Build and execute a comprehensive security, compliance, and enterprise IT strategy aligned with company objectives.
Advise executive leadership on risk posture, emerging threats, and regulatory requirements.
Oversee IT governance, asset management, endpoint strategy, identity management, and security-by-design standards.
Lead corporate IT operations including helpdesk, SaaS management, access controls, device lifecycle, and employee support.
Modernize the IT environment with automation, standardization, and cloud-first systems.
Establish policies for acceptable use, asset management, remote workforce security, and incident reporting.
Oversee onboarding/offboarding processes, MDM, SSO, and IAM across the entire organization.
Own our global cybersecurity program covering cloud security, application security, network security, vulnerability management, and SOC operations.
Architect and enforce zero-trust principles across users, services, and systems.
Lead threat detection, incident response, forensics, and ongoing readiness exercises.
Implement and manage security tools (SIEM, EDR, CSPM, WAF, IAM, DLP, etc.).
Maintain ongoing compliance with PCI DSS, GDPR, CCPA, SOC 2, ISO 27001, and future regulatory frameworks.
Serve as primary owner of audits, certifications, and external assessments.
Lead enterprise-wide risk management, vendor reviews, data protection controls, and privacy governance.
Maintain audit readiness and drive continuous improvement of the ISMS.
Partner with Engineering, DevOps, Product, Legal, and Operations to embed security into architecture, SDLC, and infrastructure.
Lead, mentor, and grow a team of IT, security, and compliance professionals.
Build a company-wide culture of security awareness and accountability.

Requirements

10+ years of progressive experience in cybersecurity, enterprise IT, or information risk roles.
5+ years leading teams in a high-growth SaaS or global technology environment.
Proven success owning PCI, GDPR, and CCPA programs end-to-end.
Deep experience with cloud-native security (AWS preferred).
Demonstrated leadership in incident response, vulnerability management, and compliance audits.
Strong understanding of modern IT operations, identity systems, and SaaS ecosystems.
Ability to translate complex security topics into clear, actionable guidance for executives and non-technical teams.
Preferred Certifications: CISSP, CISM, CISA, CCSP, ISO 27001 Lead Implementer, AWS Security Specialty.

Benefits

Medical, dental, vision, FSA, EAP, and more
Equity
15 days PTO in year one, 22+ days after that, plus 10 paid holidays
401(k) eligibility from Day 1
Tuition assistance, Udemy Learning access, development opportunities

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurityrisk managementincident responsevulnerability managementcloud-native securityidentity managementendpoint strategysecurity toolsautomationcompliance audits

Soft Skills

leadershipmentoringcommunicationstrategic thinkingteam buildingproblem solvingcollaborationadaptabilityguidanceculture building

Certifications

CISSPCISMCISACCSPISO 27001 Lead ImplementerAWS Security Specialty