Our security expertise is constantly evolving and, at Coveo, the best practices in security are not a “Nice-to-have”, they’re a MUST. Establishing these practices and making sure the teams will go above and beyond to ensure they create and maintain a secure environment will require more than just a single video-training per year: they’ll need to want to make a positive impact on security with their work.
How do we make it happen at Coveo? We have Security champions, dedicated teams, initiatives and projects ongoing, and we’re looking for an empathetic professional with a strong strategic approach to lead the compliance team to enable our colleagues to have a security first mindset and the tools needed in everything they do. This is even more important since working from home has become so common, and a colleague isn’t there to bring you back on track with a well-placed prank.
This is why we need you, a security advocate with strong leadership skills that will be joining a team of motivated individuals. You will help us convert compliance requirements and needs into real solutions, plans and practices in all verticals of the company.
There’s no typical day at Coveo, but here’s what could show up in your agenda:
- The day kicks off with a good coffee, a morning meeting with the team to set what people are about to work on today. You also bring up news about a breach that was caught concerning AWS S3 setups, and how it could impact us, and get your day going.
- You pull up a Jira report of the last quarter of requests and discover some interesting trends and topics that are troublesome for new colleagues (usually around 50 people per quarter). You decide on an update to their training to cover the gaps. Your colleagues answering requests noticed a sharp drop in their load since you were hired and totally love it!
- You have a new initiative being set for a few weeks now, and one of the Security Champions has witnessed an edge case they’d like to understand better to help the team they support. You take some time with them to explain how to proceed.
- At lunch time, you have a Lunch & Learn organized by the Governance team about some new law about to be passed in California on Data storage, and the implications on our actual setup. You take some good notes to help prepare a future project.
- In the afternoon, some colleagues from HR and legal wanted your take on modifications they are about to make on a process you’re involved with. You review the KPIs impacted and ensure that the changes are foolproof!
- Here and there, you might still get your hands on some code if you really want to, but you’ll mostly be focused on other peoples’ code and the ways in which to harden it correspondingly. #securityfirst
- You also reach out to your governance and compliance teammates to make sure you present the right risks in your next company wide presentation of Hack-tivate
- Your last tasks of the day: you make a couple of zoom calls regarding non compliance the automated compliance systems discovered and confirm that the relevant Security Champion is on it!
What’s the minimal skills we expect from a candidate for this role?
- You have a minimum of 5 years of work experience related to security or other relevant experience that can help you in facing the challenges above-mentioned, including 1- 2 years in a technical role/company where you’ve interacted with code in the Cloud environment
- You are that interpersonal skilled person that knows exactly how to get the team on-board and adheres quickly to the security jargon
- You have the ability to adapt and desire to learn and overcome your limits
- You are also a good listener because you are well aware that learning starts by listening
- You are comfortable with the best known security certifications, such as SOC and ISO 271001 and you are not afraid to handle the internal and external audits associated with them
- You’re bilingual or very eager to learn French/English in order to be able to advocate for security in both languages
- Strong interest in finding ways to bring people together on issues
- You’re not afraid to roll up your sleeves and to help out your team
- You’re comfortable with organizing large scale initiatives to raise security awareness with the teams
Coveo prides itself on hiring some really qualified and motivated people to take on the challenges a world class SaaS platform represents. We expect our new employees to be surrounded by a stimulating environment to help them reach their full potential, and expect them to share that passion, knowledge (and the fun!) with their colleagues to contribute to that environment.
If you want a workplace with the opportunity of being able to bring your A-game everyday to contribute to your team’s success, you’re most welcome to join the #Coveolife!