Sr Manager, Information Security And Compliance

About UsHere at Tarro we build products that empower small brick and mortar restaurants by liberating them of the operational burden of running their business.

We accomplish this by providing a frictionless connection between them and their customers through our platform.

In-turn empowering them to focus on creating a better experience for their customers while helping their business thrive.We obsess over placing our customers first and working backwards from there.

When our customers succeed, we succeed!To learn more about our culture, values and how you can be a part of helping mom & pop restaurants thrive, please visit us here!What We're Looking ForWe are seeking a highly skilled and experienced Sr Manager of Information Security and Compliance to lead our organization's information security strategy and operations.

The ideal candidate will have a robust background in both cloud and on-premise infrastructure, a deep understanding of data privacy regulations, and extensive experience with PCI DSS compliance and other security frameworks.

As a player-coach, the Sr Manager of Information Security will be both a hands-on contributor and a strategic leader, capable of designing, implementing, and managing comprehensive security measures while leading and developing a team of security professionals.What You Will AccomplishYou will develop and execute a comprehensive information security strategy aligned with business objectives, regulatory requirements, and risk profilesYou will ensure compliance with relevant data privacy regulations, including PCI DSS, Philippines / Malaysia's DPAs, CCPA, and others as neededYou will maintain and ensure compliance with the company's information security management systemYou will lead the design, implementation, and maintenance of secure cloud-based and on-premise infrastructure spanning our product and corporate environmentsYou will work closely with internal stakeholders across various departments to ensure alignment on security practices and initiatives.You will grow and manage a team of information security professionalsYou will participate in production support and data breach incidents and drillsYou will stay current with emerging security threats, vulnerabilities, and technologies, and proactively adjust security measures as necessary.One Year DeliverablesReadiness for PCI DSS Level I auditCompliance with CCPA and the Data Privacy Acts of the Philippines and MalaysiaRole-based access controlSolution for workstation management and BYOD at scaleAbout YouYou have between 8 and 10 years of IT experience with five or more years leading a teamYou have experience implementing and managing the following services : Information security management frameworks (PCI DSS, ISO 27001, SOC 2, etc.

Data privacy frameworks (GDPR, CCPA, etc.

Identity management systems and role-based access controlWorkstation and BYOD management applicationsSecurity best practices for hybrid (cloud+on-premise) product and corporate infrastructureYou enjoy being a hands-on contributor, an influencer, and a leader, in equal measureYou have strong prioritization and project management skillsYou are resourceful and are comfortable working independently in ambiguous situationsYou are willing to work in-office 5 days a week, starting at 3am PHT Tuesday-Saturday to align with US hoursBonus PointsYou have completed green-field security framework implementations at startups or other small-to-midsize companiesYou have experience with scripting and APIsYou have a practical, business-oriented approach to security practicesYou are open and willing to take on additional responsibilities that may be outside of this role.

We are a growing company!If you do not meet all the requirements listed above which candidates rarely do, don't worry.

We still encourage you to apply!Tarro is committed to hiring the best team to empower small businesses to thrive.

We believe that a diverse workforce is paramount to our success.

We welcome talent from all backgrounds - including but not limited to - race, sexual orientation, gender identity, age, nationality, religion, veteran status, political affiliation, and disability.

J-18808-Ljbffr