(Remote Work) Associate Director, Security Operations – Phreesia

Job Overview

• Job Title Associate Director, Security Operations
• Hiring Organization Phreesia
• Company Website https://www.phreesia.com/
• Remote Locations US
• Job Type  Remote, Full-Time

Phreesia is looking for an Associate Director for Security Operations to join our growing team!

Reporting to the Sr. Director of Security Engineering, the Associate Director, Security Operations is responsible for the first line of defense against attacks threatening Phreesia’s people, critical business processes, and information assets. This position will manage two, critical, high-performing teams: Incident Response and Threat Hunting. A successful candidate for this position will have expert judgement, prior experience performing incident response, managing 24×7 teams on-call, and deep technical expertise to guide teams toward meaningful and pragmatic protections. Working as a key member of Phreesia’s Information Security leadership team, the Associate Director, Security Operations wears multiple hats: People Leader, Security Product Manager, Incident Commander, Security Practitioner, and Engineer.

Job Responsibilities

• Manage, train, and grow a team of awesome engineers focused on incident detection, threat hunting, and security control infrastructure
• Collaborate with Sr. Director, Security Engineering to create strategies, roadmaps, and plans to identify, monitor, and mitigate top security threats to Phreesia’s environment
• Build internal partnerships with key stakeholders, particularly those in Infrastructure, Legal, and Support
• Expertly manage security vendor relationships and collaborate with the Sr. Director, Security Engineering on financial forecasting
• Oversee the identification, automated collection, and analysis of threat information from security monitoring tools, distribution lists, and intelligence feeds
• Act as incident commander to skillfully coordinate a team of first responders that investigate information security events and incidents
• Develop strategies that appropriately operationalize log sources, alerts, searches, and dashboards to identify security incidents
• Create and manage a schedule for 24×7 incident response coverage and respond to emergencies as escalated by the team
• Create and update Security Product roadmaps to elevate Phreesia’s defenses
• Conduct and coordinate Incident Response table-top exercises and tests, incorporating lessons learned from incidents
• Collect and publish monthly qualitative and quantitative key risk indicators (KRIs) and key performance indicators (KPIs) to lead a successful service zone.
• Provide guidance and oversight to the development and maintenance of response procedures and processes for security incidents that occur (ex. malware remediation)

Job Requirements

• Bachelor’s Degree in engineering, computer science, or other technical field required
• Master’s degree in engineering, computer science, or other technical field preferred
• CISSP, CSIM, SANS, ISC2, or similar relevant certifications preferred
• 8+ years progressive experience leading incident detection and response and security operations functions
• 3+ years of leadership experience is required
• Proven expert in prioritization, triage, delegation, and communication skills
• Experience building and maintaining security operations teams and programs
• Hands on experience with conducting incident response, delivering threat briefings, and leading retrospectives
• Familiarity with Cloud-native incident detection and response capabilities (AWS, Azure)
• Strong working knowledge of Windows, hybrid on-prem incident detection and response capabilities
• Experience with server, network, and security tool configuration and management
• Advanced knowledge of Information Security principles, frameworks, and technologies
• Demonstrated ability to lead and inspire diverse others

Technology:

• Familiarity with scripting languages (Python, PowerShell, JavaScript)
• Experience with tools and technologies endemic to Security Operations, such as but not limited to: EDR, SIEM, IDS, CSPM, DLP, UEBA, etc.
• In-depth experience with SumoLogic a plus

This position manages an on-call team and will be required to occasionally respond outside of working hours as needed
Some travel required (~10 days a year)

Employee Benefits

Base pay for US is $180,000 – $220,000 USD, depending on qualifications.

• 100% Remote work + home office expense reimbursements
• Competitive compensation
• Flexible PTO + 8 company holidays
• Monthly reimbursement for cell phone + internet + wellness
• 100% Paid 12-week parental leave to our U.S. employees, as well as a generous parental benefit to our employees in Canada
• Variety of insurance coverage for people (and pets!)
• Continuing education and professional certification reimbursement
• Opportunity to join an Employee Resource Group. Learn more here: https://www.phreesia.com/dei/

How To Apply

Click “Apply” below to fill in the application form!