Senior Manager - Information Security
5d ago

Zenoti provides an all-in-one, cloud-based software solution for the beauty and wellness industry. Our solution allows users to seamlessly manage every aspect of the business in a comprehensive mobile solution : online appointment bookings, POS, CRM, employee management, inventory management, built-in marketing programs and more.

Zenoti helps clients streamline their systems and reduce costs, while simultaneously improving customer retention and spending.

Our platform is engineered for reliability and scale and harnesses the power of enterprise-level technology for businesses of all sizes.

Zenoti powers more than 22,000 salons, spas, medspas and fitness studios in over 50 countries. This includes a vast portfolio of global brands, such as European Wax Center, Hand & Stone, Massage Heights, Rush Hair & Beauty, Sono Bello, Profile by Sanford, Hair Cuttery, CorePower Yoga and TONI&GUY.

Our recent accomplishments include surpassing a $1 billion unicorn valuation, being named Next Tech Titan by GeekWire, raising an $80 million investment from TPG, ranking as the 316th fastest-growing company in North America on Deloitte’s 2020 Technology Fast 500™ and unveiling a We are also proud to be recognized as a Great Place to Work-CertifiedTMfor 2021-2022 as this reaffirms our commitment to empowering people to feel good and find their greatness.

To learn more about Zenoti visit :

What will I be doing?

  • Own and manage the information security program for the organization
  • Perform security incident management and reporting including RCA. This includes working with all stakeholders both internal and external
  • Work with internal and external stakeholders in performing vulnerability assessments and penetration tests for the infrastructure (IT and Cloud);
  • and application security testing (DAST & SAST) for the product and track the findings to closure

  • Work closely in integrating security tools, standards, and processes into the product lifecycle
  • Perform BCP & DR Testing
  • Ensure compliance with contractual certification requirements like SOC1, SOC2, ISO27001, HIPAA, and PCI DSS from an Information Security perspective
  • Manage and monitor security operations and related tools & technologies
  • Respond to security questionnaires in time.
  • What skills do I need?

  • Around 10+ years of relevant experience
  • Experience in application security testing (OWASP top 10), vulnerability assessments and penetration testing
  • Working knowledge in using DAST, SAST, VAPT tools
  • Good understanding of Product Security (SaaS)
  • Knowledge in Cloud Security
  • Bug bounty program experience
  • Understand application architecture controls & design based on security standards and regulations such as NIST, PCI-DSS, ISO etc.
  • Work as an Individual Contributor
  • Very good understanding of Logging, Monitoring, Security Operations
  • Working knowledge in SIEM tools
  • Ability to perform Risk Assessments and Business Impact Analysis
  • Experience in Security Incident Management
  • Be Proactive, organized, analytical, detail-oriented and persistent
  • Certifications preferred : CEH, CISSP, OSCP
  • Benefits

  • Best in industry salary and equity in the company
  • Comprehensive medical coverage for yourself and your immediate family
  • An environment where wellbeing is high on priority access to regular yoga, meditation, breathwork, nutrition counseling, stress management, inclusion of family for most benefit awareness building sessions
  • Unlimited vacation
  • Opportunities to be a part of a community and give back : Social activities are part of our culture; You can look forward to regular engagement, social work, community give-back initiatives.
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form