We’re looking for someone who knows about security, security policies, and security procedures, with a pragmatic, sensible and realistic approach to these things.
The ideal person for this job would love to spend their days doing these things:
Determining the things that we should be doing (or what we should change) to make sure that our software and hardware is secure, backed up, and running.
Implementing new process or changes to keep us in line with best practices for security.
Documenting our security policies and procedures for internal use and for our clients to know what measures we take (including answering RFIs from prospective clients).
Executing the documented steps and procedures to make sure we actually perform the awesome security precautions and policies that you’ve put in place. This also includes administering systems tests, configuring servers and being responsible for up time.
Adapting to the ever-changing needs of a startup culture. You’ll likely be spending most of your time doing security things, but you’ll likely be asked to do other things as they’re needed.
Certain things that you should be familiar with, if you’re the right person for this role:
System backups/disaster recovery
Intrusion detection systems
Amazon Web Services