MightyHive is a new breed of media consultancy that partners with global brands and agencies seeking transformative marketing results in a time of massive disruption and opportunity. Recognized as a global leader in advanced marketing and advertising technologies, MightyHive provides consulting and services in the areas of media operations and training, data strategy and analytics.
The company is headquartered in San Francisco, with teams in 19 countries and 24 cities around the world.
In 2018, MightyHive merged with S4Capital plc (SFOR.L), a new age/new era digital advertising and marketing services company established by Sir Martin Sorrell in 2018.
Summary of Role
We are looking for an InfoSec Engineer who is able to understand the security objectives, interpret the identified risks, and implement the tools & processes to improve the level of security and can proactively detect opportunities for improvement.
As the first dedicated security-based role within MightyHive, this person will be responsible for knowing our security configuration holistically, and engaging in ongoing discussions about best practices for us as a company. We are looking for someone who is passionate about what they do, and not afraid to speak up or make suggestions. Additionally, as MightyHive continues to integrate tools with our parent company, S4 Capital, this role will have the potential to grow and be part of a larger global security team.
This role is well-suited for those who are self-sufficient, dependable, looking for new challenges, and are interested in expanding their skillset.
This is a remote position, and requires that you have adequate resources (such as high-speed internet) to perform the duties listed. Must hold residence in Colorado.
Eventual possibility for travel.
Responsibilities will include:
- Implement security measures for the protection of endpoints, systems, accounts, and data
- Monitor security events for alerts within our tech stack, and investigate any potential breaches
- Routinely perform internal penetration tests and security audits4
- Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
- Perform continuous vulnerability management over the IT environment
- Complete security assessments & RFPs from clients
- Work with other teams to help prepare and document standard operating procedures and protocols related to security
- Interact with the IT and Legal teams, to ensure we are able to find the best security solutions for our company and use case, while also ensuring compliance with legal and private commitments.
- Handle security breaches according to defined policies and procedures, ensuring that all staff members are informed of the situation accordingly.defined policies and procedures, ensuring that all staff members are informed of the situation accordingly.
- Provide topics and materials for security-focused trainings
- Research and propose new security tools to implement different kinds of controls and measures
- 2 or more years of experience in supporting a business on an Information Security level
- Knowledge of security requirements related to GDPR and CCPA
- Hands-on experience auditing and implementing security solutions across several unified platforms and tools. Helpful if you have experience with any of the following:
- Cloud-Based SaaS: Google Workspace, Salesforce, Office365, Slack
- Cloud-Based Infrastructure: AWS, Google Cloud Platform
- Identity Access Management: OneLogin, Okta
- Network Infrastructure: Cisco Meraki, FortiNet, ZScaler
- Endpoint System Security: macOS, Windows, Android, iOS
- Network traffic analysis and events correlation
- Security incident handling
- Problem-solving skills and ability to work under pressure
- Detail oriented and strong organizational skills
- Strong verbal & written communication skills
- Self-sufficient, proactive, and ready for a challenge
- Bonus points for:
- Experience performing white/black box penetration tests and assisting in resolving any discovered vulnerabilities
- Experience working with security policies like ISO 27001, ISO 27032, NIST Cybersecurity Framework, NIST-800 series, SOC 2
What we offer:
- Competitive salary
- Full coverage health insurance including Medical, Dental, and Vision
- 401K with Company contribution
- Flexible vacation time
- Paid Parental Leave after 1 year of service
- MightyHive cell phone plan