Director of Infrastructure & Security
- • Lead and supervise all Security, Infrastructure, and IT efforts.
- • Assist in the planning, estimating, and prioritization of the IT, Infrastructure, and Security roadmaps.
- • Design and plan hiring and onboarding pipelines, following the company’s standards.
- • Build and maintain effective on-call rotations and incident response workflows, to meet the company’s SLAs and maintain uptime.
- • Lead system security and vulnerability analyses.
- • Lead risk assessments and build risk mitigation plans.
- • Design and assist in an AWS organziation re-architecture to scale our AWS infrastructure to 30+ accounts.
- • Rearchitect AWS account infrastructure; including VPC and subnet architecture, routing, security controls, and access management.
- • Built and deploy corporate VPN solution.
- • Managed corporate AV/EDR solution.
- • Managed product infrastructure security moniroting solution.
- • Perform 3rd party vendor evaluations.
- • Coordinate external penetration tests by 3rd parties.
- • Manage Sure's compliance and standards: SOC 2 Type 2 and PCI.
- • Write Incident Response Playbooks.
- • Created and maintain a Incident Response Plan.
- • Built, deployed, and maintain a SIEM to ingest 50+ Gbs of logs daily.
- • Implement security automations to continuously audit and monitor our environment and applications.
- • Created and maintain IT Security policies: Acceptable Use, Password Protection, Clean Desk, Removable Media, PCI, Data Retention and Destruction, and Privileged Access.
- • Deployed and manage WAF solution.