IT Systems & Cyber Security Manager

We appreciate your interest in employment with The Honest Company! The Honest Company is committed to a policy of equal employment opportunity, and will not discriminate against an applicant or employee on the basis of race, color, religion, creed, national origin, ancestry, sex, gender, age, physical or mental disability, veteran or military status, genetic information, sexual orientation, gender identity, gender expression, marital status, or any other legally-recognized protected basis under federal, state, or local law. Applicants with disabilities who need assistance with the application process may be entitled to a reasonable accommodation in accordance with applicable law. If you need assistance in completing this application or with the application process because of a disability, please contact the Human Resources Department at 1.888.862.8818 or 1.310.857.3020.

The Honest Company (NASDAQ: HNST) is a digitally-native consumer products company born in the Gen Z era to make purpose-driven consumer products designed for all people. Since its launch in 2012, Honest has been dedicated to creating thoughtfully formulated, safe and effective personal care, beauty, baby and household products, which are available via honest.com, third-party ecommerce partners and approximately 50,000 retail locations across the United States, Canada and Europe. Based in Los Angeles, CA, the Company's mission, to inspire everyone to love living consciously, is driven by its values of transparency, trust, sustainability and a deep sense of purpose around what matters most to its consumers: their health, their families and their homes. For more information about the Honest Standard and the company, please visit www.honest.com.

We're on a mission to empower people to live happy, healthy lives. We're a wellness brand with values rooted in consciousness, community, transparency, and design. Every day and in every way, we hold ourselves to an Honest standard. We believe that it is our responsibility to do our part to help create a healthy and sustainable future for all. 

The Honest Company is looking for an experienced IT Systems & Cyber Security Manager to join our dynamic Technology team. This is a multi-faceted hands-on role, responsible for managing a variety of primarily cloud-based IT systems, as well as the overall IT security of the organization. This encompasses oversight, maintenance, securitization and optimization of our IT infrastructure directly and working with our vendor partners, as well as security oversight including end-user awareness training, utilizing user behavioral and threat-based analytics to identify and remediate issues, supporting compliance initiatives - SOX, PCI and regulatory, managing IT and IT-Security systems and vendors to support the business. Note: This is an individual contributor role and as of now will not have any direct reports. 

What You’ll Do:

• Administer, support and enhance THC’s hybrid IT infrastructure consisting of both on-prem and cloud-based components, migrate legacy on-prem deployments to cloud-based (aws) infrastructure

• Continuously evaluate and identify potential bottlenecks or issues with the IT Infrastructure, propose and implement solutions to optimize the performance, stability and security of the environment

• Perform network troubleshooting to isolate and diagnose common network problems across systems and servers

• Work closely with IT leadership to define security strategy and practices for the organization and present recommendations to both technical and non-technical audiences

• Perform gap and risk assessments of our current organization, develop and drive execution of remediation plans

• Support ongoing SOX, PCI compliance initiatives, perform user access reviews, coordinate pen testing activities with external vendors

• Set up and lead cybersecurity awareness training for end users and engineers - best practices, phishing and social engineering attacks & OWASP. Understand and explain the underlying techniques that hackers use to exploit and penetrate systems

• Maintain security vendor relationships, and manage security tooling; work with security tools (CrowdStrike, NetSkope, ProofPoint, Splunk) to regularly review logs, respond to alerts and implement thread response actions

• Map security findings to business impact and communicate security messaging effectively across all business units and to the leadership team

You’ll love this job if you are:

• A strong communicator and collaborator. From elevator chats to boardroom meetings, you always know the best way to communicate with others to forge effective connections.

• Dedicated and fast-moving. You’re known to operate with passion, urgency, focus, and discipline

• A talented juggler. You successfully manage competing priorities, and you make it look easy

• Results oriented and a self-starter. You are self-motivated and directed, with the ability to effectively prioritize and execute initiatives independently.

• The definition of integrity. You represent and inspire the highest ethical standards.

• Adaptable and ambitious. You will enthusiastically take on other assignments as needed to support your team!

What You’ll Need:

• Bachelor’s degree

• 8+ years of combined experience between a hands-on cyber security and an IT systems administration/management/engineering role

• Advanced administration experience with Microsoft (Windows Server, Active Directory), Mac, and Linux based (primarily Ubuntu) technologies.

• Advanced knowledge of systems & information security fundamentals (Patch Management, VPN, Firewalls, IDS/IPS, Firewalls, Vulnerability Management, etc.)

• Proven experience in AWS administration, as well as in virtualization (Vmware, Hyper-V), and security best practices surrounding them

• Experience working with security tools/environments: CrowdStrike, NetSkope, ProofPoint, Tenable, Splunk or equivalent DLP/CASB/SIEM systems. 

• Experience managing PCI and SOX compliance processes

• Experience security-hardening systems. Must be able to understand different attack vectors and methods and think out of the box vs. relying on scanning tools and compliance checklists to find exploits.

• Experience analyzing an exploited system and remediating accordingly.

• Good business sense to logically think through problems and deliver a balanced approach to security

Compensation

The pay range for this role is $95,000 to $130,000. Actual compensation is based on many factors including but not limited to depth of experience, skill level, ability, knowledge, education, certifications, and specific work location. This may be different in other locations due to differences in the cost of labor. 

The total rewards package for this position may also include base, annual incentive plan, benefits, retirement plan, equity, and Employee Stock Purchase Plan.

We offer a competitive benefits package including comprehensive health and wellness coverage, 401k with company match, wellness incentives including a monthly fitness reimbursement and onsite fitness classes, options for education reimbursement, and a discount on all products. We value work-life balance and offer a generous and flexible vacation policy. Thinking about adding little ones to your family? Honest offers generous maternity and paternity leave. We love the furry kids too and offer pet insurance so your companions are well taken care of.

California Privacy Rights Notice for Californian Job Applicants and Prospective Talent

Effective Date: January 1, 2020

Under the California Consumer Privacy Act of 2018 (“CCPA”), The Honest Company, Inc. (“Honest” or “us” or “we”) is required to inform California residents who are our job applicants or prospective talent (together “job applicants” or “you”) about the categories of personal information we may collect about you and the purposes for which we use this information.  Click here if you are a California resident to read disclosures required by the CCPA. Note this notice applies only to personal information that is subject to the CCPA. 

Categories of Personal Information We Collect. We may collect the following categories of personal information about our job applicants, who are California residents:

• Name
• Signature
• Social Security Number
• Email and mailing address
• Telephone number
• Education
• Employment history

How We Use Job Applicants' Personal Data.  We use and disclose the personal information we collect for our business purposes.  These business purposes include, without limitation:

• Processing evaluating your application to determine your qualifications for the role to which you’ve applied, and communicating with you about your application, including to check references or your background, and communicate with you about other jobs that may interest you.
• Other business purposes as identified in the CCPA, which include:
• Auditing related to our interactions with you; 
• Legal compliance
• Detecting and protecting against security incidents, fraud, and illegal activity;
• Debugging;
• Performing services for us, such as analytics;
• Internal research for technological improvement; and
• Internal operations.

Other Interactions with The Honest Company.  More information about our privacy practices can be found in our Privacy Policy, which is incorporated herein by reference.

Contact Us.  For questions or concerns about our Privacy Policy, please contact us at [email protected].