Virtual CISO

Chief Information Security Officer (US Remote)**
Salt Lake City, UT / Executives / Full-time
**At Instructure, our vision is to help people learn, develop, and engage from their first day at school to their last day of work. Our goal is simple: create more effective ways for everyone everywhere to access education, make discoveries, share knowledge, be inspired, and do big things. We accomplish all this by giving smart, creative, passionate people opportunities to create awesome. Instructure is seeking a hands-on Chief Information Security Officer (CISO) to establish and maintain the enterprise vision, strategy, and program to ensure all information assets and technologies are protected. This position will develop strong relationships across the business including Product Development, Engineering, Cloud Operations, IT, Finance, HR, and others. With the full support of executive management this leader will drive change across all disciplines to improve the security of our products, processes, procedures, and systems to ensure compliance with PCI, SOC2, ISO, GDPR, StateRAMP, SOX, etc.
You will be responsible for developing, implementing, and operating a comprehensive enterprise security program that includes enterprise IT, compliance, and a portfolio of large scale web applications developed and acquired using various modern technology stacks. You will be responsible for managing the security organization, consisting of application security, security engineering, and compliance. In addition, you will manage the architecture and implementation for monitoring, troubleshooting, alerting, reporting, and response to threats or incidents. You will be instrumental in guiding our strategy and approach as we continue to enhance our secure development lifecycle, secure operations, and compliance assurance functions.
As a security expert, you will be working with other leaders to shape and influence policies and practices to ensure we deliver on our commitments to security, data privacy, governance, risk management and compliance. A leader with excellent leadership, team building, and management skills
+ A leader with the skill to provide direction to company-wide strategies for information security practices, awareness, architecture, and incident response.
+ A leader that oversees the operations of the security team, including providing direction for information security practices, governance, and policies.
+ A builder who can not only articulate a broad set of software security challenges and considerations but can help guide teams as they code up the solutions in whatever tech stack, language or architecture fits the problem.
+ A bold and skilled leader who can guide a team to find vulnerabilities and risks within our architecture, code, our tools and our processes and bring the most important priorities to resolution.
+ A mentor and advisor to streamline and steer compliance operations to meet multiple regulatory and industry requirements.
+ Someone that can closely collaborate with Legal and Privacy teams and is aware of the regulatory landscape.
+ A collaborator who proactively engages with product, operations, legal, QA, and UI/UX to translate user and business security needs into superior experiences.
+ An advisor that stays active in maintaining current knowledge of industry and regulatory requirements for SaaS technologies.
+ A passion for people and for software
+ BS or greater in Computer Science preferred
+ 8+ years as an engineer and significant breadth and depth in software security practices, cloud security operations, threat assessment, and training.
+ Significant experience building a web application at scale
+ Medical, dental, disability, and life insurance
+ Lots of paid time off, 10 paid holidays, and flexible work schedules
+ Top of the line computer equipment
#