The Opportunity: 

The Chief Information Security Officer (CISO) has operational oversight of our security operations, security architecture and engineering, product security, physical security, awareness, privacy, governance, risk, and compliance functions in addition to being our liaison for legal and other business units within FWI|Poppulo. You will lead the development and maintenance of our information security architecture, infrastructure, and processes that align to our company and product needs. You will be responsible for developing and ensuring adherence to information security governance, risk management, and compliance with security best practices and our corporate and product certification requirements (SOC2, ISO27001, GDPR, Privacy Shield, and Common Criteria, etc.). You will have operational responsibility in ensuring our company, our customers, our products, and our data are protected. This is a unique opportunity to lead security at a SaaS company. This position will report directly into the FWI|Poppulo’s Excusive Leadership Team.

 Primary Responsibilities:

• Accountable to lead both strategically and operationally our global security team.
• Provide guidance and counsel to the senior leadership team around all pillars of security, including risk analysis surrounding each.
• Work with leaders across the FWI|Poppulo business units to ensure and continuously improve upon the security and privacy requirements of our company.
• In collaboration with senior management, develop and define objectives for information security, while building relationships and goodwill. 
• Interface directly with enterprise customers to address security profile, maturity and product architecture.

• Support go-to-market initiatives in both pre- and post-sales motions to leverage security and compliance as a mechanism for business value.
• Lead cyber security risk and response, and information security planning processes to establish an inclusive and comprehensive information security program for the entire organization.
• Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for program improvements.

• Stay abreast of information security issues and regulatory changes.
• Lead the development and implementation of effective policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation. 
• Lead efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for our applications, infrastructure and products.
• Coordinate and track all cyber and data security related questionnaires, assessments, audits and outcomes.
• Work closely with business and technical leaders on a wide variety of security issues that require an in-depth understanding of infrastrure, cloud based applications and architecture.
• Keep abreast of all security risks incidents and act as primary control point during any information security incidents.
• Convene a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise. 
• Examine impacts of new technologies on the organization's overall information security.
• Establish processes to review implementation of new technologies to ensure security compliance. 

Requirements for Success:

• Hands on leader with bachelor’s degree in Computer Science, Information Technology, Information Systems, Engineering, or related field.
• Ability to attain a professional certification/accreditation such as CISSP and/or CISM certification in 12 to 18 months of hire.
• 5 years’ experience in the architecture, design, and implementations of network security solutions in a multi-tiered web-based environment with legacy systems.
• 7 years of related management experience including people management and project/program.
• 10 years in Information Technology roles with progressive technical and management responsibilities.
• Securing highly dynamic private and public cloud environments is a must (AWS, Azure, Google Compute)
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
• Up-to-date knowledge of information security methodologies and trends in both business and IT. 
• Exceptional project management experience with large multi-faceted projects (budget, staff, complexity).
• Experience building high performance teams by promoting values, ideas and achieving consensus as well as coaching and mentoring skills.
• Excellent interpersonal and communication skills in interacting with customers, auditors and employees.
• Proven ability to work effectively with all levels of the organization.
• Very strong technical expertise in the areas of information security architecture, tools, firewalls, intrusion detection and remediation, and proxy.
• Demonstrated experience implementing and adherence governance of PCI DSS 3.0 or higher.
• Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
• Project management skills: financial/budget management, scheduling, and resource management. 
• Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only "dotted line" reporting lines exist. 

Your X-Factor:

• Aptitude - You have an innate capacity to transition from project to project without skipping a beat.
• Communication - You have excellent written and verbal communication skills for coordination across projects and teams.
• Impact - You are a critical thinker with an emphasis on creativity and innovation.
• Passion - You have the drive to succeed paired with a continuous hunger to learn.
• Leadership - You are trusted, empathetic, accountable, and empower others around you.
• Bias – You have preference towards humility, curiosity, and humor.

Bring your Whole Self to Work!

Diversity, equity, and inclusion are at the core of who we are. At FWI|Poppulo, we know that diverse perspectives spark innovation, improve creativity, and position our team for success. Creating a culture where all are welcomed, valued, and empowered to achieve their full potential is important to who we are today and in the future. We hire the best of the best and do not discriminate based on race, gender, age, religion, sexual orientation, identity, or other personal factors.