Director Enterprise Security, Privacy and Risk

Director Enterprise Security, Privacy and Risk

NevadaNano provides safety and climate solutions for many of the world’s largest corporations, with innovative multi-gas sensing products and continuous IoT monitoring systems based on our proprietary MPS™ sensor platform.

NevadaNano is looking for an experienced Director of Enterprise Security to be a leader in establishing and maintaining company and product-wide strategies around security, privacy, and risk management. This person will collaborate closely with an existing SaaS/cloud team to ensure the company and the product meet the requirements for a world class product collecting highly sensitive and valuable data.

This is an amazing opportunity to join a small, fast growing company at the beginning of a tremendous breakout phase and help develop a high-volume green-technology product to reduce global warming.

Primary Responsibilities

• Strategic Leadership: Develop and implement comprehensive security, privacy, and risk management strategies aligned with the company’s business objectives and compliance requirements.
• Regulatory Compliance: Ensure compliance with relevant industry regulations (such as GDPR, CCPA, HIPAA, etc.) and standards, as well as contractual obligations with Fortune 50 clients.
• Risk Assessment and Mitigation: Conduct regular risk assessments to identify potential vulnerabilities and threats to our systems, networks, and data. Develop and execute mitigation plans to address identified risks effectively.
• Security Architecture: Design and maintain a robust security architecture for our SaaS IoT platform, encompassing network security, data encryption, access controls, and authentication mechanisms.
• Privacy Protection: Implement measures to protect the privacy of user data, including data anonymization, pseudonymization, and privacy-enhancing technologies.
• Incident Response and Recovery: Develop incident response plans and lead timely responses to security incidents or breaches. Coordinate with internal teams and external stakeholders to contain incidents, mitigate impact, and restore normal operations.
• Security Awareness and Training: Promote a culture of security awareness throughout the organization through training programs, awareness campaigns, and regular communication on security best practices.
• Vendor Risk Management: Evaluate the security posture of third-party vendors and service providers, ensuring they meet our security standards and comply with contractual requirements.
• Security Governance: Establish and maintain effective security governance frameworks, policies, and procedures to ensure consistent adherence to security practices across the organization.
• Security Audits and Assessments: Coordinate and oversee internal and external security audits, assessments, and penetration tests to validate the effectiveness of our security controls and identify areas for improvement.

Security Qualifications

• • Bachelor’s degree or higher in Computer Science, Information Security or related field (Master’s degree preferred).
  • CISSP, CISM, or other relevant security certifications.
  • Minimum of 10 years of experience in enterprise security, with at least 5 years in a leadership role.
  • Deep understanding of security principles, practices, and technologies, particularly in the context of SaaS and IoT environments.
  • Proven track record of successfully developing and implementing security, privacy, and risk management programs.
  • Strong knowledge of regulatory compliance requirements and standards applicable to the handling of sensitive data.
  • Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and communicate complex security concepts to non-technical stakeholders.

Personal 

• Love of startups and small companies
• Collaborative – enjoy working on multiple tasks with multiple groups
• Self-starter – do what needs to be done without being told what to do
• Modest – focused on what is best for the team and company
• Customer focused – passion to give customer best experience possible
• Student – always open to learning
• Be willing to wear multiple hats – do what needs doing
• Creative – ability to search for and implement new ideas and solutions