Chief Information Security Officer

• Set the vision, strategy and roadmaps for Security and IT programs including SOC2 and ISO 27001
• Develop, lead and scale diverse technical teams to execute on the roadmap and day to day responsibilities
• Collaborate with senior Engineering, Product, Legal and other functional leaders to get buy-in and participate in the execution of the strategy and roadmap as well participate in architecture reviews, implement guidelines and monitor ongoing security
• Advocating initiatives and software development processes that reinforce that security is every engineer’s responsibility
• Work with the sales organization to build security awareness, a competitive security position, and trust with prospects and clients.
• Developing, implementing, and managing information security training and awareness for Bluecorians at all levels. This includes, publicizing and explaining of policies and procedures and while growing our knowledge base
• Work with Bluecore’s Data Privacy Officer to align the technical elements of privacy operations with applicable privacy regulations. (GDPR, CCPA, CPRA and more)
• Provide leadership to Bluecore’s IT and Security organization while growing our existing team’s capabilities.
• Drive and influence technology selection across the organization
• Prepare and report on information security posture and risk management status to Senior Management and the Company’s Board of Directors

‍

• 10+ years of experience in a combination of risk management, information security, and application security engineering roles.
• 5+ years in a senior leadership role in security
• Demonstrated experience with Application Security, DevOps, or Cloud Security functions as a leader or in a people management role.
• Experience with cloud computing technologies with security commitments to customers and partners. Our Cloud Provider is GCP.
• Knowledge and understanding of relevant legal and regulatory requirements such as Payment Card Industry/Data Security Standard Personally Identifiable Information (PII), Service Organization Control (SOC), and California Consumer Privacy Act (CCPA) and frameworks, such as ISO/IEC 27001, and NIST.
• Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences
• Empathy and emotional intelligence to lead a diverse group of engineers and managers at varying stages of their careers
• Significant experience building diverse and inclusive teams

‍