Senior Manager- InfoSec Operations
The engineering team at Root strives to be one of the most transformative engineering teams ever. We’re changing the way an industry works by leveraging technology and data to build the best products possible. Even with our significant growth, we operate in small teams that are given ownership over projects and results. We’ve found that the people closest to the problems are the best at solving them. We're actively hiring Engineers remotely and excited to announce that Root is a “work where it works best” company. Meaning we will support you working in whatever location that works best for you across the US. We will continue to have our headquarters in Columbus and offices in other locations to give more flexibility and more choice about how we live and work.
We’re scaling rapidly, and we recently launched a $6B IPO:
https://www.nasdaq.com/articles/root-insurance-ipo-poised-to-disrupt-the-insurance-market-2020-10-30
Our team excels at delivering software to solve the problems in front of us at Root: presently, a suite of world-class mobile, web, and server-based products obsessed with the customer experience. We’ve shaped our team and process around this; we know that constant iteration and experimentation produce the best results.
For more information on engineering at Root see root.engineering
As Root continues to grow and scale, there is an ever-increasing need to ensure that information security risks are managed and mitigated to an acceptable level. As Root’s Senior Manager of InfoSec Operations, you will be responsible for leading the security operations team and developing, monitoring, and maturing information security operations across the organization. The right candidate will be technically sound, an exceptional communicator, and an influential leader who thrives in highly collaborative environments.
What you'll be doing.
- Builds and maintains an information security operations function that drives threat monitoring, detection, and response across the
organization in partnership with Root’s Managed Detection and Response (MDR) service provider - Oversees the implementation and continuous improvement of the vulnerability management, security event management, security incident response, data loss prevention (DLP), and endpoint protection capabilities
- Oversees the delivery of security awareness and training program and phishing simulations to the organization
- Oversees the development, implementation, and maintenance of information security operations procedures and playbooks
- Manages the technology platforms and service providers that support information security operations and improve Root’s ability to defend against and respond to compromise
- Develop, prepare, and monitor operational metrics to drive continuous improvement in information security operations and across the organization
- Issues clear and concise reports, using data, technology, and visualization tools to communicate program results effectively
- Participates as necessary in all regulatory exams and other third-party audits
- Prepares and presents reports for Information Security leadership and executive management
What we’re looking for.
- Experience designing, implementing, and maintaining an information security operations function
- Experience managing a portfolio of technology platforms and service providers supporting information security operations capabilities, including vulnerability management toolsets, Managed Detection and Response service providers, endpoint security toolsets, and DLP toolsets
- Experience designing, implementing, and maintaining information security awareness and training programs
- Experience leading information security operations in highly regulated environments
- Demonstrated ability to lead and mentor information security analysts and managers
- Active CISA, CISM, or CISSP preferred
- Strong technology background
- Superior problem-solving skills with the ability to think strategically and innovate
- Roll-up-the sleeves work ethic and “do-what-it takes” attitude to efficiently execute and drive for results in a fast-paced work
environment - Excellent written and verbal communication skills
- Proven ability to thrive in a results-driven, fast-paced work environment
- Exceptional leadership skills; naturally collaborative, excels at influencing without direct authority