Required Chief Information Security Officer
About the Role
As our Chief Information Security Officer (CISO), you will own and lead all aspects of Information Security for us. Reporting to the CTO, you will lead and manage three teams which are individually responsible for Governance Risk and Compliance, Product Security and Security Operations. As CISO, you will shape and execute our security strategy and roadmap, ensuring trust, resilience, and compliance at scale. You will grow and lead the security department and work closely with our leadership to balance business growth with risk management. Externally, you will represent us to customers, auditors, and regulators, reinforcing our commitment to security and trust. Above all, you will ensure that our customers, data, and operations remain secure as we scale.
Overall Security Governance Strategy
Define and execute the company-wide security strategy and roadmap
Align security initiatives with our business objectives and risk appetite
Report on security posture to company executives and te board
Security Operations
Infrastructure Security - Collaborate with DevOps and IT teams to secure our infrastructure and cloud environment
Endpoint Security - Protect employee devices and access points
SaaS Security - Monitor and secure third-party SaaS applications
Data Loss Prevention - Implement controls to prevent unauthorized data access, sharing, and exfiltration across systems and endpoints
Identity and Access Management - Manage the companys access policy and controls
Threat Detection & Incident Response - Establish SIEM, threat intelligence, and forensic capabilities
Incident Response - Respond to security events, conduct investigations, and lead mitigation efforts
GRC (Governance, Risk, and Compliance)
Risk Management & Assessments - Perform regular risk assessments on our systems, processes, and infrastructure, and drive mitigation plans
Certifications & Compliance - Maintain compliance with SOC 2, ISO 27001, DORA, NYDFS, and other regulations
Audits & Regulatory Compliance - Lead security audits, manage interactions with external auditors, government agencies, and regulatory bodies
Third-Party & Vendor Security Assessments - Conduct security evaluations of vendors and partners to ensure data protection standards are met
Security Policies & Frameworks - Maintain and enforce company-wide security policies, ensuring cross-functional adoption
Product Security
Secure Software Development Lifecycle (SSDLC) - Integrate security into our development processes, shift left on security through the entire product lifecycle.
Requirements: Bachelor's degree in Computer Science, Information Security, or a related field (Masters or MBA is a plus)
Professional certifications such as CISSP, CISM, CISA are strongly preferred.
15+ years of experience in Information Security, Cybersecurity, or similar roles
3+ years as a CISO or senior security leader in a fast-growing organization
Experience securing SaaS solutions in cloud environments (AWS, Azure, GCP) - strong advantage
Strong background in web application security (OWASP Top 10), DevSecOps, and SSDLC
Hands-on experience with cybersecurity incident response, forensics, and crisis management
Familiarity with encryption, data protection, privacy regulations (GDPR, CCPA, PCI-DSS, SOC 2, ISO 27001, etc.)
Strong communication skills in both English and Hebrew - ability to convey security risks to technical and non-technical stakeholders
Business- and data-oriented mindset - able to present security considerations in a structured, data-driven way that enables informed business decisions
Ability to stay ahead of emerging cybersecurity threats, trends, and compliance requirements.
This position is open to all candidates.