Director, Information Security

Columbus, OH, United States

New York City, Columbus, OH, United States Bark At BARK, we want to make dogs as happy as they make us. Because dogs and humans are better together. View company page

New York, NY or Columbus, OH strongly preferred

Remote, US welcome to apply

ABOUT BARK

Here at BARK, we love dogs and their people. We’re looking to make all dogs happy throughout the entire world (we’re not kidding). Think Disney for dogs -- we make magic for dogs and their people through our products, events, and experiences.

Our ambition level is high, the opportunity is huge, and our love for dogs is through the roof! We launched in 2011 with BarkBox, a monthly-themed subscription of all-natural treats and clever toys. Since then, we've shipped more than 70 million toys and treats to the dogs across the world and use all of that direct customer feedback to inform new initiatives and ways to make magic between dogs and their people. We’ve since expanded into other offerings as well, as we aim to become THE Dog Company for every family with a four-legged, belly-scratch-loving, interspecies family member.

THE TEAM

BARK’s InfoSec Team manages risk and protects company assets through the assessment of risk, monitoring of vulnerabilities, and collaborating cross-functionally to reduce risk. We provide internal security engineering skills to protect current and future systems by using specialized toolsets and methods to identify vulnerabilities. We work with teams to find the optimum solution that reduces risk without impacting system security or performance.

We are looking for a dynamic and highly motivated InfoSec/Cybersecurity expert to join our team. The ideal candidate is a resourceful problem solver who will take ownership of critical security related work. The Director of InfoSec will report directly to the CFO and work closely with the People, Technology and Legal teams to create solutions that balance business requirements with information and cyber security requirements.

KEY DUTIES

Identify and communicate current and emerging security threats

Create solutions that balance business requirements with information and cyber security requirements

Align standards, frameworks and security with overall business and technology strategy and objectives

Validate reference architectures for security best practices and recommend changes to enhance security and reduce risk, where applicable

Train end users and technical staff in the implementation, use and/or remediation of systems

Work with General Counsel to develop policies and processes that comply with state and federal law, including incident response and data retention

Support PCI and SOX initiatives, internal technology audits, and GDPR/CCPA initiatives

Responsible for maintaining security and intrusion detection across infrastructure and home grown applications

Maintain and update the target architecture for information security at BARK; continually update and maintain the security roadmap and track progress year over year

Work with product owners to influence their products and roadmaps to ensure alignment with target architecture and vision

Create and maintain security architecture artifacts (i.e. models, patterns, templates, etc) that can be used (and reused) to leverage security capabilities

Create, communicate and maintain a cyber security training and awareness program for all employees at BARK.

Manage and develop one direct team member, as well managing within financial budget

EXPERIENCE

A diverse technical background with 10+ years’ experience in: Security architecture, demonstrating solutions delivery, principles and emerging technologies - Designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions.

Consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals and legal/regulatory requirements.

Security considerations of cloud computing: including data breaches, incident response, hacking, account hijacking, insider threats, third party/vendors, data loss, DoS attacks and cloud based application delivery.

Identity and access management - including SSO, employee remote access, third party access and device management.

Network security - including firewalls, AWS VPC security, multi-site WAN and WIFI security.

Encryption standards and implementation

Prefer public company experience including knowledge of SOX

SKILLS & QUALIFICATIONS

Strong critical thinking and analytical skills

Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects

Ability to be the security subject matter expert who can explain technical topics to those without a technical background; Exceptional communication skills with cross-functional audiences and senior leaders

Must demonstrate proven success in working independently as well in a team and exhibit follow-through to understand root causes of issues

Hard working with a "no task is too small" attitude

Strong leadership and management skills, with the ability to motivate and inspire a team

And of course, must love dogs

This position is a full-time, salaried position. It is located on-site at our office in New York, NY or Columbus, OH. We offer health insurance for both you and your pup, 401k, wonderful team lunches, unlimited PTO and a dog to pet anytime you wish.

FOR CO/NJ/NY BASED APPLICANTS:

The base salary range for this position is $175,000- $220,000

This position is eligible for equity

** This compensation range is based on BARKs good faith estimate as of the date of this posting and may be modified in the future. Actual pay for this position will depend on a variety of variables including location, travel, internal equity, experience, education, skills and expertise.

Explore more InfoSec / Cybersecurity career opportunities Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr