The LeadIQ Security team is comprised of LeadIQ’s following staff:
Camilo Rivera - Lead DevSecOps Engineer, Thilo Planz - Engineer Team Lead, Paul Daniels -Engineer Team Lead, Linh Nguyen - Engineer Team Lead, Andrea Stella - Engineer Team Lead
The team is responsible for carrying out all security policies and procedures. The team has a directline to the CEO and can communicate with the CEO whenever they need to.
Camilo Rivera is the Security Officer. With that title, Camilo Rivera is responsible for creating and enforcing security policies and procedures; leading the monitoring, vulnerability management, and incident detection and response initiatives; and tracking and reducing risk organization-wide.
All LeadIQ employees undergo background checks prior to gaining substantial access to customer data systems. LeadIQ may rescind an employee’s offer letter if their background check is found to be falsified, erroneous, or misleading.
LeadIQ employees and contractors are provided training on the company’s security policies and procedures during their first 30 days of employment and annually thereafter. All LeadIQ personnel are then required to acknowledge, electronically, that they have the attended training and understand the security policy.
LeadIQ employees and contractors in developer roles are provided with SDLC / Secure Coding training during their first 30 days of employment and annually thereafter. Software developers are trained in secure coding techniques, including how to avoid common coding vulnerabilities.All such personnel are then required to acknowledge, electronically, that they have attended and understand SDLC training and OWASP Top Ten common coding vulnerabilities.
LeadIQ’s Acceptable Use Policy covers employee responsibilities and behavior for using LeadiQ systems, including devices, email, internal tools, and social media. LeadIQ employees must acknowledge in writing that they’ve read and will abide by the Acceptable Use Policy.
All of LeadIQ’s security policies, including the Acceptable Use Policy, are presented to new employees during onboarding, and all employees are required to sign off that they have read all such policies.
LeadIQ employees who work remotely must follow these rules:
Employees who violate any Information Security policies may face disciplinary consequences in proportion to their violation. LeadIQ management will determine how serious an employee’s offense is and take the appropriate action:
The Security team is responsible for ensuring all Information Security policies are followed.Last updated: 3/30/2020