Senior Manager, Security and IT

About BigPanda:

BigPanda keeps businesses running with AI that transforms IT data into insight and action. BigPanda's platform for AIOps-powered Event Correlation and Automation helps businesses prevent IT outages, improve incident management and deliver incredible customer experiences. Without BigPanda, IT Ops, NOC, DevOps and SRE teams struggle with manual and reactive incident response capabilities that are badly suited for the scale, complexity and velocity of modern IT environments. This results in painful outages, unhappy customers, growing IT headcount and the inability to focus on innovation. Fortune 500 enterprises such as Intel, Cisco, United, Abbott, Marriott and Expedia take a giant step towards Autonomous IT Operations. BigPanda is backed by top-tier investors including Sequoia, Mayfield, Battery, Insight Partners and Greenfield Partners. 

We have an awesome team of motivated, knowledgeable, fun-loving, and friendly Pandas. We provide comprehensive health coverage, competitive comp, and all the best perks, but more importantly, we offer a supportive, collaborative, and innovative environment to empower you to do the best work of your career.

The Role:
Open to remote work location. 

BigPanda is seeking a Senior Manager, Security IT to join a high-impact, high-performing team. This role requires a wide breadth of knowledge within the security realm.  The candidate must have strong communication and interpersonal skills as you will be collaborating with internal teams, including DevOps, R&D, and Sales, as well as customers and third-party vendors. The successful candidate will work directly with BigPanda’s director of security and will collaborate with DevOps and R&D teams to plan and prioritize remediation of discovered vulnerabilities in a timely manner.  The role will contribute to building security policies, running security tools, and remediating vulnerabilities to make BigPanda more secure for our customers.

The Senior Manager, Security and IT will report directly to the Senior Director of Security and IT and can work remote. 

Responsibilities:

• Drive security initiatives and priorities for vulnerability management and remediation on BigPanda’s AWS platform.
• Develop cloud security policies to ensure strong security posture against CIS benchmarks and SOC 2 Type II security criteria.
• Respond quickly and accurately to customer security assessments of BigPanda.
• Conduct third-party vendor security reviews to ensure compliance with BigPanda security standards.
• Review vulnerability scans, monitor security alerts, assess risks, and coordinate remediation activities with DevOps and development teams.
• Work with DevOps and development teams to develop and monitor processes to meet control criteria for security audit compliance.
• Update and conduct table-top tests of key business continuity plans.
• Maintain and update security awareness training programs for all staff.
• Collaborate with IT services team to ensure security of BigPanda’s back-office SaaS services, internal systems, and laptops

Requirements:

• Bachelor's degree or higher.
• 6+ years of related experience in an Information Security, Application Security, or DevOps role.
• Experience leading all or part of a SOC 2 Type II security audit or ISO 27001 certification
• Experience with CAIQ or SIG/SIG-Lite security controls questionnaires.
• Significant experience in cloud security architecture and infrastructure on AWS Cloud.
• Strong knowledge of Linux environments
• Experience working in a DevSecOps environment, and familiarity with source code control and CI/CD pipelines and related systems
• Hands on experience working with DevOps and development teams to remediate software vulnerabilities.
• Experience with Vulnerability and Patch Management.
• Strong understanding of application security standards including OWASP Top 10 and CIS Benchmarks
• Strong understanding of security controls and best practices for AWS Cloud.
• Strong interpersonal and documentation skills, with a focus on translating technically complex issues into simple, easy to understand concepts
• Experience working with Okta

Desired Skills & Experience:

• At least 2 years of proven experience writing in one of the following: Python/Ruby/Go/Bash
• Hands on experience with Kubernetes
• Hands on experience with security design review, threat modeling, secure code review, risk analysis, and penetration testing
• Experience with CSPM observability and remediation tools
• Industry security certification is a plus, e.g. CISSP, CISM, etc.
• One or more AWS certifications is a plus
• Experience supporting FedRAMP in an assessment or advisory role

Perks/Benefits:

Work with a collaborative team and enjoy a highly driven culture that is committed to personal and professional development! Other company perks include:

• Medical, Dental, and Vision coverage and 401k
• Generous PTO & 11 Company Holidays
• Life Insurance & Disability Coverage
• Flexible Spending Account
• Pre-tax commuter benefits