CivicPlus

VP, Security

CivicPlus

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Lead

Tech Stack

CloudCyber Security

About the role

  • Establish measurable KPIs for security maturity (e.g., time-to-remediate, incident severity, audit readiness) and report quarterly progress to executives and the board.
  • Define and execute a comprehensive security strategy aligned with company vision, government compliance requirements, and customer trust.
  • Serve as the authority on cybersecurity, risk management, and compliance matters.
  • Provide regular updates to cross-functional leaders on risk posture and mitigation.
  • Oversee security budget allocation, vendor selection, and ROI optimization for tools and services.
  • Build and manage security policies, risk assessments, and audit readiness across the enterprise.
  • Lead efforts to achieve and maintain GovRAMP and FedRAMP authorizations across multiple product lines.
  • Oversee adherence to regulatory frameworks including CJIS, NIST, SOC 2, and other applicable standards.
  • Partner with legal for risk management, including TPRM and oversee compliance teams.
  • Establish governance processes for security reviews, and penetration testing.
  • Develop and run proactive monitoring, detection, and response capabilities.
  • Ensure secure multi-cloud and hybrid hosting environments across the product portfolio.
  • Recruit, lead, and mentor security professionals across multiple specialties.
  • Drive a “security by design” culture throughout engineering, product, and operations teams.
  • Champion security awareness, secure by design across the entire company.
  • Own Security Awareness Training design.

Requirements

  • 10+ years of experience in cybersecurity, with 5+ years in leadership roles.
  • Proven success leading security in SaaS or enterprise software organizations serving the public sector.
  • Strong knowledge of GovRAMP, FedRAMP, NIST, and government compliance frameworks.
  • Experience with secure cloud architectures, hybrid hosting models, and modern security technologies.
  • Strong track record in incident response, risk management, and executive communication.
  • Ability to engage with government agencies and communicate security posture with clarity and confidence.
Benefits
  • Shape the Future of Public-Sector Technology: Drive security strategy for SaaS solutions that directly impact state and local governments, influencing how communities stay safe and connected.
  • Executive-Level Influence: Report to the Chief Product & Technology Officer and present to the board, setting the vision for security maturity and risk posture across the organization.
  • Lead Mission-Critical Compliance Initiatives: Own high-profile programs like GovRAMP and FedRAMP, ensuring trust and compliance for government agencies and millions of residents.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
cybersecurityrisk managementcomplianceincident responsesecurity strategysecurity policiesrisk assessmentspenetration testingcloud architecturesecurity monitoring
Soft skills
leadershipcommunicationmentoringcross-functional collaborationstrategic thinkingexecutive communicationteam buildinggovernanceproblem-solvingsecurity awareness