with security
- High level of integrity and dependability with a strong sense of urgency and results-orientation
- Comfort with reviewing web and cloud based architectural designs
- Experience prioritizing initiatives and communicating ROI
- Hands-on technical leader
Benefits
Kustomer offers an array of benefits including competitive salaries, stock options, 100% healthcare coverage, 401K, commuter benefits, and a generous vacation policy.
Diversity & Inclusion at Kustomer
Kustomer is committed to bringing together individuals from different backgrounds and perspectives. We strive to create an inclusive environment where everyone can thrive, feel a sense of belonging, and do great work together.
We are proud to be an equal opportunity employer open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, Veteran status, or any other legally protected status.