Caastle Mountain View , CA 94039
Posted 3 weeks ago
About the Role
CaaStle is looking for an innovative leader to head its Information Security function aligned with the rapid adoption of the CaaStle platform by leading clothing brands, and increasing subscriber growth.
Information security and personal data privacy is critical to CaaStle's business. Its responsibility is to:
Ensure the personal data entrusted to us by our tenants and subscribers is protected per industry standards and best practices.
Directly support our business growth and the mandatory security requirements of the California Consumer Privacy Act (CCPA) for the US and the General Data Protection Regulation (GDPR) for the UK.
Evolve to increase effectiveness, efficiency, and address external emerging threats.
In May 2021 we achieved ISO 27001 certification of our Information Security Management System (ISMS).
Our Information Security Management System has been thoughtfully constructed to match the needs of our business. We are looking for a thoughtful professional who will lead a team of security professionals in managing, tuning and scaling CaaStle's information security program as we continue to evolve our platform.
What you will do
Lead the program securing CaaStle's corporate and product security.
Implement and oversee risk mitigation strategies
Implement and tune CaaStle's ISMS program leading to the retention of CaaStle's security certifications
Ensure organizations compliance with local and regional security, privacy and health regulations
Partner and align with Product and Engineering teams on secure product development.
Manage a team of security specialists
Work with the CRO to develop and tune CaaStle's Crisis Management plans.
Partner with Legal on CaaStle's privacy compliance programs.
Manage organization wide security awareness and training
Manage CaaStle's Data Governance program
Help develop and manage budget for CaaStle's information security program
We would love to hear from you if you
Have a bachelor's degree in any technology related field or equivalent
Have 15+ years of experience in security related operations
Have implemented, or participated in the implementation of Information Security Frameworks like ISO27001, NIST, CSF, CIS, MCSS, PCI-DSS etc.
Have excellent verbal and written communication skills.
Have experience with vendor management and contract negotiations
Have experience with security of cloud based infrastructure
Have worked with geographically dispersed teams
Are able to thrive in an ambiguous environment
Are an innovative thinker with the ability to motivate and lead cross functional projects
Have excellent organizational skills and uncompromised attention to detail
Experience with ISO 27001 / SoC 2 Type 2 preferred
Pay Range:
What We Offer:
Great compensation package with company stock options
Pretax medical, dental, and vision Care
Health Care Flexible Spending Accounts
Prescription Drug Coverage
Company-provided Life Insurance
Short-Term and Long-Term Disability coverage with optional "buy up" plan
401(k) Savings Plan
Flexible Vacation and Paid Holidays
Employee Assistance Program
Paid Family Leave
Hybrid (3-2) work in office
Even if you don't meet all of these qualifications above, we'd still love to hear from you. Tell us about your unique qualifications in your cover letter.
Caastle is committed to equality of opportunity in employment. It has been and will continue to be the policy of Caastle to provide full and equal employment opportunities to all employees and candidates for employment without regard to race, color, religion, national or ethnic origin, veteran status, age, sexual orientation, gender identity, or physical or mental disability. This policy applies to all terms, conditions and privileges of employment, such as those pertaining to training, transfer, promotion, compensation and recreational programs.
Responsibilities include appropriate handling of company confidential information(CCI) and personally identifiable information (PII). Complying with CaaStle information security policy. Ensuring that direct reports (and contractors) are adequately trained to comply with information security policy.
#LI-Hybrid
At CaaStle, we pioneered the clothing rental model and are now powering it for everyday apparel and accessories. Our workplace consists of an inspiring community of people from unique and diverse backgrounds, and our culture is built upon a foundation of respect and camaraderie. Join us in changing the face of fashion.
CaaStle is committed to equality of opportunity in employment. It has been and will continue to be the policy of CaaStle to provide full and equal employment opportunities to all employees and candidates for employment without regard to race, color, religion, national or ethnic origin, veteran status, age, sexual orientation, gender identity, or physical or mental disability. This policy applies to all terms, conditions and privileges of employment, such as those pertaining to training, transfer, promotion, compensation and recreational programs.
Caastle