Manager of Security Engineering - Remote, United States - PrizePicks

    PrizePicks
    PrizePicks Remote, United States

    1 month ago

    Default job background
    Full time
    Description

    At PrizePicks, we are the fastest growing sports company in North America, as recognized by Inc As the leading platform for Daily Fantasy Sports, we cover a diverse range of sports leagues, including the NFL, NBA, and Esports titles like League of Legends and Counter-Strike. Our team of over 450 employees thrives in an inclusive culture that values individuals from diverse backgrounds, regardless of their level of sports fandom. Ready to reimagine the DFS industry together?


    With a focus on delivering exceptional products and services, we are committed to maintaining the highest level of data security and privacy. As our company expands, we are seeking an experienced and proactive Manager of Security Engineering to lead our efforts in safeguarding our systems, networks, and sensitive information.

    As the Manager of Security Engineering, you will be responsible for developing, implementing, and maintaining robust security measures to protect our organization's infrastructure and members. You will collaborate with cross-functional teams to oversee all aspects of information security, including security policies, risk assessments, incident response, vulnerability management, and security awareness training. This is a unique opportunity to apply your expertise and make a significant impact in a high-growth technology startup.

    What you'll do:

    • Develop and Implement IT Security Strategy: Design and execute an organization-wide IT security strategy, in alignment with business objectives, to proactively address potential security threats and vulnerabilities.
    • Manage Security Policies and Procedures: Develop and enforce comprehensive security policies, standards, and procedures to ensure compliance with industry best practices and regulatory requirements.
    • Risk Assessment and Compliance: Conduct regular risk assessments to identify areas of vulnerability, evaluate potential risks, and implement appropriate controls to mitigate them. Ensure compliance with relevant data protection laws and industry regulations.
    • Incident Response and Management: Develop and maintain a security incident response plan, including security incident reporting, investigation, and resolution. Lead the response to security incidents, coordinate with internal stakeholders, and implement necessary remediation measures.
    • Vulnerability Management: Oversee vulnerability assessment programs to identify potential security flaws and weaknesses. Coordinate the timely remediation of vulnerabilities and provide guidance on security enhancements to systems, networks, and applications.
    • Security Awareness Training: Develop and deliver security education and awareness programs to educate employees on security best practices, proper handling of sensitive data, and emerging security threats.
    • Vendor and Third-Party Risk Management: Assess and manage the risks associated with third-party vendors, contractors, and partners. Establish security standards for vendors and perform regular audits to ensure compliance.
    • Security Incident Monitoring: Implement and manage security tools and technologies for real-time monitoring of systems, networks, and applications. Stay up-to-date with the latest security trends, vulnerabilities, and industry developments to proactively address potential risks.

    What you have:

    • Bachelor's degree in Computer Science, Information Systems, or a commiserate experience. Relevant certifications such as CISSP, CISM, or CISA are highly desirable.
    • Proven experience (5+ years) in IT security, information security management, or a related field, preferably within a technology startup environment.
    • Strong understanding of security frameworks, industry best practices, and regulatory compliance requirements (e.g., SOC2, PCI, ISO
    • In-depth knowledge of network security, cloud security, application security, identity and access management, and encryption technologies.
    • Experience in risk assessment, incident response, vulnerability management, and security awareness training.
    • Excellent leadership and communication skills, with the ability to collaborate effectively with cross-functional teams and senior management.
    • Strong analytical and problem-solving abilities to identify and address security risks and vulnerabilities.
    • Demonstrated ability to stay updated with emerging security threats, technologies, and industry trends.

    Where you'll live:

    • Anywhere in the US is fine, but Atlanta would be preferred.

    Benefits you'll receive:

    In addition to your great compensation package, we'll shower you with perks including:

    • Company-subsidized medical, dental, & vision plans
    • 401(k) plan with company match
    • Stock options and bi-annual bonus
    • Uncapped PTO to encourage a healthy work/life balance (2-week MINIMUM required)
    • Generous paid leave programs, including 16-week paid parental leave and disability benefits
    • Workplace flexibility and modern work schedules focused on getting the job done, not hours clocked
    • Company-wide in-person events and team outings
    • Lifestyle enhancement program
    • Company equipment provided (Windows & Mac options)
    • Annual performance reviews with opportunities for growth and career development

    You must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.

    PrizePicks is an Equal Opportunity Employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.