Manager of Information Security
Medallia, Inc. - Palo Alto, CA

This job posting is no longer available on Medallia, Inc.. Find similar jobs: Manager Information Security jobs - Medallia jobs

About Medallia:
Medallia is a Palo Alto-based software company that puts the world’s leading brands in touch with their customers. Our platform captures feedback across web, social, mobile, and contact center channels and analyzes it in real-time, enabling companies to improve customer experience. Core capabilities include:

Sentiment analysis and topic classification of unstructured data

In-house machine-learning based solution for sentiment analysis trained to 85%+ industry-specific precision and recall

Customizable client-specific solution for topic classification trained to 90%+ precision and 50%+ recall

In-house OLAP engine to enable real-time dynamic aggregation queries on continuously updated data

Per-query bytecode compilation for maximized performance

Aggregation of thousands of data points across 100M+ records in less than a second.

Extensible, distributed generic platform with a shared codebase for hundreds of clients

Social media data corpus kept up to date for thousands of hotels worldwide

Medallia is a rapidly growing company with strong foundations. Last year’s milestones include:

43% revenue growth

Funded by Sequoia Capital

New offices in London and Buenos Aires

Named a leader in our industry by Forrester Research

A bit about the role :
Medallia is looking for a passionate and technical Information Security manager who will be responsible for designing and implementing security solutions and procedures for all of Medallia’s technology infrastructure and applications that are deployed globally. This role will be the primary security lead for the company working closely with the head of infrastructure and operations as well as the Sales and Legal teams.

Design and implement systems to secure company’s infrastructure and applications

Design and implement a robust perimeter and internal security monitoring system

Engage in the software development lifecycle to promote and ensure secure designs and coding practices

Implement and monitor security policies and procedures including compliance

Work with Sales team to interface with customers' security teams during pre-sales and post-sales engagements

Respond to customer security questionnaires and findings

Proactively look for ways to improve the company’s network and infrastructure security

Take a leadership role in driving internal security and privacy initiatives

Run application vulnerability assessments and security reviews on a regular basis

Develop an incident response process and lead any response efforts

Design and implement tools for detection of malicious activity

Develop, manage, and communicate security policies throughout the organization

Own configuration and hardening standards for systems and applications

Definition and implementation network security policies and procedures

Vulnerability assessments & penetration testing of all aspects of our infrastructure

Proactive research to identify and understand new threats and vulnerabilities

Management and monitoring of IDS, Firewall, and log correlation tools for potential threats

BS in Computer Science or related field

5 years experience as a security and operations engineer at a SaaS or eCommerce company

Hands-on experience implementing and managing security devices (Firewalls, IDS, vulnerability scanning, alerting and log management systems)

Experience responding to client security questionnaires and pre-sales support

Hands-on experience performing vulnerability scanning and penetration testing of web applications with knowledge of web application vulnerabilities

Experience implementing security measures with vendor and/or open source security testing tools such as Nessus, Nmap and Qualys

Scripting skills to fill gaps in security tools and to automate monitoring/reporting of security events

Familiarity with latest OWASP and CERT advisories and prior experience implementing remediation strategies

Prior experience with SSAE 16 / SOC 2 Type2 will be a plus

Knowledge of various information security compliance standards (HIPAA, PCI-DSS)

CISSP or ISO 27000 certification will be a plus

Ability to maintain a flexible work schedule

Good written, oral communication and presentation skills

Good project management skills

If a work environment with a start-up culture plus the stability and impact of a company backed by great customers and investors sounds like your kind of gig, apply now!

Medallia, Inc. - 15 months ago - save job