Manager, Information Security and Privacy

Austin Downtown, TX /
Corporate – Business Operations /
About Silvercar:
Silvercar's unique combination of hardware, software and operations combine to deliver a full stack ecosystem of new mobility solutions. The acquisition of Silvercar helps Audi strengthen its platforms to serve the evolving mobility needs of the U.S. marketplace. Today Silvercar offers three primary mobility products: The first is Silvercar by Audi, a premium car rental service, which allows for seamless access to transportation in cities and airports locations. The second is Dealerware, a B2B product that enables dealerships to streamline the management of their service loaner fleets. By leveraging this unique combination, Audi and Silvercar will continue to deliver cutting edge mobility solutions across its transportation ecosystem. The third is Audi Select, a monthly subscription service, available exclusively in the Dallas-Ft. Worth-area.

Silvercar by Audi’s team is currently hiring a Manager, Information Security and Privacy. We are looking for someone to oversee the complexity of security and privacy from a compliance perspective for a multi business line organization and distributed workforce supporting SaaS B2B and B2C consumer bases, both in the U.S. and abroad. This manager will maintain compliance with: SOC, CCPA, GDPR, PCI and other state-based and federal legislation regarding privacy, security, and data protection obligations, as well as typical institutional best practices. Ideally, the person hired in this role will have established experience in creating a systematic and comprehensive data and privacy program for a growing company of similar size. This position reports directly to the EVP / General Counsel, and collaborates routinely with engineering, data architecture and IT services functions. The role also includes reporting responsibilities to the executive leadership team.

As a Manager of Information Security and Privacy, you will:

    • Manage the development, implementation, and monitoring of a comprehensive information security & privacy program
    • Oversees IT compliance with applicable laws and regulations and works closely and collaboratively with both internal and external functions to ensure compliance with privacy regulations and rules
    • Works directly with various functional areas to facilitate security & privacy processes and work closely with the IT services team to align security controls with business processes. Provide regular reporting on the current status of the information security program to the leadership team
    • Create a framework for roles and responsibilities with regard to information ownership, classification, accountability, and protection
    • Partner with Engineering to facilitate systems design and architecture standards that support a standardized secure approach to systems, application, and network development, and to monitor, log, and protect systems from unauthorized access
    • Develop, maintain, and publish information security policies, standards, and guidelines
    • Ensure that security policies and programs are in compliance with relevant laws, regulations, and policies to minimize or eliminate risk and audit findings
    • Develop and manage information security and privacy awareness training programs for all employees, contractors, and approved system users
    • Facilitate appropriate resource allocation and increase the maturity of the security program
    • Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data, and company reputation
    • Liaise with external agencies and other advisory bodies as necessary, to ensure that the organization maintains a strong security posture and privacy program
    • Guide the maintenance of all relevant information security certifications
    • Provide additional guidance on security & privacy obligations as needed

Requested Qualifications:

    • BA or BS degree, preference for data science, technology, or related policy degree
    • At least 5 years of experience overseeing risk management, information security and IT in both distributed and centralized workforce models
    • Experience in effectively communicating security and risk-related concepts to technical and nontechnical audiences
    • Demonstrated experience in critical thinking and problem solving in high pressure situations
    • Knowledge and understanding of relevant legal and regulatory data security and privacy requirements
    • Exhibit excellent written and analytical skills, the ability to manage multiple projects under strict timelines, and the ability to work well in a demanding, dynamic environment and meet overall objectives
    • Knowledge of common information security management frameworks and past participation in both initial certification and renewal of one or more of: ISO/IEC 27001, SOC 2, PCI DSS, etc.

Even better if you have:

    • Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired
    • Experience in creating a systematic and comprehensive data and privacy program for a growing company of similar size   

Silvercar offers you:

    • Competitive base salary with bonus incentive eligibility
    • Full benefits (medical, dental, vision, 401k)
    • New office and a dynamic team in downtown Austin with free parking
    • Friendly, small company environment with a progressive culture and flexible hours
    • Backed by Audi, a 109-year-old automotive industry leader
    • Semi-flat organizational structure that ensures your influence on products we build
    • Training for all employees provided in Udemy
    • Unlimited paid vacation policy
    • Discounts on Silvercar rentals and participation in Audi Lease Program 

Silvercar is committed to being an inclusive workplace where diversity is celebrated. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, or disability.