CISO (Chief Information & Security Officer)

1 month, 2 weeks ago
Full-time
Lead
Cybersecurity
Energy Exemplar

Energy Exemplar

Energy Exemplar is a leading provider of award-winning energy simulation software, including PLEXOS and Aurora, used for modeling electric, gas, and water energy markets worldwide. Their solutions offer in-depth insights for financial industry professi...

Internet Software & Services
251-1K
Founded 1999

Description

  • Develop and implement a comprehensive information security strategy aligned with business objectives.
  • Lead and mentor the Information Security team to ensure effective execution and team success.
  • Oversee and improve the product security program and embed secure development practices across the SDLC.
  • Lead audits and certification efforts for SOC 2, ISO 27001, and similar regulatory requirements.
  • Direct incident detection, response, recovery, communications, and remediation prioritization.
  • Continuously assess cybersecurity risks and implement controls to mitigate them.
  • Ensure compliance with relevant security regulations and standards and represent the company to regulators when needed.
  • Promote security awareness and best practices across the organization.
  • Oversee the adoption and management of security technologies and tooling.
  • Manage third-party and vendor security risk, including security implications of partnerships.
  • Manage security budgets and allocate resources to support security initiatives.
  • Report security program status, needs, and cyber risk trade-offs to senior leadership and stakeholders.

Requirements

  • Bachelor’s degree in Computer Science, Engineering, or a related technical field.
  • 10+ years of experience in information security, including 5+ years in a leadership role.
  • Broad hands-on and senior leadership experience in security, engineering, or DevSecOps management.
  • Deep understanding of security technologies, including intrusion detection, content filtering, threat patterns, security architecture, and application architecture.
  • Strong knowledge of SDLC, application security policies, design, and documentation.
  • Experience with secure coding practices, threat modeling, identity and access management, and security incident response and recovery.
  • Deep knowledge of cloud security, network security, data protection, and security in software development environments.
  • Experience securing and operating across cloud platforms such as Azure and AWS.
  • Knowledge of security tools and monitoring technologies such as IDS and SIEM, with a desire to remain technically hands-on while operating strategically.
  • Deep knowledge of security and compliance frameworks and regulations such as SOC 2, NIST, ISO 270xx, and GDPR.
  • Experience with ethical hacking, computer forensics, information assurance, and intrusion detection/prevention methodologies.
  • Proficiency with static and dynamic analysis tools, vulnerability scanners, and penetration testing.
  • Hands-on experience with secure software development methodologies and DevSecOps practices.
  • Preferred certifications include CISSP, CISA, CISM, CEH, OSCP, or GSEC.
  • Experience building, growing, and maintaining high-performing security teams in the US and India is valued.

Benefits

  • Remote-first flexibility with the ability to work from home, the office, or on the move.
  • Support for work-life balance and autonomy in how and where work gets done.
  • Opportunity to work on a global team with strong ownership and innovation values.
  • Inclusive employer commitment with accommodations available during the recruitment process.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Offensive Security Lead

Nebius 51-250 Internet Software & Services

Nebius is seeking an Offensive Security Lead to build and run its red team and offensive security program for a global AI cloud platform.

Go Kubernetes Penetration Testing Python
5 hours, 20 minutes ago

Risk Assurance Senior

BPM 1K-5K Diversified Financial Services

BPM is hiring a Risk Assurance Senior to execute and coordinate IT audit and compliance engagements across SOX and SOC work while supporting clients, managers, and junior team members.

AWS Azure Cybersecurity GCP
5 hours, 50 minutes ago

Senior Security Controls Assessor - Contingent

ARETUM Construction & Engineering

Aretum is seeking a Senior Security Controls Assessor to support a federal government contract by conducting comprehensive security assessments of information systems and ensuring compliance with required security controls and regulations.

1 day, 5 hours ago

Manager, Compliance Advisory

Coalfire 251-1K Internet Software & Services

Coalfire is hiring a Manager, Public Sector Advisory to lead client-facing cybersecurity compliance engagements for public sector customers while managing a small consulting team and overseeing delivery quality.

AWS Azure Cybersecurity GCP Network Security
2 days, 6 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers