EverCommerce - Director, Security Architecture & Engineering

About The Position

Requirements

• At least 10 years of relevant work experience in a technical field (e.g. cybersecurity, software development, or systems administration)
• At least 10 years of people leadership experience, and at least 5 years people leadership experience specifically in security
• Bachelor's Degree in a technical discipline such as Cyber Security, Information Technology, Computer Science, or Information Systems - or equivalent professional experience
• At least one current Industry recognized security certification; CISSP, CISM, CISA, GIAC or commensurate experience
• Excellent communication and interpersonal leadership skills
• Detail Oriented team player with the desire and ability to mentor and onboard new engineers and team members
• Demonstrated experience with the security, development and/or management of systems compliant to NIST 800-53, NIST CSF, or ISO 27001-2022 security control frameworks
• Exceptional knowledge and understanding on the creation/implementation and securing of cloud technologies such as AWS and Azure
• Extensive ability to estimate, plan, lead and execute complex technical projects
• Knowledge of Information Security risk assessment methodologies and standards
• Highly flexible, self-motivated and eager to learn, with a strong passion for cyber security
• Excellent verbal and written English communication skills

Nice To Haves

• Advanced knowledge regarding common attacks, attack methods, and defense architectures
• Experience in securing multi-tenant compute services, microservices and modern APIs
• Working knowledge of common web and container-based vulnerabilities
• Experience with Information Security policies and procedure development and implementation
• Experience developing technical documentation, including reports, proposals, statements of work, and whitepapers

Responsibilities

• Create and maintain security architecture and engineering processes and procedures
• Design system architectures that meet established cybersecurity requirements and align with customer needs
• Develop security architecture requirements and implementation guidance based on analysis of NIST 800-53 and/or other security control frameworks
• Architect, design, implement, maintain, and operate information system security controls and countermeasures
• Provide techniques and patterns for securing integration with external security system vendors and/or cloud providers
• Lead regular architecture and design reviews to ensure requirements implementation
• Evaluate and play an active role in life-cycle management of multiple security technologies
• Identify security risks and control gaps within systems, designs, products, data flows, and processes; recommend corrective architecture, integrations, controls, and operations
• Lead the development of security requirements, architectures, and documentation to ensure security controls are seamlessly integrated into new technology deployments
• Perform secure architecture and design reviews of new technology and security systems deployments
• Maintain a clear view of the overall security architecture roadmap and strategic plan
• Leverage emerging technologies and advanced security practices to ensure EverCommerce is at the forefront of security for our solution groups and our customers
• Build, maintain and mature security architecture metrics and reporting
• Recruit, hire, train, coach and mentor security engineers and analysts
• Additional duties as required and assigned

Benefits

• Continued investment in your professional development
• Day 1 access to a robust health and wellness benefits package, including an annual wellness stipend
• 401k with up to a 4% match and immediate vesting
• Flexible and generous (FTO) time-off
• Employee Stock Purchase Program