Information Security Program Manager

  • Full Time
  • Remote
  • Mid Level

Website https://twitter.com/GoZwift Zwift

We’re on a mission to make more people, more active, more often

Seniority Level: Mid-Senior

Location: Long Beach, CA or US Remote (in select states)

About the role and about You:

At Zwift, we are currently looking for a highly motivated, dependable, and experienced corporate IT technical security program manager who shares our passion and wants to be a part of a fast-moving and highly execution-oriented team. In this role, you will work with cross-functional teams of technical and non-technical key stakeholders as well as external consultants to interpret, communicate, and drive full lifecycle security projects. You will partner with Legal, HR, Product, Technology and other teams to evaluate and develop services and infrastructure and be responsible for operationalizing Zwift’s security and compliance program

What you’ll do: 

  • Lead cross-functional teams through full program lifecycles by defining scope/success criteria, setting expectations, establishing timelines, implementing solutions, and measuring success and lessons learned.
  • Develop and maintain strong working relationships with technical and non-technical teams involved with information security
  • Scope, plan, implement and deliver security projects and programs, and collaborate with senior leaders to align with strategic vision and goals
  • Lead various compliance audits such as PCI, ISO2700x, NIST 800-171/53, CMMC, etc. from planning phase to completion phase.
  • Perform planning, scoping, execution, and liaising with auditors and manage compliance & security audits.
  • Be the security SME for driving compliance initiatives and helping organizations cross barriers to meet compliance objectives.

What you’ll have:

  • Bachelor’s degree in Computer Science, Management Information Systems, or a related technical field
  • 5+ years of work experience in information security, cybersecurity, security program/project management, or similar capacities.
  • Expert-level knowledge of at least one or more security frameworks (such as PCI, ISO 2700x, NIST 800-171/53, CMMC, etc.) and the ability to determine measures that will satisfy and design controls
  • Experience driving IT security projects end-to-end independently, including evaluating, defining, and improving end-to-end processes.
  • Experiences working and managing in multiple security roles such as security engineering, operations, and vendor management.
  • In-depth knowledge of security domains including but not limited to authentication, endpoint security, encryption, cloud security, and data protection
  • Strong project management and prioritization skills
  • Excellent communication skills across technical and non-technical stakeholders and demonstrated attention to detail.

Bonus points: 

  • Advanced security certifications like CCSP, CISSP, CISM, CISA

To apply for this job please visit www.zwift.com.