VP & Chief Information Security Officer

Key Responsibilities and Essential Job Functions

Enterprise Security Strategy & Governance:

• Design and implement a scalable security strategy and governance model that aligns with business objectives, is adaptable, and anticipates the unique risks and requirements of hypergrowth.

• Design and execute a forward-looking cybersecurity strategy that supports innovation while maintaining customer trust and competitive differentiation, proactively positioning security as a competitive advantage that builds and sustains stakeholders’ trust at scale.

• In partnership with Compliance Team, maintain and enhance compliance posture across multiple frameworks including SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, and CCPA 2.0.

• Establish automated, risk-based security governance frameworks and controls that scale effortlessly with the business, enabling decentralized and informed decision-making.

Operational Security & Resilience

• Lead enterprise-wide threat detection, vulnerability management (TVM), and incident response programs with measurable effectiveness metrics.

• Instantiate security-as-code and automated frameworks for architecture, engineering, and operations to eliminate manual toil and support hypergrowth.

• Improve an operationalized proactive cyber resilience program focused on minimizing business impact during and after a security event.

• Lead the evolution of the SOC, leveraging automation and threat intelligence to achieve 24/7 coverage with maximum efficiency, and transition it towards a data-driven security-as-a-service model.

• Define and track business-oriented security metrics and key risk indicators (KRIs) that directly inform business leaders on risk exposure and the effectiveness of security investments.

• Drive continuous improvement in mean time to detect (MTTD) and mean time to respond (MTTR).

Compliance & Risk Management

• Build a continuous compliance framework, using automation to maintain real-time audit readiness and demonstrate control effectiveness with minimal friction for product and engineering teams.

• Embed security and privacy by design into the product development lifecycle, enabling rapid innovation while meeting and exceeding customer expectations.

• Lead enterprise risk assessment programs and maintain a comprehensive risk register with clear mitigation strategies.

• Develop a risk quantification program to translate technical risks into business impacts and inform data-driven investment decisions for the executive team and board.

Leadership & Strategic Engagement

• Act as a strategic business partner to the CEO, C-suite, and board, using deep business acumen to align security with Flexential’s growth objectives.

• Equip the sales and customer success teams to confidently communicate our security story, turning our security posture into a key enabler for winning and retaining enterprise customers.

• Scale security culture throughout the organization by empowering all teams to own their security, moving from a centralized security gatekeeper model to a decentralized security enablement model.

• Represent Flexential externally with customers, prospects, regulators, auditors, and industry organizations as a cybersecurity thought leader.

• Build strategic relationships with peer CISOs, industry groups, and security vendor partners.

People Leadership & Organizational Development

• Build and mentor a high-performing security organization that is structured for scale, leveraging automation and delegation to maximize impact and embed security ownership across engineering and product teams.

• Cultivate an innovative and collaborative security culture that empowers the business to move fast securely, positioning the security team as an accelerator, not a roadblock.

• Create psychological safety that allows teams to learn from setbacks and continuously improve.

• Establish clear goals, performance metrics, and accountability frameworks aligned with organizational objectives.

• Implement structured career development paths and succession planning within the security organization.

Required Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field.

• 10+ years of progressive experience in information security, risk management, or IT leadership roles.

• 5+ years in a senior leadership position, preferably as a CISO, VP of Security, or equivalent executive role.

• Demonstrated success building and scaling enterprise security programs in high-growth or complex environments.

• Deep knowledge of compliance and regulatory frameworks including SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, and CCPA.

• Proven experience managing multi-million-dollar budgets and demonstrating ROI on security investments.

• Exceptional executive presence with demonstrated ability to communicate effectively with boards, C-suite executives, customers, and technical teams.

• Experience leading incident response and crisis management in enterprise environments.

Preferred Qualifications

• Master's degree in Cybersecurity, Business Administration, Risk Management, or related discipline

• Industry-recognized certifications such as CISSP, CISM, CISA, CCISO, CGEIT, or equivalent

• Experience in hybrid cloud, SaaS, colocation, or data center environments

• Track record of supporting revenue growth through security as a sales enabler and customer differentiator

• Background in regulated industries or managing security for service provider environments

• Experience with security transformation initiatives and modern security architecture patterns (Zero Trust, SASE, etc.)

Physical Requirements

• Prolonged periods of sitting at a desk and working on a computer in an office environment

• Ability to travel up to 20% for customer meetings, audits, conferences, or industry events

• Flexibility for after-hours availability to respond to security incidents, crises, or critical business needs

• Ability to work effectively in a fast-paced, dynamic environment with competing priorities

Base Pay Range: Annualized salary range offered for this position is estimated to be $235,000 - $275,000. However, the actual pay range depends on each candidate’s experience, location, and qualifications.

Variable Pay: Discretionary annual bonus, based on personal and company performance.

Flexential participates in the E-Verify program. Please click for more information.

#LI-Hybrid