CISO - US Remote

ABOUT THE ROLE: Chief Information Security Officer (CISO)

We are seeking an experienced and highly skilled Chief Information Security Officer (CISO) to lead Aviatrix's information security and risk management efforts. The CISO will be responsible for developing, implementing, and maintaining a comprehensive information security program that protects the company's critical assets, data, systems, and physical infrastructure from cyber/security threats and ensures compliance with relevant regulations and industry standards.

RESPONSIBILITIES:

Strategic Leadership:

• Provide strategic direction and oversight for the organization's information security and risk management initiatives, ensuring alignment with business goals
• Foster a security-first culture by championing security awareness programs and integrating security considerations into all business processes
  
  

Risk Assessment:

• Identify, assess, and mitigate at least 80% of high-priority information security risks within the first year, utilizing frameworks like CIS (Critical Security) Controls (https://www.cisecurity.org/controls) or NIST (National Institute of Standards and Technology) Cybersecurity Framework. (https://www.nist.gov/cyberframework)
• Implement effective risk management strategies and controls to protect against potential threats and vulnerabilities.
  
  

Security Program Development:

• Design, implement, and continuously improve a robust information security program aligned with industry best practices and relevant security frameworks (e.g., CIS Controls, ISO 27001, and NIST Cybersecurity Framework).
• Develop comprehensive policies, procedures, standards, and best practices to safeguard the confidentiality, integrity, and availability of information assets.
  
  

Compliance and Governance:

• Ensure compliance with relevant laws, regulations, and industry standards related to information security, data privacy, and risk management (e.g., GDPR, PCI DSS, ISO 27001).
• Develop and maintain a governance framework to manage and mitigate risks.
  
  

Incident Response and Investigations:

• Lead the organization's incident response efforts.
• Oversee the investigation and resolution of security incidents, coordinating with relevant stakeholders and authorities as needed.
  
  

Vendor and Third-Party Risk Management:

• Establish and maintain processes for evaluating and managing the security risks associated with third-party vendors, service providers, and partnerships.
  
  

Security Awareness and Training:

• Champion a strong security culture within the organization.
• Develop and deliver effective security awareness and training programs for employees, contractors, and relevant stakeholders.
  
  

Budget and Resource Management:

• Develop and manage the information security budget.
• Ensure appropriate allocation of resources to support security initiatives and ongoing operations.
  
  

Collaboration and Communication:

• Collaborate closely with cross-functional teams (e.g., engineering, IT, legal, compliance) to align security efforts with organizational objectives.
• Effectively communicate security risks and mitigation strategies to stakeholders at all levels, including executive leadership, through regular security briefings and reports.
  
  

QUALIFICATIONS:

• Proven experience in a senior information security leadership role, preferably as a Chief Information Security Officer (CISO) or equivalent position.
• Comprehensive knowledge of information security principles, practices, and industry standards (e.g., NIST, ISO, COBIT (Control Objectives for Information Technology) (https://www.isaca.org/resources/cobit)).
• Strong understanding of risk management frameworks and methodologies, including risk assessment, risk treatment, and risk reporting.
• Expertise in cybersecurity technologies, including firewalls, intrusion detection/prevention systems, encryption, and security information and event management (SIEM) solutions.
• Exceptional leadership, communication, and interpersonal skills to effectively manage teams, interact with stakeholders, and convey complex security concepts.
• Strong project management skills and the ability to plan and execute strategic security initiatives.
• Comprehensive knowledge of relevant laws, regulations, and compliance requirements related to information security and data privacy.
• Demonstrate a solid understanding of budgeting and data analysis.
• Bachelor’s degree in Computer Science, Information Security, or a related field; advanced degree or relevant industry certifications (e.g., CISSP, CISM, CRISC) preferred.
  
  

Preferred Attributes:

• Proactive and innovative mindset, with the ability to anticipate and address emerging threats.
• Strong analytical and problem-solving skills.
• Ability to work under pressure and manage multiple priorities.
• Excellent organizational and time-management abilities.
  
  

US Pay Range

The US annual base salary range for this full-time position is $345,000-$390,000 + benefits + 401(k) match + equity. The pay range is determined by the role, work location, job-related skills, level, experience and relevant education. [Certain roles are eligible to earn sales commission, depending on the terms of the applicable plan.] The range displayed is the minimum and maximum target base salary and is applicable only for new hires for the listed position located in the US. Your Talent Advisor can share more details regarding salary ranges, benefits, and equity for your location during the hiring process.

Benefits

US: We cover 100% of employee premiums and 88% of dependent(s) premiums for medical, dental and vision coverage, 401(k) match, short and long-term disability, life/AD&D insurance, $1,000/year education reimbursement, and a flexible vacation policy.

Outside the US: We offer a comprehensive benefits package which, (subect to regional variations) could include pension, private medical for you and dependents, generous holiday allowance, life assurance, long-term disability, annual wellbeing stipend

Your total compensation package will be based on job-related knowledge, education, certifications and location, per our aligned ranges.

About Aviatrix 

Aviatrix is the cloud networking expert. We’re on a mission to make cloud networking simple so companies stay agile. Trusted by more than 500 of the world’s leading enterprises, our cloud networking platform creates the visibility, security, and control needed to adapt with ease and move ahead at speed. Combined with the Aviatrix Certified Engineer (ACE) Program, the industry's leading multicloud networking and security certification, Aviatrix empowers the cloud networking community to stay at the forefront of digital transformation.

WE WANT TO INCLUDE YOU

We embrace the fact that not everyone’s journey took the same route or started at the same place. If your experience doesn’t quite meet the requirements but the opportunity excites you and you believe you could be great, don’t let that hold you back from applying. Tell us what you CAN bring and what makes you special.

Aviatrix is a community where everyone's career can grow and we want to help you achieve your goals and be “your best YOU,” however that looks. If you're seeking an opportunity where you can be excited to start work every morning with enthusiastic people, make a real difference and be part of something amazing then let’s talk. We want to get to know you and how we could grow together.

Aviatrix, Inc. is an equal opportunity employer and does not make hiring decisions based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

CPRA - California Applicant Privacy Notice