Who You Are

Justworks Digital Security team is responsible for the security of Justworks products, platforms, services, and corporate operations. Led by the Chief Information Security Officer, Digital Security’s vision is to become the partner and enabler for business and engineering by working collaboratively with others to embed security in business hygiene and engineering DNA to strengthen our cyber resilience. We are looking for a strong hands-on leader who can establish a critical security function focusing on monitoring, detecting, and responding to the cyber threat, and who can bring our cyber defense operations towards an advanced cyber fusion center.

We are looking for a leader who has passion for security, cyber defense, threat management, vulnerability management, and continuous testing. You have extensive experience to build the team and provide directions and technical guidance to your team. You are a leader who holds yourself and your team accountable for doing the right things in the right way. You are an influencer who helps your team grow, who partners with other teams to work towards our common goal, and who brings positive energy and impact to Justworks. 

Your Success ProfileWhat You Will Work On

• Assess the current state of Justworks monitoring and detection gaps, from all aspects including technology, process and people.
• Create CDO strategy and roadmap to bring CDO towards its maturity level to meet Justworks Digital Security Objectives
• Build and expand the CDO team, including org/role design, operating model, engagement model, career development, and managing individual contributors.
• Build necessary services, and run these services effectively to improve Digital Security’s detection and response capabilities.
• Lead the team to execute the roadmap and deliver projects and services on time, within budget and with quality.
• Lead, manage and mature the people, process, and technologies present in a 24x7 cyber defense operation.
• Own and run Cyber Defense Operation Steering Committee, and provide regular status and report on incidents, vulnerabilities and remediations.
• Leverage the incident response program to conduct cyber table-top simulations and educational sessions with stakeholders
• Understand, determine and support priorities and urgencies, with the ability to prioritize projects, tasks, incidents, risks and vulnerabilities. 
• Provide leadership for incident response investigations, coordinate response activity and brief senior leaders while maintaining confidentiality
• Provide advanced technical leadership and direction to CDO analysts
• Assist CISO on budget planning and budget management for CDO. 
• Work with the CISO and other Digital Security leaders to define and maintain dashboards and metrics that demonstrate CDO’s delivery capability and Justworks security posture related to CDO objectives
• Collaborate closely with the Security Architecture & Engineering (SAE) and Governance, Risk & Compliance (GRC) teams to address vulnerabilities and gaps identified from incidents, with particular focus on  both short term remediation and long term solutions to address security gaps.
• Partner and collaborate with stakeholders such as ProdEng, TechOps, BusOps, Customer Success, Internal Audit, and Crisis Management and to support security and resilience testing.
• Perform other related duties as assigned

How You Will Do Your Work

As the leader of Cyber Defense Operations, how results are achieved is paramount for your success and ultimately result in our success as an organization. In this role, your foundational knowledge, skills, abilities and personal attributes are anchored in the following:

• Clear communication - the ability to articulate thoughts and express ideas effectively using oral, written, visual and non-verbal communication skills, as well as listening skills to gain understanding.

• Ethical practice - the ability to integrate core values, integrity and accountability throughout all organizational and business practices.

• Detail-oriented - exercises extreme attention to detail; is thorough, accurate, organized, and productive and seeks to understand both the cause and effect of a situation.

• Risk assessment - applying a logical step-by-step process to protect, and consequently minimize risks to, the organization, interests and employees.

• Manages complexity - making sense of complex, high quantity, and sometimes contradictory information to effectively solve problems.

In addition, all Justworkers focus on aligning their behaviors to our core values known as COGIS. It stands for:

• Camaraderie - Day to day you can be seen working together toward a higher purpose. You like to have fun. You’re an active listener, treat people respectfully, and have a strong desire to know and help others.
• Openness - Your default is to be open. You're willing to share information, understand other perspectives, and consider new possibilities. You’re curious, ask open questions, and are receptive to thoughts and feedback from others.
• Grit - You demonstrate grit by having the courage to commit and persevere. You’re committed, earnest, and dive in to get the job done well with a positive attitude.
• Integrity - Simply put, do what you say and say what you'll do. You’re honest and forthright, have a strong moral compass, and strive to match your words with your actions while leading by example. 
• Simplicity - Be like Einstein: “Everything should be made as simple as possible, but no simpler.”

Qualifications

• Minimum of 7 years of cyber security experience, especially in security operations, vulnerability and threat management. Experience in security engineering is preferred.
• Minimum of 3 years in a management and/or leadership position with experience in building and developing a team and growing a cyber defense operation and incident response program
• In depth experience leading security incident response processes, preferred in the cloud.
• Proven skills in various elements of incident response, including but not limited to computer intrusion investigations and digital forensics in enterprise environments.
• Strong understanding and advanced knowledge of current and emerging threats, attacks, attacker methodologies, cyber kill chain, MITRE framework and countermeasures, as well as malware, vulnerabilities and their remediations. 
• Experience with the tools and techniques used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations.
• Skill in examining and re-engineering operations and procedures, formulating policy, and developing and implementing new strategies and procedures for the responsible area.
• Experience in using Jira, Kanban to manage and report the work
• Experience in building and running Cyber Defense Operations, participating in strategic planning, developing and implementing short- and long-range goals, and demonstrating the ability to execute the roadmap.
• Ability to gather facts and data for technical proposals and to expand upon them or develop alternatives and to evaluate emerging technologies and identify their potential impact within the existing environment.
• Demonstrated track record of effectively managing through high-pressure situations while maintaining unwavering focus and proactive and open communication channels
• Ability to foster a cooperative and trusted work environment within a complex organizational structure.
• Exceptional written and verbal communication skills - ability to articulate complex technical issues concisely to both technical personnel and executive-level management, and the ability to work with a wide range of constituencies in a diverse community.

#LI-AD1 #LI-Hybrid #LI-JS1

The base wage range for this position based in our New York City Office is targeted at $205,000.00 to $235,750.00  per year.