Chief Information Security Officer - [M-302]
At Swapcard, we build communities by empowering meaningful connections and know it all begins with a strong community of our own. We believe that diverse collaboration brings us closer to embracing change and propels us to form the ideas of tomorrow in an ever-evolving world. Powered by artificial intelligence, Swapcard is the only end-to-end community platform for virtual and hybrid events. Behind this vision, stands a passionate, curious, and down-to-earth team. We believe an environment of trust, autonomy, and support is integral to our success. As a result of putting people first, career evolution and rapid growth have become regular commodities. With 42 nationalities amongst a team of more than 200 innovative minds,
we enjoy an open-minded environment where opinions and ideas are encouraged and exchanged freely in order to create a product and company we can all be proud of. We’ve also learned that the more moments we share, the more comfortable, communicative, and confident we are when working together. That’s when the real magic occurs. And the best part? Swapcard offers full remote opportunities, which means you’ll be able to bring your best self to the table no matter where in the world you are located! We fully support and empower an international environment, where all cultures, mindsets, and backgrounds are equally welcome and appreciated. **Our Values****Curiosity**: Rapid growth and evolution are the results of our endless quest for new knowledge and understanding. We’re interested in our peers and their concerns. Anything novel or innovative excites us. **Open-mindedness**: Feedback and ideas can be exchanged freely, without being taken personally. We welcome Swapcardians of all sorts and learn from each other’s personal and professional experiences. ** Humanity**:
Empathy encourages a kind and down-to-earth environment where we all feel comfortable and free to be human. We never have to wear a mask or hide who we are. **Resilience**: We have a desire to win and don’t take no for an answer. We prefer the term “experiment” over “failure”. We are solution-oriented and find innovative approaches to succeed. - ** Ambition**:Nothing is impossible. We're always striving to get better, seize opportunities, and reach the top. We are encouraged to dream big and believe in ourselves. **What you'll be doing**:**Governance - Build a great security department**- Define and implement the IS Security strategy- Define and maintain IS security policies and processes- Maintain SOC 2 Type 2 compliance (year-long audit period)- Implement ISO 27001 certification- Work with all business units to determine possible risks and risk management processes, deploy a risk analysis methodology (especially cyber). - Manage Security product vendors and contracts- Manage and organize internal/external audits, including our annual external penetration test- Raise security awareness across the company and for each team**Third-party security and internal projects - secure our ecosystem**- Accompany internal teams to ensure that newly-acquired technology is secure and complies with internal security policies- Accompany internal teams on projects to ensure security is taken into account by design**Product Security**- Help secure our product - via securing our CI/CD pipeline, maintaining our SAST/DAST tools, and securing our infrastructure- Help shape security features of our product- Review the security of new features- Respond to security questionnaires from clients- Help customers when there are security escalations**Operational Security**- Manage our SOC (external provider)- Manage our public Bug Bounty program- Manage our vulnerability scanning and patching program, including threat intelligence- Manage security incidents and response (with help from Engineering team)- Manage security crisis (with help from all other teams)**Endpoint Protection**- Manage the security configuration of Endpoint Protection tools deployed by IT team: MDM, EDR, Proxy- Identity and Access Management- Conduct access reviews**What you should have**:- A bachelor's degree in computer science, information technology,
or a related field. - A minimum of five years' experience in risk management, information security, or programming. - Understanding of scripting and source code programming languages, such as Python, Golang, NodeJS. - Knowledge of information security management frameworks and certifications such as ISO 27001/2 and SOC 2- Experience in managing your own budget- Negotiation skills for negotiating contracts and IT/Security support services to be rendered. - Excellent understanding of current security-related legislation and regulations relevant to our organization. - Excellent project management and leadership skills. - First-rate written and verbal communication skills. - Experience building secure and compliance focused vendor program. - Highly motivated, goal driven, c
Welcome to hacendo.com
kitempleo. es asks for your consent to use your personal data to:
perm_identity
- perm_identity Personalised advertising and content, advertising and content measurement, audience research and services development
- devices Store and/or access information on a device
Data preferences
You can choose how your personal data is used. Vendors want your permission to do the following:
Store and/or access information on a device
Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are (or have been) interacting with (for example, to limit the number of times an ad is presented to you).
Create profiles for personalised advertising
Information about your activity on this service (such as forms you submit, content you look at) can be stored and combined with other information about you (for example, information from your previous activity on this service and other websites or apps) or similar users. This is then used to build or improve a profile about you (that might include possible interests and personal aspects). Your profile can be used (also later) to present advertising that appears more relevant based on your possible interests by this and other entities.
Use profiles to select personalised advertising
Advertising presented to you on this service can be based on your advertising profiles, which can reflect your activity on this service or other websites or apps (like the forms you submit, content you look at), possible interests and personal aspects.
Information about your activity on this service (for instance, forms you submit, non-advertising content you look at) can be stored and combined with other information about you (such as your previous activity on this service or other websites or apps) or similar users. This is then used to build or improve a profile about you (which might for example include possible interests and personal aspects). Your profile can be used (also later) to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests.
Use profiles to select personalised content
Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services (for instance, the forms you submit, content you look at), possible interests and personal aspects. This can for example be used to adapt the order in which content is shown to you, so that it is even easier for you to find (non-advertising) content that matches your interests.
Information regarding which advertising is presented to you and how you interact with it can be used to determine how well an advert has worked for you or other users and whether the goals of the advertising were reached. For instance, whether you saw an ad, whether you clicked on it, whether it led you to buy a product or visit a website, etc. This is very helpful to understand the relevance of advertising campaigns.
Measure content performance
Information regarding which content is presented to you and how you interact with it can be used to determine whether the (non-advertising) content e. g. reached its intended audience and matched your interests. For instance, whether you read an article, watch a video, listen to a podcast or look at a product description, how long you spent on this service and the web pages you visit etc. This is very helpful to understand the relevance of (non-advertising) content that is shown to you.
Understand audiences through statistics or combinations of data from different sources
Reports can be generated based on the combination of data sets (like user profiles, statistics, market research, analytics data) regarding your interactions and those of other users with advertising or (non-advertising) content to identify common characteristics (for instance, to determine which target audiences are more receptive to an ad campaign or to certain contents).
Develop and improve services
Information about your activity on this service, such as your interaction with ads or content, can be very helpful to improve products and services and to build new products and services based on user interactions, the type of audience, etc. This specific purpose does not include the development or improvement of user profiles and identifiers.
Use limited data to select content
Content presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type, or which content you are (or have been) interacting with (for example, to limit the number of times a video or an article is presented to you).
Ensure security, prevent and detect fraud, and fix errors
Your data can be used to monitor for and prevent unusual and possibly fraudulent activity (for example, regarding advertising, ad clicks by bots), and ensure systems and processes work properly and securely. It can also be used to correct any problems you, the publisher or the advertiser may encounter in the delivery of content and ads and in your interaction with them.
Deliver and present advertising and content
Certain information (like an IP address or device capabilities) is used to ensure the technical compatibility of the content or advertising, and to facilitate the transmission of the content or ad to your device.
Match and combine data from other data sources
Information about your activity on this service may be matched and combined with other information relating to you and originating from various sources (for instance your activity on a separate online service, your use of a loyalty card in-store, or your answers to a survey), in support of the purposes explained in this notice.
In support of the purposes explained in this notice, your device might be considered as likely linked to other devices that belong to you or your household (for instance because you are logged in to the same service on both your phone and your computer, or because you may use the same Internet connection on both devices).
Identify devices based on information transmitted automatically
With your acceptance, your precise location (within a radius of less than 500 metres) may be used in support of the purposes explained in this notice.
You can choose your data preferences. This site or app wants your permission to do the following:
Site or app
Store and/or access information on a device
Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are (or have been) interacting with (for example, to limit the number of times an ad is presented to you).
Create profiles for personalised advertising
Information about your activity on this service (such as forms you submit, content you look at) can be stored and combined with other information about you (for example, information from your previous activity on this service and other websites or apps) or similar users. This is then used to build or improve a profile about you (that might include possible interests and personal aspects). Your profile can be used (also later) to present advertising that appears more relevant based on your possible interests by this and other entities.
Use profiles to select personalised advertising
Advertising presented to you on this service can be based on your advertising profiles, which can reflect your activity on this service or other websites or apps (like the forms you submit, content you look at), possible interests and personal aspects.
Information about your activity on this service (for instance, forms you submit, non-advertising content you look at) can be stored and combined with other information about you (such as your previous activity on this service or other websites or apps) or similar users. This is then used to build or improve a profile about you (which might for example include possible interests and personal aspects). Your profile can be used (also later) to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests.
Use profiles to select personalised content
Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services (for instance, the forms you submit, content you look at), possible interests and personal aspects. This can for example be used to adapt the order in which content is shown to you, so that it is even easier for you to find (non-advertising) content that matches your interests.
Information regarding which advertising is presented to you and how you interact with it can be used to determine how well an advert has worked for you or other users and whether the goals of the advertising were reached. For instance, whether you saw an ad, whether you clicked on it, whether it led you to buy a product or visit a website, etc. This is very helpful to understand the relevance of advertising campaigns.
Information regarding which content is presented to you and how you interact with it can be used to determine whether the (non-advertising) content e. g. reached its intended audience and matched your interests. For instance, whether you read an article, watch a video, listen to a podcast or look at a product description, how long you spent on this service and the web pages you visit etc. This is very helpful to understand the relevance of (non-advertising) content that is shown to you.
Understand audiences through statistics or combinations of data from different sources
Reports can be generated based on the combination of data sets (like user profiles, statistics, market research, analytics data) regarding your interactions and those of other users with advertising or (non-advertising) content to identify common characteristics (for instance, to determine which target audiences are more receptive to an ad campaign or to certain contents).
Information about your activity on this service, such as your interaction with ads or content, can be very helpful to improve products and services and to build new products and services based on user interactions, the type of audience, etc. This specific purpose does not include the development or improvement of user profiles and identifiers.
Content presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type, or which content you are (or have been) interacting with (for example, to limit the number of times a video or an article is presented to you).
Vendors can use your data to p
-
¿Por qué está buscando trabajo en Trabajas.es?
Crear alerta de empleo
Cada día nuevos anuncios de trabajo Puede elegir entre una amplia gama de trabajos: nuestro objetivo es ofrecer una selección lo más amplia posible Déjenos enviar nuevos anuncios por correo electrónico Sea el primero en responder a las nuevas ofertas de empleo Todos los anuncios de trabajos en un único lugar (de empleadores, agencias y otros portales) Todos los servicios para demandantes de empleo son gratuitos Le ayudaremos a encontrar un nuevo empleo