Data Security and Privacy Manager

Patron Technology is a remote-friendly company. This position is open to any candidate in North America.

WHO WE ARE:

Patron Technology is redefining what it means to be an event creator by empowering organizers to take control of their entire event experience. With our powerful ticketing, engagement, mobile apps, and cashless products fit for any event, creators can transform the attendee experience and become leaders in their industry. That’s why iconic brands like New York Comic Con, Bonnaroo, Candytopia, and the NHL use our ever-evolving solution to drive nonstop engagement, reach expansive audiences, and gain more revenue.

We are a diverse team of event goers and experts that are passionate about helping our clients transform how attendees experience their events. We thrive in a collaborative, fast-paced environment that rewards innovation and creative thinking. Our employees are located around the world in the United States, Canada, Europe, and Australia.

AS A DATA SECURITY AND PRIVACY MANAGER, YOU WILL: 

• Guide the organization’s information security and privacy standards program and be the thought leader for information security within the business.  
• Promote a culture of security awareness and data protection across the organization.
• Serve as a subject matter expert on data privacy and security regulations.
  • Maintain a list of data regulations that apply to Patron Technology.
  • Maintain a thorough understanding of those regulations.
  • Obtain relevant certifications and training for data regulations.
• Maintain the organization’s Data Compliance Policies & Procedures with assistance from relevant stakeholders.
• Oversee the information security training curriculum and program.
  • Collaborate and mentor the training manager.
  • Collaborate with relevant stakeholders to determine the personnel and departments that must receive training due to their exposure to sensitive data and tailor training to those personnel's role. 
• Evaluate and maintain Incident Response Plan; conduct tabletop and risk assessment exercises.
•  Lead and manage the compliance story for Patron Technology and its individual products.
  • Maintain the repository of the organization's policies - including ensuring those policies are up to date and in-line with the current regulatory/compliance requirements.
  • Respond to third-party vendor security assessment requests. 
• Serve as Data Protection Officer (DPO) for Patron Technology to inform and assist stakeholders with all matters related to data protection.
  • Maintain records of data processing activities carried out by the company.
  • Act as a contact point for the regulatory agencies such as the ICO (UK), Supervisory Authorities (EU), California Privacy Protection Agency (CA US) and will consult on any other matter.
• Work with the engineering and DevOps teams to ensure that existing and new applications & infrastructure follow security best practices.
• Manage the security vulnerability program and track high profile CVEs and their remediations.

EXPERIENCE & SKILLS:

• College/University education (or equivalent experience) in Information Systems or Computer Science or relevant degree.
• Minimum 5 years of experience in an information security role or similar.
• Knowledge of IT processes and controls and a strong understanding of risk and control frameworks such as ISO, NIST, PCI.
• Understanding of the EU & UK GDPR, CCPA/CPRA and all other data protection laws and our data protection policies. 
• Applicable security and privacy certifications or willingness to get certified.
• Ability to interact with technical and non-technical staff, various levels of management, and external parties to accomplish goals and objectives
• Demonstrated ability to anticipate, proactively respond to trends and/or shifts in the external environment (e.g., regulatory, vendor relationships, industry standards)

BONUS POINTS:

• Experience with PCI compliance requirements
• Experience with compliance and application security tools (Nessus, Auditd, Wazuh)
• Detailed understanding of AWS and its security offerings
• Experience working with 3rd Party auditors and penetration testers
• Run security simulations against current products / infrastructure
• Experience working in an Agile environment.

BENEFITS:

We offer 

• Medical, Dental, Vision, and Voluntary benefits
• Generous PTO
• Paid parental leave (following 12 months of continuous employment)
• 401K Match
• $200 event reimbursement
• Udemy Business, a world-class learning and development platform 

LEARN MORE:

https://patrontechnology.com/