Information Security Manager
MaxMind (www.maxmind.com) is looking for a hard-working and thoughtful Information Security Manager to join our team. We help protect thousands of companies worldwide providing fraud detection, screening billions of online transactions each year, and providing IP intelligence data to thousands more. This work is challenging, and we need your help in keeping the business secure and compliant.
The Position Overview
Are you an authority in cybersecurity, governance, audit, data privacy, risk analysis, and compliance best-practices? Are you well-versed in US and international information security laws and want to help a global company combat fraud? We are looking for a skilled cyber security professional to join our ranks as an Information Security Manager. The position will be based in Waltham, Massachusetts, and will report to our COO. As an Information Security Manager, you will help us manage risk, detect and protect against cyber-attacks, and serve in an advisory role on security and data privacy.
As a MaxMind Information Security Manager, your duties will include:
- Supporting the organization's information security program to ensure consistent and effective practices, mitigating risk and ensuring the confidentiality, integrity, and availability of organizational assets.
- Identifying, implementing, and managing tools for vulnerability scanning and monitoring, endpoint management, etc.
- Advising, leading, and supporting business partners with compliance and regulatory requirements such as GDPR, SOC 2, CCPA, and third-party contracts.
- Consulting with software development and architecture teams to analyze and collect risk data using vulnerability and threat management, vendor and project management, and application-related processes.
- Identifying, assessing, and prioritizing IT risks to data and systems, including external threats, cyber-crimes, internal threats, and third-party vendors risks. Advising staff on risk mitigation and avoidance procedures.
- Maintaining an in-depth knowledge of cyber security solutions, policies, and technologies to support organizational risk management standards and frameworks.
- Leading internal education about and compliance with the company’s Information Security Management System and security and privacy practices generally.
- 5 - 10 years of experience in Information Security
- Working understanding of the anatomy of a cyber attack
- Excellent written and verbal communication skills with the ability to communicate effectively with a broad range of executives, peers, and partners
- Current knowledge of applicable privacy and security compliance laws and regulations
- Experience in security risk management, analysis, and/or compliance
- Demonstrable aptitude with security related tools and services (e.g., vulnerability scanning, endpoint management)
- Ability to assess security controls based on cybersecurity principles and tenets
- Ability to lead multiple projects simultaneously
Highly Desired (or excited to learn)
- Demonstrable knowledge and experience in information privacy and security laws and practices (e.g., ISO 27000, NIST 800-53, PCI DSS, SOC, GDPR, CCPA, OWASP)
- Certification in one of the following or equivalent training/skills: CISSP, CISM, CISA, CIPM, CIPP
Working at MaxMind
MaxMind is a casual, friendly, results-focused company of 40+ employees. We are passionate about global health and development, as MaxMind and its founder gladly donate over 60% of corporate profits to charities (https://www.maxmind.com/en/corporate-giving). We maintain a set of core values, overlapping hours, but are flexible with specific start and end times, and are understanding about appointments and life events. About half of the company works remotely, so communication centers around video chat, group chat, and Agile planning tools. You will work out of our Waltham, MA office. (We require you to be eligible/authorized to work in the USA).
The salary range begins at $130,000 and is negotiable depending on skill and experience. Everyone participates in a company performance-based bonus plan. MaxMind offers a $2,000 professional development budget and five days for professional development annually.
In addition to medical, dental, and vision coverage, we offer several other benefits, including a Safe Harbor 401k with employer contribution, Health Savings Account, Limited Purpose Flexible Spending Account, paid parental leave, and a public transit reimbursement.
Our office is located near downtown Waltham, outside of Boston, a five minute walk from the nearest commuter rail line and several express bus lines.
Diversity and Inclusion
We’re committed to diversity and inclusion and are mindful of incorporating them into all aspects of our company. New ideas and perspectives come from diverse ways of seeing and thinking. MaxMind is sensitive to all individuals and viewpoints and believes everyone’s contributions are valuable assets to our team.
We hold regular diversity and inclusion meetings and conduct informative sessions on improving collaboration and communication. We value bringing individuals and different perspectives together within and across every department.
We encourage and sincerely welcome applications from candidates of color, women, queer candidates, candidates with family caregiving responsibilities, transgender candidates, and from other communities not well represented in the tech world.
If you have suggestions on how we may better promote or express our commitment to diversity and inclusion, we would love to hear from you. Please send your suggestions to email@example.com.
Resumes without cover letters will not be considered. We want to know about you and why you are interested in the position and us. Please share any projects or accomplishments and include relevant links so we can learn more. One of the first steps in our interviewing process is a homework assignment, and we will ask you for a submission so we can gain insight into your work.