Chief Information Security Officer (CISO) Highly ...

The Company:As the Leader in Recruiting Intelligence, The Edens Group, LLC has been retained to identify and recruit a Chief Information Security Officer for a global cybersecurity company providing zero-knowledge security and encryption software covering functions such as password and passkey management, secrets management, privileged access management, secure remote access and encrypted messaging. This company is transforming cybersecurity for people and organizations around the world, as their cybersecurity software is trusted by millions of people and thousands of organizations, globally. Summary DescriptionThe CISO supports the CEO and the CTO in managing the key facets of IT security and compliance within business requirements and other laws and regulations. He or she works with the various IT & business functions to evaluate the design and effectiveness of the current environment, both operational and technical, identifying risks, and areas of concern, and implementing appropriate solutions as needed. The CISO reports to the CEO.Principal Duties and Responsibilities:Develop and implement a comprehensive information cybersecurity strategy aligned with business objectives, internal controls, governance, and regulatory requirements.Provide strategic guidance on security initiatives and risk management to the executive team.Establish and maintain a security governance framework, including policies, procedures, and standards.Identify and assess security risks and vulnerabilities and develop strategies to mitigate them.Conduct regular security assessments, audits, and penetration testing to evaluate the effectiveness of security controls.Develop and manage incident response processes and plans.Oversee the implementation and management of security technologies and solutions, including firewalls, intrusion detection systems, and encryption protocols across all infrastructure.Coordinate with IT teams to ensure secure system architecture, data protection, and compliance with industry standards.Ensure compliance with relevant laws, regulations and industry standards (e.g., GDPR, HIPAA, PCI-DSS, SOC, ISO, FedRAMP, StateRAMP, IL-5).Oversee our yearly compliance audits, including (but not limited to) ISO 27001, 27017, and 27018, SOC 2, FedRAMP, StateRAMP and IL-5.Initiate and lead new security and product authorizations and certifications.Maintain up-to-date knowledge of emerging threats, vulnerabilities, and regulatory changes, adapting security strategies as needed.Manage relationships with external security vendors, auditors, and regulatory agencies.Build, lead, and mentor high-performing security, compliance, SecOps, and DevOps teams- fostering a culture of innovation and industry leadership.Manage and monitor governance, risk, and compliance activities - i.e. risk management. compliance, security training, and awareness programs for employees and stakeholders.Required / Desired Knowledge, Experiences and Skills:Minimum of 10+ years of enterprise Information Security leadership experience understanding and applying a balanced information security framework that supports a complex regulated multi-business unit company.Minimum of 10+ years of experience performing information security assessments, delivering successfully on assessment remediation plans, and navigating a company through the creation and execution of their information security roadmap.Proven track record in the Digital & Information Technology domain and solid experience in IT security services.A good & broad understanding of technical aspects of information and IT technology and core security components such as network, firewall, proxy, VPN, anti-malware, email protection and filtering, system security controls, vulnerability assessment, penetration testing, etc. "white-hat"-type experience a strong plus.Experience in multinational environments, ideally composed of mid-sized and small companies (i.e., with limited resources and low IT security maturity).Experience in SOC.A good grasp of PCI-DSS, HIPAA, ISO 27001, NIST, and other security norms, standards & frameworks.One or more of the following certifications a plus:CISM or CISSP.Microsoft Certified Systems Engineer: Security.GIAC Security Essentials.Intangible Characteristics Desired and Required:LeadershipExhibits confidence in self and others. Inspires and motivates others to perform to the best of their ability. Effectively influences actions and opinions of others. Accepts feedback from others. Gives appropriate recognition to others. Seeks to effectively drive the decision-making process. Engaging, articulate, self-starter. Communication - Possesses the ability to convey information to others in a clear, decisive, and understandable way. Responsible for communicating with employees, customers, investors, and other stakeholders. Strategic thinking: Bring the ability to see the big picture and understand how your work fits into the company's goals and the long-term effects of your decisions and actions.ProfessionalismApproaches others in a tactful manner. Reacts well under pressure. Treats others with respect and consideration regardless of their status or position. Accepts responsibility for their own actions and follows through on commitments.Standards of ExcellenceOutstanding consultative and operational abilities and excellent interpersonal and presentation skills with executive-level customers and partners. Proactive, resourceful, and flexible in a fast-paced work environment, excellent work ethic including high results orientation, attention to detail, strong customer focusEducation:Master's Degree in Computer Science or other Engineering discipline highly preferredSalary & Benefits:All candidates must be eligible to work in the US without sponsorship. No relocation assistance will be provided at this time. The compensation for this role is very competitive. The base salary is in the $ 300-400K range with a double-digit bonus, a commission bonus and an equity component. Additional Executive perks will be discussed as appropriate. If you thrive in a fast-paced, entrepreneurial environment, and enjoy shaping the landscape within a company, please email your resume to:The Edens Group, LLCAttn: Kelly M. EdensCell: 703-517-2613E-mail: kelly@

Created: 2025-03-03