Head of Security Asana
San Francisco, CA

Job Description

We are looking for an experienced leader to lead our efforts to protect our customers and our company. You will lead the security engineering and operations team and be responsible for all aspects of protecting our data and systems. You will lead development, implementation and maintenance of our product security, as well as security infrastructure and processes to meet Asana's security and data privacy needs. Additionally, you will partner closely with our information technology team that's responsible for user provision and deprovisioning, and vendor management.

You will partner closely with leadership across the company (Product Engineering, Infrastructure, IT, Legal, Sales, Business Technology) and report directly to the Head of Engineering.

What you'll achieve

* Responsible for implementation and operations of information security and act as the decision maker for Asana's overall security
* Serve as the information security expert and advisor for senior management on emerging threats, vulnerabilities and security concerns
* Develop, implement and monitor comprehensive information security program, which operates in the cloud leveraging Amazon Web Services (AWS)
* Implement an effective process for security incident management (tracking, resolution, reporting, postmortem)
* Conduct security risk assessments, penetration testing, monitor security vulnerabilities and hacking threats
* Communicate security threats and predictions to the executive team and key stakeholders, and communicate the strategy to prevent security risks
* Work with engineering and our business technology team on alignment between security and development practices by defining and implementing security controls and monitoring the effectiveness of those controls
* Working with teams across the company to ensure safety with vendor management
* Partner closely with customer-facing teams to represent Asana's security practices to customers and external stake-holders. Inspire trust and confidence in our customers and customer-facing through effective decision-making and communication
* Maintain organizations' awareness of regulatory requirements and emerging threats. Implement a plan to satisfy regulatory and compliance requirements related to security. Work with Legal team to ensure that our systems and practices adhere to data privacy laws across the world
* Champion and educate the organization about security and lead overall SaaS Ops Security
* Track the latest security innovations and technologies in service of keeping Asana security best-of-breed in the Enterprise SaaS space



About you

* 8+ years of proven security experience with 4+ years in leadership roles, preferably in an environment where data / systems are in the cloud
* Experience managing security and partnering with internal/external stakeholders in a high-consequence environments where critical customer/partner data is at stake
* Thorough understanding of the current threat and attack landscape, latest security trends and principles
* Demonstrated ability to effectively communicate complex security technology matters in an easy-to-understand manner to executives, teams and individual contributors across the organization
* Experience designing/implementing controls to meet regulatory frameworks such as ISO 27001, SOC 2, GDPR, etc
* Experience hiring and developing security professionals, as well as leading and motivating cross-functional teams while thriving in a fast-paced company.
* Experience creating and executing against a security vision by forging partnerships and leading by example

About us

Asana is a leading work management platform for teams, on a mission to help humanity thrive by enabling all teams to work together effortlessly. More than 60,000 organizations and millions of users across 195 countries rely on Asana to focus on the work that matters, including Airbnb, Disney, KLM Air France, NASA, Uber and Vox Media. Our highly recognized culture spurs innovation and business results, and for the last two years, Asana has been named a Top 5 Best Place to Work by FORTUNE and one of Glassdoor's Best Places to Work. Headquartered in San Francisco with offices in New York, Dublin, Sydney, and Vancouver, Asana is always looking for bright, collaborative individuals to be a part of our inclusive culture and help us achieve our mission.

Our goal is to ensure that Asana upholds an inclusive environment where all people feel that they are equally respected and valued, whether they are applying for an open position or working at the company. We welcome applicants of all educational backgrounds, gender identities and expressions, sexual orientations, religions, ethnicities, ages, citizenships, socioeconomic statuses, disabilities, and veteran statuses, and we'd love to learn about what you can add to our team.