Network Security and Compliance Lead - Remote

Overview

In this role, the senior and tenured candidate will lead the security compliance efforts by implementing repeatable and consistent processes and frameworks. As a startup, there will be many opportunities to set the direction and build from scratch. Moving fast while delivering will be key in this role and will require good time management, a sense of urgency, and big picture thinking.

In Short

• Responsible for and lead network security and compliance projects of the entire Turing site and services
• Perform day-to-day operational network security activities
• Introduce and drive operationalization and automation enterprise focused security improvements
• Educate and advocate for security best practices within the organization
• Work with software engineers to proactively identify and fix vulnerabilities and compliance issues
• Protect Turing sites and network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information
• Work with our SaaS vendors to improve our security practices and implement security integrations
• Design infrastructure and drive its implementation to protect Turing’s networks and systems
• Conduct security reviews of core corporate and production infrastructure
• Build security tools and processes for critical infrastructure protection, monitoring and remediation

Requirements

• Required
• Bachelor's degree in Computer Science, similar technical field of study, or equivalent practical experience
• 8+ years industry experience in architecting, developing, and troubleshooting systems for security improvement and enhancement
• Experience with SOC 2 certification process and other standards like NIST, PCI & HIPAA
• Knowledge on applicable laws and regulations like GDPR, CCPA.etc & implementing best practices for compliance
• Experience in governance, risk and compliance management
• Experience in compliance automation
• Operational experience in network security including patch management and implementing web application firewalls (WAFs)
• Familiar with network routing protocol, DNS, LoadBalancer, Nginx, etc.
• Tooling experience: Cloudflare, Imperva, Rapid7, GitHub
• Excellent communication skills, both written and verbal
• Bonus:
• Experience at a big 4 consulting firm
• Security certifications from ISACA, ISC2 or other security relevant certifications
• Familiar with programming languages like Python, etc.

Benefits

• Amazing work culture (Super collaborative & supportive work environment; 5 days a week)
• Awesome colleagues (Surround yourself with top talent from Meta, Google, LinkedIn etc. as well as people with deep startup experience)
• Competitive compensation
• Flexible working hours
• Full-time remote opportunity