Department: Operations
Dual headquartered in Finland and California, MariaDB has changed the way data is accessed and stored. 75% of the Fortune 500 run MariaDB, touching the lives of billions of people every day. With massive reach through Linux distributions, enterprise deployments and public clouds, MariaDB has a unique opportunity to make a big impact with our enterprise open source database solutions.
The Opportunity
As the Director of Information Security, you will be responsible for Information Security across all organizations of MariaDB, including the architecture, design, and implementation of proper security systems and controls for MariaDB. You will oversee all enterprise information security risk as well as third-party cyber risk. A successful Director of Information Security will work closely with each organizational leader and its teams to understand the business requirements to ensure identification of information related threats and vulnerabilities, alignment, implementation and maintenance of controls based on such risks.
Location
Anywhere in the U.S.
Minimum Qualifications
- Bachelor’s degree in Computer Science or a related technical field
- 12+ years of professional experience in global information security, compliance, including cloud-based architecture and security controls
- Minimum of 5 years of supervisory experience, including managing security compliance team
- Hands-on security expert who is also able to provide detailed technical guidance to the engineering team
- Proficient understanding of security tools and techniques, not limited to performing internal and external network vulnerability assessments, penetration testing, malware detection
- Ability to work collaboratively as part of a global team within a challenging, dynamic, fast-paced and global environment
- Demonstrated success building relationships with partner groups and working with IT, Legal, Marketing and Engineering
- Industry Information Security Certifications such as CISM, CISSP, CRISC, CGEIT or CCSP
- Excellent communication written and verbal skills
What you will do
- Work closely with business and technology teams to understand enterprise objectives, initiatives, and cyber information security risk that will ensure security and compliance postures are robust and exceed established standards
- Design, architect, and implement proper security systems and controls
- Oversee the enterprise cyber information security risk and information security risk management lifecycle including the completion of risk assessments, planning, tracking and control
- Develop, maintain, and enforce cyber information security risk management policies and standards
- Proactively ensure the identification, analysis, management, and timely communication of potential and emerging information-related threats and vulnerabilities through management of the security risk analysis process
- Manage function’s budget, resource allocation, and forecasting tools
- Stay abreast of relevant security regulations, laws and technologies and programs and processes as required
- Develop and continually refine vendor security program to ensure that security posture of new and existing vendors is known prior to execution of contracts
- Develop programs and lead team that defines, deploys and maintains continuous auditing and compliance plans to ensure that access to data is appropriate and that controls are effective across MariaDB. Evaluate control objectives using evidence gathering for audits
- Ensure continuous improvement of policies, procedures, and technology (including automation) related to Compliance to enable risk reduction, business enablement, and operational efficiencies
- Create and maintain the strategic plan and roadmap for Information Security and cloud security
- Work effectively as part of a geographically distributed team
What’s in it for you?
Impact the world of technology by pushing its boundaries and business models, working at MariaDB. Be part of a game-changing organization that encourages outside-the-box thinking and empowerment, and truly shaping the future of the software industry. You’ll be collaborating with high-caliber colleagues around the world, offering unparalleled learning and growth opportunities. We provide a very competitive compensation package, 25 days paid annual leave (plus holidays), medical/dental/vision insurance, stock options, 401(k), a massive degree of flexibility and freedom, and more.