- Lead our functional security operations teams:
- Detection & Monitoring: collects and stores logs, detects intrusions, identifies potential areas of security improvement or vulnerabilities, and engages in threat hunting across our enterprise and product
- Enterprise Security: defines security profiles for common enterprise assets, including laptops, servers, and SaaS services
- Analysis & Response: collects and analyzes threat intelligence to prepare the rest of our security team against emerging threats and to optimally respond to security incidents
- Develop and implement a long term roadmap for security operations at Postman
- Review and refine existing key security processes; including threat hunting, vulnerability management, log ingestion, security monitoring, threat analysis, and our security incident response lifecycle
- Brief our executive leadership on emerging security threats and develop proposals on how to address these threats through building security controls and processes
- Ensure our entire team is well aligned, collaborating well with partners, and building deep relationships across Postman, including our IT and our product team partners
- Lead and coordinate follow-the-sun processes for our key shared functions
- Engage with partners in the industry, law enforcement, and threat intelligence vendors; and share and exchange standard methodologies with our customers and the SaaS industry
What you bring to the role:
- At least 3 years of multifaceted security leadership and management experience
- Deep domain expertise in at least two of the following: intrusion detection and security monitoring, incident response, threat intelligence and analysis, enterprise and corporate security.
- An understanding and background partnering closely with security compliance, application security, and privacy teams.
- Experience securing cloud based infrastructures; AWS experience a plus.
- Experience with red teaming and offensive security roles preferred.
- Ability to develop a strategic plan, and also discuss details at a technical level with functional managers, engineers, and analysts.
- Experience working with C-level executives to brief them on emerging security threats and security incidents.
- Able to get to the root of an actively evolving problem and mobilize the right people to tackle it.
- Strong collaboration, planning, and prioritization skills. Ability to share ideas with audiences at varying levels, from the C-Suite down.
- An understanding of the challenges faced by cross-geo teams and a desire to solve them. Ability to work and communicate across cultures.
- Outstanding time management and prioritization skills.