Chief Information Security Officer (CISO)
Job description
AuditBoard is a high-growth SaaS company in the financial technology space that is transforming the way organizations manage critical risk, audit and compliance initiatives. We believe in empowering enterprises to manage and control risk so that their businesses are able to thrive.
Designed by former chief audit executives, our enterprise cloud platform is purpose-built to automate and streamline activities in ways that align with how our thousands of users think and act daily. Clients range from pre-IPO organizations to Fortune 5,000 companies, including leading organizations such as WeWork, Activision Publishing, Lions Gate Entertainment Corp., TripAdvisor, Arthur J. Gallagher & Co. and Cox Communications, among many others.
We’re based in Los Angeles, growing rapidly and looking for bright, highly motivated people to join us! Learn more at auditboard.com.
Responsibilities
Provide leadership, direction, and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies.
Develop and implement company strategy for Information Security, Cybersecurity, and Data Privacy Protection, including risk-based control objectives and technical architecture framework.
Collaborate with Engineering team on Application and Infrastructure Security.
Provide ongoing guidance and expertise in regulatory and industry developments related to Security, Cybersecurity, and Data Privacy Protection to senior leadership.
Lead project team to perform vulnerability management, 3rd party assessment, penetration testing, and other security initiatives.
Be the face of AuditBoard to clients and other 3rd parties for information security matters.
Continuously improve security design and planning of enterprise-wide networks, technology infrastructure, platforms and applications.
Define and communicate global security policies, standards, guidelines and procedures to ensure ongoing compliance with security requirements.
Lead enforcement and continuous improvement of internal security policies and procedures, and standards through internal audit, customer audit, and third party certifications.
Manage/implement information security training and phishing training program.
Requirements
5+ years of experience in Information Security
Management experience in a multi-disciplinary security program
Deep security domain experience in areas such as security operations, application vulnerability testing/remediation, IT compliance, application security, etc
Knowledge of common security frameworks such as NIST or ISO 27001
Strong understanding of regulatory compliance from various governing bodies.
Strong creative ability, analytical skills and independent judgment.
Excellent verbal and written communications and presentation skills
Preferred
Experience developing Information Security program from scratch
Experience with SOC-2 or Similar Compliance
Familiarity with Privacy frameworks and GDPR
Hands-on IT/Security tool implementation experience
Management/team-building experience
Experience working directly with clients
Why You’ll Love Life at AuditBoard
- You’ll be launching a career at a well-funded, hyper-growth SaaS tech company
- Free daily catered lunches
- Stock options
- Unlimited snacks and beverages
- Free gym membership
- Medical, dental, and vision coverage for full-time employees
- 3 weeks of Paid Time Off and 10 holidays per year
- 401k to save for your future
- Fun company and team outings - Work Hard Play Hard!