Who We Are:
Nitro is an exciting, high-growth company in the rapidly evolving digital documents space. Our value proposition is straightforward, tangible, and easy to prove – we believe software technology should be easy to use, help make people better, and be accessible to any knowledge worker who wants to be more productive.
We are on a mission. We hire creative, intelligent, talented people. We build great products that delight our customers. And we are doing it in a rewarding way– a way that feels good and makes us proud to be part of Nitro.
We put people at the center of everything we do, both our customers and our employees. It all comes back to our core values:
- High Performance - We have a “performance first” orientation and ambitious plans for the company. This means ample opportunity for those who join us to make a big impact. Non-high performers need not apply.
- Be Good - We hire people with big hearts and foster an environment where they can be themselves and do their best work. We celebrate individuality and diversity and provide our employees with the opportunities, the resources and the support they need to thrive and flourish.
- No BS – this one is self-explanatory
We help the world work smarter and have plenty of fun while doing it! Come be part of the Nitro good life!
As the head of Trust & Assurance, you will be responsible for defining and implementing our continuous security risk and validation strategy at Nitro. Your responsibilities will include a wide variety of security and compliance work - including process and technology improvements, vulnerability and risk management, privacy, external and internal customer engagement, and heavily influence our overall security roadmap implementation. This role will report to our VP of Security.
What You Will Be Doing:
- End-to-end ownership of our security, trust and assurance capabilities at Nitro
- Define the goals, road-map and plans with executive management to drive our trust and compliance objectives
- Drive our security trust and assurance frameworks from planning and delivery to continuous iteration
- Engage with customers, partners and internal stakeholders to determine business requirements, technical considerations and strategic objectives to meet our regulatory and compliance needs
- Manage and conduct internal and independent risk assessments against our infrastructure and products; establishing key metrics and partnering with engineering teams to ensure appropriate plans are in place to address gaps
- Engage customers, partners and internal stakeholders to determine business requirements, technical considerations and strategic objectives
- Partner with internal stakeholders to ensure a harmonized security posture across our environment
- Monitor the external threat environment for emerging threats and advise on the appropriate action
What We Are Looking For:
- BS / MS in Computer Science or similar degree with 15+ years of relevant experience
- Demonstrated ability to cope with complexity and find elegant solutions that strike the right balance between security and overall business goals
- A strong passion for applied security vs. perceived (security theater) approaches
- Broad comparative understanding in risk assessments of complex environments, platforms and distributed systems
- Proven ability in building vulnerability and risk management programs for pre to post products
- Demonstrated experience with information security risk, governance, and control frameworks such as ISO/IEC27000 series, NIST CSF, CSA CCM and PCI DSS
- Experience with CCPA and GDPR
- Strong background in secure SDLC with complex workflows for continuous validation
- Proven experience and success with managing IT or information security risk functions
- Proven project and organizational skills, specifically managing multiple, concurrent projects
- Strong interpersonal, written, and oral communication skills
- Highly self-motivated and directed professional, with keen attention to detail
- Excellent analytical, problem-solving and decision-making abilities
- Able to effectively prioritize tasks in a high-pressure environment
- Strong customer service and solution-focused orientation
Nitro is a global document productivity company. We help organizations of all sizes eliminate paper, accelerate business processes, and drive digital transformation by providing PDF productivity and eSigning for all in a single, affordable solution. Founded in 2005 in Melbourne, Australia, Nitro helps increase efficiency and make work more productive for more than 10,000 businesses globally, including 65% of the 2019 Fortune 500. Nitro headquarters are in San Francisco, with offices in Dublin, London, and Melbourne. Visit us at GoNitro.com #LI-GB1