Deputy Chief Information Security Officer

Description Deputy Chief Information Security Officer (Deputy CISO)Location: [Remote]Reports to: EVP, CIO & CISO — Harold RivasDepartment: Security, Risk & Compliance (SRC)Why AbsoluteAbsolute empowers mission‑critical performance with advanced cyber resilience. We combine endpoint-to-network visibility with self‑healing controls so customers can keep working—no matter where risk shows up. This role advances that mission by maturing our security operations, incident response, and data protection capabilities while representing Absolute with customers, partners, and the market—especially across North and South America. The OpportunityAs Deputy CISO, you will be the operational right hand to the CISO—driving day‑to‑day security excellence, uplifting incident response readiness, strengthening data protection, and ensuring our security architecture scales with the business. You’ll also partner with Marketing and Sales to support campaigns, customer briefings, and field events across North and South America, helping translate our resilience story into customer value. What You’ll Do1) Operational Security LeadershipLead the security operations rhythm (SOC/SIEM/EDR/DLP/identity), driving continuous improvement in detection, response, and recovery KPIs (., MTTD/MTTR, containment time, dwell time).Own the major incident process end‑to‑end—war‑room leadership, executive/board‑level communications, post‑incident reviews, corrective actions, and tabletop exercises.Establish clear runbooks, playbooks, and on‑call processes; test frequently via purple‑team and crisis simulations.2) Incident Response & Resilience UpliftDesign and implement a multi‑layer IR strategy: threat intel integration, automation/SOAR, crisis communications alignment, and validated recovery procedures.Drive secure-by-default hardening and control health monitoring to reduce repeat incidents and minimize blast radius.Partner with Product/Engineering for product security incident handling and coordinated disclosure.3) Data Protection & Privacy EnablementMature data protection capabilities (data discovery/classification, DLP, encryption, key/cert governance, secrets management) with measurable coverage and efficacy.Embed privacy‑by‑design practices and align with SRC and Legal/Privacy on policy, standards, and control assurance in accordance with Absolute’s Information Security Policy. (Policy and org responsibility alignment)4) Security Architecture & RiskServe as a hands‑on security architecture leader—partnering with Enterprise Architecture, IT, Cloud/Platform, and Product to guide reference architectures, threat modeling, and zero‑trust patterns.Translate business initiatives into risk‑informed security requirements; track exceptions and risk treatments with SRC/GRC.5) Go‑to‑Market (GTM) & Field Support — NA & LATAMSupport field marketing and sales campaigns (CISO roundtables, executive briefings, key pursuits) as a credible security executive, connecting customer pain to Absolute’s resilience outcomes. (Examples: CISO roundtables and executive alignment motions) Participate in customer briefings (C‑suite, boards, public sector) and partner initiatives; tailor messaging to regional regulations, risk drivers, and buying centers across North America and South America. 6) Governance, Standards & ComplianceChampion alignment to Absolute’s security policy framework; ensure standards, baselines, and metrics are current and effective. Partner with GRC on audits/assessments, issues management, and reporting to executive stakeholders and the board.Nice‑to‑have: familiarity with FedRAMP/GovRAMP expectations and public sector procurement nuances. What You’ll BringRequired10+ years in cybersecurity with increasing leadership responsibility; 5+ years leading Security Operations/IR and/or data protection at scale.Demonstrated success running major incidents, orchestrating cross‑functional response, and driving post‑incident improvements.Practical security architecture experience across identity, endpoint, cloud (IaaS/SaaS), network/SASE/SD‑WAN, and data controls.Strong communicator who can brief executives/boards and engage credibly with customers and partners in sales/marketing contexts.Experience building metrics and operational dashboards that show control health, readiness, and risk reduction over time.PreferredExperience supporting public sector customers (federal/civilian/SLG) and familiarity with FedRAMP/StateRAMP expectations.Bilingual or professional proficiency in Spanish and/or Portuguese for LATAM engagements. Track record partnering with field marketing & sales on thought leadership, customer reference programs, executive briefings, and competitive pursuits.CertificationsCISSP strongly preferred; other relevant certifications (., CISM, CCSP, GIAC GCIA/GCIR, GCCC, GCSA) are a plus.EducationBachelor’s in Computer Science, Information Security, Engineering, or related field.Advanced degree (., MBA or Master’s in Cybersecurity) desired.Work Style & TravelAbility to operate in a fast‑moving, global environment; occasional travel, team leadership, and field events across NA & LATAM.How You’ll Measure SuccessMTTD/MTTR reductions and improved containment/recovery outcomes.Increased control health and data protection coverage.Documented IR readiness: tested playbooks, exercise outcomes, and audit‑ready evidence.Positive impact on GTM activities: customer win support, executive briefings, and campaign participation.Equal OpportunityAbsolute is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.The pay rangeThe base pay offered is determined by the market location and may vary depending on job-related knowledge, skills, experience, and internal equity. As part of our total rewards offering, permanent employees in this position may be eligible for our annual bonus program.