This job might no longer be available.

Director of Information Security Assurance

AppLovin was named one of the Hottest Adtech Companies of 2021 by Business Insider, as well as a Certified Great Place to Work in 2021 and 2022. The San Francisco Business Times and Silicon Valley Business Journal awarded AppLovin one of the Bay Area’s Best Places to Work in 2019, 2020, and 2021. Our team members are regularly recognized for their work and leadership, including recent award wins in Business Insider’s Rising Stars of Adtech 2022, Glassdoor’s Top CEOs 2019, and the 2021 Women in Content Marketing Awards.

The director of Information Security Assurance provides leadership and direction for the company’s information security requirements. The director is responsible for establishing and maintaining the company’s overall global IT security assurance program. The director ensures the company’s technical systems and information assets are protected. Furthermore, the director is responsible for identifying, evaluating, and reporting on information security risks that are important for the business to be aware of and act on accordingly. To be successful, the director of Information Security Assurance must be able to influence and lead the security strategy of the business within new and existing information system capabilities. The position requires a diverse background to understand a variety of systems, including new technologies and legacy systems considered business-critical. The Security Assurance program is led by the director, who reports to the Head of Information Security and Compliance within the company.

Responsibilities

• Build and lead a program dedicated to an ongoing security maturation program, where areas of strength are amplified and areas needing improvement are documented.
• Develops IT security programs and recommends necessary changes to the information security team to ensure the company’s systems are fully compliant with all applicable regulatory requirements and privacy laws.
• Document, communicate, and enforce areas of security improvement that balance risk with business operations, as well as ensure controls are not weakening efficiencies or business innovation.
• Provides periodic training to company employees on information security topics.
• Participates in the company’s change management program.
• Stays abreast of the security industry threat landscape, specifically within the company’s industry.
• Utilizes open communication and managerial courage to ensure the standards, expectations and goals of the organization are respected and upheld.
• Acts as a change agent and drives the department and business forward using effective management, analysis, and strategic skills.
• Partner with business units when onboarding solutions to ensure adequate controls are available and enabled in production.
• Oversee findings brought forward through team analysis, requiring thorough documentation and recommendations to report to security leadership where gaps exist.
• Maintain a high degree of knowledge with current and proposed security changes impacting regulatory, privacy and security industry best practice guidance.
• Influence and validate metrics used to assess the security program's success and report them regularly to security and business leadership.
• Focus on principles aligning with enterprise risk management fundamentals within security and technology teams to maintain up-to-date configuration documentation for systems and processes.

Requirements

• Demonstrated leadership experience and thorough understanding of various regulatory requirements and laws such as, but not limited to ISO, CCPA, SOX, SOC2, GDPR and GLBA.
• 10+ years of cybersecurity or information technology practitioner and management experience.

Bonus Points

• CISSP, CISM, CISA, CRISC are preferable, but not required.

AppLovin is an equal opportunity employer and considers qualified applicants without regard to race, gender, sexual orientation, gender identity or expression, genetic information, national origin, age, disability, medical condition, religion, marital status or veteran status, or any other basis protected by law.