VP, Chief Information Security Officer (CISO)

8X8 Incorporated - Campbell, CA

posted 2 months ago

Full-time - Executive
Campbell, CA
Merchant Wholesalers, Durable Goods

About the position

As the Chief Information Security Officer (CISO) at 8x8, you will be responsible for developing and implementing a comprehensive cybersecurity strategy that safeguards the company's information assets, systems, and data. This executive leadership role requires a strategic thinker with deep expertise in cybersecurity, risk management, and compliance, especially in the context of a publicly traded company. You will work closely with senior leadership, including the Board of Directors, to ensure that cybersecurity is integral to the company's overall strategy and operations. In this role, you will develop and execute a forward-looking cybersecurity strategy that aligns with the company's business goals and regulatory requirements. You will lead and manage the cybersecurity team, fostering a culture of security awareness and proactive risk management across the organization. Your responsibilities will include providing expert guidance to the CEO, executive team, Data Protection Committee, and the Board of Directors on cybersecurity risks, strategies, and incident response. You will also be tasked with identifying, assessing, and mitigating practical cybersecurity threats and vulnerabilities that could impact the company's operations, reputation, or valuation. This includes sustaining a robust risk management framework that encompasses regular risk assessments, audits, and continuous monitoring, as well as ensuring compliance with relevant laws, regulations, and industry standards, including Sarbanes-Oxley (SOX) and General Data Protection Regulation (GDPR). In terms of incident response and crisis management, you will develop and maintain an incident response plan to manage and mitigate the impact of security breaches or cyber-attacks. You will lead the company's response to cybersecurity incidents, coordinating with internal teams, external partners, and law enforcement as necessary, and conducting post-incident analysis to identify lessons learned and implement improvements. Additionally, you will oversee the design and implementation of security architectures that protect the company's infrastructure, applications, and data, while evaluating and deploying advanced security technologies. You will ensure that the company's cybersecurity policies, procedures, and practices comply with all relevant regulatory and industry standards, and prepare and present regular reports to the Board of Directors on the status of the company's cybersecurity program, including key metrics, risks, and incidents. Finally, you will manage relationships with external vendors and third parties involved in the company's cybersecurity efforts, conducting thorough due diligence to ensure they meet the company's security standards.

Responsibilities

  • Develop and execute a forward-looking cybersecurity strategy that aligns with the company's business goals and regulatory requirements.
  • Lead and manage the cybersecurity team, fostering a culture of security awareness and proactive risk management across the organization.
  • Provide expert guidance to the CEO, executive team, Data Protection Committee, and the Board of Directors on cybersecurity risks, strategies, and incident response.
  • Identify, assess, and mitigate practical cybersecurity threats and vulnerabilities that could impact the company's operations, reputation, or valuation.
  • Sustain a robust risk management framework that includes regular risk assessments, audits, and continuous monitoring.
  • Ensure compliance with relevant laws, regulations, and industry standards, including Sarbanes-Oxley (SOX), General Data Protection Regulation (GDPR), and others.
  • Develop and maintain an incident response plan to manage and mitigate the impact of security breaches or cyber-attacks.
  • Lead the company's response to cybersecurity incidents, coordinating with internal teams, external partners, and law enforcement as necessary.
  • Conduct post-incident analysis to identify lessons learned and implement improvements.
  • Oversee the design and implementation of security architectures that protect the company's infrastructure, applications, and data.
  • Evaluate and deploy advanced security technologies, including encryption, firewalls, intrusion detection systems, and threat intelligence platforms.
  • Stay abreast of the latest cybersecurity trends, threats, and technologies to ensure the company's security posture remains strong and resilient.
  • Ensure that the company's cybersecurity policies, procedures, and practices comply with all relevant regulatory and industry standards.
  • Prepare and present regular reports to the Board of Directors on the status of the company's cybersecurity program, including key metrics, risks, and incidents.
  • Foster a culture of security awareness throughout the organization, providing training and resources to employees at all levels.
  • Manage relationships with external vendors, consultants, and other third parties involved in the company's cybersecurity efforts.
  • Conduct thorough due diligence on third-parties to ensure they meet the company's security standards.

Requirements

  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field; a Master's degree or MBA is preferred.
  • A minimum of 12 years of experience in information security, with at least 5 years in a leadership role.
  • Experience in a publicly traded company is strongly preferred.
  • In-depth knowledge of cybersecurity frameworks, such as NIST, ISO 27001, and CIS Controls.
  • Proven track record of successfully managing cybersecurity risks and incidents in complex and dynamic environments.
  • Strong understanding of regulatory requirements, including SOX, GDPR, HIPAA, and others relevant to the industry.
  • Excellent leadership, communication, and presentation skills, with the ability to convey complex security concepts to non-technical stakeholders.
  • Relevant certifications, such as CISSP, CISM, CISA, or similar, are highly desirable.

Benefits

  • Competitive salary and benefits package, including equity.
  • Commitment to professional development and career growth.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service