WHO WE ARE
Postmates enables anyone to have just about anything on-demand. We pioneered the on-demand space and currently serve 80% of US households with a fleet of more than 350,000 Postmates and the largest network of merchants in the US. We're changing the landscape of commerce by making cities our warehouses, providing the delivery infrastructure, and connecting our customers to any product, anywhere, anytime. Postmates isn't just an app, it's a way of life and a part of pop culture. We are the O.G. of on-demand and we've given people a new superpower - the ability to Postmate anything from anywhere. We're building a movement to make Postmates a verb: Postmate it.
WHAT WE DO
Postmates relies heavily on our engineering team to realize this vision. Building a software platform that is reliable, scales, and stays agile under demanding product needs is a serious technical challenge. Postmates is a three-part balancing act connecting customers, merchants, and couriers in real-time. If any piece is out of whack, the whole system suffers. Working with the Postmates engineering team offers an opportunity with explosive growth, cutting-edge technology, a highly visible charter, and a cool user-focused product vision.
Postmates is looking for an Information Security Technical Program Manager focused on development planning, prioritization and measurement of Postmates Information Security Program and key performance indicators.
In this role, you will be responsible for working with various technical teams throughout the organization to enhance the existing program by implementing program plans, identifying key areas of risk exposure, developing plans to mitigate risks, documenting security enhancements for products and services and maintaining policies and procedures to support Postmates Information Security Management System.
* Manages the Information Security Program Plan, Roadmap and Prioritization.
* Functions as Scrum leader for the Information Security team.
* Identifies key areas of program improvement and risks.
* Prioritizes Security related Projects/Initiatives, Ensures project plans are documented, stakeholders are defined, budget and resources are allocated, objectives, milestones, success criteria and definition of done are identified and communicated.
* Evaluates/Prioritizes requests for allocation of Information Security staffing resources to other projects owned by external business units.
* Prioritizes and tracks Security Program KPI Metrics for the following:
* Security Awareness training completion
* Vulnerability & Risk Mitigation metrics for Platform & Corporate Infrastructure
* Security Assessments - New Product/Feature development
* Security Assessments - Third Party Vendor Risk Assessments
* Security Project Status
* Interacts with Postmates technology, and business stakeholders to understand risks critical to infrastructure, define potential business impact and establish corrective action plans.
* Prepares weekly reports for senior leadership on Information Security KPIs.
OUR PREFERRED QUALIFICATIONS
* Knowledge in NIST, PCI DSS, SOC 2 type security standards.
* Knowledge in Information Security industry best practices with hands-on experience developing and managing an Information Security Management System.
* Experience functioning as an Information Security Technical Program Manager, Information Security Technical Project Manager, Information Security Engineer or Information Security Analyst for at least 5 years.
* Deep technical knowledge of security concepts such as vulnerability risk assessments, privacy assessments, intrusion detection, incident response, security monitoring, security policy creation, enterprise security strategies, architectures and governance.
* Experience using Atlassian Jira for team workload assignment and prioritization through Scrum or Kanban project management.
* Experience configuring, managing and providing support for GRC, ERM and SIEM tooling.
* Experience with developing compliance and security analytics/insights through BI/analytics tooling.
* Familiar with standard SQL or python scripting languages.
* Ability to work effectively while prioritizing and juggling competing priorities in a fast-paced work environment.
Postmates has your back. In our impact-first work environment, we value huge company vision. As you strive to build the future with us, we'll support you with a competitive salary and equity plan, along with access to our 401k plan and robust benefits including: health benefits, flexible paid time off, parental benefits, and food perks.