What we are looking for:
We’re looking for you to lead our information security organization as a Vice President, Chief Information Security Officer (CISO). Reporting to our Head of Engineering, you’ll manage a team of security professionals responsible for ensuring the security and privacy of our SaaS and core back-office systems.
In this role, you will:
- Buildout and lead a team of security and privacy professionals in securing the Quickbase SaaS and back-office platforms
- Further establish appropriate standards and associated risk controls in partnership with our Governance Risk Compliance (GRC)
- Buildout and develop our App Sec and DevSecOps expertise and communities of practice
- Working with product & infrastructure teams to develop a roadmap for security & privacy features while creating and maintaining a baseline for security & privacy architecture
- Maintain 3rdparty risk controls and conduct annual reviews as necessary alongside our GRC team
- Partner with the Engineering and Product teams to embed security & privacy into the Product Development Lifecycle
- Research and deploying state-of-the-art technology solutions and innovative security management techniques to safeguard the organizations personnel and assets
- Work directly with senior leadership and GRC to facilitate risk assessment and risk management processes
- Participate in pre-sales and other client facing activities including RFP responses, Security & Privacy reviews during the sales process and meeting with the prospect CISO/IT/Legal teams to provide security assurance and education
Ideally, you’ll have:
- 10+ years of information security experience across a variety of disciplines including DevSecOps
- 5+ years of leadership in at least two disciplines of information security
- Success with hiring, developing and leading high-performing security teams
- Demonstrated success partnering with sales organizations in supporting customer security requests
- Demonstrated success deploying a security operations center ( on-premise, hybrid or MSSP )
- Experience in agile (scaled) software development and product security best practices
- Experience with cloud computing/elastic computing across virtualized environments (AWS preferred)
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST
- Knowledge of common technologies used in securing back-office environments ( IAM, PKI, Network Controls ) [ Microsoft 365 tooling preferred]
#J-18808-Ljbffr
