Head of Information Security Operations

About Knowde

Chemical companies are the hidden innovators behind the end-products we rely on every day. Chemistry is used to make every physical good on earth, including the products we love from Tesla, Glossier, Apple, Nike, 3M and J&J. And yet, the largest and most impactful industry in the world is still doing business the same way it did 100 years ago.

Knowde is building the first digital marketplace for the $5 trillion chemical industry. Chemical companies use Knowde to market and sell their products online for the first time ever. For buyers, Knowde has become their go-to destination to shop across the entire world of chemistry all in a single destination.

Buyers use Knowde as their go-to destination to discover and purchase chemicals from any chemical producer all in one place. By helping pull this industry online, we will accelerate the innovation behind every physical product in the world.

We've raised over $90M from the world's leading investors, including Sequoia Capital and Coatue, to realize our vision.

Come Join Us!

We are looking for a very experienced Information Head of Information Security Operations that will be responsible for establishing and executing information security program directives, policy development, and policy enforcement. This position will develop mechanisms to best identify, evaluate, and mitigate company-wide information security risks in a manner that upholds compliance and regulatory requirements.

What You'll Be Doing

• Establish and execute strategic, comprehensive enterprise information security program directives and plans, including any and all company-wide information security training efforts to ensure that the confidentiality, integrity, and availability of information is owned, controlled or processed in a manner compliant with Company Policy and relevant regulatory authorities.
• Develop and maintain information security policies, standards, guidelines and oversee the dissemination of security policies and practices; identify knowledge gaps to increase business awareness of relevant information security practices.
• Provide leadership and guidance on information security topics, advising and collaborating on security processes, business continuity, and disaster recovery plans.
• Ensure that system and application security design is in accordance with Company Policy; consult with IT teams to ensure that security is factored into the evaluation, selection, installation, and configuration of hardware, applications and software.
• Lead investigations of any actual or potential information security violations and manage escalation of security events.
• Monitor external threat environments for emerging threats and advise relevant stakeholders on appropriate courses of action.
• Provide regular reporting on the current state of information security program to the CTO and other senior managers as appropriate.
• Establish metrics and reporting framework to measure the efficiency, effectiveness, and maturity level of the program.
• Liaise with relevant business units (such as Audit, Law, Finance, Safety & Security, Risk Management, HR teams), and external agencies as needed to ensure that the company maintains a strong security posture.
• Work with system administrators and application developers to audit, monitor and validate their environment's security, including conducting gap analysis and other comprehensive internal assessments of existing systems to improve the security infrastructure and mitigate risks.
• Provide oversight to the architecture and engineering of new security systems; including the evaluation of technical designs.

Who You Are

• 3-5+ years of progressive sales & GTM operations experience in fast growing technology companies
• An ownership-oriented builder who knows what it takes to build a function from scratch.
• You have a proven track record of optimizing tools and processes for a fast-growing sales, revenue, and/or similarly-structured go-to-market team
• You are an excellent, certified Salesforce administrator

What You Should Have

• Minimum of seven (7) years experience in the information technology field, with five to seven years of experience in an information security role.
• Three to five (3-5) years' experience in hands-on work experience in information security.
• Proven track record and experience in developing information security programs, policies and procedures, including successful implementations in medium to large enterprise environments.
• High degree of initiative, dependability; experience managing multiple, simultaneous, and high-profile information security initiatives and responses.
• High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.
• Strong knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, NIST, CSA and deep knowledge and understanding of relevant legal and regulatory requirements/standards, including but not limited to: GDPR, PCI-DDS and other relevant compliance standards.
• Experience in designing and managing new and existing security systems.
• Ability to advise infrastructure and applications staff in securing their respective environments.
• Exhibit strong written and verbal communication skills, interpersonal and collaborative skills.
• Strong ability to convey security information to non-technical end-users in a way that inspires adoption and adherence to all IT and Company security policies and programs.
• Experience with contract and vendor negotiations.

Our Perks & Benefits

• We offer "Knerds" a variety of medical, dental, and vision plans, designed to fit you and your family's needs
• 401K program to help you invest in your future
• Education & learning stipend for personal growth and development
• Fully remote position
• Flexible vacation time to promote a healthy work-life blend
• Paid parental leave to support you and your family

We believe in supporting people to do their best work and thrive, and building a diverse, equitable, and inclusive company is core to our mission. Our goal is to ensure that Knowde upholds an inclusive environment where all people feel that they are equally respected and valued, whether they are applying for an open position or working at the company. We welcome applicants of any educational background, gender identity and expression, sexual orientation, religion, ethnicity, age, citizenship, socioeconomic status, disability, and veteran status.

The Controller of your personal data is Kruko Sp. z o.o., with a registered office at Rejtana 36, Rzesz?w. Your data is processed for the purpose of the current recruitment process. Providing data is voluntary but necessary for this purpose. Processing your data is lawful because it is necessary in order to take steps at the request of the data subject prior to entering into a contract (article 6 point 1b of Regulation EU 2016/679 - GDPR). Your personal data will be deleted when the current recruitment process is finished, unless a separate consent is provided below. You have the right to access, correct, modify, update, rectify, request for the transfer or deletion of data, withdrawal of consent or objection.