Chief Information Security Officer

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent work experience).
• 10+ years in information security, IT risk, or cybersecurity leadership
• Experience in SMB, PE-backed, or high-growth environments
• Strong working knowledge of: Cloud security (AWS, Azure, GCP, SaaS) Identity & access management Endpoint and network security Incident response and ransomware defense
• Proven ability to communicate cyber risk to non-technical executives and investors
• Experience with at least one recognized security framework (NIST, ISO, CIS)
• Excellent problem-solving and analytical skills.
• Strong communication and interpersonal abilities.
• Ability to manage multiple projects and meet deadlines in a fast-paced environment.

Nice To Haves

• Prior experience supporting private equity portfolios or M&A
• Experience standing up a security program from scratch
• CISSP, CISM, or equivalent certification

Responsibilities

• Security Strategy & Governance Develop and maintain a pragmatic cybersecurity strategy and roadmap aligned to business objectives Define security policies, standards, and procedures appropriate for a fast growing SMB environment Establish cybersecurity governance, risk appetite, and reporting mechanisms Present cyber risk updates to executive leadership and private equity (PE) stakeholders in plain business terms
• Risk Management & Compliance Identify, assess, and prioritize cyber risks using a risk-based approach Oversee vulnerability management, penetration testing, and remediation efforts Lead compliance initiatives, such as SOC 2, ISO 27001, NIST, CMMC, HIPAA, PCI-DSS Ensure third-party and vendor risk management processes are in place
• Incident Response & Resilience Own the incident response plan, tabletop exercises, and breach readiness Lead response to security incidents, ransomware events, or data breaches Coordinate with legal, insurance, forensics, and external advisors as needed Oversee backup, disaster recovery, and business continuity planning
• Technology & Operations Oversee core security tooling (IAM, endpoint security, SIEM/MDR, email security, cloud security) Ensure secure configuration of cloud, SaaS, and on-prem environments Partner closely with IT and operations teams to embed security into operations Make cost-effective build vs. buy decisions
• M&A Support Support cybersecurity due diligence for acquisitions Assess security posture of acquisition targets and provide risk summaries Lead or advise on post-acquisition security integration and remediation Align security maturity with PE exit strategy (strategic buyer or IPO readiness)
• Culture & Awareness Build a security-aware culture through training and phishing simulations Act as a business-friendly security advisor Educate leadership on cyber risk, insurance implications, and regulatory exposure

Benefits

• Competitive salary based on qualifications.
• Paid time off plan and holidays.
• 401(k) matching.
• Short term and long-term disability.
• Medical, dental, and vision plans with options.
• Life insurance.
• Company laptop.
• Professional career development opportunities.
• Tuition reimbursement program.