
Director of Information Security and GRC at DriveNets. Location Information: Ra'anana, Center District, IL. . Description. . Preferred Locations: . Israel (Hybrid). United States (East Coast timezones) (Remote). Canada (Remote). Europe (Remote). #LI-REMOTE. #LI-HYBRID (Israel only). DriveNets is a leader in cloud-native networking software for hyperscalers and service providers who are building the largest infrastructures in the world for network services, AI platforms and SaaS offerings. Founded in December 2015, DriveNets disrupted some of the most challenging high-scale markets, transforming the way Networks are built, scaled, and consumed. We also built the largest network in the world, with more than half of AT&T’s backbone running on DriveNets’ Network Cloud. DriveNets has raised $587 million in three funding rounds which enable us to dream big and bring on the most talented people.. The Role:. As the Director of Information Security and GRC, you will oversee all aspects of Drivenets' information security program, ensuring the protection of our data, systems, employees, and applications. You will lead a team of talented security professionals, driving a proactive, responsive and comprehensive security posture aligned with industry best practices and regulations.. Responsibilities:. · Be kind.. · Will be leading a team of 3-4 security operations specialists and engineers.. · Embody the organization’s values and act as a values champion, holding both yourself and others accountable to them.. · Develop and implement a comprehensive information security strategy aligned with business objectives and risk tolerance.. · Lead the Security team, fostering a culture of transparency, continuous improvement and collaboration.. · Lead the development and implementation of IT governance frameworks and policies.. · Oversee the implementation and maintenance of security controls, including firewalls, intrusion detection/prevention systems, and endpoint security solutions.. · Manage product security, vulnerability management, and . incident response. processes.. · Design and implement a robust Governance, Risk, and Compliance (GRC) program, ensuring companywide adherence to relevant regulations and standards.. · Conduct regular security assessments and risk analyses to identify and mitigate potential vulnerabilities, partnering with business units and stakeholders across the organization.. · Ensure that the organization is prepared for internal and external IT audits; and manage the audit process.. · Coordinate with external agencies, auditors, customers and stakeholders for compliance assessments and audits.. · Assist in the selection, implementation, and maintenance of security technologies, tools, vendors, and processes to ensure adherence to the organization's security policies and goals.. · Work with DevOps and the development staff to improve the security posture and to implement secure SDLC practices.. · Stay up to date on the latest security threats, trends, and technologies, ensuring that DriveNets adopts appropriate countermeasures.. · Develop and deliver security awareness training programs for employees.. · Manage the security budget and resources effectively.. · Report to the Chief Operating Officer (COO) on the organization's overall security posture.. · Curate the organization’s risk register and report regularly on burndown.. . Requirements. . · 7+ years of experience in the information security leadership, GRC, and product security spaces.. · 7+ years of experience in leading and managing security teams.. · Proven track record of building and implementing successful security programs.. · Proven knowledge of IT GRC frameworks such as COBIT, ISO 27001, NIST, etc.. · Experience building and operating a security incident response program.. · Experience building a SSDLC framework and driving adoption within SWE teams.. · Ability to build meaningful partnerships across diverse geographies and cultures.. · Strong understanding of product security best practices and industry standards.. · Excellent communication, presentation, and interpersonal skills.. · Ability to work effectively in a global environment, and experience with international customers.. · Relevant security certifications (e.g., CISSP, CISO, CISA, CISM) a plus.. · Strong analytical and problem-solving skills.. If your experience is close but doesn’t fulfill all requirements, please apply. DriveNets is on a mission to build a special company comprised of individuals with different backgrounds, perspectives, and experiences.. DriveNets is an equal opportunity employer. We do not discriminate based on upon race, religion, color, national origin, sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with disability, or other applicable legally protected characteristics.. More About DriveNets. Based in Israel with locations in Romania, US and Japan as well as extended teams, DriveNets operations cover more than 16 countries. With recognition by industry analysts and through numerous industry awards, DriveNets is pushing market momentum, allowing for faster service innovation from the network core to the edge. Visit our website:. https://drivenets.com/company/. .