EverCommerce - Director, Security Architecture & Engineering (Remote, US)

EverCommerce (Nasdaq: EVCM) is a leading service commerce platform, providing vertically-tailored, integrated SaaS solutions that help more than 690,000 global service-based businesses accelerate growth, streamline operations, and increase retention. Its modern digital and mobile applications create predictable, informed, and convenient experiences between customers and their service professionals. With its EverPro, EverHealth, and EverWell brands specializing in Home, Health, and Wellness service industries, EverCommerce provides end-to-end business management software, embedded payment acceptance, marketing technology, and customer experience applications. Learn more at EverCommerce.com.

We are building an extraordinary company and looking for talented, energetic, and motivated people to join our team. You can learn more about our Company, Culture and Values here: https://www.evercommerce.com/about-us/careers/

We are looking for a Director, Security Architecture & Engineering, Security Architect to help us enable and mature our EverCommerce Security Team and program. This role also serves as our primary Security Architect in guiding how EverCommerce designs, builds, deploys, integrates, and optimizes security solutions and processes.

We\'re looking for a strong team leader that is invested in helping their stakeholders and co-workers succeed. They will have well-developed communication skills and can demonstrate proven technical ability, refined relationship management skills, and problem-solving skills. We are seeking an individual with a diverse background and that includes aptitude across several technologies, and skill sets. This role will require close coordination with other information security leaders and teams, security stakeholders and with internal and external software development teams.

• Create and maintain security architecture and engineering processes and procedures
• Design of system architectures which meet established cybersecurity requirements and align with customer needs
• This includes security requirements definition, documentation, and communication.
• Development of security architecture requirements and implementation guidance based on analysis of NIST 800-53 and or other security control frameworks
• Architect, design, implement, maintain, and operates information system security controls and countermeasures.
• Provides techniques and patterns for securing integration with external security system vendors and/or cloud providers
• Leads regular architecture and design reviews to ensure requirements implementation
• Evaluates and plays an active role in life-cycle management of multiple security technologies
• Identify security risks and control gaps within systems, designs, products, data flows, and processes; and recommend corrective architecture, integrations, controls, and operations
• Lead the development of security requirements, architectures, and documentation to ensure security controls are seamlessly integrated into new technology deployments
• Perform secure architecture and design reviews of new technology and security systems deployments, and collaborate with business teams to integrate secure-by-design principles into engineering projects and builds
• Maintain a clear view of the overall security architecture roadmap and strategic plan
• Leverage emerging technologies and advanced security practices to ensure EverCommerce is at the forefront of security for our solution groups and our customers
• Build, maintain and mature security architecture metrics and reporting
• Recruit, hire, train, coach and mentor security engineers and analysts
• Additional duties as required and assigned

• At least 10 years of relevant work experience in a technical field (e.g. cybersecurity, software development, or systems administration), with at least 10 years people leadership experience, and at least 5 years people leadership experience specifically in security
• Bachelor\'s Degree in a technical discipline such as Cyber Security, Information Technology, Computer Science, or Information Systems - or equivalent professional experience
• Have at least one current Industry recognized security certifications; CISSP, CISM, CISA, GIAC or commensurate experience
• Excellent communication and interpersonal leadership skills, with the ability to communicate and collaborate effectively with cross-functional teams, matrixed organizations, and technical / and non-technical stakeholders
• Detail Oriented team player with the desire and ability to mentor and onboard new engineers and team members
• Demonstrated experience with the security, development and/or management of systems compliant to NIST 800-53, NIST CSF, or ISO 27001-2022 security control frameworks
• Exceptional knowledge and understanding on the creation/implementation and securing of cloud technologies such AWS and Azure
• Extensive ability to estimate, plan, lead and execute complex technical projects while working independently and/or in a team.
• Knowledge of Information Security risk assessment methodologies and standards
• Highly flexible, self-motivated and eager to learn, with a strong passion for cyber security
• Excellent verbal and written English communication skills

• Advanced knowledge regarding common attacks, attack methods, and defense architectures.
• Experience in securing multi-tenant compute services, microservices and modern APIs
• Working knowledge of common web and container-based vulnerabilities
• Experience with Information Security policies and procedure development and implementation
• Experience developing technical documentation, including reports, proposals, statements of work, and whitepapers

The EverCommerce team is distributed globally, with teams in the U.S., Canada, the U.K., Jordan, New Zealand, and Australia. With a widely distributed team, we are used to working remotely across different time zones. This role can be based anywhere in the United States (Denver, CO is preferred) – if you’re close to one of our offices, we can set you up in-office or you can work 100% remotely. Please note that you must be eligible to work without sponsorship to qualify for this position, and this role may require travel to our Corporate Headquarters in Denver, Colorado, or to other office locations around North America.

• Continued investment in your professional development
• Day 1 access to a robust health and wellness benefits package, including an annual wellness stipend.
• 401k with up to a 4% match and immediate vesting
• Flexible and generous (FTO) time-off
• Employee Stock Purchase Program

The target base compensation for this position is $200,000 to $225,000 USD per year plus annual bonus opportunity in most US locations. Final offer amounts are determined by multiple factors including location, local market variances, and candidate experience and expertise, and may vary from the amounts listed above.

EverCommerce is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender identity, sexual orientation, age, marital status, veteran status, or disability status. We look forward to reviewing your credentials and getting to know more about your experience!