Vice President, Information Security
As FourKites’ Vice President, Information Security, you will be responsible for establishing and maintaining an enterprise-wide and globally oriented information security program to ensure that our information assets are adequately protected. Reporting directly to our Chief Technology Officer, you will create strategy, policies and frameworks as they relate to application security (SAP, SalesForce and any other SaaS based products) and infrastructure security (phone, CPU, Azure Cloud).
Responsibilities
- Serve as cybersecurity risk and subject matter expert and advisor for senior management on emerging threats, attacks, vulnerabilities and security concerns
- Develop, implement and monitor comprehensive information security program, which operates in the cloud leveraging Amazon Web Services (AWS). Azure is a plus.
- Work with the DevOps team to plan, design, optimize, implement and audit network security design using a combination of AWS and third party solutions.
- Select, implement and operationalize a security tool stack and secure SDLC.
- Review and approve security policies, controls and incident response planning. Create threat assessments and maintain an active risk register.
- Work with our offshore engineering teams on defining and implementing security controls and monitoring the effectiveness of those controls.
- Work with the company’s development team to ensure alignment between the security and development practices
- Create customer facing security collateral, respond to customer’s security related questions, support sales and other customer facing teams.
- Deep understanding of and compliance to regulatory frameworks such as ISO, SOX, GDPR, etc.
- Lead SOC-2 Type 2 and ISO/IEC 27001 efforts
Qualifications
- Bachelor’s degree in Computer Science or similar technical field, Masters preferred.
- Professional certification in security or risk management such as CISSP and CISM
- 12+ years of proven IT security experience with 4+ years in a senior leadership role
- Ability to lead and motivate cross-functional teams while thriving in a fast-paced growing company
- Experience in identifying security issues and risks, and developing mitigation plans
- Designing, implementing, and enforcing security programs
- Strong program and project management skills and technology expertise
- Excellent communication, interpersonal and leadership skills, able to communicate security concepts to both technical and nontechnical audience
- We are looking for a critical thinker, with strong problem-solving skills. Someone who can build an awesome security function, which drives action through strong advocacy and importance of security vs. being a security cop!
- We have a globally distributed client base and engineering team. Experience working with and embracing the global nature of our business (rather than dealing with it) is imperative.
- Ability to travel up to 20%
- Ability to have fun, kick back and inspire!
Technical Experience
- Firewalls, intrusion detection software and network authorization configurations. Experience in network, system, or software architecture; design, implementation, support, and evaluation of security-focused tools and services
- Experience in scripting / programming experience such as Ruby, Python, Shell/BASH etc.
- 2+ years of experience in one or more of the following areas: cryptography, web and network protocols, threat modeling, pen tests, or vulnerability assessments
- Understanding of data security at rest and in motion, data entitlement, data privacy controls, data auditability, data expiration and data sharing. Authn/Authz, Identity & Access Management, SaaS Models, Identity Federation etc.
FourKites is the largest predictive supply chain visibility platform, delivering real-time visibility and predictive analytics for the broadest network of Global 1000 companies and third-party logistics firms. Using a proprietary algorithm to calculate shipment arrival times, FourKites enables customers to lower operating costs, improve on-time performance and strengthen end-customer relationships. With a network of more than four million GPS/ELD devices, FourKites covers all modes, including truckload, LTL, ocean, rail, intermodal, last mile and parcel. The platform is optimized for mobile and equipped with market-leading end-to-end security.