Chief Information Security Officer

At TreviPay, we believe loyalty begins at the payment. Thousands of sellers use our global B2B payments and invoicing network to provide choice and convenience to buyers, open new markets and automate accounts receivables. With integrations to top eCommerce and ERP solutions and flexible trade credit options, TreviPay brings 40 years of experience serving leaders in manufacturing, retail and transportation.  

Every day, TreviPay employees are challenged and empowered in a supportive, collaborative, entrepreneurial environment. 

We are looking for an experienced, hands-on information security practitioner to lead our cybersecurity team. You will have leadership responsibility for protecting our SaaS platform, infrastructure, and customer data while enabling business growth and innovation. This position requires a talented and driven individual who uniquely combines leadership skill, information security expertise, and is a true technologist who likes to roll up their sleeves and work with architects and engineers to help launch software solutions that are secure by design. This position reports to the Chief Product and Technology Officer (CPTO).

Responsibilities:

Strategic Leadership

o   Develop and execute a comprehensive information security strategy aligned with business objectives

o   Lead the evolution of our security program to address emerging threats and regulatory requirements

o   Build and maintain relationships with key stakeholders, including board members, executives, clients, engineering leaders, and regulatory bodies

o   Provide regular security status updates and metrics to the board and executive team

Team Leadership

o   Continue to evolve and grow TreviPay’s talented and driven information security team through training andcoaching. Attract high performing security professionals to join the team as needed.

o   Help foster a security-first culture throughout the organization

o   Manage security budget

Security Operations & Architecture

o   Lead offensive security and security operations to including, incident response, threat detection, vulnerability management, and forensics

o   Direct the design, implementation, and maintenance of our security architecture

o   Ensure the security of our cloud infrastructure and SaaS platform

o   Stay current with cybersecurity threats and mitigation best practices. Work with the executive team to make strategic decisions related to the company’s security posture and investment

o   Work closely with product management and engineering teams to build a deep understanding of the TreviPay product suite and technology infrastructure. Use this understanding to influence priorities and define information security requirements.

o   Lead evaluation, adoption, and use of security tools and technologies

o   Own the execution of annual PCI-DSS and ISO-27001 certifications to include vendor management and project management of the process.

o   Ensure that data privacy requirements are understood and included in all solutions

Work with engineering leaders to define secure coding practices, standards and training

Compliance & Risk Management

o   Maintain compliance with PCI DSS, ISO 27001, NIST, and other relevant standards

o   Oversee security risk assessments and implement risk mitigation strategies

o   Develop and maintain security policies, procedures, and standards

o   Ensure compliance with financial services regulations and data protection laws

Requirements:

o   10+ years of combined engineering and information security experience

o   3+ years of leadership experience

o   Bachelor’s degree in Computer Science, Information Systems, or equivalent work experience.

o   One or more of the following certifications: Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM)

o   A deep understanding of and experience with one or more of the following compliance frameworks: NIST, PCI-DSS, ISO 27001, SOC 2.

o   An empowering leadership style with a proven ability to build positive, energized teams

o   Excellent judgement and critical thinking skills. Able to weigh multiple and often conflicting constraints and make rapid, logical decisions in a fast-moving company with complex financial products

o   Direct experience with threat hunting, penetration testing, and red teaming

o   Executive-level verbal and written communications skills that can synthesize technical issues into concise points

Why you will love working at TreviPay

·       Competitive salary

·       Paid parental leave

·       Generous paid time off

·       Medical, dental, vision, FSA, Life/AD&D, long and short term disability

·       401K matching

·       Employee referral program

At TreviPay we believe:

·       in saying yes to unique and challenging requirements

·       empowered team members are creative team members

·       our products make the customer’s day just a little bit better

·       work/life balance makes us all more effective

TreviPay is an Equal Opportunity and Affirmative Action Employer.  We welcome all veterans and disabled applicants.

Individuals with disabilities will be provided reasonable accommodation to participate in the job application and/or interview process. Please contact Recruiting@trevipay.com to request an accommodation.