Chief Information Security Officer (574330)

Clarifying the location information above: Redwood City, CA, or remotely from anywhere in the U.S. (Travel required to HQ in Redwood City, CA 25% of the time).

Job duties - Lead the company’s cybersecurity practices by driving and building Security Architecture throughout our rapidly-growing global customer base. Engage with engineering, cloud operations and field engineering teams to integrate our Energy IoT (Internet of Things) platform with Industrial Control Systems (ICS). Provide cybersecurity leadership and build security architecture for the company’s IoT products, as well as serve as a subject matter expert for cybersecurity in industrial automation, critical infrastructure, smart grid and Energy IoT. Use risk identification techniques and risk evaluation techniques for securing applications within cloud platforms and implementing information security technologies and processes within Software as a Service (SaaS) computing and system environments. Develop and operate the vulnerability management program for cloud and on-premise infrastructure. Develop and operate the IT Governance, Risk and Compliance (ITGRC) Program. Build cybersecurity standards, policies and guidelines for critical infrastructure and IoT platform and products. Develop DevSecOps capabilities for the company and implement secure software development lifecycle for Supervisory Control and Data Acquisition (SCADA), Cloud, and IoT products. Ensure the company’s up-to-date security program and tools by implementing threat modeling, static and dynamic application security testing, and network and web

penetration testing practices, and leading web application security and network testing for our products. Position can be located anywhere in the U.S. Travel required to HQ in Redwood City, CA 25% of the time.

Education and Experience - Master’s degree in Computer Information Systems, Computer Engineering, Electrical Engineering, Computer Applications, or closely-related and 7 years of experience in cybersecurity technology; OR Bachelor’s degree and 9 years of experience.

Background - Understanding of security principles and cybersecurity technologies, as demonstrated by possessing the following certifications: Certified Information Security Auditor (CISA) and Certificate of Cloud Security Knowledge (CCSK). Experience above must include 3 years with the each of the following areas: Vulnerability management, IT Governance, and Risk and Compliance; Threat modeling; Static and dynamic application security testing; Supervisory Control and Data Acquisition (SCADA) and Embedded; Secure software development; Web application security; Application of risk identification and evaluation techniques; and Developing web services (SOAP or REST). Experience above must include 2 years with each of the following areas: Network and web penetration testing; Securing applications within cloud platforms (SaaS); and Information security technologies and processes within a Software as a Service (SaaS), Platform as a service (PaaS), Infrastructure as a service (IaaS), or other cloud computing and system environment. Experience above must include 2 years with each of the following: Cybersecurity leadership; DevSecOps; security architecture; Industrial IoT (Internet of Things); Industrial Control Systems (ICS); Critical Infrastructure; Industrial Automation; Smart Grid; and Energy IoT.

Please copy and paste your resume in the email body do not send attachments, we cannot open them and email them at candidates at placementservicesusa.com with reference #574330 in the subject line.

Thank you.