Who We Are:
Malwarebytes is the next-gen cybersecurity company that millions worldwide trust. Malwarebytes proactively protects people and businesses against dangerous threats such as malware, ransomware, and exploits that escape detection by traditional antivirus solutions. The company’s flagship product combines advanced heuristic threat detection with signatureless technologies to detect and stop a cyberattack before damage occurs. More than 10,000 businesses worldwide use, trust, and recommend Malwarebytes. Founded in 2008, the company is headquartered in California, with offices in Europe and Asia, and a global team of threat researchers and security experts.
We’ve created a fantastic culture that our employees love and were recently named in the top 10 of Fortune Magazine’s “Great Place to Work” list. We’re growing fast and are looking for some great people to join us.
Who We Need:
A motivated and experienced security professional who is looking to take on the challenge of improving Security at a Security company. We’re looking for someone to join our small but growing security team and apply their experience. We’re looking for security and compliance super-stars who can help take our GRC and other security processes and tooling to the next level.
What You’ll Do:
- Apply your experience and expertise to improve internal processes in our Security team with a focus on Governance, Risk, and Compliance. Collaborate with teams across the company in engineering, product management, research, threat intelligence, support, IT, finance, legal, and other corporate functions.
- Answer customer security questionnaires and other security and compliance questions from customers and partners.
- Conduct Vendor security assessments to evaluate risk and security practices of Malwarebytes Vendor and Partners.
- Partner with team members to document, improve, and automate security and compliance policy, standards, and controls.
Skills You’ll Need to Have:
- A solid foundation in security and compliance and how to apply these concepts to business problems
- Previous experience with at least two of the following compliance and audit frameworks - SOC 2, COBIT / COSO, ISO27001, PCI DSS, HIPAA, CSA, NIST CyberSecurity Framework
- Ability to work with business and technical stakeholder to develop and improve organization controls
- Passionate about process improvements, documentation, and automation
- Aid and encourage those around you to understand and identify risks
- Understand the value in your team having ‘measurable success'
- Ability to work in collaboration with geographically distributed teams
Nice to Have Skills:
- Experience with SecOps (Security Operations) best practices including Incident Response and Vulnerability Management
- Experience working at a security product company
- An understanding of cloud technologies and infrastructure
- Experience with agile scrum processes, DevOps, and Continuous Delivery
- Current or former security training or certifications such as CISSP, CISA, CISM, SANS GPEN, CEH or similar are a plus
What We Offer
- An opportunity to do something great for yourself and the world
- A great work environment that supports growth and development
- Competitive compensation and benefit packages
- 401(k) matching program
- Open time off policy
- A company who enjoys having fun; holiday and summer parties and lots of other great stuff