Chief Information Security Officer

Job Title:Chief Information Security OfficerAboutTrellix:Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work.Our comprehensive, GenAI-powered platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions.We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at https://www.trellix.com/ .Role Overview:Reporting to the CIO, as Chief Information Security Officer you will be responsible for leading global information security strategy, policies and governance. As a threat landscape expert you will be responsible for guiding your organization’s structure, technology investments, and processes to rapidly assess, triage and manage risks.A critical charter of this role is treating Trellix as Customer Zero by collaborating with the Chief Product Officer and Product Development teams in test-driving, evaluating and providing user insights for all products and services prior to general market availability.As a cybersecurity expert and influencer, the Trellix CISO will engage with a variety of audiences, industry experts and our customers in various forums and advisory engagements spanning both public and private sectors.About the RoleInformation Security Strategy & LeadershipDevelop, implement, and oversee a comprehensive global cybersecurity strategy aligned with business objectives and regulatory requirements.Provide strategic direction to the Security Operations Center (SOC), security engineering, and incident response teams.Advise the Board of Directors and executive leadership on cybersecurity risks, threats, and compliance obligationsRisk Management & ComplianceDesign and manage a global risk management framework to address cyber threats, third-party risks, and insider threats.Ensure compliance with industry standards (ISO 27001, NIST, SOC 2, GDPR, CCPA, HIPAA, etc.).Oversee regular security audits, penetration testing, and vulnerability assessments.Develop and implement zero-trust architecture, identity and access management (IAM), and privileged access management (PAM).Secure Product & Cloud SecurityEmbed security by design into software development (DevSecOps).Ensure cloud security across multi-cloud (AWS, Azure, Google Cloud).Implement secure SDLC, CI/CD security controls, and API security best practices.Act as “Customer Zero” by collaborating with Product Development teams in test-driving, evaluating and providing user insights for all products and servicesGovernance, Awareness, and TrainingFoster a culture of cybersecurity awareness through company-wide training and phishing simulations.Act as the primary liaison with external security partners, auditors, regulators, and legal teams.Budgeting & Resource ManagementDevelop and manage the cybersecurity budget, ensuring cost-effective security investments.Through thoughtful talent acquisition, performance management and succession planning, train and retain top-tier security professionals to build a world-class cybersecurity team.About You:As a cybersecurity technologist your background must include significant years of global information security technology leadership experience across a broad range of technical environments and business models. Operating within PE or VC-backed companies is a plus for us.Experiences need to include active partnering with software development leadership regarding safe and thoughtful software development practices.A background specifically developing and managing risk-based security programs leveraging a wide variety of cyber security technologies is essential.Your people management history must include growing and evolving your global teams of at least 50 into top performers through active engagement, continuous talent assessment, talent acquisition, performance management and succession planningYour background ideally includes direct engagement with customers as well as engaging public audiences.You must have extensive knowledge of information security standards, policies and practices, including HIPAA and FISMA.Your ability to engage with and influence the most senior decision makers across the company and our partner and customer ecosystems will quickly add to your success.Base Pay Range: $285,000 - $340,000. Actual base pay within this range will depend on varying circumstances, including the work location, individual qualifications, company budget and other operational business needs. Compensation also includes annual bonuses and long-term incentives, subject to various metrics and company policy.Company Benefits and Perks:We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.Retirement PlansMedical, Dental and Vision CoveragePaid Time OffPaid Parental LeaveSupport for Community InvolvementWe're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.