Job Summary:

The Director, Information Security & IT will be responsible for leading the Spredfast Information Security program and our IT program to meet the needs of our business and our customers. Based in Austin, Texas, this role has 2 components. First, the role will be responsible for designing our Information Security strategy, making sure we are meeting security and data protection requirements, managing risk analysis and mitigation, maintaining security policies and controls, and managing security testing, security training, and compliance monitoring for both internal systems and trusted third parties. This role will also be responsible for managing, and at times fulfilling sales requests, responding to RFPs and other requests for information and leading on customer calls specific to Information Security. The second component is that the Director, Information Security and IT will manage the IT needs of the business, working with the team to field tickets, maintain and improve the network and IT infrastructure, and plan the evolution of our IT needs as we scale.

Responsibilities:

The Director, Information Security & IT should have experience leading an Information Security department and an IT department, and have led third-party audits, designed Information Security processes and protocols, designed and maintained IT systems, and have worked in a customer-facing capacity. This role will manage an Information Security Manager and an IT Manager, but will also be responsible for individual contributor work as the team is small and hands-on work will be required. The Director will work closely with our Legal team, as well as with developers, Product Managers, and Sales Directors. The successful candidate must have a minimum of 10 years of relevant experience. Effective communication and influencing skills are essential to this role, including the capacity to articulate the case for Information Security and IT investments and alternatives in the language of the business, as well as the ability to shape and manage expectations of for these teams at all levels of the organization.

Requirements:

• Infrastructure and applications development
• 10+ years experience including significant experience leading complex IT integration projects & Information Security projects
• Proven ability to prioritize competing demands
• Leading and developing high performance teams with strong accountability standards
• Demonstrated capability to manage multiple priorities
• Previous experience with implementation, customization and oversight of installations of software applications and hardware is a must
• Lead and prioritize IT initiatives and coordinate the evaluation, deployment, and management of current and future IT systems across the organization
• Help negotiate significantly sized deals for all elements related to our service and IT needs, including hardware, bandwidth, and third-party software vendors
• Knowledge and ability to support a 24/7 business is required
• Personality and values that make a good culture fit with the organization and with core principles of the Company
• Proven experience successfully developing and managing an enterprise-level Information Security program
• Experience building Information Security processes and protocols
• Experience leading on SOC2 audits and other third-party audits
• Ability to interpret business and regulatory requirements against security policies and controls.
• Ability to respond to and manage investigations of suspected information security breaches and policy violations
• Ability to advise management on risks and best security practices, and guide prioritization of Information Security projects
• Ability to help prepare for and ensure GDPR compliance
• Ability to perform risk analysis against data, systems, and operational procedures
• Experience developing security policies and control catalogs
• Experience developing and delivering security training programs
• Experience developing business continuity and incident response plans
• Experience responding to customer requests for information and details about Information Security
• Experience managing an Information Security team, and developing and mentoring InfoSec talent
• Awareness of the current threat landscape and recommend mitigations against threats.
• Experience working across departments to communicate about the Information Security program and to mitigate Information Security risks

The Perks at Spredfast

• An incredible work environment – fun, casual, fast-paced environment with endless ping pong
• A #freesponsibility work culture that values #awesomeness and #teamswork
• Swank offices in the heart of downtown Austin
• Health, dental, vision, disability, and 401K benefits
• Flexible paid time off
• Fresh, healthy lunches catered four days a week
• Unlimited snacks and drinks

About Spredfast:

Spredfast is a social software company and platform, headquartered in Austin, Texas with offices in New York City, London, Hamburg, and Sydney, that seeks to connect every company in the world with the people that they care about the most. Spredfast’s “Smart Social” software enables companies to manage, integrate, and amplify social content across any digital touch point. With global reach, Spredfast customers have managed more than one billion social connections across 84 countries. Today, Spredfast helps more than fifty percent of Interbrand’s 2015 World’s Best Brands to create first-class social experiences.

Search Firm Representatives Please Read Carefully:

Spredfast, Inc. is not accepting unsolicited assistance from search firms for this employment opportunity. Please, no phone calls or emails. All resumes submitted by search firms to any employee at Spredfast via email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Spredfast. No fee will be paid in the event the candidate is hired by Spredfast as a result of the referral or through other means.

Notice to Applicants:

We reserve the right to research relevant facts about you which are public on social media platforms or other sources over the Internet. We will retain such data only as long as reasonably needed.