InfoSec Program Manager

Not required but preferred: Experience implementing customer facing Trust portals for InfoSec documentation and experience supporting customer audits

EST Hours preferred. CST also ok

Travel: up to 2 times a year to the Palo Alto office

About the team
The Information Security organization advances the overall state of security at Rubrik through critical initiatives and coordination of large security projects. Information Security builds technologies, tools, and processes to better enable teams at Rubrik to develop secure software and protect data and systems with appropriate security controls. Information Security also develops systems to monitor and respond to attacks against our assets, provides awareness education to teams on security best practices for data protection, and ensures data governance and data sharing relationships with third parties in order to securely protect Rubrik information.

What Youll Do:
Rubrik is seeking an Information Security Program Manager who will oversee activities for the Customer Trust function. As a member of this team, you will be a highly motivated individual who will be responsible for the execution and continuous maturity of these service areas. The successful candidate will need to build and maintain strong cross-functional relationships across the company, and have exceptional interpersonal skills to manage customer-facing conversations. To achieve this you must have excellent leadership, communication, and decision making skills.

Responsibilities:
We are looking for a highly motivated individual that wants to be a part of a front-line customer facing function of security within Rubrik that helps sales close revenue opportunities by sharing Rubriks security posture with customers. Key responsibilities include sharing Rubriks security posture with customers by interacting with key security stakeholders in the customers organization, responding to customer RFPs, facilitating customer audits and other customer requests that are related to Rubrik's enterprise or product security and compliance capabilities.

In this role, you will:
Respond to security and compliance portions of customer RFPs in an accurate and timely fashion (i.e., within agreed upon internal SLAs).
Coordinate with other Information Security, Product security and Engineering SMEs, as needed to
respond to customers.
Build narratives and perform security reviews of new products to ensure there are accurate responses for RFPs.
Support security and compliance related customer audits, as requested.
Be well-versed in Rubrik's products, particularly as they pertain to security and compliance features and secure SDLC practices.
Work with Sales Operations, Field Operations, Sales, Sales Engineering, Marketing, and Engineering teams to intake requests and drive improvements to the customer trust process.
Execute operational activities related to the maturity and measurement of the customer trust process to provide high quality services that enable sales at Rubrik.
Drive the maturity of the customer facing collateral that disseminates security and compliance related announcements and thought leadership to new customers and prospects.
Support the finalization of security and compliance language in customer contracts.
Be well versed with industry leading frameworks such as ISO 27001, SOC 2, PCI DSS, HIPAA and HITRUST

Qualifications:
Required: 3+ years of Customer Trust/supporting RFPs experience in a tech industry
Have driven several security and/or operational Information security processes within a company.
Experience reviewing and negotiating contracts as it relates to security and compliance obligations
Can implement a solution (design), operational plan, and roadmap to achieve goals.
Ability to meet demanding timelines and SLAs, manage changing priorities and execute tasks with minimal supervision.
Knows how to estimate work effort and incubate skill sets to achieve team goals.
Has knowledge of common security risks, vulnerabilities, and threats and can translate these issues through triage / risk treatment conversations.