Principal Business Information Security Officer
About The Position
In this role, you will lead and mature LastPass's modern, outcome-led risk advisory function. You will drive the evolution of our GRC operating model, embed insight-driven decision support across the organization, and scale our BISO-aligned advisory model. Partnering with cross-functional teams, you will deliver clear, just-in-time risk guidance that enables fast, responsible innovation. About the team: The GRC team strengthens LastPass's operational resilience and stakeholder trust by aligning security, compliance, and business objectives. We partner closely with cross-functional teams across the organization to enable fast, secure decision-making, while maintaining clear accountability and building predictable, scalable governance frameworks that support the company's continued innovation and long-term success. If you are passionate about complex problem solving and motivated by scale, then this is the role for you! Who will you work with? In this role, you will serve as the primary strategic partner to BizTech while also enabling advisory support across Product, Engineering, GTM, Legal, HR, and Security. You will work closely with teams across Hungary, Portugal, Canada, and the United States to embed risk insight into daily decision flows and strengthen alignment.
Requirements
- Proven experience in security, risk management, or GRC, with a strong record of delivering advisory support to technical and business teams
- Deep expertise in risk analysis, including quantification, frameworks, and risk-informed decision-making, with experience building or evolving risk programs
- Demonstrated ability to lead technical and executive-level discussions, facilitate risk governance committees, and drive stakeholder alignment
- Strong track record of building cross-functional partnerships, influencing decisions, and communicating complex risk topics in clear, actionable terms
- Experience providing just-in-time security or risk guidance in fast-paced product, engineering, or SaaS environments
- Strong facilitation, communication, and storytelling skills, with the ability to create concise, executive-ready summaries and risk narratives
- Ability to coach and mentor team members to strengthen advisory skills and ensure consistent application of risk processes
- Growth-oriented mindset, willing to challenge the status quo and introduce scalable, modern practices
Nice To Haves
- Certifications such as CISSP, CISM, CRISC, CISA, Security+, or related certifications in information security or audit
- Experience working with global teams
Responsibilities
- Lead the continued evolution of LastPass's risk management framework to ensure it remains repeatable, scalable, and consistently applied
- Design and scale the BISO-aligned advisory model, defining engagement patterns, communication flows, and partnership rhythms that embed GRC in business decisions
- Provide just-in-time risk advisory for product development, engineering changes, supplier decisions, architecture reviews, and other high-impact initiatives, ensuring risks and tradeoffs are clearly understood
- Build strong cross-functional partnerships, serving as a trusted advisor who translates complex technical and business risks into actionable, business-aligned recommendations
- Coach GRC Analysts to adopt advisory behaviors, apply the risk framework consistently, and deliver high-quality just-in-time support across their aligned business areas
- Partner with Governance and GRC Engineering to integrate risk insights with standards, continuous control monitoring signals, and assurance workflows
- Lead technical and executive-level risk discussions through Risk Governance Committees, driving clarity, alignment to risk appetites, and accountable decisions
- Produce clear, executive-ready risk narratives, reports, and dashboards that support leadership understanding, prioritization, and decision-making
Benefits
- Competitive compensation
- Flexible Paid Time Off policies, including but not limited to: Quarterly Self-Care Days (4 extra paid days off annually) and Volunteer Days
- Parental leave
- Comprehensive health coverage, including dependents
- Home office setup support
- LastPass Families free account for up to 5 members
- Continuous learning and development opportunities, including an annual learning stipend to invest in your growth
- Peer-to-peer recognition through Motivosity
- Employee Assistance Program for well-being support
- Remote work stipend to support your home office needs
- Short-Term or Remote-Centric Work Arrangements for added flexibility
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Principal
Education Level
No Education Listed
