Role: IT Security Manager

Department: Information Security

Reports To:VP of Information Security

Type: Full Time

Who we are

DoubleVerify is the leading independent provider of marketing measurement software, data and analytics that authenticates the quality and effectiveness of digital media for the world's largest brands and media platforms. DV provides media transparency and accountability to deliver the highest level of impression quality for maximum advertising performance. Since 2008, DV has helped hundreds of Fortune 500 companies gain the most from their media spend by delivering best in class solutions across the digital ecosystem, helping to build a better industry. Learn more at www.doubleverify.com.

Position Overview:

The IT Security Manager will be responsible for developing and managing the global IT security function in the CISO office. The IT Security Manager will own and drive the global rollout of a robust and formal approach to deliver the IT security programs and solutions across all technology platforms and business environments. At its core, the IT Security Manager will ensure appropriate implementation and operation of IT security controls such as network security, threat and vulnerability management, penetration testing, asset management and protection, security architecture and cloud security based on the appropriate risk to technology and business environments. The IT Security Manager will ensure that the risk to the organization’s information posed by a variety of cyber threats is minimized, and when cyber-attacks occur or data are stolen or compromised, these incidents are dealt with promptly and effectively and the chance of that particular type of incident recurring is minimized.

In order to be successful in this role, the candidate must:

• Develop security solutions and services including defining goals, metrics, roles, responsibilities, process, and technology to support the information security program.
• Identify and implement technology or process improvements that mature our security services.
• Interact with peer teams to develop and enhance the security program will be critical to success. 
• Provide consulting to peer teams with security standards and best practices.
• Lead large complex initiatives and challenges around IT Security.
• Work directly in building and integrating security tooling & features cross organization to ensure secure products systems.
• Participating in design reviews, code reviews, & threat modeling.
• Have experience with cloud providers and security/configuration management (e.g. GCP).
• Know the importance of architecting and building systems for High-availability, Business Continuity and Disaster Recovery.
• Have a strong technical background.
• Work autonomously with minimal direction and oversight.

Primary Job Responsibilities

• Research the latest information technology security trends.
• Monitor the organization’s networks and infrastructure for security vulnerabilities and lead the mitigation plans.
• Help to design, implement, and maintain the organization’s cyber-security plan.
• Direct implementation of security controls according to standards and best practices for the organization.
• Direct the installation and use of security tools to protect sensitive information.
• Recommend security enhancements to IT Management.
• Ensure that IT security audits are conducted periodically or as needed.
• Manage information security risks by routine assessments and developing a vulnerability and patch management plan and implementing the required controls.
• Produce scheduled reports of the status of IT’s compliance with DoubleVerify’s information security program, contractual requirements and globally-recognized standards and guidelines
• Lead all information security implementation projects and provide hands-on support.
• Work with the incident response team to contain and investigate security events, and prevent future information security breaches with detailed root cause analysis.
• Develop and maintain technology, operations roadmaps for security infrastructure components, including but not limited to intrusion prevention/detection, data security, identity and access management, IT/network security, security information & event management, vulnerability management, code review, etc.

Minimum Qualifications

• 10+ years’ experience in information technology; 5+ in leading an IT Security team.
• 5+ years of experience working with information security controls and deployments in a production environment. 
• Experience in network and infrastructure security.
• Experience in security or network architecture/engineering role including designing and deploying security solutions.
• Strong analytical skills and cross functional knowledge across multiple security disciplines.
• Working experience with cloud providers, such as Google Cloud. Experience with securing cloud environments.
• Strong working experience with systems automation in a major scripting language (Perl, Python, Powershell).
• Solid project/program management experience.
• Creative thinker that leverages unconventional and innovative ideas to solve problems.
• Strong interpersonal, verbal presentation and written communication skills.
• Must possess a high degree of integrity, be trustworthy, and have the ability to work independently.
• Detailed understanding of security products.
• Strong hands-on experience in implementing and operating security solutions.
• Deep understanding of IT infrastructure and systems
• Education – Bachelor’s degree in computer science or related area.
• Industry recognized certification in security (e.g., CISSP, CISA, CISM, CEH, etc.) 
• Deep understanding of the online advertising industry and ad platforms (networks, DSPs, ATDs, SSPs, Exchanges).