Director of Information Security
As the leading workforce management solution for the skilled trades, Workrise makes it easier for skilled laborers to find work, and for companies to find in-demand workers. Workrise currently operates in wind, solar, construction, oil and gas, and defense industries. We’re growing, and we’d love to learn what you can add to our team!
Workrise is hiring a Director of Information Security to build and operate a cross-functional Information Security team and program. We need a motivated leader who can navigate the fast rate of change of a cloud-based startup working across a diverse set of industries. You understand that success in this role comes via creating a culture of security that is aligned with the unique needs of our business. You identify significant risks to the business and work with the executive team to prioritize and address them. You clearly articulate your vision and mission to the organization, translate it into achievable policy and controls, and then lead your team to execute on that strategy.
Sound like you? Keep reading.
What you’ll be doing:
- Develop an Information Security program based on established frameworks such as ISO-27001 and NIST-800 that meets Workrise’s needs and fits our culture in partnership with key business and technology stakeholders
- Design and hire an Information Security organization to define policies, implement controls, track compliance, and handle security operations
- Provide cross-functional leadership via clear written and oral communication to drive stakeholder alignment at an executive level
- Identify, track, prioritize, and effectively communicate Information Security risks to the business and work with leadership to determine how to manage these risks
- Lead cross functional initiatives to train our people, implement least privilege access controls, prepare for disasters, drive data classifications, etc
- Work alongside legal, procurement, and IT to ensure that third party vendors meet our security and data privacy requirements
- Partner with engineering to implement DevSecOps principles and practices to ensure that our applications are secure by design
- Create a security operations center to review security alerts and events and manage investigation, remediation, and other aspects of incident response
- Use agile methodologies to continuously deliver security improvements
What you should have:
- 12+ years of professional experience in Information Technology with at least 4+ years in Information Security
- 4+ years of experience in a management capacity
- You should have extensive experience in developing and operating Information Security programs based on the ISO-27001, NIST 800, and SOC 2 frameworks
- Strong understanding and background in cybersecurity and data privacy laws including CCPA, GDPR, and HIPAA standards.
- In-depth understanding of the current threat landscape with particular emphasis on cloud technologies
- Bachelor’s Degree in Information Security or Computer Science or equivalent practical experience
More than a job:
At Workrise you can feel good about your work and furthering our mission to serve those who do the hard work. We recognize that making an impact matters to you and we believe in providing an environment that fosters that ambition. We welcome you to develop relationships with coworkers by displaying our company values: Own the Mission, Learn and Grow, Solutions Over Egos, and Raise the Bar. In appreciation for your contributions, we support you with various health insurance plan options (including medical, dental, vision), flexible paid time off, and competitive 401k matching.
As a world-class employer, Workrise is committed to providing an environment where any and all people feel welcome, respected, and free to be their authentic selves. We welcome applicants of all gender identities, sexual orientation, educational background, religion, ethnicities, veteran status, and citizenships. We’d love to learn what you can add to our team!
In 2014, we set out to create a better way to get work done in the oil & gas industry. The goal — to build the most reliable and cost-effective workforce solution, using technology to make it easier to manage and deploy workers at scale. And while our commitment hasn’t changed, our business has. What started in oil & gas has grown to include construction, wind, solar, and defense. So we believe it’s time our company’s name reflects that evolution. We’re excited to announce that RigUp is now Workrise— a full-stack workforce provider, powered by technology specifically built for the diverse industries we serve.