Role Overview for CISO with a Public Software Company – San Jose, CA
JRG Partners is proud to partner with a globally recognized, publicly-traded software company headquartered in the heart of Silicon Valley, San Jose, CA. As a leader in innovative enterprise solutions, our client is committed to delivering cutting-edge technology that empowers businesses worldwide. In an era where digital trust is paramount, they are seeking a visionary and strategic Chief Information Security Officer (CISO) to lead their global cybersecurity program.
This is a pivotal executive leadership role, responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected. The CISO is not just a technical leader but a crucial business partner who will shape the company’s security posture, protect customer data, safeguard intellectual property, and ensure regulatory compliance on a global scale. You will be responsible for identifying, evaluating, and reporting on legal and regulatory, IT, and cybersecurity risk to information assets, while supporting and advancing business objectives.
This position requires a leader who can operate at the highest levels of the organization, reporting directly to the Chief Technology Officer (CTO) and regularly interfacing with the CEO, the Board of Directors, and other C-level executives. The ideal candidate is a seasoned security professional with a proven track record of building and maturing security programs within a complex, fast-paced, and publicly-traded technology environment. You will be tasked with balancing the need for robust security with the demands of a fast-moving software development lifecycle and business innovation.
You will lead a talented team of security professionals, fostering a culture of security awareness and accountability across the entire organization. This is a unique opportunity to make a significant impact on a market-leading company, defining the future of its security landscape and ensuring it remains a trusted partner to its global customer base.
Key Responsibilities of CISO with a Public Software Company – San Jose, CA
The Chief Information Security Officer will have a broad range of responsibilities, encompassing strategic planning, operational excellence, and executive leadership. Key duties include:
Strategic Leadership & Program Development
Develop, implement, and monitor a comprehensive, strategic, and risk-based enterprise information security and IT risk management program. Translate complex business requirements and compliance obligations into a tangible, actionable security roadmap.
Governance, Risk, and Compliance (GRC)
Establish and lead the enterprise security governance function. Develop and maintain security policies, standards, and procedures in alignment with business goals and regulatory requirements such as Sarbanes-Oxley (SOX), GDPR, CCPA, and other international data privacy laws.
Framework Implementation
Oversee the continuous improvement of the security program by implementing frameworks such as the NIST Cybersecurity Framework and ISO 27001 to manage risk and measure program maturity.
Security Operations & Threat Intelligence
Lead the Security Operations Center (SOC) to ensure 24/7 monitoring, detection, and response to security threats. Mature the threat intelligence program to proactively identify and mitigate emerging threats targeting the company and its products.
Incident Response & Management
Own and enhance the company’s incident response plan. Lead the organization through security incidents, from detection to resolution and post-mortem analysis, ensuring minimal business impact and transparent communication.
Product & Application Security (DevSecOps)
Partner closely with engineering and product development teams to embed security into the Software Development Lifecycle (SDLC). Champion DevSecOps principles, including static/dynamic code analysis, threat modeling, and secure coding training.
Cloud & Infrastructure Security
Architect and manage a robust security posture for a multi-cloud environment (AWS, Azure, GCP). Oversee network security, endpoint protection, vulnerability management, and data loss prevention (DLP) programs.
Identity and Access Management (IAM)
Evolve the company’s IAM strategy, including privileged access management (PAM), single sign-on (SSO), and multi-factor authentication (MFA) to enforce the principle of least privilege across all corporate and production systems.
Data Privacy & Protection
Collaborate with the Legal and Privacy teams to ensure that data is classified and protected according to its sensitivity and that robust controls are in place to protect customer and corporate data.
Third-Party Risk Management
Develop and manage a comprehensive vendor and third-party security risk management program to ensure partners and suppliers meet the company’s security standards.
Team Leadership & Development
Recruit, mentor, and lead a world-class, global information security organization. Foster a collaborative, innovative, and high-performing team culture.
Budget and Financial Management
Develop and manage the annual information security budget, ensuring strategic allocation of resources to address the highest-priority risks. Manage relationships and contracts with security vendors and service providers.
Executive & Board Reporting
Effectively communicate the status of the security program, key risks, and strategic initiatives to the executive leadership team and the Audit Committee of the Board of Directors in a clear, concise, and business-oriented manner.
Security Awareness & Training
Drive a comprehensive security awareness program to cultivate a security-first mindset among all employees, reducing the risk of human error and social engineering.
Requirements for the CISO with a Public Software Company – San Jose, CA
We are seeking an exceptional leader with deep technical expertise and outstanding business acumen. The qualifications for this role are:
Experience
A minimum of 15 years of progressive experience in information security, with at least 7 years in a senior leadership capacity (e.g., VP of Security, Senior Director, CISO) for a global organization.
Public Company & SaaS Expertise
Direct experience as a security leader within a publicly-traded software or SaaS company is mandatory. Deep understanding of the unique security challenges and regulatory landscape (e.g., SOX) is essential.
Educational Background
Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field is required. A Master’s degree (MBA or M.S. in Cybersecurity) is highly preferred.
Professional Certifications
One or more of the following professional certifications is strongly required: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or equivalent.
Technical Acumen
Expert-level knowledge across a wide range of security domains, including cloud security architecture (AWS, Azure, GCP), application security/DevSecOps, network security, cryptography, IAM, vulnerability management, and incident response.
GRC Knowledge
Extensive experience with security and privacy frameworks, standards, and regulations such as NIST, ISO 27001/27002, SOC 2, SOX, GDPR, and CCPA.
Leadership Skills
Proven ability to build, lead, and motivate a high-performing, geographically distributed security team. A track record of developing talent and building a positive team culture.
Communication & Influence
Exceptional executive presence and communication skills. The ability to articulate complex security concepts and risks to both technical and non-technical audiences, including board members.
Business Acumen
Strong understanding of business principles and the ability to align security initiatives with strategic business objectives. Experience managing multi-million dollar budgets is required.
Strategic Thinker
A forward-thinking leader who can anticipate future threats and trends and develop a proactive, long-term security strategy.
Benefits & Perks Offered
Our client believes in investing in their employees and offers a highly competitive and comprehensive benefits package, including:
Competitive Compensation
A highly competitive base salary, annual performance-based bonus, and a significant equity package (Restricted Stock Units – RSUs).
Comprehensive Health & Wellness
Premium medical, dental, and vision insurance for you and your dependents. A generous wellness stipend and access to mental health resources.
Retirement Planning
A robust 401(k) plan with a generous company match to help you plan for your future.
Generous Time Off
A flexible and generous Paid Time Off (PTO) policy, in addition to company-paid holidays, to encourage a healthy work-life balance.
Family Support
Comprehensive parental leave policies for all new parents.
Professional Development
A substantial annual budget for professional development, including conferences, training courses, and certifications to support your continued growth.
Work Flexibility
A hybrid work model offering flexibility while fostering in-person collaboration at the modern San Jose headquarters.
Additional Perks
Commuter benefits, catered lunches, and a dynamic, inclusive, and innovative company culture.
How to Apply
If you are a transformative security leader ready to take on a challenging and rewarding role at the forefront of the software industry, we encourage you to apply. JRG Partners is managing this exclusive search. To express your interest, please submit your resume and a cover letter detailing your relevant experience and leadership philosophy. To learn more about our expertise in placing top technology leaders, please visit our Technology Practice Area page. We are committed to building a diverse and inclusive team and strongly encourage candidates from all backgrounds to apply.
