Chief Information Security Officer

FortiveAustin, TX
Remote

About The Position

The Chief Information Security Officer (CISO) owns enterprise security strategy, risk management, and compliance for the FAL Group of companies under Fortive (Accruent, Gordian, and ServiceChannel) all of which are SaaS / data platform companies in the Facilities and Asset Lifecycle space. This is a senior management role reporting directly to Chief Digital and Services Officer at Accruent, with regular visibility and dotted line reporting accountability to the executive teams at all three operating companies as well as security and IT leadership at Fortive. The CISO is accountable for protecting customer data, enabling enterprise sales through compliance readiness, and building a security program that scales with the company’s growth trajectory through operating company specific security strategy and program management aligned with Fortive’s baseline posture and policy, but extended to meet the needs of each individual operating company. This role sits at the intersection of technical security leadership and business strategy. The successful candidate will be equally comfortable running an incident response, presenting risk posture to the executive teams, and walking an enterprise prospect’s security team through the company’s controls during the sales cycle. The successful candidate will also be a seasoned communicator across, upstream to the executive teams and downstream to the business with a clear track record of calibrating communication (written, verbal, and in-person) appropriately to ensure success of the overall security program.

Requirements

  • 10+ years in information security, with 5+ years in a senior leadership role (CISO, VP Security, Director of Security or equivalent) at a SaaS or data-intensive company.
  • Demonstrated ownership of SOC 2 and/or ISO 27001 programs, including direct experience managing audit cycles to successful certification.
  • Experience managing executive stakeholders at multiple lines of business at the same time, and nuanced understanding of conglomerate/operating company model.
  • Experience presenting to boards, executive teams — able to translate technical risk into business terms.
  • Strong working knowledge of cloud security (AWS, GCP, and Azure), modern application security practices, and data protection regulations relevant to the company’s markets.
  • Track record of building or scaling a security function, including hiring and developing a team.
  • Experience supporting enterprise sales cycles through customer security reviews and questionnaires.
  • Track record of driving security culture, awareness, trust, and delivering on promises on time with quality across executive teams, and at an employee level.

Nice To Haves

  • Prior experience leading security at an operating company in a conglomerate/operating company model.
  • Strong track record of maintaining best in class team engagement, retention, growth and development of team and in driving enterprise-wide trust around security.
  • Relevant certifications: CISSP, CISM, or equivalent.
  • Experience with CMMC, FedRAMP, HIPAA, GDPR, or other regulatory frameworks.

Responsibilities

  • Own and continuously evolve the company’s information security strategy, aligned to business objectives.
  • Take existing security in excellence practices, communities, executive constructs, and awareness/culture programs and continue to grow them and integrate them as part of the larger security strategy.
  • Lead and develop a high-performing security organization spanning security operations, vulnerability and threat management, security engineering, governance/risk/compliance (GRC), application security, AI security, and all associated cyber or cyber adjacent incident response.
  • Set and manage the security budget, including build-vs-buy decisions on tooling and managed services. Ensure the team is budgeted appropriately to meet, interact, grow, develop, and build connections in security across the operating companies, Fortive, and the local security communities they serve.
  • Establish security architecture standards across cloud infrastructure, AI, application development, and data platforms.
  • Be the consistent voice for security across the three businesses translating asks from Fortive (parent company), calibrating messaging from Fortive to the three executive teams, owning messaging from the operating company back to Fortive, and insulating the operating companies from business impact wherever possible.
  • Maintain clear visibility of security posture and strategic programs to the three executive teams, owning cyber considerations for enterprise risk management initiatives, and self-attesting risk assessment initiatives.
  • Chair and lead the Information Security Council (ISC) at each operating company, raising security awareness, calibrating updates, and driving resolution of critical cyber risk through executive collaboration and partnership.
  • Own the company’s compliance posture across SOC 2 Type II, ISO 27001, Cyber Essentials Plus, CMMC, ISO 42001, and applicable frameworks (HIPAA, GDPR, CCPA, SOX as relevant to the customer base and internal requirements).
  • Lead audit cycles end-to-end — evidence collection, auditor relationships, remediation tracking, and timely certification renewal, while streamlining these operations to minimize business impact.
  • Maintain a current risk register and ensure control gaps are tracked to closure with assigned owners and deadlines and appropriately lead executive risk management escalations with the information security councils at each operating company.
  • Serve as the executive owner of the security review process for enterprise sales — including security questionnaires, customer audits, and contractual security terms.
  • Partner with Sales and Legal to reduce security-related sales cycle friction, treating security posture as a competitive differentiator rather than a cost center.
  • Represent the company in customer-facing security discussions, including Executive Briefing Center engagements with strategic prospects.
  • Own the enterprise risk management program, including third-party / vendor risk assessment for the company’s supply chain and subprocessors.
  • Build and maintain the incident response plan; lead the response to any security incident, including coordination with Legal, Communications, and executive leadership.
  • Conduct regular tabletop exercises and ensure the organization is prepared for both technical and reputational dimensions of a security event.
  • Lead regular response tests, tabletops, and resiliency exercises with key business areas and the executive teams at all three operating companies.
  • Present security posture, risk trends, and program maturity to the Fortive security team and Fortive CISO on a monthly basis.
  • Serve as a key stakeholder in technical and security diligence processes, including those associated with financing events or M&A.
  • Advise the executive team on emerging threats, regulatory changes, and their business implications.

Benefits

  • Grow Without Limits personal development program
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service