Chief Information Security Officer

US-Remote /
Executive – Executive /
Full-Time
Reporting to the Chief Information Officer, the Chief Information Security Officer (CISO) is a business/technology executive who will be responsible for providing leadership in the development of strategic objectives and imperatives of a comprehensive Information Security, Data Privacy and Risk Management program.  This leader will bring strategic thought leadership at the Actian executive level regarding security, technology and products and create strong partnerships across business units and functional groups to deliver competitive advantage and provide organizational leadership as they drive Actian and organizational initiatives across the company.  The CISO will be customer-facing, answering customer security inquiries and questionnaires, and will present at trade shows, conferences, seminars, webinars and customer briefings.
 
The Corporate Information Security group is focused on partnering with the business units to design secure products, actively collaborating with other functional groups to drive Actian’s enterprise security goals, and assessing and managing corporate risk.  The CISO is critical to enabling Actian to deliver its strategy while protecting the security and integrity of customer data and Actian’s overall brand and reputation in the global marketplace.  The CISO will partner very closely with the executive leadership of the organization, Sales, Marketing, Engineering, Support, Legal and Finance to develop and monitor the security of the enterprise.
 
The CISO will be comfortable working in a fast-paced, collaborative, highly matrixed environment, developing a strategy for Actian and the organization and a roadmap to achieve strategic goals.  The person in this role must have a proven track record in information security, including a strong executive presence and outstanding communication skills.

Responsibilities:

    • Security Strategy – Develop and execute an enterprise wide security strategy and roadmap that mitigates risk through the right balance of security measures and operational flexibility.
    • Standards and Guidelines – Establish policies, procedures, standards and guidelines that enable Actian’s security strategy.
    • Threat Assessment and Scenario Planning – Identify security vulnerabilities and risks associated with Actian’s operations, including partnering with business units to build threat assessment into the product design and development processes.
    • Security Technology and Tools -- Oversee the evaluation, selection and implementation of information security technology and tools both for our products and for internal use.
    • Integrity of Critical Business Operations – Participate in the development and monitoring of business continuity and disaster recovery planning.
    • Risk Management – Develop and manage the Actian Risk Management Plan and Program
    • Education and Training – Provide security awareness training, information and education to employees, partners and customers.
    • Cloud Security Strategy – Develop a strategy for optimal security processes, tools and consulting services for hosting secure applications in the cloud.
    • Security Metrics and Reporting – Develop and maintain a program that informs business unit and functional group leadership of the top security risks and overall security health of their organizations.
    • Sales and Customer interaction –  Partner with  the Marketing and Sales organizations for security presentation development, white paper development, pre-sales support, meetings with Actian customers, customer contracts review, RFP response, and customer audit facilitation.
    • Certifications and Security Frameworks –  Working with Product, Engineering, Sales and Marketing, develop and manage compliance with appropriate security management frameworks for Actian’s current and prospective customer base, including but not limited to ISO 27001, FedRamp, NIST and Center for Information Security Controls.

Qualifications:

    • Prior experience as a customer-facing Chief Information Security Officer is highly desirable.
    • Outstanding communications and presentation skills are required.
    • Five+ years of experience influencing teams in a matrix management environment in Information Security
    • Ability to be an effective leader in a matrixed, fast-paced environment.
    • Flexibility and the ability to improvise when needed.
    • Effective in building company-wide relationships with senior technical, functional and business leaders to set long-term strategies
    • Experienced in and able to formulate the cost benefit of security initiatives in the context of overall business risk mitigation and the company’s operational objectives. Ability to compare, contrast and prioritize among alternative approaches to meet those objectives.
    • Detailed knowledge and understanding of security and privacy regulations and standards is required.
    • CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager) or other security certification/accreditation is desirable.

Education:

    • Bachelor’s degree in Computer Science, Information Technology or Business required, with a Master’s degree highly desirable.
We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.