Act-On’s Security Architect will be responsible for security across the organization. In this role you will help to drive security initiatives to protect our company and our customers, enhance our platform and grow our company’s service offerings. The role is highly cross functional, with active working relationships and partnerships across all departments within the company.
The Security Architect will guide and participate in efforts to create advanced security engineering solutions, assess and mitigate risk, and implement compliance initiatives.
The Day to Day
- Leads the creation and evolution of our company strategy on corporate security in collaboration with senior company leadership
- Responsible for implementation of technical security systems, processes, policies, controls to deliver on the highest possible security for Act-On’s infrastructure, platform and customer website security
- Manage governance and risk management function in collaboration with senior company leadership
- Leads the planning and execution of security initiatives that enable us to achieve compliance with defined certifications (e.g. ISO 27001)
- Experienced in leading security incident triage in concert with internal and external stakeholders
- Serves as an integral member of the senior leadership team, championing security initiatives and their inclusion into overall R&D strategies, projects and goals.
- Performs risk management and approaches security via a cross-departmental, risk based approach, clearly communicating risk and prioritizing security solutions based on level of exposure and risk
- Works closely with Act-On’s compliance, privacy and legal teams to ensure a coordinated approach to governance and security initiatives
- Manages third party security relationships on behalf of the company
- Manages all Customer communications for security-related announcements. Regulates customer-based appsec testing, and handles audit and compliance responses related to customer contracts.
Your Expertise and Passion
- 10+ years of experience in technical security, particularly in regulated areas such as PII/PCI
- BS or advanced degree in Computer Science or a related technical discipline preferred, but not required
- Experience achieving security-related certifications and developing security engineering and governance, risk, and compliance initiatives and teams
- Dedication to delivering well informed and highly effective security solutions
- In-depth knowledge of technical security threats and their corresponding solutions and mitigations
- Experience with the security in both cloud and physical data centers.
- Experience managing security incidents and vulnerability disclosure programs and completion of third party security audits
- Previous roles as Security Engineer or Security Manager are beneficial