Vice President & Chief Information Security Officer (CISO) - (Remote)

With unmatched technology and category-defining innovation, Icertis pushes the boundaries of what’s possible with contract lifecycle management (CLM). The AI-powered, analyst-validated Icertis Contract Intelligence (ICI) platform turns contracts from static documents into strategic advantage by structuring and connecting the critical contract information that defines how an organization runs. Today, the world’s most iconic brands and disruptive innovators trust Icertis to fully realize the intent of their combined 7.5 million+ contracts worth more than $1 trillion, in 40+ languages and 90+ countries.Who we are:  Icertis is the only contract intelligence platform companies trust to keep them out in front, now and in the future. Our unwavering commitment to contract intelligence is grounded in our FORTE values—Fairness, Openness, Respect, Teamwork and Execution—which guide all our interactions with employees, customers, partners and stakeholders. Because in our mission to be the contract intelligence platform of the world, we believe how we get there is as important as the destinationAbout this role: This is a critical and high-visibility role for efficiently delivering cloud operations at scale reporting to the Chief Operating Officer. Icertis is looking for Vice President & Chief Information Security Officer (CISO). We need a strategic leader who has deep experience as a CISO for a Public Company and ideally also has gone through an IPO experience. You will act as the principal leader for cybersecurity across the organization and have full responsibility for all data/information security policies and evaluations, determining and implementing cybersecurity standards for the global enterprise. This role entails managing 3 core functions:·        Security / CISO·        Corporate IT function and associated security functions·        Compliance including managing certifications like ISO 27002, ITAR, SSPA, FedRAMP, SOC, NIST, GDPR, etc. 

What you will bring:

• Bachelor’s degree in Mathematics, Statistics, Computer Science, Engineering, or equivalent experience
• 20+ years of management experience in an IT Security/Cloud environment
• 8+ years of experience working with public cloud, preferably on Microsoft Azure and Office 365 security
• Deep experience handling enterprise-grade security in a security-conscious organization with substantial infrastructure in the cloud is required
• Experience in securing SaaS platforms and moving from a preventive security stance to a predictive security stance is highly desirable
• Executive Presence - Effective communicator that can distill technical issues into business terms and language by successfully working with senior leaders, board, and audit/risk committees
• Familiarity with tools, processes, and certifications related to security is required
• Strong application/product/software security background
• Good understanding of various hacking techniques
• A minimum of six years of experience in penetration testing/infrastructure security testing (Application security testing experience is added advantage)
• Ability to effectively interface with product development teams
• Excellent analytical, organizational, verbal, and written communication skills
• Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff
• Ability to conduct independent security research
• Experience in ATP, and SIEM tools, should have worked on various VAPT tools
• Certifications such as CISSP, CISM, CEH, etc. 

What you will do:

• Primary responsibilities will be to oversee the safety and integrity of our data as well as that of our partners and customers
• Deliver a world-class IT experience (O365, network, meeting infrastructure, asset management IT tickets, etc.), own IT budgets and engage with procurement for purchasing requirements
• Review and refine data and network security processes, development methodologies, and ICM platform security
• Working with IT, Operations, HR, and Customer Success you will be responsible for ensuring that our security processes are the best in the business and are regularly updated
• Work closely with customers, IT, and Operations to manage security incidents and the security incident & response process
• Perform your own security research into new tools and techniques
• Lead security assessment and testing processes, including but not limited to penetration testing, vulnerability management, and secure software development at a corporate level
• Plan for and manage incident response plans and activities while minimizing the detrimental effect on the business
• Design cyber security architecture and embeds advanced forensic tools and techniques for after-the-fact attack reconstruction and analysis
• Assure the safeguarding of the network against unauthorized infiltration, modification, destruction, or disclosure
• Proactively identify and actively defend against security issues and potential threats, while continuously refining processes and system configurations to monitor and alert on threat activity
• Advocate for secure application and infrastructure best practices, ensuring a security presence at all stages of the information asset’s lifecycle
• Lead compliance activities including external audits, regulatory compliance projects and certifications, and overall information security reviews
• Maintaining, Updating, and enhancing Icertis Compliance certification and framework
• Manage relationships with external information security technology vendors and specialized information security professional services firms
• Instrumental in fostering the security culture within the organization and helping keep the leadership team informed and educated on our security levels.
• Serve as an information security expert to the Senior Management Team, Partners, and Customers.

Icertis, Inc. provides Equal Employment Opportunity to all employees and applicants for employment without regard to race, color, religion, gender identity or expression, sex, sexual orientation, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. Icertis, Inc. complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to [email protected] or get in touch with your recruiter. By submitting your application you acknowledge that you have read Icertis’s Privacy Policy (https://www.icertis.com/privacy-statement/)Icertis is not open to third party solicitation or resumes for our posted FTE positions. Resumes received from third party agencies that are unsolicited will be considered complimentary.