Head of Global Security, Risk and Compliance
Chicago
ActiveCampaign
Your solution for personalized email marketing, automation, and sales engagement. Automate across your entire marketing stack with 900+ integrations.What your day could consist of:
- Define and lead product security initiatives in close connection to the needs of partners, customers, the market and overall company objectives.
- Lead a team of security professionals, including hiring, training, and performance management.
- Lead incident response efforts operating as the incident commander, coordinating with relevant stakeholders to resolve security incidents while communicating effectively throughout.
- Lead the IT team.
- Manage Third Party (e.g., vendor) Risk Assessment Program with IT.
- Manage stakeholder (customer, partner) security questionnaires and assessment processes. Interface with customer management as necessary.
- Manage threat and vulnerability management.
- Ensure an effective SSDLC is in place for engineering.
- Implement security controls and processes to protect the company's data and systems from external threats.
- Own the SOC2 audit, and lead work to implement ISO27001 certification.
- Conduct risk assessments and implement appropriate controls to mitigate identified risks.
- Stay up to date with the latest security technologies and best practices.
- Develop and maintain security policies, standards, and procedures.
- Develop and lead comprehensive security training programs across the organization to ensure all employees understand and adhere to security best practices, fostering a culture of proactive risk awareness and protection.
- Guide security engineering on InfoSec/AppSec standards, auditing, and penetration testing.
- Manage analysis of fraud vulnerabilities, control weaknesses, and gaps to mitigate and remediate significant issues, trends, and loss events.
What is needed:
- Bachelor's degree in computer science, information technology, or a related field.
- 10+ years of experience in information security, with at least 5 years in a senior leadership role.
- Expert in security technologies and best practices.
- Experience with security risk assessment and management.
- Experience with incident response and forensics.
- Experience with security in the cloud (e.g., AWS) is required.
- CISSP, CISM, CISA or other relevant security certification is a plus.
- Excellent communication and leadership skills.
- Experience building Internal Audit functions for SOC 2, ISO 27001, and PCI-DSS.
- Excellent understanding of vulnerability management and associated tools and solutions.
- Machine Learning Models understanding is a plus.
- Seeking candidates in Chicago or Indianapolis.
- Prior penetration testing experience is a plus.
As a global multicultural company, we are proud of our inclusive culture which embraces diverse voices, backgrounds, and perspectives. We don’t just celebrate our differences, we believe our diversity is what empowers our innovation and success. You can find out more about our DEI initiatives here.
ActiveCampaign holds the highest customer satisfaction rating among Marketing Automation, E-Commerce Personalization, Landing Page Builders, and CRM solutions on G2.com and is one of only a handful of software solutions with over 10,000 positive reviews. ActiveCampaign has also been named the Top Rated Email Marketing Software on TrustRadius. Learn more and start your free trial at ActiveCampaign.com.
Perks and benefits:ActiveCampaign is an employee-first culture. We take care of our employees at work and outside of work. You can see more of the details here, but some of our most popular benefits include:
-Comprehensive health and wellness benefits that includes a High Deductible Health Plan (HDHP) fully covered by ActiveCampaign, complimentary access to telehealth and tele-mental health resources, and a complimentary membership to Calm-Open paid time off-Generous 401(k) matching program with immediate vesting-Quarterly Path Perks with options for commuter and lunch benefits (for those reporting to a Hub), or a remote home office stipend-Access to professional development resources through LinkedIn Learning-After five years of service, you’ll be eligible for a four-week paid sabbatical leave and a sabbatical leave bonus
ActiveCampaign is an equal opportunity employer. We recruit, hire, pay, grow and promote no matter of gender, race, color, sexual orientation, religion, age, protected veteran status, physical and mental abilities, or any other identities protected by law.
Our Employee Resource Groups (ERGs) strive to foster a diverse inclusive environment by supporting each other, building a strong sense of belonging, and creating opportunities for mentorship and professional growth for their members.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits Automation AWS CISA CISM CISSP Cloud Compliance Computer Science E-commerce Forensics Incident response ISO 27001 Machine Learning Pentesting Product security Risk assessment SaaS Security strategy SOC SOC 2 SSDLC Strategy Vulnerabilities Vulnerability management
Perks/benefits: Career development Health care Home office stipend Paid sabbatical Salary bonus Startup environment Team events Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.