Ciso/ Svp, Corp It And Security

CISO/ SVP, Corp IT and SecurityLocations: Denver, Colorado
Company: EverCommerce
Time Type: Full time
Posted on: Posted Yesterday
Job Requisition ID: R-104327
COMPANY: At EverCommerce [Nasdaq: EVCM], we are on a mission to digitally transform the service economy with tailored, end-to-end SaaS solutions that simplify and empower the lives of our 700,000+ customers. As a leading service commerce platform, our modern digital and mobile applications create predictable, informed, and convenient experiences between customers and their service professionals in the areas of Home & Field Services, Health Services, and Wellness industries. We are building an extraordinary company and looking for talented, energetic, and motivated people to join our team. You can learn more about our Company, Culture and Values here.
As the EverCommerce platform and organization continues to grow, we are looking for an accomplished and experienced leader to drive the Information Security and Corporate IT teams to the next level of scale and experience. In this role you will further develop an accountable security-conscious culture, with security infrastructure built on high-quality standards, guidelines, and controls that is regularly tested, reported on, and meets regulatory expectations for the industries we serve and also lead core IT.
ROLE: The successful candidate has prior experience overseeing the design, implementation, monitoring, and governance of an enterprise-wide information security program and leading corporate infrastructure and core IT (IT service desk, identity & access management, employee onboarding and offboarding etc). A key part of the role is to work collaboratively across our solutions organizations and our centralized operational teams to drive improvements in security posture and further mature our IT infrastructure. To this end, the ideal candidate is comfortable with ambiguity, and possesses the necessary communications skills to lead change across the organization. The ideal candidate is also comfortable in modern DevOps methods and demonstrates the ability to drive cloud-native security practices for SaaS and mobile applications. Additionally, this candidate views advancing security as a strategic and competitive advantage as opposed to constraining innovation.
This position will report to our Chief Information Officer and as part of our hybrid work model, can be located anywhere in the U.S., with the ability to travel to our Denver, Colorado headquarters as needed. We're looking for someone to join our team immediately!
RESPONSIBILITIES: Serve as the top security executive, leading an ongoing and successful corporate-wide program, and driving a culture of security throughout the company.Create a strategic security and IT roadmap based on current state gap analysis and continuous improvement. Define a multi-year plan and budget, and execute against the roadmap.Translate technical risks into interpretable organizational risks for a wide range of corporate audiences, including the Board and senior leadership.Manage a growing team of talented information security and IT professionals.Earn our customers' trust through the execution and maintenance of effective externally facing documentation, security questionnaires, and audits.Partner with our legal, compliance, technology, and internal controls teams to ensure our practices are in line with corporate and regulatory policies.Design and lead the implementation of security projects, working cross-functionally with our technology, HR, and business teams.Advise and implement security tactics across DevOps and CI/CD practices operating in the public cloud.Mature the SOC to detect and mitigate potential threats, and lead the investigation of issues.Lead internal and external security audits using a rigorous and repeatable methodology, and provide consistent reporting of results.Build a world class IT Operations and End User Services organization that maintains a highly collaborative working relationship with the end user community and fellow engineering and technology teams.Drive a frictionless and flawless user experience for all EverCommerce employees while maintaining high levels of employee satisfaction scores, process improvement, automation and self service.Qualifications: 15+ years of total experience in security and IT leadership with executive management responsibilities at a SaaS company. Experience leading global teams and managing MSPs (managed services providers).Experience as a key actor (auditor, domain owner, etc) in security certifications such as PCI, SOC 2, ISO27001, and HIPAA.Proven track record implementing and managing incident response, threat intelligence, DLP, IAM, SOC management, security architecture, and risk assessments.Strong familiarity with common security libraries, tools, controls, and common security flaws that apply to software development including, but not limited to, SAST, DAST, IDS, IPS, Logging, Encryption, IAM.Strong ability to influence engineering staff and business partners on security and IT architecture and project roadmaps to drive positive change.People and budget management experience.Superior written and verbal communication skills necessary to drive cross-functional collaboration, create executive leadership awareness and alignment, and build confidence with external auditors and customers.Thorough understanding of the software development lifecycle and the corresponding role and impact of information security.Working knowledge of best practices for operating in the public cloud, including tactics for software deployment, continuous delivery, and infrastructure-as-code.Willingness to take ownership of problems, drive alignment, and push forward with solutions.Ability to operate at both strategic and operational levels. Strong executive presence and willingness and ability to roll up your sleeves and get involved to mentor and deliver if needed.Hands-on experience in several key areas of cyber security, including PEN testing, secure coding techniques, vulnerability management, network administration, event management, forensics, DLP, threat management, IAM, and risk assessment.Battle-tested in stressful and high-pressure incident response scenarios. Remain calm under pressure and ability to multi-task.Bachelor's degree in computer science, a similar technical field of study, or equivalent experience.Relevant professional certifications such as CISSP.Personal Characteristics: Team-oriented, work well with teams across the company, with an ability to lead with respect, humility and integrity.Exceptional leader and action-oriented self-starter who can set strategy and drive execution with a "roll up the sleeves" approach, strong entrepreneurial spirit.Creative problem-solver and conceptual thinker with an ability to understand and leverage detail-oriented and analytical issues as needed.Passionate about building high achieving businesses and teams.Someone that can build consensus and influence across all levels within the organization, including sponsors, companies, clients, and other external stakeholders.You possess high emotional intelligence and self-awareness with a proven ability to communicate and manage well at all levels of the organization.Compensation:
Base compensation range: $280,000-$310,000. Additionally, short-term incentive target and equity are included in the overall compensation package. This compensation range is specific to the United States labor market and may be adjusted based on actual experience. This range is not all inclusive as total compensation for this role also includes a variable component in addition to the base salary that will increase total earnings.
EverCommerce considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, candidate's work location, education/training, key skills, internal peer equity, external market data, as well as market and business considerations when making compensation decisions.
EverCommerce is an equal opportunity employer, and we value diversity at our company. We do not discriminate based on race, religion, color, national origin, gender identity, sexual orientation, age, marital status, veteran status, or disability status. We look forward to reviewing your credentials and getting to know more about your experience!
Where: The EverCommerce team is distributed globally, with teams in the U.S., Canada, the U.K., Jordan, New Zealand, and Australia. With a widely distributed team, we are used to working remotely across different time zones. This role can be based anywhere in the United States– if you're close to one of our offices, we can set you up in-office or you can work 100% remotely. Please note that you must be eligible to work without sponsorship to qualify for this position, and this role will require travel to our Corporate Headquarters in Denver, Colorado, or to other office locations around North America.
Benefits & Perks: Flexibility to work where/how you want within your country of employment – in-office, remote, or hybrid.Robust health and wellness benefits, including an annual wellness stipend.Continued investment in your professional development through Udemy.401k with company match.Annual wellness stipend.Flexible and generous paid time off.Employee Stock Purchase Program.
#J-18808-Ljbffr