Vice President, Information Security

Boulder, Colorado, United States; Denver, Colorado, United States; United States

Apply now Apply later

Uplight is creating a new category of energy. We make software that manages energy resources in homes and businesses—including things like smart thermostats, electric vehicles, solar panels, storage batteries, heat pumps, and even people’s behavior—to generate, shift, or save energy to balance the grid, making it more efficient and reliable. This creates clean energy capacity that can be used by the power grid instead of burning more fossil fuels. Our solutions accelerate the transition to clean energy and save money for energy customers.
We are looking for a VP, Information Security (CISO) to drive our company forward, and help us lead the clean energy revolution!
How you will make an impact: 
  • Define a cyber security strategy and capability roadmap that keeps pace with cyber threats and Uplight’s growth plans
  • Develop, implement, and monitor a strategic, comprehensive enterprise risk management program
  • Create a cyber risk strategy that identifies and defines risk tolerance levels and prioritizes mitigation strategies and activities
  • Identify key metrics to measure enterprise-wide security effectiveness and support program governance
  • Manage potential security incidents, communicating any suspected or confirmed incidents with business leaders, and performing in depth investigations as required
  • Assist the sales function as necessary to educate potential and current customers on Uplight’s security posture
  • Assist sales and legal with customer contractual negotiations in relation to security requirements, including any customer security requests
  • Implement and oversee procedures and controls to assure compliance with applicable regulatory, legal, and contractual requirements
  • Own SOC 2 and other external audit programs and manage technical internal audit processes
  • Manage the 3rd party/vendor risk management process
  • Facilitate the resilience program to ensure appropriate incident response, business continuity, and disaster recovery programs are in place
  • Collaborate with Legal on the privacy program and manage privacy operations
  • Work within and across teams on cross functional projects
What you bring to Uplight:
  • 10+ years of business experience in a combination of IT security, risk management, or Information Security with 7+ years in a leadership role
  • Demonstrated executive level business and technical acumen
  • Ability to develop and clearly articulate a compelling security strategy to key management stakeholders
  • Pragmatic mindset, ability to handle difficult problems with partial data and under high pressure
  • Strong knowledge of current and emerging cyber security risks and innovative risk management methods and solutions
  • Strong understanding of security concepts and technologies
  • Experience applying security frameworks such as ISO 2700x, NIST CSF, or NIST 800-53 including compliance and audit strategies for cloud environments (IaaS, SaaS, etc)
  • Subject matter expertise in developing and executing company-wide program, policies, procedure, and controls
  • Expertise in domains such as application development, application security, security operations, cybersecurity monitoring, vulnerability management, incident management/response, identity and access management, and cloud infrastructure (AWS/GCP/Azure)
  • Excellent verbal and written skills and be comfortable presenting ideas and issues to different levels within and outside of the organization, including directly with Uplight’s Board and/or Audit Committee
  • Your own unique skills! If you don’t meet 100% of the qualifications above, tell us why you’d be a great fit for this role in your cover letter.
  • Subject matter expertise in developing and executing company-wide program, policies, procedure, and controls
Bonus points:
  • Completion of prior successful external audits, such as SOC 2
  • Prior experience automating compliance controls
  • Certification showing expertise in security management, audit, or risk management (e.g. CISSP, CISA, CISM, CRISC)

Don’t meet every single requirement? Studies have shown that women, marginalized genders and people of color are less likely to apply to jobs unless they meet every single qualification. At Uplight we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.Why Join Uplight in Leading the Fight Against Climate Change?At Uplight, we're not just offering a job – we're offering a chance to be part of the solution to one of the world's biggest challenges. As a certified B Corporation, we're deeply committed to both social and environmental responsibility. Here's why you should join our team of passionate Uplighters:
  • Make a Meaningful Impact: Your work directly impacts our mission of decarbonization and building a more sustainable future.
  • Grow Your Career: We offer ample advancement opportunities, robust learning and development programs, and a supportive team environment that fosters collaboration and innovation.
  • Thrive:  We offer comprehensive benefits, including flexible time off, generous parental leave, a wellness stipend, and work flexibility to help you thrive both personally and professionally.
  • Belong to an Inclusive Community: We celebrate diversity and foster an inclusive workplace where everyone feels respected, empowered, and heard. Our Employee Resource Groups offer opportunities to connect with colleagues who share your interests and backgrounds.
  • Be Part of a Growing Movement: Join a team of dedicated individuals who are passionate about creating a more sustainable future. We offer a collaborative environment where your ideas are valued and your contributions recognized. Together, we can build a brighter tomorrow.
To learn more about our comprehensive benefits package and other perks, visit uplight.com/careers Salary Range: $199,916 to $249,890 USD + Bonus Application Deadline: January 4, 2025In accordance with the Colorado Equal Pay for Equal Work Act, the approximate annual base compensation range is listed above. The actual offer, reflecting the total compensation package and benefits, will be determined by a number of factors including the applicant's experience, knowledge, skills, and abilities, as well as internal equity among our team. Uplight provides equal employment opportunities to all employees and applicants and prohibits discrimination and harassment of any type without regard to race (including hair texture and hairstyles), color, religion (including head coverings), age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
Apply now Apply later
Job stats:  0  0  0
Category: Leadership Jobs

Tags: Application security Audits AWS Azure CISA CISM CISO CISSP Cloud Compliance CRISC GCP Governance IaaS IAM Incident response Monitoring NIST NIST 800-53 Privacy Risk management SaaS Security strategy SOC SOC 2 Strategy Vulnerability management

Perks/benefits: Career development Equity / stock options Flex vacation Parental leave Salary bonus Startup environment Team events Wellness

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.