Job Specifications
About Jotform
Jotform is a San Francisco-based SaaS company with more than 35 million users worldwide. We are thriving and growing, and we’ve never needed outside funding. That’s because we like keeping things agile, independent, and fun. Jotform believes everyone should be able to create their own online forms. Our 10,000+ ready-made form templates, 100+ integrations, and more than 380 widgets have made us one of the most popular online form builders for organizations of all sizes — from small businesses to enterprises.
Role Summary
This position is a HANDS ON TECHNICAL POSITION in which the ideal candidate will be able to function from not only a process and planning perspective but also be a key contributor to security architecture and technology decisions. This role will be responsible for the design, development, and implementation of new and innovative solutions to protect the Confidentiality, Integrity, and Availability of Jotform owned/ managed information assets.
This is a full time, fully on-site position based out of our Vancouver, Canada office.
Here’s what you will be doing:
Ensure compliance with regulatory requirements and oversee incident response related to security, availability, and data privacy within the Jotform platform which is used by more than 30 million people worldwide. Maintain adherence to industry standards for a SaaS company while applying hands-on expertise in these areas
Ensure cybersecurity stays on the organizational radar. Identify and address potential vulnerabilities in our systems architecture, development processes, other security practices
Detail out the security incident response program for business continuity, disaster recovery, and incident response plans
Continuously review technology proposals for security and privacy controls and recommend adjustments
Develop, publish, and maintain comprehensive information security standards, policies, procedures, and guidelines for our website in line with industry standards and best practices
Manage a team of global security engineers
Continuously educate our global DevOps Engineer and Developer teams on security awareness, arming them with the knowledge necessary to speak to our security confidently
Respond to client due-diligence requests for information security
Perform other miscellaneous duties as assigned
Education /Work Experience /Technical Requirements:
Engineering degree from an accredited institution
Minimum 10 years of hands-on security experience in architecting, engineering, or administering SaaS solutions
An understanding of agile software development and secure software development lifecycles
In-depth knowledge of securing web applications and applicable laws and regulations like PCI-DSS, SOC 2, and HIPAA in a fast paced regulated work environment
Professional Certification for one of the following GSEC/CISA/CISM/CISSP/CSCS/CEH or equivalents or willingness to obtain one within 8 months of the date of hire
Solid knowledge in network security, authentication protocols, cryptography and network security principles
Proficiency in analyzing security logs, including but not limited to application logs, server logs, and network traffic, to detect suspicious activities
Hands-on experience with PHP, MySQL, Node.js, Docker, and Elasticsearch. Knowledge of securing these technologies and maintaining a secure infrastructure is a must
Personal Specification/Skills:
High external focus for industry trends, cybersecurity threats
Enthusiasm and a high degree of adaptability
Strong diagnostic skills and holistic view for solution
Ability to clearly articulate complex concepts (both written and verbally)
Strategic thinker who can translate vision to tangible execution and results
Able to work at incredible speed and with focus is a must for this role, candidates must be able to prioritize responsibilities to manage a large workload with very tight timelines
Base pay range: $160K - $220K CAD. This position may be eligible for a performance-based bonus. Exact compensation may vary based on skills and experience
OUR PROCESS
We’ll review your application along with all the others we receive and pick the top profiles for a screening call. In many cases due to time constraints and our candidate volume, only the short-listed candidates are contacted but we do consider each application carefully.If you have been selected as a short-listed candidate, we will contact you for a short screening call to get to know you better. If you don’t get a call, please don’t be disappointed! We receive many applications for each role and have to prioritize who we speak to.
We thank all applicants in advance for their interest and taking the time to apply for this position at Jotform!
Jotform is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characte
About the Company
Trusted by over 30 million users worldwide, Jotform's powerful forms and suite of no-code tools are flexible enough for small businesses and robust enough for enterprises. Jotform helps organizations go from busywork to less work with forms that use conditional logic, accept payments, generate reports, automate workflows, and more. Jotform's products make it easy for any team to streamline its processes. The options are limitless with Jotform's 10,000 templates, hundreds of integrations, and almost 400 widgets. Jotform has t...
Know more