Cribl (201-500 Employees, 2 Yr Employee Growth Rate)
Cribl unlocks the value of observability data.
Our products deliver choice and control over the rising volumes of telemetry data, enabling every organization to realize the value of all their observability data without limitation. Backed by the industry’s leading venture capitalists, including CRV, Sequoia Capital, Greylock Partners, Redpoint Ventures, and IVP, our solutions are deployed across organizations of all sizes. Many of the biggest names in the most demanding industries trust Cribl to solve their most pressing observability needs.
At our core, we foster an inclusive, values-aligned culture where all belong. We believe in a remote-first operating model, empowering the flexibility to do your best work, wherever you are. We’re also growing rapidly, welcoming collaborative, curious, and motivated team members who are passionate about putting customers first.
Join the herd and unlock your opportunity.
About the Opportunity
The Director, Security and Compliance will be responsible for maintaining, developing, and deploying Cribl’s company security posture. The role is crucial as Cribl scales the business in the upcoming year, expanding to new geographies and customer bases. The Director, Security and Compliance role reports to the Senior Director, Information Technology and Security.
What You’ll Accomplish
- Manage the development, deployment and execution of controls and defenses to ensure the security, compliance and risk mitigation of the organization’s technology infrastructure/data assets and as needed, effectively respond to incidents or inquiries related to company security
- Work with the product security team to ensure that organization-wide controls and product-focused controls are aligned and consistent.
- Plan, design and build of security architectures, overseeing the implementation of network and computer security and ensures compliance with corporate cybersecurity policies and procedures
- Monitor cybersecurity requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related network devices; responsible for implementing software fixes (i.e. patches) to remove system vulnerabilities.
- Responds immediately to cybersecurity-related incidents and provides a thorough post-event analysis, covering intrusion incidents and forensic investigations.
- Serves as the primary point of contact for company security evangelism and training to prevent social engineering, phishing, etc.
- Work closely with internal and external stakeholders to ensure changes to tools, services, vendors, and processes adhere to regulatory and contractual requirements and industry standards
- Liaise with various teams (e.g., legal, sales, engineering, etc.) to review contracts, complete RFPs, respond to due diligence questionnaires, participate in sales calls with the customer, etc. as needed to help the organization meet their goals
- Oversee external and internal audits and communicate the outcomes of those audits to business partners and executive leadership to include providing guidance on how to improve current processes or the creation of new processes to ensure continued success on future audits
What You’ll Bring
- Passionate about DevSecOps, with an accomplished background in secure software engineering, with strong exposure to security practices
- Experience building secure world-class infrastructure and tooling in terms of reliability, scalability, and accessibility will be paramount
- Familiarity with SOC2, NIST, ISO27001, and/or FedRamp compliance framework and autidts
- Strong communication and organization skills to effectively manage and lead strategic projects along with prioritizing request
- Comfortable with ambiguity, have a strong analytical acumen, self-motivated, able to work cross functionally
- Working experience at a fast-growing SaaS company
- Experience with Cloud IaaS services, such as AWS, Azure or Google Cloud Platform
- Experience with Python (or equivalent scripting language)
- Excited about the observability space
Bring Your Whole Self
Diversity drives innovation, enables better decisions to support our customers, and inspires change for the better. We’re building a culture where differences are valued and welcomed. We work together to bring out the best in each other. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.