Netomi is an AI-first customer service platform that enables companies to deliver the highest quality customer experiences while significantly reducing cost. Netomi's Relationship Operating System automatically resolves up to 80% of routine customer service inquiries, decreasing resolution time, and increasing customer satisfaction and support quality. The patented, no-code platform works across messaging, chat, email and voice, and understands 100+ languages. Netomi is based in San Francisco and has offices in New York and India.
Want to have a direct impact in solving the top challenges businesses face today? Join us!
Netomi’s Head of InfoSec develops, enhances, and oversees the global information security operations activities of Netomi’s diverse and decentralised computing environment. They are responsible for establishing the company’s security strategy and direction and leading a growing team of InfoSec professionals with various areas of cybersecurity expertise.
The Head InfoSec identifies major risk factors (compliance and operational) for the company, and provides technical leadership related to SOX, SOC2, HIPAA etc. The incumbent leverages their extensive background in Security and Risk Management to help prepare security policy and design templates, guides, documentation, procedures, and frameworks that are linked to cyber based activities. They map risks to specific techniques and mitigation methods and oversee the development and maintenance of the data compliance framework. In addition, InfoSec drives the implementation of security plans, including internal training, event monitoring, and incident response. The Head, InfoSec and Compliance, demonstrates relevant, collaborative leadership experience, proven execution ability, and deep technical information security experience.
- Develops and drives implementation of a short and long term security strategy and goals in alignment with Netomi’s business objectives and culture.
- Oversees information security in enterprise IT infrastructure and in deployment and management of enterprise applications.
- Guarantees the strong performance of security operations across multiple data centers, as well as cloud-based service operations centers.
- Secures operations involving large groups of R&D, Engineering, and development operations, requiring connectivity and integration with third party partners.
- Responsible for the 24 x 7 x 365 Security Operations Center and accountable for availability of global security systems including monitoring, vulnerability management and other information protection capabilities.
- Performs gap analysis of current state versus industry best practices for the autonomous vehicle industry.
- Partners across the organisation to ensure that security is designed into products and processes from the early stages.
- Acts as a Subject Matter Expert ('SME') and liaison for all InfoSec teams during discussions on technical architecture and design reviews; provides input, feedback, advice, and guidance.
- Identifies and classifies risks related to new implementations or existing infrastructure and application solutions and provision of guidance for remediation.
- Establishes and enhances Policies and Procedures to ensure the following of security best practices and compliance.
- Establishes governance processes and drives prioritisation of security workload across the security workforce, and with dependent stakeholders.
- Establishes and manages operations to maintain security for Controlled but Unclassified (CUI), PCI, and other sensitive data.
- Assesses and identifies security controls for sensitive and regulated data, and refines and oversees compliance programs aligned with regulatory and international standards (e.g., ISO27001, SOC2).Develops and drives security risk analysis, mitigation, and remediation plans. Plans for and leads security incident response and recovery efforts.
- Evolve Netomi’s capability to monitor threats and vulnerabilities as well as detect, investigate, respond to, and recover from incidents.
- Owns all documentation, process, and training surrounding Netomi’s disaster recovery abilities.
- Ensures the appropriate development and delivery of end user security awareness training, effective reporting, as well as performance metrics; executes on security metric reporting to ensure business and senior leadership have a proper view of current security state and risks, globally.
- Stays abreast of new and evolving market trends, best practices, and industry specific information. Researches, monitors, and analyses trends related to security in the automotive, machine learning, and autonomous driving spaces. Provides thought leadership, insights, and recommendations for optimising security and streamlining processes.
- Provides strong leadership in the recruitment, training and development of top-quality InfoSec talent, ensuring the high level of performance and productivity. Builds morale, motivates and instills productivity and teamwork, creates and promotes a positive and supportive work environment.
- Creates a culture of continuous improvement for processes, systems, data, training, people, etc.
- 7+ years of enterprise information security or relevant technology experience.2+ years experience leading a team of InfoSec/cybersecurity professionals.A breadth of hands on and senior leadership experience in security, engineering, or IT management.
- Can work with third parties to get various certifications such as SOC2, HIPPA, etc.
- Can work with external entities to run external network scans and Penetration Tests regularly.
- In-depth understanding and management of global information security, and security technologies such as intrusion detection and content filtering, threat patterns, security architecture, application architecture, and compliance criteria.
- Thorough understanding of SDLC and Application Security Policies, Design and Documentation.
- Ability to communicate, interpret Infosec and playback requirements to a non-technical security team (ie non-functional requirements).Thorough understanding of Risk Management principles (Risk Register, Cyber risks etc).Fundamental understanding of Incident Management and Security Operations.
- Knowledge of Information technology infrastructure library (ITIL) (certification preferred) with respect to security administration and information technology governance in a multiplatform environment.
- Experience securing and navigating cloud platforms, such as AWS (Amazon Web Services), Azure, or GCP (Google Cloud Compute) platforms.
- Knowledge of common operating systems (e.g. Windows, Linux, etc.), endpoint security principles, networking services and protocols; understanding of security technologies (IDS, firewalls, SIEM), cloud security monitoring technologies and the desire to remain technically hands-on, but also operate on a strategic level.
- Deep knowledge of relevant security and compliance frameworks, standards, and regulations (such as SOC2, HIPAA,NIST, COBIT, ISO270xx).Ability to clearly and succinctly communicate verbally and in writing, translating technical jargon to correspond with the audience's knowledge and understanding.
- Strong organizational skills, ability to coordinate multiple tasks and support projects of varying complexity concurrently.
- Natural problem solver; analytical and oriented towards diagnosis and remediation.
- Creative and proactive thinker; can employ a user mindset and generate solutions and proactive recommendations for optimal end user experience.
- Driven to learn and a commitment to keeping current with best practices and emerging industry trends in a quickly evolving sector.
- Adept at leading groups of people with diverse perspectives to acceptable solutions.
Netomi is an equal opportunity employer committed to diversity in the workplace. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, disability, veteran status, and other protected characteristics.