Security Assurance Manager

Posted Feb 15

A Little About Us

Innovative, collaborative minds wanted. The world loves Postgres. We envision a world where organizations thrive by harnessing the full power of Postgres, the world’s fastest growing and most loved and used open source database. Our mission is to enable data teams everywhere to harness the full power of Postgres, whether on premises or in the cloud, with high availability, reliability, scalability, and security.

We’re #1 in Postgres. We aspire to become #1 in Postgres AI. We’ve been major contributors to Postgres since the beginning and we are proud to call thousands of boundary-pushing customers our partners. Proud though we are, we are not resting on our laurels. There’s plenty of work to do. The good news is that everything we do will impact Postgres, which is to say that it will impact the world. No pressure.

EDB empowers organizations to take control of their data. As one of the leading contributors to the vibrant and fast-growing Postgres community, EDB is committed to driving innovation in AI, data and enterprise database technology. Our work is fueled by creative, dedicated people who are committed to help our customers and the community take Postgres everywhere. Join us!

Job Summary

As a Security Assurance Manager at EDB, you report directly to the Director of Security Assurance and are a trusted member of the Information Security staff. Your role leads the transformation of the security controls that help drive business growth and reduce downside information risks. You are responsible for understanding multiple security frameworks, translating objectives, partnering with stakeholders on control design, supporting the implementation, and establishing automated auditing. 

Additionally, the role has operational responsibility to oversee and drive our security and compliance initiatives focused both internally in how we develop and deliver our software and externally as we pursue industry standard compliance accreditations. EDB is embarking on a large transformation of the security program for which you will be a leading voice of change for the business.

The ideal candidate must be comfortable working in a global environment that supports flexible work schedules, and a distributed security model. Whether you are looking to expand autonomy in your role, build a new security foundation, or just needing a change of pace this role is for you!

**Candidate Note: this role is 100% Remote. We are looking for candidates located in the United States preferably on the East Coast or Midwest.

What you will be doing:

  • Develop and maintain policies, procedures, security plans and relevant supporting artifacts.
  • Interpret and translate internal and external compliance requirements to drive overall program definition and manage EDB’s Security Framework.
  • Educate and consult with control owners on an effective control environment, evidence required for audit purposes, and remediation activities.
  • Oversee the Plan of Action and Milestones (POAM) related to security requirement exceptions, and engage with the POAM owners to facilitate their completion per agreed upon timelines.
  • Build and maintain scalable processes related to various compliance frameworks and guide improvements in existing workflows.
  • Lead, coordinate and manage audits, working with internal teams and third-party auditors as the primary point of contact.
  • Forge essential working relationships and collaborate effectively with engineering leadership, product management, and executive management to ensure the proper attention and prioritization of our security and compliance initiatives.
  • Identify, develop, and implement metrics that effectively measure the performance and effectiveness of our information security initiatives.
  • Develop and maintain a comprehensive information security awareness training program, including training materials, presentations, and online resources.
  • Manage the Information Security team's digital presence and effectively communicate the team's mission, goals, and accomplishments to internal and external audiences.

What you will bring

  • 5+ years of progressive information security and compliance experience
  • Experience working with external auditors and strong understanding of audit methodology
  • Background in supporting infrastructure services, systems architecture, or application development
  • Strong project management skills to ensure accountability and results
  • Technical aptitude to help the teams navigate the terms and definitions of various compliance controls
  • Strong experience with auditing security objectives of one or more of the following: SOC2, PCI, HIPAA, FedRAMP (800-53), ISO 27001
  • Thorough attention to detail to ensure policies and processes match compliance needs
  • Excellent communication skills to keep internal and external stakeholders aligned
  • Ability to help define and evolve internal security and compliance policies
  • Knowledge of cloud security best practices
  • Experience working with Jira and GRC platforms such as Hyperproof
  • Awareness and vision in how to scale compliance activities through automation and tooling

#LI-Remote

EDB is committed to supporting our employees' overall well being by offering a range of benefits and resources to promote a healthy work-life balance and wellness. We provide access to Modern Health to aid employees in health and wellness tips and practices, as well as Wellness Fridays extending to June 2024! Check out our career site for more information on perks and benefits and reach out to our Talent Acquisition team for region specific benefits.

We know it takes a unique mix of people and skills to help us in our mission to supercharge Postgres, and we understand that not everyone will check every box. We’d love to hear from you and we want you to apply!

EDB is proud to be an equal opportunity workplace. We celebrate diversity and are committed to creating an inclusive environment for all employees. EDB was built on a commitment to trust and respect each other and to embrace an array of people and ideas. These values remain at the center of our culture and are key to our company’s integrity. 

EDB does not seek or accept unsolicited resumes or CVs from recruitment agencies. EDB and its affiliates are not responsible for, and will not pay, any fees, commissions, or any other similar payment related to unsolicited resumes or CVs except as required in a written signed agreement between EDB and the recruitment agency or party requesting payment of a fee.

#LI-Remote #BI-Remote