IT Security Technical Manager

Job Description

About Jotform

Jotform is a San Francisco-based SaaS company with more than 30 million users worldwide. We are thriving and growing, and we’ve never needed outside funding. That’s because we like keeping things agile, independent, and fun. Jotform believes everyone should be able to create their own online forms. Our 10,000+ ready-made form templates, 100+ integrations, and more than 380 widgets have made us one of the most popular online form builders for organizations of all sizes — from small businesses to enterprises.

Role Summary

This position is a HANDS ON TECHNICAL POSITION in which the ideal candidate will be able to function from not only a process and planning perspective but also be a key contributor to security architecture and technology decisions. This role will be responsible for the design, development, and implementation of new and innovative solutions to protect the Confidentiality, Integrity, and Availability of Jotform owned/ managed information assets.

This is a full time, fully on-site position based out of our Vancouver, Canada office.

Here’s what you will be doing:

• Ensure compliance with regulatory requirements and oversee incident response related to security, availability, and data privacy within the Jotform platform which is used by more than 30 million people worldwide. Maintain adherence to industry standards for a SaaS company while applying hands-on expertise in these areas
• Ensure cybersecurity stays on the organizational radar. Identify and address potential vulnerabilities in our systems architecture, development processes, other security practices
• Detail out the security incident response program for business continuity, disaster recovery, and incident response plans
• Continuously review technology proposals for security and privacy controls and recommend adjustments
• Develop, publish, and maintain comprehensive information security standards, policies, procedures, and guidelines for our website in line with industry standards and best practices
• Manage a team of global security engineers
• Continuously educate our global DevOps Engineer and Developer teams on security awareness, arming them with the knowledge necessary to speak to our security confidently
• Respond to client due-diligence requests for information security
• Perform other miscellaneous duties as assigned

Education /Work Experience /Technical Requirements:

• Engineering degree from an accredited institution
• Minimum 10 years of hands-on security experience in architecting, engineering, or administering SaaS solutions
• An understanding of agile software development and secure software development lifecycles
• In-depth knowledge of securing web applications and applicable laws and regulations like PCI-DSS, SOC 2, and HIPAA in a fast paced regulated work environment
• Professional Certification for one of the following GSEC/CISA/CISM/CISSP/CSCS/CEH or equivalents or willingness to obtain one within 8 months of the date of hire
• Solid knowledge in network security, authentication protocols, cryptography and network security principles
• Proficiency in analyzing security logs, including but not limited to application logs, server logs, and network traffic, to detect suspicious activities
• Hands-on experience with PHP, MySQL, Node.js, Docker, and Elasticsearch. Knowledge of securing these technologies and maintaining a secure infrastructure is a must

Personal Specification/Skills:

• High external focus for industry trends, cybersecurity threats
• Enthusiasm and a high degree of adaptability
• Strong diagnostic skills and holistic view for solution
• Ability to clearly articulate complex concepts (both written and verbally)
• Strategic thinker who can translate vision to tangible execution and results
• Able to work at incredible speed and with focus is a must for this role, candidates must be able to prioritize responsibilities to manage a large workload with very tight timelines
• Base pay range: $160K - $220K CAD. This position may be eligible for a performance-based bonus. Exact compensation may vary based on skills and experience

OUR PROCESS

We’ll review your application along with all the others we receive and pick the top profiles for a screening call. In many cases due to time constraints and our candidate volume, only the short-listed candidates are contacted but we do consider each application carefully.If you have been selected as a short-listed candidate, we will contact you for a short screening call to get to know you better. If you don’t get a call, please don’t be disappointed! We receive many applications for each role and have to prioritize who we speak to.

We thank all applicants in advance for their interest and taking the time to apply for this position at Jotform!

Jotform is an Equal Opportunity Employer. Employment decisions are made without regard to race, , , or , , , or expression, , , protected veteran status or other characteristics protected by law.

Jotform values your privacy. You can find more information regarding our applicant privacy notice here: https://www.jotform.com/job-applicant-privacy/