Job Information
ExtraHop Networks, Inc. Deputy CISO in Seattle, Washington
ExtraHop Networks, Inc.
ExtraHop is on a mission to protect and propagate trust by revealing the cybertruth: the truth about the attackers already inside an organizations network, the truth about what theyre doing, and how to stop them at top speed. We partner with every customer, every day, to reveal it. Are you ready to join us?
The Deputy Chief Information Security Officer is responsible for assisting the Chief Risk, Security, and Information Security Officer (CRSISO) in overseeing the day-to-day operations of the Information Security Office as well as collaboratively supporting the managers of GRC and Physical/Personnel Security teams.
The Deputy CISO reports to the Chief Risk, Security, and Information Security Officer (CRSISO) and is responsible for day-to-day operations to support and augment the CRSISOs overall responsibilities. The Deputy CISO is the functional backup to the Chief Risk, Security, and Information Security Officer, and will act in that capacity in the absence of the CRSISO.
This position requires strong written and oral communication skills, as well as the ability to communicate detailed technical information in a manner comprehensible by individuals at varying degrees of experience and skill. The role requires the ability to speak confidently in front of large groups and with senior management, vendors and service providers. The Deputy CISO also contributes to the IT security strategy and roadmap, ExtraHop Product security strategy and roadmap, and will be required to demonstrate strong program and project management skills.
Responsibilities require leadership, communication, and project management experience, as well as expertise in assessing and improving information security processes.
Duties and Responsibilities Collaborate with the GRC team, the Federal Engagement Team, and R&D to develop the FedRAMP Program Collaborating with the CRSISO to develop and implement the organization & cybersecurity strategy and program. Collaborating with the GRC team to develop and maintain corporate level enterprise IT security policies. Collaborating with R&D, the Director of Product Security, to ensure implementation of all Product Security controls in both the SaaS product and in the appliances. Managing and overseeing cybersecurity operations, such as threat intelligence, incident response, vulnerability remediation, and enterprise IT security. Evaluating and implementing cybersecurity tools and technologies to support the organization & security program. Collaborating with the GRC Team, Internal Audit/Vulnerability Manager, to address, assess, evaluate, prioritize, and mitigate identified vulnerabilities in both the Enterprise IT and Product environments. Assessing cybersecurity risks and collaborating with the GRC manager to ensure the organization & compliance with applicable regulations and standards.
Working with the CRSISO to lead and mentor a team of cybersecurity professionals, including hiring, training, and mentoring. Acting as the CRSISO & representative in their absence and making decisions on behalf of the CRSISO. Oversee the creation and maintenance of appropriate controls in the following areas: o Network and communications o Systems Knowledge o Threat and vulnerability management o Identity and access management o Endpoint protection o Application and data security for enterprise IT applications o Network protection o Cloud security
Qualifications and Experience 15 years experience in information technology, with 5+ years experience in information security 5+ years experience in Director, VP, or CISO level leadership Preferred certifications: CISSP, CISM, EC-CISO Bachelors in CS or IS required; Federal certification skills: Experience wi