This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description The Director of Security will oversee and lead Remote’s security team and function. They will manage Remote’s security strategy and its implementation to ensure the confidentiality, integrity and availability of the organisation’s systems and information. Key Responsibilities - Define, implement, communicate and maintain security strategy, policies, goals and requirements aligned with business strategy, and manage security resources, to support the company’s objectives. - Work with the Security Council and Remote’s senior leadership in developing Remote’s Information Security vision, strategy and road-map of Remote’s Security function. - Recruit and nurture individual growth to build an autonomous and high performing Security team. - Be an advocate of information security best practices and proactively looking to improve and drive Remote’s security posture, driving efforts to improve Security Awareness across the company. - Drive Remote’s security risk management program, by partnering with Legal, Data Protection and Finance in developing and managing our enterprise risk management framework(s), and collaborating with senior leaders in reducing Information Security risks. - Manage and improve upon our Application Security initiatives and personnel to make sure Remote is delivering the most secure Platform possible to its customers. - Build a Security Incident Response processes and culture within the Security Team. - Report to Remote’s top management about security risks, threats and their potential impact, incidents and security performance. - Drive security compliance requirements from customers, standards and regulations. - Supervise the management and improvement of Remote’s ISMS as defined in Remote’s ISMS roles and responsibilities document. Qualifications - Extensive experience managing security teams, including people, resources, stakeholders and security service management. - Certified in cybersecurity management, e.g. CISSP, CISM etc. - Understands the leadership responsibilities and prioritizes execution of company-wide strategy. - Experience in cyber security strategy management and implementation and fostering a security culture. - Proficient with security principles, technologies and security engineering domains. - Ability to clearly articulate security issues to all types of business stakeholders, including Board members. - Ability to navigate through ambiguous problems in a hyper-growth environment. - Excellent writing and communication skills. Etiquette - Solid display of Remote’s Values. - Proactively seeks new tools and frameworks that can improve the team's productivity. - Clearly communicates needs and requirements to optimize productivity. - Fosters feedback and mentoring within the security team. - Suggests new initiatives and approaches to current problems. - Helps everyone grow continuously. - Clearly aligns mission and vision within the security team. - Publicly empowers the team and gives visibility to the work group successes. Practicals - You'll report to: VP, Engineering. - Direct reports: Four. - Team: Security. - Location: EMEA / AMER. - Start date: As soon as possible. Application Process - Interview with recruiter. - Interview with future manager. - Team Interview 1. - Team Interview 2. - Team Interview 3. - Executive Interview. - Bar Raiser Interview. - Prior employment verification check. Benefits - Work from anywhere. - Flexible paid time off. - Flexible working hours (we are async). - 16 weeks paid parental leave. - Mental health support services. - Stock options. - Learning budget. - Home office budget & IT equipment. - Budget for local in-person social events or co-working spaces. How to Apply Please fill out the form below and upload your CV in PDF format. We kindly ask you to submit your application and CV in English, as this is the standardized language we use here at Remote. If you don’t have an up-to-date CV but you are still interested in talking to us, please feel free to add a copy of your LinkedIn profile instead. We will ask you to voluntarily tell us your pronouns at the interview stage, and you will have the option to answer our anonymous demographic questionnaire when you apply below. As an equal employment opportunity employer, it’s important to us that our workforce reflects people of all backgrounds, identities, and experiences and this data will help us to stay accountable. We thank you for providing this data, if you choose to. Please note we accept applications on an ongoing basis.

• This role will focus on securing and improving our identity ecosystem. • The engineer will work primarily with our identity provider (such as Okta, Google Workspace, and Azure AD), as well as with IT Engineering’s Identity squad to strengthen authentication, access provisioning, and access control. • They will also help dogfood and improve our identity-related products, including Trelica, 1Password, and Kolide. • This engineer should be comfortable working in evolving problem spaces, proactively driving tasks and small projects to completion, and collaborating effectively with partner teams. • The role requires hands-on technical expertise, opportunities to automate and improve identity processes, and the ability to grow skills through mentorship and collaboration with more senior engineers. • Potential work on nights or weekends in the event a significant security issue is discovered.

• Develop and maintain security policies, SOPs, and incident response plans. • Manage access control, badging, visitor management, and key/lock programs. • Oversee CCTV/VMS, alarms/IDS, and monitoring; ensure timely response and reporting. • Lead incident handling and investigations; perform RCA and corrective actions. • Conduct risk assessments, audits, and drills; track metrics and compliance. • Manage guard force and security vendors; coordinate with DC ops, EHS, and legal. • Plan lifecycle upgrades and maintenance for security systems and infrastructure.

• Deliver successful consulting engagements across multiple Risk offerings while maintaining a high degree of customer satisfaction. • Perform qualitative and quantitative risk assessments using industry-recognized frameworks, such as FAIR, ISO 31000, 30101, 27005, NIST 800-30, etc. as a lead consultant. • Provide advisory services to GuidePoint customers to help mature their cyber risk management and information security programs. • Establish strong relationships and trust with customers to understand customers’ business environments and requirements. • Work with other GuidePoint Security practices as part of a cohesive cross-functional team. • Remain current on industry developments and incorporate into service delivery. • Strong ability to work independently and multi-task on multiple projects simultaneously. • Ability to contribute to practice and offering development. • Provide mentorship to other Risk consultants and team members. • Personal drive and passion for growing themselves and the Risk Practice. • Clear communication skills.