VP & Chief Information Security Officer

Job Description:

Reporting to the Chief Information Officer, the Vice President & Chief Information Security Officer (CISO) is a key executive leader who acts as a strategic business partner and enabler of scalable growth, not just a technical guardian. This leader will design and execute an adaptive, automated, and business-integrated cybersecurity strategy that protects the company's information assets while proactively positioning security as a competitive advantage.

The CISO will evolve the company's security posture by embedding automation and a "secure by design" culture into all operational and product development processes. Reporting to the highest level of leadership, this role is responsible for translating technical risks into quantifiable business impacts, ensuring continuous compliance, and driving a company-wide security mindset. The CISO will build a resilient and innovative security organization that accelerates, rather than hinders, a high-growth business, all while building and maintaining trust with customers, partners, and the market.

Key Responsibilities and Essential Job Functions

Enterprise Security Strategy & Governance:

• Design and implement a scalable security strategy and governance model that aligns with business objectives, is adaptable, and anticipates the unique risks and requirements of hypergrowth.

• Design and execute a forward-looking cybersecurity strategy that supports innovation while maintaining customer trust and competitive differentiation, proactively positioning security as a competitive advantage that builds and sustains stakeholders’ trust at scale.

• In partnership with Compliance Team, maintain and enhance compliance posture across multiple frameworks including SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, and CCPA 2.0.

• Establish automated, risk-based security governance frameworks and controls that scale effortlessly with the business, enabling decentralized and informed decision-making.

Operational Security & Resilience

• Lead enterprise-wide threat detection, vulnerability management (TVM), and incident response programs with measurable effectiveness metrics.

• Instantiate security-as-code and automated frameworks for architecture, engineering, and operations to eliminate manual toil and support hypergrowth.

• Improve an operationalized proactive cyber resilience program focused on minimizing business impact during and after a security event.

• Lead the evolution of the SOC, leveraging automation and threat intelligence to achieve 24/7 coverage with maximum efficiency, and transition it towards a data-driven security-as-a-service model.

• Define and track business-oriented security metrics and key risk indicators (KRIs) that directly inform business leaders on risk exposure and the effectiveness of security investments.

• Drive continuous improvement in mean time to detect (MTTD) and mean time to respond (MTTR).

Compliance & Risk Management

• Build a continuous compliance framework, using automation to maintain real-time audit readiness and demonstrate control effectiveness with minimal friction for product and engineering teams.

• Embed security and privacy by design into the product development lifecycle, enabling rapid innovation while meeting and exceeding customer expectations.

• Lead enterprise risk assessment programs and maintain a comprehensive risk register with clear mitigation strategies.

• Develop a risk quantification program to translate technical risks into business impacts and inform data-driven investment decisions for the executive team and board.

Leadership & Strategic Engagement

• Act as a strategic business partner to the CEO, C-suite, and board, using deep business acumen to align security with Flexential’s growth objectives.

• Equip the sales and customer success teams to confidently communicate our security story, turning our security posture into a key enabler for winning and retaining enterprise customers.

• Scale security culture throughout the organization by empowering all teams to own their security, moving from a centralized security gatekeeper model to a decentralized security enablement model.

• Represent Flexential externally with customers, prospects, regulators, auditors, and industry organizations as a cybersecurity thought leader.

• Build strategic relationships with peer CISOs, industry groups, and security vendor partners.

People Leadership & Organizational Development

• Build and mentor a high-performing security organization that is structured for scale, leveraging automation and delegation to maximize impact and embed security ownership across engineering and product teams.

• Cultivate an innovative and collaborative security culture that empowers the business to move fast securely, positioning the security team as an accelerator, not a roadblock.

• Create psychological safety that allows teams to learn from setbacks and continuously improve.

• Establish clear goals, performance metrics, and accountability frameworks aligned with organizational objectives.

• Implement structured career development paths and succession planning within the security organization.

Required Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field.

• 10+ years of progressive experience in information security, risk management, or IT leadership roles.

• 5+ years in a senior leadership position, preferably as a CISO, VP of Security, or equivalent executive role.

• Demonstrated success building and scaling enterprise security programs in high-growth or complex environments.

• Deep knowledge of compliance and regulatory frameworks including SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, and CCPA.

• Proven experience managing multi-million-dollar budgets and demonstrating ROI on security investments.

• Exceptional executive presence with demonstrated ability to communicate effectively with boards, C-suite executives, customers, and technical teams.

• Experience leading incident response and crisis management in enterprise environments.

Preferred Qualifications

• Master's degree in Cybersecurity, Business Administration, Risk Management, or related discipline

• Industry-recognized certifications such as CISSP, CISM, CISA, CCISO, CGEIT, or equivalent

• Experience in hybrid cloud, SaaS, colocation, or data center environments

• Track record of supporting revenue growth through security as a sales enabler and customer differentiator

• Background in regulated industries or managing security for service provider environments

• Experience with security transformation initiatives and modern security architecture patterns (Zero Trust, SASE, etc.)

Physical Requirements

• Prolonged periods of sitting at a desk and working on a computer in an office environment

• Ability to travel up to 20% for customer meetings, audits, conferences, or industry events

• Flexibility for after-hours availability to respond to security incidents, crises, or critical business needs

• Ability to work effectively in a fast-paced, dynamic environment with competing priorities

Base Pay Range: Annualized salary range offered for this position is estimated to be $235,000 - $275,000. However, the actual pay range depends on each candidate’s experience, location, and qualifications.

Variable Pay: Discretionary annual bonus, based on personal and company performance.

Flexential participates in the E-Verify program. Please click for more information.

#LI-Hybrid

This position has the following safety hazards:

☒ Ergonomics

☒ Trip/Fall

☒ Driving (must possess valid driver’s license and insurance)

Not meeting every single requirement? No problem! We are looking for candidates who possess unique skills that set them apart from the rest. If you're enthusiastic about this role and believe you have the skills and abilities that would make you successful, don't hesitate to apply today!

Benefits of working at Flexential:
• Medical, Telehealth, Dental and Vision
• 401(k)
• Health Savings Accounts (HSA) and Flexible Spending Accounts (FSA)
• Life and AD&D
• Short Term and Long-Term disability
• Flex Paid Time Off (PTO)
• Leave of Absence
• Employee Assistance Program
• Wellness Program
• Rewards and Recognition Program

Benefits are subject to change at the Company's discretion.