Gloo, LLC, headquartered in downtown Boulder, Colorado is a technology company building the world's first "stack" of platform utilities around Human Growth and Development. We're taking the best that big data and platform technology has to offer and providing it to organizations focused on helping people grow. Our customers include companies like addiction treatment centers (helping people with addiction), financial advisors (helping people be financially healthy), and faith-based non-profits (helping people with their spiritual life). With Gloo, they have the data, insights and digital engagement tools needed to better attract, connect with and grow their people. We're growing and learning fast and looking for talented pros that are interested in doing the same. Interested?
This is a new position for us at Gloo so we're looking for someone who is excited about breaking ground, not just managing business as usual. As an Information Security Specialist, you are the eyes and ears of the security and privacy team. Serving as the front-line protection for our organization's platform technology, you understand compliance but also have an appreciation for balancing business value. You will join a team that is developing and operating a security and privacy program that is meeting and exceeding the expectations of Gloo's investors, our champions and the community we serve.
What you'll be doing
- Serving as a full-time member of the Security, Privacy and Compliance team, collaborating with other team members from Engineering, Data, IT, and Support Services to facilitate the company's security & privacy programs
- Implementing and managing the company's vendor risk management program, working with relationship managers along with the vendors themselves to ensure the program operates as intended
- Working as a member of the cyber incident response team; developing procedures, orchestrating training scenarios and responding to acting as situation coordinator during actual events
- Developing and maintaining knowledge of security/privacy regulatory environments applicable to the company
- Helping develop and implement a secure code development process
- Maintaining knowledge of current threats and how those threats apply to the company and our clients
What you'll bring to the position
- BS in information systems, engineering or related discipline
- At least 1 year of professional experience as a security analyst, incident response compliance assessor or analyst
- Cybersecurity and/or privacy domain expertise demonstrated by coursework or certifications like CISSP, Security+, CISM, CRISC, CIPP, and others
- Strong communication skills with the ability to share your knowledge and encourage others to embrace our security/privacy programs
- Experience with security tools such as vulnerability scanners, pen testing and incident management apps
- Knowledge of the security aspects of GDPR, HIPAA, state, federal and international privacy regulations
- Networking and Firewall settings experience and the ability to determine the ramifications of changes.
- Knowledge and understanding of the SSDL.
- Experience with MacOS, Amazon Web Services and G-Suite
- A security mind with a business sense, you understand the cost-benefit of technology implementation
And what you will enjoy
- Compensation commensurate with experience
- A full suite of benefits including performance bonus and equity
- An incredible team of talented and passionate folks to hang out with