Director, Information Security

| Remote
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

At Edmunds we’re driven to make car buying easier. Ever since we began publishing printed car guides in the 60’s, the company has been in the business of trust, innovating ways to empower and support car shoppers. When Edmunds launched the car industry’s first Internet site in 1994, we established a leadership position online and have never looked back. Now, as one of the most trusted review sites on the Internet, millions of visitors use our research, shopping and buying tools every month to make an easy and informed decision on their next car. For consumers, we bring peace of mind. For dealers, we make tools to help them solve their problems and sell more cars. How do we do it, you ask? The key ingredients are our enthusiastic employees, progressive company culture and cutting-edge technology. Want to join the team? Read on to find out how!


What You’re Applying For:

As Edmunds’ Director, Information Security, you would lead the company’s security strategy, implement security standards and monitor compliance against security policies. This position works closely with the Chief Technology Officer, business and legal partners, including subject matter experts and end-users, technical resources (internal and third-party vendors), and senior management in the design, development and delivery of security solutions that ensure that the information security requirements defined in company governance are addressed. In addition, you would serve as the key decision-maker regarding the evaluation, procurement and deployment of security-related products, and develop and coordinate information security awareness and education programs.


What You’ll Do:

● Be the ‘go to’ expert for Edmunds on all matters relating to IT security, and advise business stakeholders on security matters.
● Serve as the primary advocate for the development, implementation and support of information security controls, driving adoption and compliance across the organization.
● Partner with the Legal team to manage policies and compliance with relevant legislation/regulation, including privacy laws such as the CCPA.
● Maintain visibility and monitor the operation and effectiveness of cyber and information security controls, ensuring they remain fit for purpose and that issues are remediated and escalated as needed.
● Review the cost-effectiveness and practicality of information security procedures and systems and make suggestions for the improvement of these procedures and systems.
● Ensure that risks associated with third-party business partners are appropriately addressed.
● Maintain portfolio of technical security controls, such as Intrusion Prevention Systems (IPS), Web Application Firewall (WAF), Data Loss Prevention (DLP) and similar tools.
● Develop a program for annual SOC 2 Type II certification.
● Expand and optimize security awareness program.
● Track all information technology and security-related audits, including scope of audits, timelines, auditing agencies and outcomes.

Reporting:
● Lead bi-monthly Security Council meetings and quarterly Security Assurance meetings.
● Provide regular updates and risk information to the CTO, company CISO and senior business stakeholders, ensuring awareness of current and emerging threats.
● Collaborate with company CISO to align Edmunds security strategy with CarMax security requirements

What You Need:

● BS/MS Computer Science, Information Technology or related field.
● CISSP, CISA or CISM Certification preferred.
● 10+ years progressive experience in IT, of which 5+ years are dedicated to a combination of IT infrastructure solutions, information security, compliance, regulatory and risk management.
● Detailed technical knowledge in security engineering, application security, system and network security, authentication, security protocols, and other security technologies.
● Strong experience in securing AWS Cloud Infrastructure.
● Experience in implementing DevSecOps practices.
● Familiarity and knowledge of legal and regulatory requirements like SOX, CCPA, GDPR, PCI.
● Experience in managing regulatory certification programs.
● Experience in managing cyber security program and implementing Firewalls, NIDS, SIEM, End Point Security, Mobility Management, and Vulnerability Scanning.
● Experience successfully managing and delivering IT infrastructure and security programs and projects.
● Effective management of third-party vendor services and solutions.
● Excellent interpersonal skills and ability to influence and negotiate with senior stakeholders.


Edmunds Perks:

  • Flexible time off

  • 13 Paid Holidays

  • Comprehensive Health Benefits (medical, dental, vision, life and disability)

  • Flexible Spending Accounts (Employees) and Health Savings Accounts (Employee and Employer Contributions)

  • 401K Plan with Company Matching at 50%, up to 6% of employee eligible contribution and vesting after 1 year

  • Up to 4 months Paid Parental Leave

  • HeartCash matches employee donations to the causes that are important to them 

  • 2 Days of Paid Time Off for time to dedicate to social impact causes

  • FitCash covers a portion of gym or fitness activity fees 

  • Well being sessions and events such as yoga, meditation and walking challenges 

  • On-going career development sessions and an annual learning event

  • Pet insurance

  • Sabbatical leave

  • Education Reimbursement

  • Plus a coffee bar, frozen yogurt and more!

Working @ Edmunds.com:

Employees think it’s a pretty great place to work and some pretty impressive publications think it is too: we have been recognized as one of the best places to work by the Fortune Magazine and Great Places to Work, LA Business Journal (for the last 6 years!), Computerworld, Built in LA and Inc. Magazine. We've also been identified as one of the best workplaces specifically in Technology and also for Diversity and Asian Americans. If you’re interested in learning more and joining our mission, we’d love to hear from you!


Edmunds will consider for employment qualified candidates with criminal histories in a manner consistent with the requirements of all applicable laws.

#LI-DNP
#LI-REMOTE

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • C#Languages
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • RLanguages
    • ScalaLanguages
    • SqlLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • Twitter BootstrapLibraries
    • ExpressFrameworks
    • Node.jsFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • SparkFrameworks
    • HBaseDatabases
    • MongoDBDatabases
    • OracleDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • DynamoDatabases
    • Google AnalyticsAnalytics
    • IllustratorDesign
    • PhotoshopDesign
    • ConfluenceManagement
    • JIRAManagement
    • SalesforceCRM
    • MailChimpEmail
    • MarketoLead Gen

An Insider's view of Edmunds

What’s the vibe like in the office?

This is not your average corporate office. Everyone is friendly and welcoming. While we're here to get work done, not everything is all business. People here understand the importance of human relationships. Not only are we co-workers, but many of us are also friends, close ones even. To top it off, our office is fun and encouraging to take breaks!

Denise

Director, Software Engineering

What does your typical day look like?

Each day I start by building the Edmunds story from the ground up. Using our own unique reporting tools and in collaboration with our product, analytics and marketing team, I can speak to the value of Edmunds. Once this information is complied, I head out to meet with our dealer partners to go over program results, listen, assess their needs.

Chantal

Account Executive, Major Accounts

What makes someone successful on your team?

I have grown more here than any other company. I am fortunate to have had the opportunity to move between several teams. Each time, it challenged me to pick up new skills. Edmunds has a culture of continuous learning. In my time here, I have participated in study groups to learn: programming language theory, machine learning, and iOS development.

Carlos

Director, Digital Futures Engineering

How do you empower your team to be more creative?

Great ideas are the heartbeat of the Edmunds editorial team and they can come from anywhere. Everyone is encouraged to contribute and we have regular feature meetings where concepts are presented, discussed and evolved. As Editor-in-Chief, I love to be challenged by an idea and it’s hugely rewarding to see them come to fruition.

Alistair Weaver

V.P., Editorial and Editor in Chief

How has your career grown since starting at the company?

I joined Edmunds as an IT manager. Now, I manage a team of 100 employees supporting our B2B dealer business. In 18 years, I have grown beyond my own expectations. From the moment I joined the company, each of my professional needs were met. Continued learning, peer support, skills development and opportunities for advancement greet me every day.

Katti

V.P., Dealer Operations

What are Edmunds Perks + Benefits

Edmunds Benefits Overview

We could tell you all our benefits. But then we'd have to hire you.

Our Santa Monica "EdQuarters" is located just two miles from the beach and less than 12 miles from LAX. The office's custom automotive themed designs and enviable amenities create a work environment unlike anything else in the L.A. Area.

We focus on results, not hours. We offer flexible time off as well as 13 paid holidays. Our team enjoys free gourmet coffee and snacks, fresh fruit and many other amenities.

Culture
Volunteer in local community
Friends outside of work
Eat lunch together
Daily sync
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Unconscious bias training
Diversity manifesto
Someone's primary function is managing the company’s diversity and inclusion initiatives
Diversity Employee Resource Groups
We launched ERGs at Edmunds, which allows employees with a particular commonality or interest to share a space, support each other and spread awareness.
Hiring Practices that Promote Diversity
We conduct interview training for all our hiring teams, which highlights the importance of diversity and brings attention to unconscious bias during the recruiting process.
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Pet Insurance
Wellness Programs
Team workouts
Mental Health Benefits
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Match charitable contributions
Child Care & Parental Leave Benefits
Child Care Benefits
Generous Parental Leave
Flexible Work Schedule
Family Medical Leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Volunteer Time
Our Social Impact Paid Time Off Policy encourages employees to dedicate time to contribute to positive social change.
Sabbatical
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
Game Room
Game rooms featuring classic video games, Foosball, and air hockey.
Stocked Kitchen
Our team and visitors enjoy free gourmet coffee and snacks, daily deliveries of fresh fruit, a frozen yogurt machine with toppings bar, in addition to other complimentary food and beverage options.
Some Meals Provided
Happy Hours
Parking
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Diversity Program
Lunch and learns
Promote from within
Mentorship program
More Jobs at Edmunds24 open jobs
All Jobs
Finance
Data + Analytics
Design + UX
Dev + Engineer
HR + Recruiting
Marketing
Operations
Product
Content
Developer
new
Remote
HR + Recruiting
new
Santa Monica
Design + UX
new
Santa Monica
HR + Recruiting
new
Remote
Design + UX
new
Santa Monica
Data + Analytics
new
Santa Monica
Marketing
new
Santa Monica
Developer
new
Remote
Operations
new
Santa Monica
Product
new
Santa Monica
Data + Analytics
new
Remote
HR + Recruiting
new
Santa Monica
Developer
new
Remote
Operations
new
Santa Monica
Data + Analytics
new
Santa Monica
Operations
new
Remote
Developer
new
Remote
Finance
new
Santa Monica
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Edmunds's full profileSee more Edmunds jobs