CARET brings the latest in technology and automation to over 10,000 legal and accounting firms, empowering highly skilled professionals to refocus their expertise on what truly matters. CARET harnesses powerful and secure practice management, document automation, and payment processing to take firms, professionals, and their clients further.

　　Our team-defined values guide how we show up for each other, for our partners, and for our customers:

　　We succeed together

　　We embrace progress

　　We care big

　　We create space

　　To join our remote-first, engage from anywhere team, visit getcaret.com/careers

　　Requirements

　　The Security Manager is a fully remote position over the Information Security Team at C^RET Legal, reporting to the SVP Cloud Engineering and Technology. This position owns the success of the Cyber Security & Compliance Programs that keep C^RET’s business enterprises secure while protecting the C^RET brand with our loyal customer base. The person manages and participates with the team for all aspects related to the day-to-day operations of the Security and Compliance Dept. With the SVP they will own, create, and deliver department goals that encompass the “defense in depth” and “zero trust” services that support our customers. The manager will work directly with department leaders to continually improve C^RET’s Security posture while striking a balance between business needs, risk, and security requirements. 

　　Job Description:

　　The Security Manager must be able to effectively lead the Security team with strong and demonstrated aptitude for Cyber Security, Physical Security, and IT, supported by extensive and diverse experience in leading high-profile technical programs and projects. Responsibilities to manage a team of Security Professionals with in depth domain knowledge of IT Security, IT Engineering, IT Operations and Application Development. Their responsibilities include, but are not limited to:

　　Responsibilities

　　Lead day-to-day operations of the Security & Compliance department.

　　Review and update our current information security and privacy policies.

　　Create and oversee the implementation of new security and compliance policies and procedures. 

　　Continually improve and guide the automation of security processes such as network scans, vulnerability scans, and security-log reviews. 

　　Conduct assessments and audits to measure the efficiency of our compliance and security systems.

　　Advise executives on the best strategies for optimizing the security of data systems, information assets, and general business processes.

　　Keep up to date with external security and compliance regulations and data privacy and security best practices to lead the improvement of internal security and compliance policies and procedures as required.

　　Conduct regular training sessions and workshops to educate employees about the latest information security and compliance policy updates.

　　Requirement Skills / Abilities:

　　Minimum 2+ years in a Manager Role over Security or Compliance team with experience in growing individuals.

　　Minimum 5+ years of continuous experience in Information Technology (IT) security including IT security engineering, operations and/or compliance.

　　Deep technical knowledge of Cyber Security and IT infrastructure is a must: 1) Cyber Security frameworks (ISO, NIST, CIS, etc.)

　　Security Architecture principles (Defense-in-Depth, Least Privilege, etc.)

　　Environnements (Cloud (AWS, Azure), Networks, Endpoints, Mobile, etc.)

　　Security Program Phases (Risk Assessment, Architecture and Design, Implementation, Operations and Monitoring)

　　Strong organization and leadership skills with the ability to facilitate technical sessions and perform mentoring for team members.

　　Capable of communicating complex technical information to a non-technical audience and of communicating structured process requirements to a technical audience.

　　Certification in CISSP, CISA, and CISM.

　　Knowledge of NIST, CIS Top 18 and other applicable Security Industry Standards and Best Practices.

　　Scripting and Automation.

　　Bachelors or equivalent experience.

　　Benefits

　　Flexible PTO 

　　Summer Fridays 

　　No meeting Fridays 

　　Medical, Dental, Paid Sick Days, Vision, and Supplemental Coverage 

　　Flexible Spending Account 

　　Health Savings Account 

　　401(k) match 

　　If you are not sure that every qualification on the list above describes you exactly, we'd still love to hear from you! We value people with unique backgrounds, experiences, and skillsets. If you’re passionate about having a significant impact and shaping the foundations of a rapidly growing product, please apply! 

　　Equal Employment Opportunity: CARET is an Equal Opportunity, Affirmative Action Employer. 

　　Pay range: $130,000 - $170,000 Actual base pay will depend on varying circumstances, including the position, location, individual qualifications, market finances, and other operations business needs. 

　　Depending on the position, compensation may also include commission, bonuses, etc. Potential for bonuses is based on company performance and potential for merit increases is based on performance. 

　　#LI-Remote

　　#LI-AM2

　　#ProductsTech