Vidmob is the creative data company. Its scoring software and analytics have become an essential ingredient in the creative and media decisions of the world’s largest marketers and agencies, as they strive to drive business results through improved creative effectiveness. As the leader in creative data, Vidmob’s influence lies in its partnerships and integrations across the digital ad ecosystem, its dozens of proprietary models, and in operating the industry’s most robustly instrumented human-reinforcement learning model for creativity.
The Director of Information and Cybersecurity is a key leadership role at Vidmob. Reporting to the VP of Engineering, the Director will lead Vidmob’s Cybersecurity Office providing oversight and operational responsibility for Information Systems and Technology Security. In this role you will provide strategic security direction and support for production and development environments, and oversee IT operations.
The ideal candidate will have the technical prowess to manage IT and security tools, understand security impacts, and prioritize mitigation efforts and communication skills to uphold Vidmob's customer-centric approach.
Responsibilities:
Analyze department needs, identify vulnerabilities, and boost productivity, efficiency and accuracy to inform business decisions
Ensure compliance with relevant regulations and leading the response to security incidents
Communicate risks and strategies to executive management and stakeholders
Collaborate directly with customers and their security teams to address security requirements effectively
Continuously analyze current process, technologies, and vendors to identify areas of improvement
Collaborate with development and operations teams to integrate security practices into the development lifecycle, adhering to a “Shift Left” approach
Utilize AI, SCA and DAST scanners to identify and address security vulnerabilities proactively
Perform security assessments and audits on applications and infrastructure to ensure compliance with security certifications, standards and frameworks such as SOC2, ISO 270001, NIST, CSA
Develop and maintain security automation scripts and tools to streamline security processes
Develop security testing processes
Assist in the design and implementation of secure systems and networks to safeguard IT infrastructure, applications, and data
Provide oversight and direction to IT for managing and supporting internal assets in compliance with Corporate policies and best practices
Participate in incident response and security incident investigations as needed
Develop and Maintain security and IT policies, standards and procedures
Develop and deliver security awareness training programs for employees and promote a culture of security awareness across the organization
Develop and manage the cybersecurity budget and ensure efficient allocation and utilization of resources
Qualifications:
Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent work experience)
7+ years of leadership experience in SRE, DevSecOps, IT Security Operations
Relevant security certifications (e.g., CISSP, CEH, CISM, AWS Security Specialty) are a plus
Understanding of security weaknesses, exploits, attacks and mitigations
Experience with most of the following: AWS security tools (GuardDuty, AWS Config, CloudTrail), ECS or EKS, DataDog, MDM, EDR, AV, DAST, and SCA, AI Tools, SIEM or similar tools
Experience with IT infrastructure and various security services such as MDM, EDR, AV, and routers configuration and maintaining policy and templates for detection rules and response actions for endpoints
Proven experience in supporting security in AWS cloud-based SaaS offerings
Proficiency in standard security testing tools such as Burp Suite and Metasploit
Experience with programming languages commonly used in DevSecOps, such as Python or JavaScript. You will sometimes write production Python/Java script, security peer review code, build proofs of concept or implement automation scripts
Understanding of containerization technologies such as Docker and Kubernetes
Please be aware that Vidmob will only contact candidates through emails ending in @vidmob.com. We will never ask for personal information, such as your Social Security number, bank account number, or password, through email. If you receive an email claiming to be from Vidmob that does not come from a @vidmob.com email address, or if the email asks for personal information, please do not respond and report the email to us at IT@vidmob.com