Chief Information Security Officer

At TreviPay, we believe loyalty begins at the payment. Thousands of sellers use our global B2B payments and invoicing network to provide choice and convenience to buyers, open new markets and automate accounts receivables. With integrations to top eCommerce and ERP solutions and flexible trade credit options, TreviPay brings 40 years of experience serving leaders in manufacturing, retail and transportation.   Every day, TreviPay employees are challenged and empowered in a supportive, collaborative, entrepreneurial environment. 
We are looking for an experienced, hands-on information security practitioner to lead our cybersecurity team. You will have leadership responsibility for protecting our SaaS platform, infrastructure, and customer data while enabling business growth and innovation. This position requires a talented and driven individual who uniquely combines leadership skill, information security expertise, and is a true technologist who likes to roll up their sleeves and work with architects and engineers to help launch software solutions that are secure by design. This position reports to the Chief Product and Technology Officer (CPTO).  Responsibilities:Strategic Leadershipo   Develop and execute a comprehensive information security strategy aligned with business objectiveso   Lead the evolution of our security program to address emerging threats and regulatory requirementso   Build and maintain relationships with key stakeholders, including board members, executives, clients, engineering leaders, and regulatory bodieso   Provide regular security status updates and metrics to the board and executive team Team Leadershipo   Continue to evolve and grow TreviPay’s talented and driven information security team through training andcoaching. Attract high performing security professionals to join the team as needed.o   Help foster a security-first culture throughout the organizationo   Manage security budget Security Operations & Architectureo   Lead offensive security and security operations to including, incident response, threat detection, vulnerability management, and forensicso   Direct the design, implementation, and maintenance of our security architectureo   Ensure the security of our cloud infrastructure and SaaS platformo   Stay current with cybersecurity threats and mitigation best practices. Work with the executive team to make strategic decisions related to the company’s security posture and investmento   Work closely with product management and engineering teams to build a deep understanding of the TreviPay product suite and technology infrastructure. Use this understanding to influence priorities and define information security requirements. o   Lead evaluation, adoption, and use of security tools and technologieso   Own the execution of annual PCI-DSS and ISO-27001 certifications to include vendor management and project management of the process. o   Ensure that data privacy requirements are understood and included in all solutionsWork with engineering leaders to define secure coding practices, standards and training Compliance & Risk Managemento   Maintain compliance with PCI DSS, ISO 27001, NIST, and other relevant standardso   Oversee security risk assessments and implement risk mitigation strategieso   Develop and maintain security policies, procedures, and standardso   Ensure compliance with financial services regulations and data protection laws Requirements:o   10+ years of combined engineering and information security experienceo   3+ years of leadership experienceo   Bachelor’s degree in Computer Science, Information Systems, or equivalent work experience.o   One or more of the following certifications: Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM)o   A deep understanding of and experience with one or more of the following compliance frameworks: NIST, PCI-DSS, ISO 27001, SOC 2. o   An empowering leadership style with a proven ability to build positive, energized teams o   Excellent judgement and critical thinking skills. Able to weigh multiple and often conflicting constraints and make rapid, logical decisions in a fast-moving company with complex financial productso   Direct experience with threat hunting, penetration testing, and red teamingo   Executive-level verbal and written communications skills that can synthesize technical issues into concise pointsWhy you will love working at TreviPay·       Competitive salary·       Paid parental leave·       Generous paid time off·       Medical, dental, vision, FSA, Life/AD&D, long and short term disability·       401K matching·       Employee referral program At TreviPay we believe:·       in saying yes to unique and challenging requirements·       empowered team members are creative team members·       our products make the customer’s day just a little bit better·       work/life balance makes us all more effective TreviPay is an Equal Opportunity and Affirmative Action Employer.  We welcome all veterans and disabled applicants. Individuals with disabilities will be provided reasonable accommodation to participate in the job application and/or interview process. Please contact Recruiting@trevipay.com to request an accommodation.