Saviynt is an identity authority platform built to power and protect the world at work. In a world of digital transformation, where organizations are faced with increasing cyber risk but cannot afford defensive measures to slow down progress, Saviynt’s Enterprise Identity Cloud gives customers unparalleled visibility, control and intelligence to better defend against threats while empowering users with right-time, right-level access to the digital technologies and tools they need to do their best work.
Summary:The Sr. Manager, Information Security, will serve as Incident Commander and lead multipleprograms within Information Security, in collaboration with various cross-functional teams,and technical and GRC teams within Info Sec.The candidate will possess the ability to develop and execute internal programs, andcommunicate with external stakeholders including customers. The candidate must becomfortable managing projects in an Agile environment.The candidate should be familiar with policy and compliance requirements, including policydocumentation and system requirements to successfully respond to potential audits.What You Will Be DoingServe as Incident Commander and serve as single point of contact for customers,representing the internal team on technically advanced or complex mattersDevelop executive level presentations to support Risk Programs and broaderInformation Security updates to appropriate audiencesFlexible and collaborative approach to enabling and supporting the businessStrong stakeholder and relationship management skillsExperience assessing project and technical documentation to ensure compliance with established policies, processes, and proceduresRequires sufficient technical background to be able to interpret audit and compliance requirementsAbility to provide excellent written and oral communications by email, presentations, and mobile communication platforms (including: experience facilitating discussions, briefing senior managers, and conducting project meetings)Collaborate with the Security Operations Centre (SOC) to mature processes and strengthen the current Security Operations FrameworkEnsure incident identification, assessment, quantification, reporting, communication, mitigation and monitoringEnsure compliance to SLA, process adherence and process improvisation to achieve operational objectivesProvide input/review and development of security and compliance controls and vulnerabilities against policies, standards, and frameworks in the following frameworks such as ISO 27001, SOC2, and PCIRegularly review standard operating procedures and protocols to ensure SOC continues to effectively meet operational requirementsVendor management; review security clauses in customer contractsContinual process improvement in infrastructure security assessments, reporting and remediation to reduce risk.Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.Routinely engage with cross functional teams to evaluate SOCs ability to meet stakeholder needsCommunicate vulnerabilities, solutions, and enterprise trends to all levels of an enterprise – both technical and non-technical resourcesAdvise IT teams regarding patch notifications, initial risk assessment, eligible systems, and deployment requirementsPerform assessment of internal and third-party cybersecurity riskSupport responses to customer inquiries about Saviynt compliance related to IT and SecurityInterface with external auditors in managing ongoing compliance and audits as it pertains to SOC activitiesWorking experience with AWS, Google Cloud Platform or Microsoft AzureWhat You BringSubject matter expert in Information Security Program Management, Cyber Defense (as Incident Commander) and Risk ManagementBachelor of Science degree in Computer Science or related field is required12+ years’ experience in above areasExcellent analytical thinking and problem solving skillsMust have excellent written, communication and verbal skills to assist withcommunications with other teams and writing executive summaries based on work outputAbility to lead, influence and collaborate with remote team members, proven delivery, remediation and incident response backgroundSolid background in security incident response and vulnerability managementSelf-starter and “outcome oriented”, can work with minimal supervision but knows when to escalateIf required for this role, you will:- Complete security & privacy literacy and awareness training during onboarding and annually thereafter- Review (initially and annually thereafter), understand, and adhere to Information Security/Privacy Policies and Procedures such as (but not limited to):
> Data Classification, Retention & Handling Policy > Incident Response Policy/Procedures > Business Continuity/Disaster Recovery Policy/Procedures > Mobile Device Policy > Account Management Policy > Access Control Policy > Personnel Security Policy > Privacy Policy
Saviynt is an amazing place to work. We are a high-growth, Platform as a Service company focused on Identity Authority to power and protect the world at work. You will experience tremendous growth and learning opportunities through challenging yet rewarding work which directly impacts our customers, all within a welcoming and positive work environment. If you're resilient and enjoy working in a dynamic environment you belong with us!
Saviynt is an equal opportunity employer and we welcome everyone to our team.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.