Chief Information Security Officer

• Responsible for the management and oversight of the global security of JAGGAER Corporate and SaaS systems, including overseeing JAGGAER’s information protection and data privacy compliance as well as:
• Maintains a current and appropriate body of knowledge necessary to perform the technical and informational security management function.
• Effectively applies data and access security management knowledge to enhance the security of JAGGAER-associated systems and services.
• Works with JAGGAER Legal to maintain knowledge of legislative and regulatory initiatives across JAGGAER products, services, and geographies. Interprets and translates requirements for implementation and ongoing compliance. Develops appropriate information security policies, standards, guidelines, and procedures.
• Works effectively with the Information Privacy Officer, other information security personnel, the Cloud Operations team, and the standing JAGGAER Compliance Committee.
• Provides meaningful input, prepares effective presentations, and communicates corporate security objectives and initiatives across multiple audiences, including specific relevant JAGGAER functions, the entire JAGGAER employee base, customers, prospects, auditors, etc.
• Participates in tactical (short-term) and strategic (long-term) planning, including managing a financial budget and forecast and a detailed roadmap of activities.
• Oversees Information Security Program compliance and effectiveness in coordination with the entity’s other compliance and operational assessment functions.
• Oversees, directs, delivers, or ensures initial and ongoing security training delivery to all employees, contractors, alliances, business associates, and other appropriate third parties.
• Ensures compliance with security practices and consistent application of sanctions for failure to comply with security policies for all individuals in the organization’s workforce, extended workforce, and for all business associates, in cooperation with Human Resources, the information privacy officer, administration, and legal counsel as applicable.
• Initiates, facilitates, and promotes activities to foster information security awareness within the organization and related entities.
• Reviews and regularly audits all system-related information security plans throughout the organization’s network to ensure compliance, alignment, and evolution among security, privacy, product development, and network practices.
• Oversees investigations of both internal and external participant information security violations and crimes. Works effectively with management, third-party advisors, and external law enforcement to resolve these instances.
• Reviews instances of noncompliance and works effectively and tactfully to correct deficiencies.
• Maintains current knowledge of applicable government privacy laws and accreditation standards and monitors advancements in information security technologies to ensure organizational adaptation and compliance.
• Serves as an information security consultant for all departments and appropriate entities, including supporting existing customer compliance and renewals and pursuing new customers with specific security requirements.
• Certifies that Cloud Operations and IT systems meet predetermined security requirements.
• Strives to maintain high system availability.
• Responsible for the management of global security team personnel
• Determines positions and personnel necessary to accomplish information security goals. Requests positions, screens personnel, and leads the interviewing and hiring process.
• Develops meaningful job descriptions.
• Communicates expectations and actively coach personnel for success.
• Prioritizes and assigns tasks; reviews work performed; challenges staff to better themselves; and advances the level of service provided.
• Provides meaningful feedback to staff on an ongoing basis and formally appraises performance annually.
• Responsible for promoting open lines of communication within and across the organization
• Collaborates with other team members as needed or directed.
• Makes recommendations for the improvement of operational and procedural changes.
• Follows through and audits existing and newly implemented policies, procedures, processes, and tools.
• Responsible for keeping abreast of local, state, and federal rules and regulations
• Stays informed of the latest web/internet tools and standards.
• Seeks out new ways of improving technical skills individually and for their team.
• Responsible for performing other duties assigned but not limited to the following:
• Current duties as outlined in the current position job description.
• Special projects as assigned

• Education:
• A four-year college degree in Computer Science or equivalent experience is required.
• Professional certification, e.g., CISSP, CISM, CISA, CGEIT.
• Experience:
• Education and experience relative to the size and scope of the organization.
• 8+ years of information security work experience is required, with public or private sector experience as a senior manager, director, vice president, or chief title.
• The ability to work effectively in a global organization with diverse regulatory requirements is required, as are demonstrated personnel and information security program management skills.
• A working knowledge of all aspects of information security is essential, as is the ability to apply this knowledge in an environment comprised of corporate, software development, and SaaS infrastructure and hosting components.
• Additional Requirements:
• Demonstrated effectiveness with consensus building, policy development, and verbal and written communication skill.
• In-depth and current understanding of technology network and system security technologies and practices across all major-computing areas (public cloud, client/server, WAN, PC/LAN, telephony) with a particular emphasis on Internet-related technology.
• A high level of integrity and trust · Knowledge of HIPAA, state and federal guidelines on privacy, transactions, and security. Working knowledge and understanding of all hardware and software applications applicable to this organization.
• Experience managing SOC examinations, PCI DSS audits, ISO and NIST security frameworks, and associated compliance audits.
• Experience with GRC tools.
• Demonstrated successful program management expertise.

WHAT WE OFFER:

We strive to support our Rockstars & their families. Your health & well-being are important. JAGGAER offers a variety of programs to help you manage your overall wellness and be your best self. At JAGGAER, you’ll find great medical plans, adoption benefits, wellness reimbursement, generous parental leave, 401(k) match, a flexible work environment, no limit on vacation days for exempt employees, and much more!

OUR VALUES:

Our values are at the core of who we are at JAGGAER. You will see these values entrenched in how we support our customers, work with team members, build our products, and in the culture we’ve created.

Passion: Our team is passionate about the work we do and the impact we’re making.

Humility: We respect and learn from our teammates in pursuit of the larger company mission – to simplify procurement with a relentless customer focus.

Empathy: We constantly seek to understand the perspectives of teammates, customers, partners, and other community members.

Transparency: We’re clear about our plans, processes, and goals so nothing surprises us.

Accountability: We measure ourselves against the expectations of our customers and stakeholders, as well as our community at large.

EEO:

JAGGAER is a proud equal opportunity/affirmative action employer supporting workforce diversity. We do not discriminate based upon race, ethnicity, ancestry, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), marital status, caregiver status, sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, genetic information, military or veteran status, mental or physical disability, or other applicable legally protected characteristics.

ACCESSIBILITY:

JAGGAER is committed to providing access and reasonable accommodation to applicants. If you are a qualified individual with a disability or a disabled veteran and you think you may require an accommodation for any part of the recruitment process, please send a request to: hr@jaggaer.com All requests for accommodations are treated discreetly and confidentially, as practical and permitted by law.