Вакансии в ИБ | infosec
@infosec_work
Director, Enterprise Security Engineering.
Location: Remote (USA).
Salary: $231,200 - $340,000.
Employer: DoorDash.
Responsibilities:
• Define and deliver enterprise guardrails;
• Establish enterprise-wide Zero Trust standards and roadmap—enforcing identity-aware access with continuous attestation of device and user signals;
• Set the company-wide data protection strategy, scaling classification, DLP, and least-privilege enforcement;
• Lead SaaS hardening, discovery, and control with IT;
• Scale architecture reviews;
• Sponsor and guide development of enterprise policy engines, control plane change gates, and compliance enforcement frameworks for identity, device, SaaS, and network systems;
• Establish accountability for secret management, rotation, and attestation by detecting plaintext secrets in SaaS and on endpoints, blocking egress with managed browsers, routing to approved vaulting, and verifying KMS rotation and attestation signals;
• Define and set pre-production minimums and clearly define exceptions that protect access boundaries and crown-jewel data;
• Champion user-centric controls and scalable behavior-change programs—such as phishing resilience, managed browsers, and frictionless adoption of secure workflows—to reduce human-risk exposure while preserving productivity;
• In partnership with Detection and Response, the Red Team, and Leadership, establish systematic programs to eliminate control gaps, ensure corrective measures are codified, and prevent recurrence through enforced automation;
• Own and publish enterprise control health metrics, report progress to executive leadership, and ensure meaningful reductions in risk exposure and control debt across the company.
Requirements:
• 12+ years of progressive experience in security or infrastructure, including 7+ years leading managers and multi-tiered teams with global scope and cross-functional impact;
• Deep understanding of enterprise security architecture, Zero Trust, segmentation, device and identity attestation, telemetry-backed control health, and secure-by-default design principles. Able to guide technical direction while maintaining an outcome-oriented focus on risk and business enablement;
• Commitment to aligning security with user productivity and business velocity;
• Vision for automation and assurance at scale—policy-as-code, infrastructure-as-code, and self-healing control pipelines. You drive automation as an organizational standard, not a team project;
• Proven ability to operate at enterprise scale, balancing competing priorities, making decisive calls amid ambiguity, and sequencing delivery to align with risk and business imperatives;
• Recognized cross-functional influencer who builds durable partnerships with IT and business leaders to integrate controls into enterprise systems without slowing delivery;
• Demonstrated ability to manage complex program portfolios, align teams around outcomes, and implement iterative governance practices that improve velocity and transparency at scale;
• Executive presence, clarity, and precision. You communicate with credibility to both engineers and executives, aligning diverse stakeholders and inspiring accountability.;
• Track record of measurable reductions in enterprise risk exposure—measured through company-wide metrics such as control coverage, incident reduction, or posture improvement;
• Bachelor’s degree or equivalent experience required; advanced degree preferred.
Apply.
#Удаленка #ИБ
Location: Remote (USA).
Salary: $231,200 - $340,000.
Employer: DoorDash.
Responsibilities:
• Define and deliver enterprise guardrails;
• Establish enterprise-wide Zero Trust standards and roadmap—enforcing identity-aware access with continuous attestation of device and user signals;
• Set the company-wide data protection strategy, scaling classification, DLP, and least-privilege enforcement;
• Lead SaaS hardening, discovery, and control with IT;
• Scale architecture reviews;
• Sponsor and guide development of enterprise policy engines, control plane change gates, and compliance enforcement frameworks for identity, device, SaaS, and network systems;
• Establish accountability for secret management, rotation, and attestation by detecting plaintext secrets in SaaS and on endpoints, blocking egress with managed browsers, routing to approved vaulting, and verifying KMS rotation and attestation signals;
• Define and set pre-production minimums and clearly define exceptions that protect access boundaries and crown-jewel data;
• Champion user-centric controls and scalable behavior-change programs—such as phishing resilience, managed browsers, and frictionless adoption of secure workflows—to reduce human-risk exposure while preserving productivity;
• In partnership with Detection and Response, the Red Team, and Leadership, establish systematic programs to eliminate control gaps, ensure corrective measures are codified, and prevent recurrence through enforced automation;
• Own and publish enterprise control health metrics, report progress to executive leadership, and ensure meaningful reductions in risk exposure and control debt across the company.
Requirements:
• 12+ years of progressive experience in security or infrastructure, including 7+ years leading managers and multi-tiered teams with global scope and cross-functional impact;
• Deep understanding of enterprise security architecture, Zero Trust, segmentation, device and identity attestation, telemetry-backed control health, and secure-by-default design principles. Able to guide technical direction while maintaining an outcome-oriented focus on risk and business enablement;
• Commitment to aligning security with user productivity and business velocity;
• Vision for automation and assurance at scale—policy-as-code, infrastructure-as-code, and self-healing control pipelines. You drive automation as an organizational standard, not a team project;
• Proven ability to operate at enterprise scale, balancing competing priorities, making decisive calls amid ambiguity, and sequencing delivery to align with risk and business imperatives;
• Recognized cross-functional influencer who builds durable partnerships with IT and business leaders to integrate controls into enterprise systems without slowing delivery;
• Demonstrated ability to manage complex program portfolios, align teams around outcomes, and implement iterative governance practices that improve velocity and transparency at scale;
• Executive presence, clarity, and precision. You communicate with credibility to both engineers and executives, aligning diverse stakeholders and inspiring accountability.;
• Track record of measurable reductions in enterprise risk exposure—measured through company-wide metrics such as control coverage, incident reduction, or posture improvement;
• Bachelor’s degree or equivalent experience required; advanced degree preferred.
Apply.
#Удаленка #ИБ
? 6
? 1
15 2.3K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram