Information Security Manager

Who we are

DoubleVerify is the leader in digital performance solutions, improving the impression quality and audience impact of digital advertising. Built on best practices, DoubleVerify solutions create value for media buyers and sellers by bringing transparency and accountability to the market, ensuring ad viewability, brand safety, fraud protection, accurate impression delivery and audience quality across campaigns to drive performance 

Since 2008, DoubleVerify has helped hundreds of Fortune 500 companies gain the most value out of their media spend by delivering best in class solutions across the digital ecosystem that help build a better industry.

Overview

The Director of Information Security will lead DoubleVerify Information Security program. The Director will be responsible for protecting DoubleVerify computers, networks, applications and data against cyber-threats while managing incident response and information security training for staff. This position will report directly to the SVP, Technology Operations providing strategic guidance in security program and performing technical work.

What you’ll do

• Establish a security program for DoubleVerify’s global offices, corporate IT, colocated data centers and cloud environments.
• Evaluate and recommend security technologies and tools in accordance with the security program
• Develop and update DoubleVerify’s security policies and documentation
• Conduct and manage vulnerability and penetration testing
• Manage security awareness programs and training
• Define security requirements for new projects and applications
• Configure and perform log analysis and alerting
• Support compliance initiatives around GDPR
• Manage the systems and process that deliver real-time information security reporting
• Respond to security audits and assessments DoubleVerify is undergoing
• Maintain, prioritize and track a backlog of security related activities

Who you are

• Bachelor’s Degree in Information Technology or Computer Science
• 10+ years of experience in an Information Security role
• CISSP Certification
• Technical experience with Risk Assessment, Data Protection, Privacy, Cloud Security, SDLC
• Knowledge of industry/regulatory requirements and frameworks: ISO27001, GDPR
• Expertise in operating systems including Windows, Linux and OS X
• Experience in Mobile Security including operating system and mobile device management
• Experience in Network Security
• Experience with internet facing services and a 24x7 environment
• Working experience with Cloud Computing platforms (GCP / AWS)
• Experience with virtualization technologies
• Excellent knowledge of security standard, policies, and best practices
• Knowledge of GDPR implementation and regulation standards
• Excellent communication skills with both tech and non-tech professionals
• Superior organization, project management skills and attention to detail
• Ability to work effectively in a fast paced, team environment
• Detail-oriented with the ability to multi-task and meet deadlines with minimal supervision