CHIEF INFORMATION SECURITY OFFICER

At Constant Contact, we are seriously awesome people who take ownership and make an impact by operating with the mindset, integrity and courage of a small business owner. There’s something so profoundly rewarding about knowing that your work is empowering people everywhere to pursue their dreams. Here, we all play an integral part in helping business owners, entrepreneurs, non-profits and individuals to succeed by giving them all the help and tools they need to grow online. We’re energized by new challenges and new possibilities-and we’re just getting started!As a technical and hands-on Chief Information Security Officer (CISO) reporting to the CIO, you will be responsible for establishing and executing the strategic enterprise vision and proactive program to ensure all of Constant Contacts information assets, employees, customers, and technologies are adequately protected. What You'll Do:Strategy and Leadership:Develop and communicate the organization's cybersecurity strategy, vision, and goals to executive management, board members, and employeesProvide leadership and guidance to the information security team, fostering a culture of accountability, transparency, and proactive continuous improvement in cybersecurity practicesCollaborate on the overall business technology plan with Engineering, Product, Legal and Revenue, providing a current knowledge and future vision of security technology and systemsOversee a team of Security Professionals to execute on the security roadmapRisk Management:Identify, assess, prioritize, and manage cybersecurity risks to the organization's information assetsDevelop and maintain the organization's risk management framework, policies, procedures, and standardsSecurity Operations:Oversee the operation of the enterprise's security solutions, including the deployment, monitoring, and maintenance of infrastructure, intrusion detection/prevention systems, endpoint security solutions, etc.Lead Security incident response planning and execution to mitigate potential threats and minimize impactDevelop and achieve individual and team focused Security OKRsCompliance and Audit:Ensure the organization's compliance with relevant regulations, laws, and standards pertaining to information securityCollaborate with internal and external auditors to conduct regular security assessments, audits and successful recertification of SOC2Training and Awareness:Promote security awareness and coordinate security training programs for employees at all levels of the organization.Foster a culture of proactive cybersecurity awareness and accountability throughout the organizationVendor and Third-Party Risk Management:Evaluate, monitor, and manage risks associated with third-party vendors and service providersEnsure contracts include appropriate security requirements and conduct regular assessments of vendor security practicesBudget Management:Develop and manage the information security budget, ensuring optimal allocation of resources and investments in line with organizational prioritiesWho You Are:Proven experience (8+ years) in a senior-level information security management roleDegree in Computer Science, Information Technology, or a related field (advanced degree preferred)Professional Security certifications such as CISSP, CISM, or CISAExperience with certification of common information security management frameworks, such as SOC2, ISO/IEC 27001 and NISTStrong understanding of cybersecurity technologies, risk management frameworks, and global regulatory requirements (GDPR, CCPA, etc)Experience in a SAAS company Experience with cloud and hybrid security principles and practicesTrack record of successfully building and leading high-performing global cybersecurity teamsInnovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teamsExperience with contract and vendor negotiations and management, including managed services#LI_HK1 #LI-HybridThe specific salary offered to a candidate may be influenced by a variety of factors including the candidate’s experience, their education and work location. In addition, some roles may be eligible for additional on target commission pay or bonus. The compensation package includes health and welfare benefits including paid leave. Pay Transparency - All Full Time Employees$207,600—$259,500 USDWhy You’ll Love Us:We celebrate one another’s differences. We are proud of our culture of diversity and inclusion, and we're always working hard to strengthen and improve this culture. We have programs in place that bring us together on important issues and provide educational opportunities for all employees. Join the experts. If you're passionate about supporting businesses and organizations, you won’t find a better spot to share your talent. We’re dedicated to improving the quality of our product from a customer standpoint and have a true desire to enable the success of businesses, non-profit organizations, and community groups.You’ll have opportunities to grow your career. We encourage and support our team members to learn different aspects of the business, take on stretch assignments, seek coaching opportunities and professional development opportunities.A generous paid time off policy and a competitive benefits package that supports the health and well-being of you and your familyAt Constant Contact, we’re all about work flexibility and are proud to serve our customers as a hybrid workforce. Our hybrid work model combines the convenience of remote work with access to our great office locations to collaborate in-person, participate in live trainings, and socialize with colleagues.Application Deadline: 30 days. We may fill this job opening prior to the deadline if a candidate is selected by us.Constant Contact is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex, gender, gender identity, national origin, citizenship, age, disability, sexual orientation, genetic information, veteran status or any other status protected under applicable law. If you require accessibility assistance applying for open positions, please contact talentacquisition@constantcontact.com.The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)Notice to Recruiters and Staffing Agencies:Constant Contact has an internal talent acquisition department and designated career site for individuals looking to join our team. Constant Contact will not accept unsolicited resumes from any external recruiters, staffing firms, search agencies or any fee-based referrals. Any unsolicited resumes sent to directly to Constant Contact, in any capacity will be considered property of Constant Contact. Constant Contact will not pay a fee for any placement resulting from the receipt of an unsolicited resume.