Information Security Governance and Planning Lead
Gainsight™ is a venture-backed, fast-growing tech company revolutionizing Customer Success for businesses. The Customer Success company helps businesses grow faster by reducing churn, increasing upsell, and driving customer advocacy. Gainsight provides a complete, end-to-end Customer Success solution through its services and technology. The industry-leading platform helps companies manage customer relationships effectively, track customer health, and transform the way organizations orient around the customer. Gainsight is the platform of choice for many leading companies like Box, Adobe, and Workday. The company has been recognized as one of the top 100 private cloud companies in the world by Forbes, one of the fastest-growing private companies in America by Inc. Magazine, and as one of 20 Great Workplaces in Tech by Fortune Magazine. Gainsight’s CEO, Nick Mehta, has been recognized as one of the Top SaaS CEOs in America. Gainsight India has also been certified as one of the Great Places to Work. The company has offices in California, Phoenix, St. Louis, London, Israel, and India.
About The Job Role
As our Information Security Governance and Planning Lead, you will lead key aspects of Gainsight’s strategic security program. You will report directly to our Associate Director over Governance, Risk, and Compliance.
What You'll Do
- Lead governance functions including strategic planning, budgeting, and controls monitoring.
- Prepare content for Security leadership to deliver to the Board of Directors, Governance Committee, and CEO.
- Map and assess controls as they relate to the NIST Cybersecurity Framework and other inputs.
- Formulate and deliver cybersecurity metrics covering all key departments.
- Assist with authoring Information Security policy, standards, and procedures.
- Assess and recommend to leadership how they should address policy exceptions.
- Represent Security as the sponsor of audits (SOC2, HIPAA, ISO 27001, and customer-initiated), and external assessments.
- Create topical, brief, periodic company-wide security education messages.
- Implement risk-driven project prioritization, budgeting, and management.
- Implement automation and dashboards for central risk and metrics management.
What We're Looking For
- 7-9 years of Information Security experience
- 2 years of experience with Governance, Risk, or Compliance
- Thorough and detail-oriented
- Excellent communication and interpersonal skills
- Self-starter eager to take on new challenges at a growing, industry-leading cloud-based company
- Security certification (e.g. CISSP, CISA, CCSP,, Security+)
- Experience responding to external audits like SOC2 and ISO 27001
- Experience in reporting to CISO or Security PMO office
Why You’ll Love It Here
- Our Attitude: We’ve created a new industry from scratch, and we’re on the fast track!
- Our Leadership: We offer the leading tech solution for driving Customer Success.
- Our ROI: Reduce customer churn, increase up-sell, and improve customer satisfaction.
- Our Technology: Deep Salesforce.com hooks, predictive analytics, and highly scalable product with a beautiful user interface.
- Our Impact: We help our customers make millions of dollars more per year.
- Our Clients: Big companies like Box, Adobe, Marketo, and many others.
- Our Team: Tech all-stars from Facebook, Box, and others (and top consulting firms like BCG and McKinsey!).
- Our Values: They are unique - Golden Rule, Success for All, Childlike Joy, Shoshin, and Stay Thirsty, My Friends.
- Our Office: If you showed up one day, you might find anything from karaoke performances to mini-golf championships.
Here are our 5 core values:
- Golden Rule: We believe in trusting each other, and our community by exercising reliability.
- Success for All: We believe that success for our stakeholders comes with making a difference in each other’s lives.
- Child-like Joy: We aspire to experience passion, optimism, and laughter in everything we do.
- Shoshin: We believe in a beginner’s mind, and that learning comes from everywhere.
- Stay Thirsty, My Friends: We believe in an internally-driven strive for greatness.
Individuals seeking employment at Gainsight are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.
Perks/benefits: Startup environment
Other jobs like this
Engineering Manager, Product Security EngineeringApplication security Banking CEH CISM CISSP Cloud Compliance +10
Flex hours Flex vacation Gear Health care Team events +1
Explore more Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Head of Information Security jobs
- Open SOC Analyst jobs
- Open Penetration Tester jobs
- Open Information System Security Officer (ISSO) jobs
- Open Information Security Officer jobs
- Open Sr. Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Senior Air Defense/BMD Subject Matter Expert jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Lead Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Security Consultant jobs
- Open Staff Application Security Engineer jobs
- Open Offensive Security Engineer jobs
- Open Security Researcher jobs
- Open Information Security Specialist jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Cloud Security Automation Specialist jobs
- Open Cloud Security Operations Lead jobs
- Open Vulnerability management-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open Kubernetes-related jobs
- Open Analytics-related jobs
- Open Firewalls-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Clearance-related jobs
- Open DevOps-related jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Governance-related jobs
- Open OWASP-related jobs
- Open Forensics-related jobs
- Open CISM-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs
- Open IDS-related jobs
- Open CISA-related jobs
- Open SOC 2-related jobs
- Open Encryption-related jobs