BlackLine company image
BlackLine
BlackLine automates and controls financial close processes for midsize and large organizations.
Remote
View Profile
Jobs//Remote//Cybersecurity + IT//

Director, Information Security Operations

Sorry, this job was removed at 4:02 a.m. (PST) on Friday, March 18, 2022
View 227 Jobs
Find out who’s hiring remotely
See all Remote jobs
View 227 Jobs
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job

Job Summary

The Director, Information Security Operations (SecOps) will manage a team of highly skilled Information Security professionals responsible for designing, implementing, and operating controls that safeguard BlackLine’s information resources. The Director will assess and identify business security needs, prioritize work streams, oversee projects, establish and manage operational budgets, priorities and resources, design and manage operational metrics, prepare technical and executive security operation reports related to Security Operations group of the Information Security function. This role encompassed operational security management, security operations center (SOC), vulnerability management, on-call operational support duties, as well as subject matter advisory and education responsibilities. The Director will closely influence and collaborate with Technology and Product teams to design, implement and operate technical security controls that protect the confidentiality, integrity and availability of information and systems. In addition, the role will work together with the Information Security Governance, Risk, and Compliance teams to manage security risks and operate the company’s information security management system. This technically inclined leadership role requires a motivated individual and experienced people manager who will take a comprehensive, business-aligned approach to managing technology and talent, liaise among departments, negotiate complex priorities and deadlines, and provide visibility into technical aspects of the company’s information security program.

 

Roles and Responsibilities

Information Security Operations program management

  • Design, implement, and maintain InfoSec operational standards, policies, processes, and procedures.
  • Design, implement, and maintain Security Operations Center (SOC) to continuously monitor security incidents and vulnerabilities to analyze and provide remediation recommendations through effective alliance with various groups within products and technology organization.
  • Identify, manage, and communicate portfolio of SecOps projects and align security initiatives with business objectives and risk tolerances.
  • Influence and partner with product and technology teams to ensure that information security policies and standards are properly implemented.
  • Actively participate and provide professional expertise to information security forums, communities, and industry-specific groups.
  • Evangelize security-centric culture and promote security best practices within the organization.
  • Lead/elevate security conversations and be the decision maker for operational security matters.
  • Collaborate with key stakeholders (Enterprise Risk Management, Legal, HR) on information security risk management and related organizational governance processes.Manage operational security capacity, strategy, tools, and processes.
  • Define, manage, and monitor infrastructure, cloud, and end-user security controls.
  • Be an active influencer and participant in architecture and strategy discussions with internal stakeholders, partners, and customers.
  • Research industry best practices, current trends, threats and vulnerabilities; recommend relevant changes to the company’s control environment.
  • Collaborate with infrastructure teams to devise and implement effective solutions to maintain adequate infrastructure and cloud security posture.Manage security operations technologies, processes, and resources.
  • Oversee vulnerability management, threat intelligence, security monitoring, incident management, and remediation activities.
  • Work with technology operations teams to perform security risk assessments, intrusion testing, implementation and validation of hardening standards.
  • Develop, manage and lead incident response and forensic investigation processes.
  • Lead security conversations and be the escalation point for security incidents & investigations.
  • Continuously evaluate security processes, tools, and operational capabilities, and timely adjust them to maintain effective and efficient operational security processes and tools.
  • Design, manage, and communicate operational security metrics to technical team, key business stakeholders, and executive audiences.



 

Required Qualifications

Years of Experience in Related Field: 10+

  • CS, Engineering, or technical operations background with 10 years of experience in information security including 7+ years of progressive management experience.
  • 5+ years of cloud security management experience.
  • Expertise with current InfoSec concepts, technologies, industry trends, methods and techniques, and operational processes.
  • Mature metrics-driven and process-driven team leader, team builder, and team mentor.
  • Proven track record of effectively managing core information security tools and processes (e.g.: patch management, log management, malware management, network access control, threat and vulnerability management, web filtering, firewalls, proxies, APT, IDS, DLP, HIDS/NIDS, SOAP, SIEM, incident response, XDR, SOAR)
  • Solid understanding of networking fundamentals and commonly used network protocols and services.
  • Working knowledge of encryption algorithms and related technologies, TLS, PKI, encryption of databases and data at rest.
  • Solid knowledge of common web application platforms, common vulnerabilities, and exploitation techniques.
  • Strong understanding of SSDLC, OWASP, web application development, code auditing, manual and automated security testing methods, penetration testing
  • Advanced written and verbal communication skills including the ability to visualize technical and security topics for non-technical audiences.
  • Ability to evaluate situational risks, operate effectively under ambiguous circumstances, and address confidential and potentially uncomfortable issues.

 

Preferred Qualifications

  • Engineering or operations background with prior hands-on experience.
  • Prior experience supporting 24x7 mission-critical technology environments.
  • Multi-cloud control design and integration experience including cloud security and operational requirements

Familiarity with SaaS architecture, service design, and support models

See More
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job
By clicking Apply Now you agree to share your profile information with the hiring company.
Haider Ali
Senior Software Engineer, Test
SUPPORTING GROWTH
Staying sharp and innovative
Haider Ali’s job is to stay 10 steps ahead of users, finding issues before they ever make it to the customer. In his work as a quality engineer, Ali identifies the scope and severity of issues, reduces vulnerabilities and uses Selenium and C# to develop and maintain automated test cases. He’s appreciative of the way that BlackLine supports employees in learning new skills and tech through initiatives such as lunch-and-learns, hackathons and professional development reimbursement for attending conferences to learn new technologies and concepts.
Haider Ali’s job is to stay 10 steps ahead of users, finding issues before they ever make it to the customer. In his work as a quality engineer, Ali identifies the scope and severity of issues, reduces vulnerabilities and uses Selenium and C# to develop and maintain automated test cases. He’s appreciative of the way that BlackLine supports employees in learning new skills and tech through initiatives such as lunch-and-learns, hackathons and professional development reimbursement for attending conferences to learn new technologies and concepts.
Everyone in my team is friendly; they trust, support and listen to each other. We also have a solid leadership team who communicate well and provide resources for growth.
Wayne Hosley
User Researcher
AUTHENTIC SUPPORT
Compassionate teams solve problems together
Kind and genuine. Those are the two most noticeable traits of the people on the user research team, according to Wayne Hosley. Those attributes are essential as the team works together to tackle the most difficult problems customers face and inform the product development process. It’s challenging work, but the team has lots of resources to support them — including, as Hosley fondly recalls, a robust itinerary of activities for mental health awareness month. “It was a great way to create spaces of inclusion and belonging for different people here at the company,” he said.
Kind and genuine. Those are the two most noticeable traits of the people on the user research team, according to Wayne Hosley. Those attributes are essential as the team works together to tackle the most difficult problems customers face and inform the product development process. It’s challenging work, but the team has lots of resources to support them — including, as Hosley fondly recalls, a robust itinerary of activities for mental health awareness month. “It was a great way to create spaces of inclusion and belonging for different people here at the company,” he said.
We have the opportunity to make a huge impact in the user experience of our products.
Paula Smith
Site Reliability Engineer
GRATIFYING GRIND
Teammates challenge and encourage each other
There is never a dull moment on the ProdOps team. Paula Smith’s teammates are among the first to hop on major incident calls, handle monthly server patches and troubleshoot production issues. Despite the high stakes, it is rewarding work with a caring team. Smith worried early on — after joining full-time following an internship — that she might be treated differently, but it was an unfounded fear. “Even though our team is small, we always get the job done while helping each other along the way,” she said.
There is never a dull moment on the ProdOps team. Paula Smith’s teammates are among the first to hop on major incident calls, handle monthly server patches and troubleshoot production issues. Despite the high stakes, it is rewarding work with a caring team. Smith worried early on — after joining full-time following an internship — that she might be treated differently, but it was an unfounded fear. “Even though our team is small, we always get the job done while helping each other along the way,” she said.
We have so much respect for each other, and even when we don’t see eye to eye in our team, we still continue to teach each other and help each other grow.

What are BlackLine Perks + Benefits

BlackLine Benefits Overview

BlackLine believes in providing the best possible service to its clients, and that starts with offering amazing perks to its employees. These perks include 100% coverage for healthcare, vision, and dental, 401(k) matching, ESPP, food, drinks, games, and so much more!

Culture
Volunteer in local community
Partners with nonprofits
Open door policy
OKR operational model
Team based strategic planning
Open office floor plan
Employee resource groups
Employee-led culture committees
Flexible work schedule
Remote work program
Diversity
Documented equal pay policy
Dedicated diversity and inclusion staff
Highly diverse management team
Mandated unconscious bias training
Diversity employee resource groups
Hiring practices that promote diversity
Health Insurance + Wellness
Flexible Spending Account (FSA)
Disability insurance
Dental insurance
Vision insurance
Health insurance
At BlackLine, we feel that paying 100% of our employees’ health benefits is 100% the right thing to do. Medical, dental, and vision are taken care of by the company.
Life insurance
Pet insurance
Wellness programs
Team workouts
BlackLine has been offering company wide virtual fitness classes such as, Aerobics and Yoga!
Mental health benefits
Financial & Retirement
401(K)
401(K) matching
BlackLine provides employees with a 401(k) matching plan.
Company equity
Employee stock purchase plan
BlackLine offers and Employee Stock Purchase Plan with the ability to buy stock at a discounted price.
Performance bonus
Charitable contribution matching
Child Care & Parental Leave
Childcare benefits
Generous parental leave
Family medical leave
Vacation + Time Off
Unlimited vacation policy
Generous PTO
Paid holidays
Paid sick days
Flexible time off
Floating holidays
Office Perks
Commuter benefits
Company-sponsored outings
BlackLine hosts company outings several times per year.
Free snacks and drinks
Some meals provided
Company-sponsored happy hours
Onsite office parking
We offer employees free on-site garage parking.
Fitness stipend
Home-office stipend for remote employees
Professional Development
Job training & conferences
Tuition reimbursement
Lunch and learns
Promote from within
Continuing education available during work hours
Online course subscriptions available
Customized development tracks

Additional Perks + Benefits

We’re better together and know that amazing individuals make amazing teams. We also know that we bond through socializing and shared experiences. That’s how teams gel and support each other.

So, we like to play games together: table tennis, poker, and video games. We encourage company sports leagues and fitness groups. We relax with happy hours and team get-togethers, and we never let a holiday season go by without a celebration.

View full list of perks + benefits
Photo Gallery

More Jobs at BlackLine

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about BlackLineFind similar jobs like this