CISO (Chief Information Security Officer)

A scaling SaaS company is hiring a CISO to lead and evolve its global information security function. This role sits at the crossroads of innovation, security, and scale. Reporting directly to executive leadership, the successful candidate will partner with teams across the business to ensure security is foundational to every product, process, and system as the company continues to grow.

Key Responsibilities:

• Define, implement, and continually enhance a global security strategy covering infrastructure, applications, and data ecosystems.

• Direct the organization’s compliance roadmap, including SOC 2, ISO 27001, GDPR, CCPA, and other international data regulations.

• Lead third-party risk assessments and manage the security review process for external vendors.

• Cultivate a culture where security is seen as a shared responsibility across the company.

• Build and scale security, privacy, and risk governance functions (GRC) in alignment with company growth.

• Collaborate with Product, Engineering, Legal, People, and executive teams to embed secure practices into all areas of the business.

• Stay ahead of emerging security threats, regulatory changes, and evolving risk factors.

• Take ownership of customer security inquiries, external-facing security communications, and industry representation.

• Oversee internal IT security operations, ensuring resilient and scalable systems.

• Advise on vendor selection and procurement with a focus on compliance and security readiness.

• Partner closely with Legal and Compliance to advance the global privacy program.

• Design and maintain a robust incident response framework and lead post-incident resolution activities.
  

What You’ll Bring:

• A minimum of 10 years of progressive experience in cybersecurity, with at least 5 years in a senior leadership role.

• Demonstrated success in building security teams and programs in high-growth SaaS or financial technology environments.

• Expertise in global compliance and privacy standards and how to operationalize them across diverse jurisdictions.

• Hands-on experience securing cloud-native environments (AWS, Azure, GCP) and driving DevSecOps adoption.

• Exceptional communication skills with the ability to translate complex issues for both technical and non-technical audiences.

• Familiarity with vendor due diligence, contract negotiation support, and third-party security frameworks.

• Proven ability to build, mentor, and retain high-performing security teams.

• Relevant industry certifications such as CISSP, CISM, CIPP, or ISO 27001 Lead Auditor.

• Passion for global data protection and responsible data usage.

• History of presenting security programs to executive leadership or boards of directors.
  

About HighlightTA

This opportunity is presented by HighlightTA, your on-demand talent team. We make hiring easy with flexible, on-demand talent solutions. We partner with startups and scale-ups to embed talent partners, lead recruitment projects, and manage full talent functions. Our data-driven approach ensures fast hiring and access to top-tier talent, while flexible terms help you save time and reduce costs. Follow us on LinkedIn to learn more.