Chief Information Security Officer

At Constant Contact, we are seriously awesome people who take ownership and make an impact by operating with the mindset, integrity and courage of a small business owner.

Theres something so profoundly rewarding about knowing that your work is empowering people everywhere to pursue their dreams .

Here, we all play an integral part in helping business owners, entrepreneurs, non-profits and individuals to succeed by giving them all the help and tools they need to grow online.

Were energized by new challenges and new possibilities-and were just getting started!

As a technical and hands-on Chief Information Security Officer (CISO) reporting to the CIO, you will be responsible for establishing and executing the strategic enterprise vision and proactive program to ensure all of Constant Contacts information assets, employees, customers, and technologies are adequately protected.

What You'll Do :

• Strategy and Leadership :
• Develop and communicate the organization's cybersecurity strategy, vision, and goals to executive management, board members, and employees
• Provide leadership and guidance to the information security team, fostering a culture of accountability, transparency, and proactive continuous improvement in cybersecurity practices
• Collaborate on the overall business technology plan with Engineering, Product, Legal and Revenue, providing a current knowledge and future vision of security technology and systems
• Oversee a team of Security Professionals to execute on the security roadmap
• Risk Management :
• Identify, assess, prioritize, and manage cybersecurity risks to the organization's information assets
• Develop and maintain the organization's risk management framework, policies, procedures, and standards
• Security Operations :
• Oversee the operation of the enterprise's security solutions, including the deployment, monitoring, and maintenance of infrastructure, intrusion detection / prevention systems, endpoint security solutions, etc.
• Lead Security incident response planning and execution to mitigate potential threats and minimize impact
• Develop and achieve individual and team focused Security OKRs
• Compliance and Audit :
• Ensure the organization's compliance with relevant regulations, laws, and standards pertaining to information security
• Collaborate with internal and external auditors to conduct regular security assessments, audits and successful recertification of SOC2
• Training and Awareness :
• Promote security awareness and coordinate security training programs for employees at all levels of the organization.
• Foster a culture of proactive cybersecurity awareness and accountability throughout the organization
• Vendor and Third-Party Risk Management :
• Evaluate, monitor, and manage risks associated with third-party vendors and service providers
• Ensure contracts include appropriate security requirements and conduct regular assessments of vendor security practices
• Budget Management :
• Develop and manage the information security budget, ensuring optimal allocation of resources and investments in line with organizational priorities

Who You Are :

• Proven experience (8+ years) in a senior-level information security management role
• Degree in Computer Science, Information Technology, or a related field (advanced degree preferred)
• Professional Security certifications such as CISSP, CISM, or CISA
• Experience with certification of common information security management frameworks, such as SOC2, ISO / IEC 27001 and NIST
• Strong understanding of cybersecurity technologies, risk management frameworks, and global regulatory requirements (GDPR, CCPA, etc)
• Experience in a SAAS company
• Experience with cloud and hybrid security principles and practices
• Track record of successfully building and leading high-performing global cybersecurity teams
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
• Experience with contract and vendor negotiations and management, including managed services

LI HK1 #LI-Hybrid

The specific salary offered to a candidate may be influenced by a variety of factors including the candidates experience, their education and work location.

In addition, some roles may be eligible for additional on target commission pay or bonus. The compensation package includes health and welfare benefits including paid leave.

Pay Transparency - All Full Time Employees

$207,600 $259,500 USD

Why Youll Love Us :

We celebrate one anothers differences. We are proud of our culture of diversity and inclusion, and we're always working hard to strengthen and improve this culture.

We have programs in place that bring us together on important issues and provide educational opportunities for all employees.

Join the experts. If you're passionate about supporting businesses and organizations, you wont find a better spot to share your talent.

Were dedicated to improving the quality of our product from a customer standpoint and have a true desire to enable the success of businesses, non-profit organizations, and community groups.

• Youll have opportunities to grow your career. We encourage and support our team members to learn different aspects of the business, take on stretch assignments, seek coaching opportunities and professional development opportunities.
• A generous paid time off policy and a competitive benefits package that supports the health and well-being of you and your family

At Constant Contact, were all about work flexibility and are proud to serve our customers as a hybrid workforce. Our hybrid work model combines the convenience of remote work with access to our great office locations to collaborate in-person, participate in live trainings, and socialize with colleagues.

Application Deadline : 30 days. We may fill this job opening prior to the deadline if a candidate is selected by us.

Constant Contact is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex, gender, gender identity, national origin, citizenship, age, disability, sexual orientation, genetic information, veteran status or any other status protected under applicable law.

If you require accessibility assistance applying for open positions, please contact talentacquisition@ .

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.

However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractors legal duty to furnish information. 41 CFR 60-1.35(c)

Notice to Recruiters and Staffing Agencies :

Constant Contact has an internal talent acquisition department and designated career site for individuals looking to join our team.

Constant Contact will not accept unsolicited resumes from any external recruiters, staffing firms, search agencies or any fee-based referrals.

Any unsolicited resumes sent to directly to Constant Contact, in any capacity will be considered property of Constant Contact.

Constant Contact will not pay a fee for any placement resulting from the receipt of an unsolicited resume.