Establish organization-wide security protocols to protect information assets - websites, applications, networks, databases etc. from unauthorized users / hackers. Responsible for all activities within the security compliance and risk management lifecycle. These activities include: risk analysis, auditing, mitigation, and governance & policy.
Develop, update, and monitor compliance with information security policies designed to ensure the confidentiality, integrity, and availability of Cvents systems and data.
Manage periodic independent security audits, i.e. ISO, PCI, SSAE16, SOX
Manage internal and client information security audits
Manage contract security terms and negotiation as needed
Oversee Cvents Security Product as a Service program to ensure products are developed in compliance with security standards and practices
Oversee due diligence, auditing, and monitoring of vendors and suppliers
Oversee Cvents periodic penetration tests and triage remediation for vulnerabilities identified
Leads efforts in developing/improving process, procedures, and documentation for all aspects of security
PG in Computer Science / Engineering
12-15 years of relevant experience in Information Security Risk - both designing the framework and implementation.
And Certificate in Certified Ethical Hacking / OSCP / CISA / CISSP or GIAC etc.