Vice President, Information Security
Boulder, Colorado, United States; Denver, Colorado, United States; United States
Full Time Executive-level / Director USD 199K - 249K
We are looking for a VP, Information Security (CISO) to drive our company forward, and help us lead the clean energy revolution!
How you will make an impact:
- Define a cyber security strategy and capability roadmap that keeps pace with cyber threats and Uplight’s growth plans
- Develop, implement, and monitor a strategic, comprehensive enterprise risk management program
- Create a cyber risk strategy that identifies and defines risk tolerance levels and prioritizes mitigation strategies and activities
- Identify key metrics to measure enterprise-wide security effectiveness and support program governance
- Manage potential security incidents, communicating any suspected or confirmed incidents with business leaders, and performing in depth investigations as required
- Assist the sales function as necessary to educate potential and current customers on Uplight’s security posture
- Assist sales and legal with customer contractual negotiations in relation to security requirements, including any customer security requests
- Implement and oversee procedures and controls to assure compliance with applicable regulatory, legal, and contractual requirements
- Own SOC 2 and other external audit programs and manage technical internal audit processes
- Manage the 3rd party/vendor risk management process
- Facilitate the resilience program to ensure appropriate incident response, business continuity, and disaster recovery programs are in place
- Collaborate with Legal on the privacy program and manage privacy operations
- Work within and across teams on cross functional projects
- 10+ years of business experience in a combination of IT security, risk management, or Information Security with 7+ years in a leadership role
- Demonstrated executive level business and technical acumen
- Ability to develop and clearly articulate a compelling security strategy to key management stakeholders
- Pragmatic mindset, ability to handle difficult problems with partial data and under high pressure
- Strong knowledge of current and emerging cyber security risks and innovative risk management methods and solutions
- Strong understanding of security concepts and technologies
- Experience applying security frameworks such as ISO 2700x, NIST CSF, or NIST 800-53 including compliance and audit strategies for cloud environments (IaaS, SaaS, etc)
- Subject matter expertise in developing and executing company-wide program, policies, procedure, and controls
- Expertise in domains such as application development, application security, security operations, cybersecurity monitoring, vulnerability management, incident management/response, identity and access management, and cloud infrastructure (AWS/GCP/Azure)
- Excellent verbal and written skills and be comfortable presenting ideas and issues to different levels within and outside of the organization, including directly with Uplight’s Board and/or Audit Committee
- Your own unique skills! If you don’t meet 100% of the qualifications above, tell us why you’d be a great fit for this role in your cover letter.
- Subject matter expertise in developing and executing company-wide program, policies, procedure, and controls
- Completion of prior successful external audits, such as SOC 2
- Prior experience automating compliance controls
- Certification showing expertise in security management, audit, or risk management (e.g. CISSP, CISA, CISM, CRISC)
Don’t meet every single requirement? Studies have shown that women, marginalized genders and people of color are less likely to apply to jobs unless they meet every single qualification. At Uplight we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.Why Join Uplight in Leading the Fight Against Climate Change?At Uplight, we're not just offering a job – we're offering a chance to be part of the solution to one of the world's biggest challenges. As a certified B Corporation, we're deeply committed to both social and environmental responsibility. Here's why you should join our team of passionate Uplighters:
- Make a Meaningful Impact: Your work directly impacts our mission of decarbonization and building a more sustainable future.
- Grow Your Career: We offer ample advancement opportunities, robust learning and development programs, and a supportive team environment that fosters collaboration and innovation.
- Thrive: We offer comprehensive benefits, including flexible time off, generous parental leave, a wellness stipend, and work flexibility to help you thrive both personally and professionally.
- Belong to an Inclusive Community: We celebrate diversity and foster an inclusive workplace where everyone feels respected, empowered, and heard. Our Employee Resource Groups offer opportunities to connect with colleagues who share your interests and backgrounds.
- Be Part of a Growing Movement: Join a team of dedicated individuals who are passionate about creating a more sustainable future. We offer a collaborative environment where your ideas are valued and your contributions recognized. Together, we can build a brighter tomorrow.
Tags: Application security Audits AWS Azure CISA CISM CISO CISSP Cloud Compliance CRISC GCP Governance IaaS IAM Incident response Monitoring NIST NIST 800-53 Privacy Risk management SaaS Security strategy SOC SOC 2 Strategy Vulnerability management
Perks/benefits: Career development Equity / stock options Flex vacation Parental leave Salary bonus Startup environment Team events Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.