About us

Insightful is a market-leading platform for employee productivity and workforce analytics. We process really big data, synthesize it into actionable insights and ultimately provide a best-in-class/easy-to use product which empowers enterprise customers to improve employee productivity, business processes and overall staff well-being.

Job Description

We are looking for an experienced Information Security Manager to join the Insightful team. The ideal candidate will be responsible for ensuring the security and compliance of our platform, as well as developing, implementing and maintaining policies related to information security. This role requires extensive knowledge of SOC2, ISO 27001, HIPAA and other certifications relating to data protection and security.

Responsibilities:

  • Leading certification efforts (SOC2, ISO 27001, HIPAA)
  • Coordinating external pen-testing efforts
  • Audits systems internally against industry standard information security frameworks
  • Developing comprehensive IT security strategies that align with the business objectives
  • Maintaining risk registry
  • Coaching team about best security and compliance practices
  • Coordinating implementation of controls such as firewalls or encryption protocols with DevOps team
  • Enhancing existing security solutions by researching new technologies; making recommendations on implementation
  • Ensuring compliance with applicable laws and industry standards (e.g. GDPR)
  • Identifying areas in which the organization is exposed to cyber threats or potential data breaches
  • Overseeing incident response planning and execution
  • Monitoring system performance for unusual activity
  • Overseeing the information security goals, objectives, and metrics
  • Maintaining a roadmap to mature services and add new capabilities
  • Evaluating potential business impacts from security breaches and providing strategic and tactical guidance to business decision-makers

Requirements:

  • Bachelor’s degree in Computer Science or a related field
  • At least 5 years' experience working in Information Security/IT Security roles
  • Extensive knowledge of relevant regulatory requirements (SOC2, ISO 27001, HIPAA, etc.)
  • Proven track record of successful development & implementation of security strategies
  • Excellent project management skills
  • Strong communication skills

Bonus:

  • Previously worked with Tugboat
  • GCP expertise