What is Calendly?
Calendly takes the work out of scheduling so our customers have more time to work on what's really important. Our software is used by millions of people worldwide-with hundreds more signing up every day. To maintain this exciting growth, we're looking for top talent to join our team and help shape the future of our product.
Why join Calendly's Finance & Operations team?
Calendly is looking for a Head of Information Security to join our fast growing team. This role will report to the Head of Finance & Operations and work alongside key business leaders to oversee all aspects of risk management, security policies, and security issues related to IT infrastructure.
Area of focus include: Enterprise Compliance, Business Continuity, Enterprise Risk Management, and Information Security. This role will work with various locations and departments to improve physical and cloud-based security and drive a holistic security roadmap at scale according to HITRUST, GLBA, and HIPAA frameworks.
What are some of the high impact opportunities you'll tackle?
Develop, manage and set the vision for the Information Security Program
Design the strategy and architecture for security programs that include: Audit and Compliance functions, Risk Governance, Security Policies and Procedures, Security Awareness Training, Security Information and Event Management, Incident Response Management and Business Continuity Processes
Develop an end-to-end understanding of all Calendly systems, tools and processes to identify areas of risk and exposure and a roadmap to remedy them
Ensure security architecture deliverables reflect and support business, technical, operational, and compliance objectives
Build out the Security function at Calendly to keep pace with the growth acceleration and industry demands
Develop and maintain detailed Security Architecture Plans and Designs
Review Threat and Vulnerability reports and create detailed Action Plans to address risks
Maintain awareness of IT/ Security industry trends, evaluate new solutions and techniques, as remain aware of emerging threats
Create Security Standards for Hardened Server, Workstations, and Network Components
Promote awareness of Information Security Best Practices and adequate representation across lines of business
Prioritize and delegate Risk Assessment activities and ensure completion
Oversee newly implemented technologies and coordinate internal/external audits
Ensure compliance of the Information Security and Risk Management programs with all Regulatory, Contractual, Association, and Client requirements
Lead compliance efforts consisting of HIPAA, HITRUST, GLBA, SSAE 18 SOC 1 and 2 reporting, client audit response (For IT, Security, and related items), PCI, and other compliance requirements
This opportunity is for you if you have/are:
Bachelor's degree in related field at a minimum and a master's degree in related field highly desirable
10+ years of Progressive Experience in Managing Security Department Staffing, Budgets and Invoicing, Contractors, Vendors, and Corporate Security Programs and Projects
CISSP, CISM, or other equivalent security certification required
CRISC, CISA, CISM preferred
ITIL Certification preferred
Hands-on Technical Experience with Telecommunications and Network, Security Solutions (Firewalls, IDS/ IPS, SIEM, Vulnerability Assessment Tools) Access Control Systems, Cryptography, Physical Security Systems, and Secure SDLC Methodologies
Authorized to work lawfully in the United States of America. Calendly does not engage in immigration sponsorship at this time.
Calendly is registered as an employer in many, but not all, states. If you are not located in or able to work from a state where Calendly is registered, you will not be eligible for employment.