IT Security Lead

Rank One Computing (ROC) is an employee-owned cutting-edge developer of computer vision based biometric and video analytic technologies. Our core offering, the ROC SDK, provides algorithms that are industry leading in accuracy and efficiency. More recently, ROC’s product portfolio has grown to include full-stack, end-user systems that leverage the algorithms contained in the ROC SDK. We license our software in support of a wide range of applications including financial services, law enforcement, military, and consumer electronics.

To assist with our growing suite of software systems, we are seeking an IT Security Lead who has a passion and proven experience deploying cloud and on-premise software in compliance with industry best practices and certifications. The role of IT Security Lead will engage with software development, product management, and business teams to ensure that our industry-leading biometric and computer vision algorithms are developed and made available in a secure manner, compliant with industry best practices and certifications.

To be successful in this role, you should have experience with IT security, cloud security, and DevOps. Ultimately, you’ll lead IT security across the organization and help us to achieve certifications relevant to fintech and government, which are necessary prerequisites to large scale deployments.

Responsibilities:

• Draft security architecture documents, flow diagrams and other documentation to describe the components of each of our products and how they operate. Identify and recommend security mechanisms in products relating to how data is protected from unauthorized disclosure, modification or tampering in accordance with high industry-standard security procedures.
• Adopt and administer a best practice IT security policy (an initial draft is already available). Consider SSO/SAML & multifactor for all login, password standards, security training, anti-virus & anti-malware, disaster recovery & business continuity plan, etc.
• Respond to all security questionnaires and adapt policies and security procedures as needed.
• Lead third-party security reviews and evaluations.
• Fully document product security protocols.
• Identify secure coding practices (e.g. OWASP, SEI CERT) and implement them across the team.
• Identify best practices for patching and update processes, security monitoring, attack detection and automatic response to attacks.
• Implement best practices for access controls to codebases, servers & system resources.
• Implement risk management policies and procedures.
• Identify all frameworks needed to be followed by the organization – e.g. CMMC 2.0, NIST SP 800-171, NIST SP 800-63, NIST SP 800-53, ISO/IEC 27001, SOC 2, etc.
• Implement data protection by design across all products and system resources.
• Lead third-party vulnerability and penetration testing and/or self-testing.
• Lead cloud security & DevOps for growing suite of web applications.

Required Skills and Experience:

• 5+ years of proven work experience as an IT Security Lead or similar role
• 7+ years working in an IT security environment
• In-depth knowledge and passion for IT security best practices and compliance with certification standards
• Proven track record of compliance with relevant industry standards (see below)
• Up-to-date proficiency with industry-leading cloud security standards
• Experience with agile collaboration tools (e.g. JIRA or similar)
• Team spirit; strong communication skills to collaborate with various stakeholders
• Good time-management skills
• BS in Computer Science or relevant field

Other Relevant Skills and Experience:

• Experience in a technology company environment, computer vision or biometrics experience preferred.
• Experience working with streaming video input.
• Experience with IT security for consumer and commercial grade applications
• Experience with IT security for government customers

Target Compliance Certifications

• Fintech Certifications – ISO/IEC 27001, SOC 2, PCI DSS, FIDO Alliance, NIST 800-63
• Government Certifications – NIST SP 800-171 / CMMC 2.0, NIST SP 800-53, Facilities security clearance (NISPOM & DD 254), FedRAMP

Preferred Applicant Certifications

• AWS Certified Security – Specialty – https://aws.amazon.com/certification/certified-security-specialty/
• AWS Certified Developer – Associate – https://aws.amazon.com/certification/certified-developer-associate/
• AWS Certified DevOps Engineer – Professional https://aws.amazon.com/certification/certified-devops-engineer-professional/
• AWS Certified Solutions Architect – Professional https://aws.amazon.com/certification/certified-solutions-architect-professional/
• AWS Certified Cloud Practitioner – Foundational https://aws.amazon.com/certification/certified-cloud-practitioner/
• (ISC)² Certified Cloud Security Professional (CCSP) – https://www.isc2.org/Certifications/CCSP
• (ISC)² Certified Information Systems Security Professional (CISSP) – https://www.isc2.org/Certifications/CISSP
• ISACA Certified Information Security Manager (CISM) – https://www.isaca.org/credentialing/cism
• ISACA Certified Information Systems Auditor (CISA) – https://www.isaca.org/credentialing/cisa
• ISACA Certified in Risk and Information Systems Control (CRISC) – https://www.isaca.org/credentialing/crisc
• GIAC Security Expert (GSE) – https://www.giac.org/get-certified/giac-portfolio-certifications/
• Cloud Security Alliance Certificate of Cloud Security Knowledge – https://cloudsecurityalliance.org/education/ccsk/
• CompTIA Security+ – https://www.comptia.org/certifications/security

This is a tremendous opportunity for anyone eager to build and deploy state-of-the-art real-time computer vision systems that will be used across a variety of industries. You will work alongside a team of experts in machine learning and systems engineering to develop products that leverage our technology for operational use.

If you feel you are a good fit for this role, please let us know by sending your resume to [email protected].

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

If you end up joining ROC.ai, you will join a work culture that is built on the premise that a well nourished personal life bears the most fruit in one’s professional life. Every member of our team has a strong work ethic. We reward this effectiveness with an insistence on taking time off for rest, reflection, family, and personal health.

Our office is located in the downtown Denver area, at 1290 N Broadway Street. We have beautiful mountain views from our upper floor corner office. We often provide company funded lunches, and fund social activities.

Compensation for this role includes: competitive salary with opportunities for growth, performance bonuses, generous stock options, health insurance coverage, and contributions to 401k.