Job details

Chief Information Security Officer

Get a free resume review

Job Title:Chief Information Security OfficerAboutTrellix:Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work.Our comprehensive, GenAI-powered platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions.We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at https://www.trellix.com/ .Role Overview:Reporting to the CIO, as Chief Information Security Officer you will be responsible for leading global information security strategy, policies and governance. As a threat landscape expert you will be responsible for guiding your organization’s structure, technology investments, and processes to rapidly assess, triage and manage risks.A critical charter of this role is treating Trellix as Customer Zero by collaborating with the Chief Product Officer and Product Development teams in test-driving, evaluating and providing user insights for all products and services prior to general market availability.As a cybersecurity expert and influencer, the Trellix CISO will engage with a variety of audiences, industry experts and our customers in various forums and advisory engagements spanning both public and private sectors.About the RoleInformation Security Strategy & LeadershipDevelop, implement, and oversee a comprehensive global cybersecurity strategy aligned with business objectives and regulatory requirements.Provide strategic direction to the Security Operations Center (SOC), security engineering, and incident response teams.Advise the Board of Directors and executive leadership on cybersecurity risks, threats, and compliance obligationsRisk Management & ComplianceDesign and manage a global risk management framework to address cyber threats, third-party risks, and insider threats.Ensure compliance with industry standards (ISO 27001, NIST, SOC 2, GDPR, CCPA, HIPAA, etc.).Oversee regular security audits, penetration testing, and vulnerability assessments.Develop and implement zero-trust architecture, identity and access management (IAM), and privileged access management (PAM).Secure Product & Cloud SecurityEmbed security by design into software development (DevSecOps).Ensure cloud security across multi-cloud (AWS, Azure, Google Cloud).Implement secure SDLC, CI/CD security controls, and API security best practices.Act as “Customer Zero” by collaborating with Product Development teams in test-driving, evaluating and providing user insights for all products and servicesGovernance, Awareness, and TrainingFoster a culture of cybersecurity awareness through company-wide training and phishing simulations.Act as the primary liaison with external security partners, auditors, regulators, and legal teams.Budgeting & Resource ManagementDevelop and manage the cybersecurity budget, ensuring cost-effective security investments.Through thoughtful talent acquisition, performance management and succession planning, train and retain top-tier security professionals to build a world-class cybersecurity team.About You:As a cybersecurity technologist your background must include significant years of global information security technology leadership experience across a broad range of technical environments and business models. Operating within PE or VC-backed companies is a plus for us.Experiences need to include active partnering with software development leadership regarding safe and thoughtful software development practices.A background specifically developing and managing risk-based security programs leveraging a wide variety of cyber security technologies is essential.Your people management history must include growing and evolving your global teams of at least 50 into top performers through active engagement, continuous talent assessment, talent acquisition, performance management and succession planningYour background ideally includes direct engagement with customers as well as engaging public audiences.You must have extensive knowledge of information security standards, policies and practices, including HIPAA and FISMA.Your ability to engage with and influence the most senior decision makers across the company and our partner and customer ecosystems will quickly add to your success.Base Pay Range: $285,000 - $340,000. Actual base pay within this range will depend on varying circumstances, including the work location, individual qualifications, company budget and other operational business needs. Compensation also includes annual bonuses and long-term incentives, subject to various metrics and company policy.Company Benefits and Perks:We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.Retirement PlansMedical, Dental and Vision CoveragePaid Time OffPaid Parental LeaveSupport for Community InvolvementWe're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Trellix Glassdoor Company Review

3.7

Trellix DE&I Review

No rating

CEO of Trellix

Bryan Palma

Approve of CEO

Average salary estimate

Estimate provided by employer

$100000 / ANNUAL (est.)

min

max

$80K

$120K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Chief Information Security Officer, Trellix

Meet Trellix, where we're shaking up the cybersecurity landscape in Santa Fe, NM, as we seek a Chief Information Security Officer to join our innovative team. At Trellix, we believe in soulful work that makes a difference in the cybersecurity realm. As our CISO, you will be the driving force behind our global information security strategy, policies, and governance. You'll leverage your expertise to guide our organization in identifying and managing risks. Collaborating closely with our Chief Product Officer and Product Development teams, you'll play a pivotal role, acting as 'Customer Zero' to test and provide insights on our cutting-edge products before they hit the market. Your leadership will shape the Security Operations Center (SOC) and enhance our incident response capabilities while ensuring compliance with key industry standards. In your dynamic role, you'll also foster a culture of cybersecurity awareness throughout the company, advocating for effective training and education. With a keen eye on budgeting and resource management, your strategic input will be essential in building a top-tier cybersecurity team. If you have a wealth of experience in global information security leadership and are ready to take on a meaningful challenge, we’d love to hear from you at Trellix! Together, we can redefine the future of cybersecurity for our 53,000 customers and beyond.

Frequently Asked Questions (FAQs) for Chief Information Security Officer Role at Trellix

What are the main responsibilities of the Chief Information Security Officer at Trellix?

As the Chief Information Security Officer (CISO) at Trellix, you will be tasked with developing and overseeing a comprehensive global cybersecurity strategy that aligns with our business objectives. You'll lead the Security Operations Center (SOC), manage risk assessments, and ensure compliance with various cybersecurity standards. Your role includes advocating for security by design in our products, and engaging with stakeholders at all levels, which highlights the importance of allowing Trellix to act as Customer Zero for our own offerings.