Chief Information Security Officer

About The Position

Requirements

• Extensive experience (approximately 15+ years) in information security, including senior leadership or CISO-level roles.
• Deep expertise in cryptography, PKI, identity management, cloud security, and enterprise security architecture.
• Demonstrated experience leading enterprise security strategy in SaaS or cloud-native organizations.
• Strong knowledge of regulatory and compliance frameworks, including ISO 27001, SOC 2, FedRAMP, GDPR, and emerging AI governance standards.
• Proven ability to communicate complex security concepts to executives, boards, customers, and regulators.
• Exceptional leadership, collaboration, and strategic planning skills.

Responsibilities

• Develop and implement a comprehensive enterprise security strategy that protects internal systems, operations, and corporate assets while reinforcing customer trust externally.
• Serve as the executive authority on information security, risk management, and security compliance, ensuring alignment with corporate objectives and regulatory requirements.
• Collaborate with product, engineering, and business teams to embed security design principles and practices across all Keyfactor offerings.
• Represent Keyfactor externally to customers, partners, industry forums, and regulators to strengthen trust, demonstrate compliance, and communicate security commitments.
• Lead enterprise security operations, including threat detection, incident response, vulnerability management, and proactive risk mitigation.
• Maintain and continuously improve the Information Security Management System (ISMS), driving adherence to ISO 27001, SOC 2, FedRAMP, and emerging standards such as ISO 42001 for AI.
• Define and enforce security policies, procedures, and standards that ensure both internal resilience and external assurance for clients and partners.
• Conduct enterprise-wide risk assessments, audits, and reviews to identify, quantify, and mitigate security threats internally and across customer-facing services.
• Partner with Compliance and Legal teams to maintain adherence to global data protection, privacy, and regulatory standards (e.g., GDPR, CCPA, FedRAMP, AI).
• Act as the executive sponsor for security certifications, audits, and customer assurance initiatives that validate Keyfactor’s external trust posture.
• Provide Keyfactor senior leadership periodic assessments on current and emerging threats and the organizations posture to remediate those threats.
• Ensure that Keyfactor’s corporate security training and awareness program is optimized to engage employees and improve security culture.
• Collaborate with product and engineering teams to integrate security into the full product lifecycle, including design, development, deployment, and maintenance.
• Champion secure software development practices, cryptographic innovation, and identity management solutions that protect customer data and enhance trust.
• Serve as the point of contact for customers and partners regarding security concerns, audits, and assurance programs, strengthening Keyfactor’s reputation as a trusted provider.
• Build, lead, and mentor a high-performing global security organization focused on both internal protection and external assurance.
• Establish clear objectives, performance metrics, and professional development pathways for security, risk, and compliance teams.
• Foster a culture of proactive risk management, operational excellence, and cross-functional collaboration.

Benefits

• Second Fridays (a company-wide day off on the second Friday of every month minus November and December of 2025 due to the Holiday schedule). Please note that this benefit is subject to change.
• Comprehensive benefit coverage globally.
• Generous paid parental leave globally.
• Competitive time off globally.
• Dedicated employee-focused ambassadors via Key Contributors & Culture Committees.
• DIVERSE Commitment, a call to action for a more inclusive and diverse future in business, society, and technology.
• The Keyfactor Alliance Program to support DEIB efforts.
• Wellbeing resources, wellness allowance, mindfulness app free membership, Wellness Wednesdays.
• Global Volunteer Day, company non-profit matching, and 3 volunteer days off.
• Monthly Talent development and Cross Functional meetings to support professional development.
• Regular All Hands meetings – followed by group gatherings.