VP, Information & Product Security
Lausanne, United States
NexthinkDiscover what your employees need, see what they experience, know how they feel. Deliver IT that delights.
Nexthink is the global leader in digital employee experience management. Our products allow enterprises to create highly productive digital workplaces for their employees by delivering optimal end-user experiences. Through a unique combination of real-time analytics, automation and employee feedback, Nexthink gives IT teams the insight they need to empower and even delight people at work.
Headquartered in Switzerland with US headquarters in Boston, Nexthink also has offices in France, UK, Germany, Spain and UAE. Our growing team of Nexthinkers is proud to be making the digital work lives of over sixteen million employees across 1,000 customers more productive.
Nexthink is looking for a VP of Information and Product Security who is an expert in working with development teams to build secure SaaS products and is passionate about securing an enterprise’s information and data. The candidate will lead and grow a global team of about ten security and compliance experts and own all aspects of the security function for Nexthink.
We are looking for an individual who has strong cloud security technical fundamentals and has been involved in securing software development and deployment processes. Excellent communication skills and comfort in working with executive leadership and with customers are essential for the role.
The role will report to the CTO and work closely with Architecture, Development, SRE, Legal, Support, Product Management, and Sales leadership in leading the security function for Nexthink.
The VP of Information and Product Security’s responsibilities include but are not limited to:
- Drive Nexthink's security vision, continually update strategy to meet this vision and maintain a multi-year security roadmap.
- Consistently communicate and advocate for security best practices while reporting performance effectiveness to executive stakeholders.
- Lead the implementation of next-gen security solutions and ensure compliance with changing laws and regulations.
- Oversee the development of information security policies, standards, and procedures that are aligned with industry best practices.
- Evaluate and adapt security measures to mitigate emerging threats and vulnerabilities, with a focus on protecting software integrity and data security for customers.
- Lead and mentor a high-performing team, handling performance management, workload balancing, and succession planning.
- Provide hands-on technical leadership in the design, implementation, and enforcement of security measures.
- Conduct regular audits and assessments to identify areas for improvement
- Collaborate closely with Product, IT, Legal, and other departments to align security initiatives with company objectives
- Act as a main point of contact for security matters with external vendors and partners.
- Facilitate interdepartmental training and development programs focused on security best practices.
- Ensure compliance with Federal, FedRAMP, and DoD regulations
- Build and maintain relationships with government agencies and other stakeholders in the security compliance landscape.
- Develop and enforce cloud security policies, including incident response protocols.
- Manage operational and capital budgets for the cyber security department.
- Lead security briefings for executive stakeholders.
- Draft comprehensive yet accessible reports for both technical and non-technical audiences.
- Quick adaptability to a fast-pace security landscape, staying abreast of new technologies and approaches..
- Advanced degree in technology-related fields like Computer Science or Engineering is preferred.
- Minimum of 10 years in progressive leadership roles within information security, with a focus on corporate and product security in a SaaS environment
- Strong technical background, with experience in designing, implementing, and managing security solutions
- Decisive and well-informed decision-making, coupled with creative problem-solving abilities.
- Excellent people management skills, including performance monitoring, motivation, and fostering a positive work environment.
- Proven ability to understand and comply with security regulations, and work with key stakeholders to ensure compliance.
- Exhibited ability to secure cloud-based systems and applications, and respond to security incidents in the cloud.
- Ability to communicate security-related concepts to diverse audiences, technical, legal and executive , orally and in writing in an easily understood and actionable manner.
- Expert knowledge in compliance frameworks: ISO 27001, NIST, CSF, Fedramp and privacy related laws.
- Formal certifications such as CompTIA Security+, CISSP, CISM, CISA, and/or CEH are preferred.
- Excellent interpersonal and communication skills
- Knowledge of Agile software engineering best practices
Key personality traits
Honesty and Integrity: As an integral member of the company’s senior leadership team, the candidate must exemplify the highest standards of honesty, integrity and discretion.
Self-Confident and Results Orientated: An intelligent, decisive, self-confident and results-orientated individual who possesses a combination of mental flexibility, creativity, analytical ability and sound judgment.
Innovation/ Growth Oriented: Encouraging people to innovate, create and be open to change. Empowering people and having a bias for action and an urgency to move forward.
Fosters teamwork: Creating a work culture that values collaboration.
Total Rewards @ Nexthink
At Nexthink, we offer one of the most comprehensive and generous benefits plans. Your total rewards compensation package includes base salary and may also include a commission or performance bonus plan, as well as equity. We provide our US employees with 100% covered company benefits that consist of health, dental, vision, life insurance, long-term disability, and accidental death/personal loss coverage.
Base salary ranges are determined by country, role, level, experience, and skills. The range displayed on each job posting reflects Nexthink’s good faith determination of the minimum and maximum targets for new hire salaries across all US locations. Individual pay is determined by related factors, including job skills, experience, and relevant education or training, which may impact a final offer. Your Talent Acquisition Partner can share more about the specific salary range during the hiring process.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Analytics Audits Automation CEH CISA CISM CISSP Cloud Compliance CompTIA Computer Science DoD FedRAMP Incident response ISO 27001 Monitoring NIST Privacy Product security SaaS Strategy Vulnerabilities
More jobs like this
Home based - Americas, … Home based - Americas, EMEA Full TimeExecutive Executive-levelUSD 29K - 55K * USD 29K+ *
Security Operations Team ManagerAgile Cloud Computer Science Governance Incident response ISO 27001 +11
Career development Parental leave Salary bonus Team events Travel
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open SOC Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Cybersecurity Consultant jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Architect jobs
- Open o365 Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior SOC Analyst jobs
- Open Cyber Security Specialist jobs
- Open Firewalls-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open Splunk-related jobs