AppD Security Strategy & Risk Manager
Location:Offsite, San Francisco, California, US
Area of InterestSecurity
Technology InterestCloud and Data Center
AppDynamics is an application performance monitoring solution that provides real-time visibility and insight into applications and their environments. With our unique solution, you can take the right action at precisely the right time with automated anomaly detection, rapid root-cause analysis, and a unified view of your entire application ecosystem, including private and public clouds. Using AppDynamics, you’ll finally align IT, DevOps, Engineering, and the business around the information that helps you protect your bottom line and deliver magnificent customer experiences.
What You'll Do
AppDynamics is currently seeking a security professional with demonstrated ability in leading security and risk programs to manage the Strategy and Risk team on AppDynamics Strategy, Risk, and Compliance team.
Who You'll Work With
This role will report directly to the Director of Strategy, Risk, and Compliance.
Who You Are
As a Security Strategy & Risk manager, you will be expected to deliver to responsibilities leveraging the leadership and technical management experience as listed below.
· Collaborate with Security leads to build a comprehensive security and risk strategy.
· Partner with the Security team to lead projects, remediate risks, remove roadblocks and report status of security risk remediation and project milestones tied to security and risk strategy.
· Create Executive Security communication program, develop security and risk metrics and KPI/OKR’s to show value of security and risk strategy.
· Build, maintain, and enhancing our security risk management program, including eGRC implementation, dashboards, integrations and improvements.
· Manage and support the 3rd Party Vendor Risk Management program.
· Lead cross-functional projects with product, technology, marketing, HR and sales teams.
· Build out/update Security Program Management and Risk processes, workflows and documentation.
· Drive Security Service cost management program reporting and maintain SW/HW to service mapping.
· Mature the security awareness and phishing program. This includes roadmap development, plan, coordinate, measure, and evaluate cyber training / education courses, methods, and techniques based on instructional needs.
· Provide insight and recommendations to the Director of Strategy, Risk and Compliance regarding gaps and improvements in the design and efficiency of security and risk strategy and processes.
Candidates must meet the minimum requirements outlined.
· 10 to 15 years of demonstrated ability in leading Security and Risk Programs.
· Experience with security frameworks such as ISO 27001, SOC 2 Type 2, and FedRAMP.
· Capable of working in a demanding, fast paced and fun environment.
· Self-starter and ability to perform independently and synthesize information from disparate sources.
· Ability to quickly demonstrate an understanding of internal security risks, security controls, business processes.
· Strong program management skills: ability to effectively lead teams, track commitments from Project Owners and SMEs, and supervise/manage self and others in responding to roadblocks, queries, work sessions, and meeting project timelines.
· Solid organizational skills, including the ability to consistently meet project deadlines, while maintaining quality, attention to detail, and accuracy in work.
· Ability to effectively work independently and with teams virtually.
· Strong interpersonal skills: capacity and interest to develop and maintain strong relationships with internal partners.
· Technical awareness/experience (e.g., IT infrastructure, public cloud technologies, business support applications).
· Ability to demonstrate and apply awareness of security and risk concepts
· Demonstrated integrity within a professional environment.
· Proficiency with Atlassian products: Jira and Confluence.
Desired Skills/Qualifications/System Experience requirements:
· Bachelor’s degree in information systems, IT, security, or other relevant experience.
· CISA, CISSP, Security+, PMP or similar certification desired.
You will have a reputation and track record of success as a technical leader with the ability to drive action. You will be strategic and innovative with an external awareness to understand the nuances of selling complex software products. Utilizing a consultative style, you're experienced in teaching and developing team resources to think strategically and act decisively.
You will possess a player-coach ethos that balances delegation, empowerment, and hands-on problem solving that is exercised within and across the team. You should be able to foster a learning culture within the organization and have confirmed teaming skills with peers so that best operating practices are developed and used.
And finally, you should have a level of professional maturity to change and adapt to a high-energy, dynamic environment characterized by high growth expectations and a collaborative skill.