Chief Information Security Officer

ButterflyMX

46d•Remote

About The Position

As our CISO, you’ll lead and scale a small, talented security team into a world-class organization that protects our customers, employees, and partners across cloud, IoT, and enterprise systems. You’ll be responsible for shaping our security strategy, implementing practical controls that balance risk and innovation, and ensuring that security enables our growth without slowing us down. You’ll partner closely with Engineering, Product, and Infrastructure leaders to ensure our platforms and connected devices are secure by design. You’ll partner closely with our People team to ensure that our business systems and processes are meeting high security standards. You’ll partner closely with Sales and Support leaders to build confidence in our security posture with our customers. You’ll report to the CTO and engage regularly with the executive team to ensure our strategy aligns with the company’s goals, risk appetite, and compliance obligations. This is both a strategic and hands-on role. You’ll set direction, manage budgets, lead audits and certifications, but also dive into architecture reviews, incident response, and vendor risk assessments when needed. We’re looking for someone who can move fluidly between the boardroom and the command line. Most importantly, to be successful in this role you’ll need to be passionate about building strong, productive relationships across the organization, and about helping people to understand the real world impact of security-related work: the ‘why’ behind the ‘what’. You’re a security leader who’s earned your credibility through both technical depth and sound judgment. You thrive in an environment where security must scale without slowing innovation, and you know how to rally people around doing the right thing for the business.

Requirements

10+ years of progressive experience in information security, including 3+ in a leadership role at a SaaS or technology company.
Experience securing cloud-native systems (AWS/GCP) and managing organizational security at a remote-first company.
Deep understanding of security frameworks and standards (e.g., NIST CSF, CIS, ISO 27001, SOC 2, OWASP).
Strong background in incident response, threat modeling, and risk management.
Proven ability to partner with product and engineering teams to design secure, scalable architectures.
Experience building and mentoring high-performing security teams.
Excellent communication skills enabling you to distill complex security topics for executives, engineers, and customers alike.
A balanced, business-first mindset: you make practical, risk-informed decisions rather than striving for theoretical perfection.

Nice To Haves

Certifications such as CISSP, CISM, or CRISC (preferred but not required).

Responsibilities

Own and evolve the company’s security and privacy strategy
Scale and mentor the Security team, developing great security team members as the company grows.
Build and mature the company’s security framework, balancing pragmatism and rigor across system security, application security, infrastructure security, and device security.
Lead security operations and incident response, ensuring the company can rapidly detect, respond to, and recover from threats.
Oversee compliance programs (e.g., SOC 2, GDPR, CPRA) and maintain a continuous improvement mindset beyond checkbox compliance.
Partner with Engineering and Product to embed security into the SDLC, CI/CD pipelines, and IoT device lifecycle.
Establish and maintain relationships with key stakeholders, such as executive leadership, providing actionable metrics and insights into security posture, risk trends, and emerging threats.
Oversee vendor risk management and ensure robust controls across third-party services and integrations.
Conduct regular security awareness training and education programs for employees.
Evaluate and select security technologies and tools to enhance the organization's security posture.
Build a strong security culture, from awareness and education to clear policies and positive engagement across all teams.
Optimize the security budget and make pragmatic tradeoffs that balance protection, velocity, and business impact.

Benefits

Comprehensive Medical (ButterflyMX covers 90% of the cost), Dental, and Vision plans (ButterflyMX covers 100% of the cost) starting day 1
401(k) plan with a match
13 paid holidays and 25 days PTO
Paid Family Leave
Employee Assistance Program
Quarterly self-care stipends
HealthAdvocacy Program
Access to optional benefits including pre-tax flexible healthcare spending accounts (FSA and HSA), Dependent Care FSA, and Commuter Benefits, as well as optional Supplemental Life, AD&D, Hospital Indemnity, Disability, Legal, Accident, Critical Illness, Pet, and Personal Liability Insurance
Collaborative, dynamic work environment filled with kind, smart people, who are working hard on an industry-defining product

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume