Job Information
TreviPay Chief Information Security Officer in Overland Park, Kansas
This job was posted by https://www.kansasworks.com : For more information, please see: https://www.kansasworks.com/jobs/13189047
At TreviPay, we believe loyalty begins at the payment. Thousands of sellers use our global B2B payments and invoicing network to provide choice and convenience to buyers, open new markets and automate accounts receivables. With integrations to top eCommerce and ERP solutions and flexible trade credit options, TreviPay brings 40 years of experience serving leaders in manufacturing, retail and transportation.
Every day, TreviPay employees are challenged and empowered in a supportive, collaborative, entrepreneurial environment.
We are looking for an experienced, hands-on information security practitioner to lead our cybersecurity team. You will have leadership responsibility for protecting our SaaS platform, infrastructure, and customer data while enabling business growth and innovation. This position requires a talented and driven individual who uniquely combines leadership skill, information security expertise, and is a true technologist who likes to roll up their sleeves and work with architects and engineers to help launch software solutions that are secure by design. This position reports to the Chief Product and Technology Officer (CPTO).
Responsibilities:
Strategic Leadership
oDevelop and execute a comprehensive information security strategy aligned with business objectives
oLead the evolution of our security program to address emerging threats and regulatory requirements
oBuild and maintain relationships with key stakeholders, including board members, executives, clients, engineering leaders, and regulatory bodies
oProvide regular security status updates and metrics to the board and executive team
Team Leadership
oContinue to evolve and grow TreviPays talented and driven information security team through training andcoaching. Attract high performing security professionals to join the team as needed.
oHelp foster a security-first culture throughout the organization
oManage security budget
Security Operations & Architecture
oLead offensive security and security operations to including, incident response, threat detection, vulnerability management, and forensics
oDirect the design, implementation, and maintenance of our security architecture
oEnsure the security of our cloud infrastructure and SaaS platform
oStay current with cybersecurity threats and mitigation best practices. Work with the executive team to make strategic decisions related to the companys security posture and investment
oWork closely with product management and engineering teams to build a deep understanding of the TreviPay product suite and technology infrastructure. Use this understanding to influence priorities and define information security requirements.
oLead evaluation, adoption, and use of security tools and technologies
oOwn the execution of annual PCI-DSS and ISO-27001 certifications to include vendor management and project management of the process.
oEnsure that data privacy requirements are understood and included in all solutions
Work with engineering leaders to define secure coding practices, standards and training
Compliance & Risk Management
oMaintain compliance with PCI DSS, ISO 27001, NIST, and other relevant standards
oOversee security risk assessments and implement risk mitigation strategies
oDevelop and maintain security policies, procedures, and standards
oEnsure compliance with financial services regulations and data protection laws
Requirements:
o10+ years of combined engineering and information security experience
o3+ years of leadership experience
oBachelors degree in Computer Science, Information Systems, or equivalent work experience.
oOne or more of the following certifications: Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM)
oA deep understanding of and experience with one or more of the following compliance frameworks: NIST, PCI-DSS, ISO 27001, SOC 2.
oAn empowering leadership style with a proven ability to build positive, energized teams
oExcellent judgement and critical thinking skills.