Deputy CISO

Who we are looking for:

The Director of Security / Deputy CISO has operational oversight of our security operations, security architecture and engineering, product security, physical security, awareness, privacy, governance, risk, and compliance functions in addition to being our liaison for legal and other business units within LogRhythm. You will lead the development and maintenance of our information security architecture, infrastructure, and processes that align to our company and product needs. You will be responsible for developing and ensuring adherence to information security governance, risk management, and compliance with security best practices and our corporate and product certification requirements (SOC2, ISO27001, GDPR, Privacy Shield, HIPAA, PCI, FedRamp, CMMC, DISA APL, FIPS and Common Criteria, etc.). You will have operational responsibility in ensuring our company, our customers, our products, and our data are protected. This is a unique opportunity to lead security in a security company. This position will report directly into the LogRhythm Chief Security Officer.

Here’s an overview of the responsibilities & challenges ahead:

• Accountable to operationally lead the US based security team
• Partner with the Chief Security Officer to lead security strategy (including subsequent financial budgeting)
• Work with leaders across the other LogRhythm business units to ensure and continuously improve the security and privacy of our company
• Significant focus and oversight of our governance, risk, and compliance program to ensure we reduce risk and meet compliance and legal objectives; to include the review of legal contracts, security questionnaires, vendor management, and adherence to product certification and compliance requirements
• Ensure effectiveness and improve security monitoring, detection, and response functions
• Actively participate in security architecture with our IT/IS organization, Product Management, and Engineering
• Ensure the security program is in sync and operationally effective globally
• Create and champion a corporate security culture; an office of “yes and” to ensure we can execute the operations of the business at the lowest level of security risk.
• Monitor changes in legislation and accreditation to ensure LogRhythm’s continued compliance
• Responsible for reporting key, risk based, performance metrics that demonstrate effectiveness of our program and a return on investment for our executives and the board
• Manage and develop security practitioners within the security organization
• Build collaborative relationships with key business partners

Required Skills:

• Previous experience leading security teams and programs with at least 3-5 years in a security management function
• Strong experience in cloud, particularly in securing SaaS offerings would be preferred
• Strong background in governance, risk, privacy, and compliance; especially within a software or technology service provider
• Knowledge of federal and state information security policies, standards, principles, practices, and framework (e.g. FedRamp, CMMC, NIST)
• Knowledge of security best practices and frameworks such as ISO27001 and NIST
• Knowledge of security architecture and engineering
• Fundamental knowledge in cloud, SaaS, and software
• Fundamental knowledge of security operations and incident response
• Experienced in cross organizational collaboration and delivering key metrics and reporting to all levels, from practitioner to senior leaders and executives

Other Qualifications:

• At least 5-10 years in information security with 3+ years in a management function
• CISSP and/or other relevant security certifications are a plus

Workplace equality & inclusion are not just words or topics for LogRhythm, they are part of our core values, beliefs, and integral to our company culture. We hire the best of the best and do not discriminate based on race, gender, age, religion, sexual orientation, identity, or other personal factors. LogRhythm was built on the principals of innovation, dedication, creativity, and commitment. It is through these key areas we were able to grow as an equal and inclusive workplace, one where our employees feel respected and safe in.

Benefits:

LogRhythm offers the following benefits for this position, subject to applicable eligibility requirements:

·    Medical

·    Dental

·   401k plan

·  Flexible time off

·    Vision

·    HSA 

·    FSA 

·   EAP

·  Birthday Day off 

Salary:    

The annual starting salary for this position is between 215k-220k Annually depending on experience and other qualifications of the successful candidate.

Bring your Whole Self to Work!

Diversity, equity, and inclusion are at the core of who we are. At LogRhythm, we know that diverse perspectives spark innovation, improve creativity, and position our team for success. Creating a culture where all are welcomed, valued, and empowered to achieve their full potential is important to who we are today and in the future. We hire the best of the best and do not discriminate based on race, gender, age, religion, sexual orientation, identity, or other personal factors.

About us: 

• Gartner Leader in Security
• TB company
• Award-winning SIEM Platform