Director, Corporate Security

About Nintex:

At Nintex we are transforming the way people work everywhere.

As the global standard for process intelligence and automation were trusted by over 10000 public and private sector organizations across 90 countries. Our customers from industry giants like Amazon Coca-Cola and Microsoft rely on the Nintex Platform to accelerate their digital transformation journeys by managing automating and optimizing business processes quickly and efficiently. We improve their lives through the technology we build.

We are committed to fostering a workplace that supports amazing people in doing theirvery best work every day. Collaboration is constant our workplace is fun the environment is fast-paced and we value our peoples curiosity ideas and enthusiasm. Driven by passion and accountability we take initiative measure progress and deliver results. Our culture fosters innovation and problem-solving fueled by curiosity and a commitment to thinking big. Together we move with agility prioritize customer needs and build unity through empathy leaving a positive impact wherever we go.

About the role:

The Director Security and Compliance willbe responsible forthe strategic leadership of the security and compliance program at Nintex. The security leader willestablish maintain enhance and grow comprehensive security strategies policies and procedures to ensure the integrity confidentiality and availability of intellectual property and assets are protected. The Director willbe responsible forproactivelyidentifying assessing andreporting onsecurity risks thatmeetsregulatory requirements and supports the risk posture of the Nintex.

Your contribution will be:

Information Security:

• Establish near and long-term internal security and compliance goals define security strategies metrics reportingmechanismsand programservices;and create a roadmap for continual security and compliance growth.

• Lead the design implementation and protection of security controls processes and technologies to protect the organizations intellectual property and assets.

• Actively engage in a threat management and intelligence program in collaboration with an outsourced Security Operations Center (SOC).

• Provide regular and consistent reporting on thecurrent statusof the information security program to senior business leaders.

• Manage security incidents and breaches including incident response investigation and remediation efforts.

• Maintain shape and grow up-to-date information security policiesstandardsand guidelines.

• Learn investigate and examine new security technologies that can strengthen and provide depth to Nintexs security posture.

Risk Management and Compliance:

• Establish andmaintainthe BC/DR program throughout Nintex.

• Enhance andfacilitatethe information security risk assessment process including the reporting and oversight of treatment efforts to address findings.

• Work closely with internal stakeholders and externalauditorsand consultants on ISO and SOC audits.

• Lead efforts to internally assessevaluateand make recommendations to managementregardingthe adequacy ofthe securitycontrols forthe informationtechnology systems.

• Lead enhance and evolve the Crisis Response Team including annual Disaster Recovery testing and tabletop exercises.

Security Education:

• Enhance and deliver security awareness and training programs to educate employees on best practices and promote a security-conscious culture.

• Monitor the external threat environment for emerging threats andadvisesrelevant stakeholders on theappropriate coursesof action.

Product Security:

• In collaboration with Product and Engineering leaders and develop processes and implement tooling to integrate security into Product which includes threat modeling cloud security posture and other security protections.

• Establish a red and blue team exercise withproductto focus on emerging and trending cyberattacks.

Leadership:

• Manage hire and grow security engineers and complianceanalyst.

• Collaborate with cross-functional teams including IT legal compliance and product and R&D to implement security policies and awareness.

• Partner withInfrastructureand Support team todeliver onsecurity initiatives and create a roadmap and plan for future security initiatives.

• Partner with internal key stakeholders to assess our posture build controls and mitigate security risks.

• Establish andmaintainrelationships with external vendors partners and industry peers to stay informed about security trends andleverageexternalexpertise.

• Establish and grow an environment for emerging threats andadvisesrelevant stakeholders on theappropriate coursesof action.

To be successful we think you need:

• Bachelors degree in computer science or similarfieldsuch as Engineering Information Security or Information Systems.

• Current and relevant Industry Certifications such as CISSP CCSP or CISA.

• 10 years of direct experience in an Information Security role.

• 5 years of experience leading teams in a Security organization.

• Deep familiarity with enterprise security technologiessuch as:firewalls EDR SIEM MDR MFA CASB vulnerability management encryption technologies etc.

• In-depth knowledge of information security principles practices technologies standards risk managementmethodologiesand frameworks.

• Exceptional problem-solving and analytical skills with the ability to distill complex and nuanced issues into structured frameworks and processes.

• Strong executive level oral and written communication skills with ability to understand technology sufficiently to clearly communicate the complexity in simple terms for key stakeholders both in one-on-one and public settings.

• Strong ability to translate strategic-level goals into actionableobjectives.

• Knowledge of common information security and compliance management frameworks such as ISO/IEC 27001 SOC2 and NIST.

• Proven ability to manage and mentor both technical and non-technical individual contributors and managers.

• Experience managing a geographically dispersed team supportingthe ongoingprotection and monitoring.

• Experience with contract and vendor negotiations and management including managed services.

Whats in it for you

Nintex has a hybrid working model enabling us to build culture learn and grow together. We intentionally connect and collaborate while emphasizing flexibility with a blend of at-home and in-office work. This role is a hybrid role in our local Nintex office.

While our offerings differ from country to country we offer our entire global workforcean array of exciting perks and benefits including

• Global Gratitude and Recharge Days
• Flexible paid time off policy
• Employee wellness programs and counseling resources
• Meaningful peer recognition and awards
• Paid parental leave
• Invention/patenting assistance
• Community impact paid volunteer time and opportunities
• Intercultural learning and celebration
• Multiple tools through which to learn and grow and an incredible global community

View more about our benefits here: Compensation Range (US ONLY): 205000 - 220000USD annually. On target compensation refers to the base salary and applicable variable target for this role. The range is an estimate base pay will ultimately be decided at the offer stage based on an individual candidates skills and experience aligned with the needs of the role. Base pay may vary based on several factors including geographic location role specific qualifications and seniority. Nintex also offers a competitive benefits package including paid time off twelve paid holidays 401(k) with employer match and more.

Nintex participates in E-Verify for work authorization. We are an Equal Employment Opportunity Organization.