Citrine is seeking a dynamic, customer-focused Director of Information Security to lead our security strategy and operations. Reporting directly to the CEO and working closely with executive and technical leadership, customer-facing teams, and stakeholders to align our infosec policies and practices with compliance and business needs, this role is ideal for a candidate who can own our security position from end to end. Our Director of Security plays a pivotal role in Citrine’s success: Responsibility for continued compliance with ISO 27001 and future certifications, as well as flawless management of secret customer data, Citrine’s SaaS platform applications, and our data and communications infrastructure. Promotes the security awareness and culture at the company while monitoring the security landscape and adapting accordingly.Serves as the go-to resource for our commercial teams in building trust with our customers, and as a credible advocate explaining and evangelizing our internal security management practices.Develops and implements efficient and automated security processes. This role is responsible for all the processes and procedures to support evolving business requirements around compliance, cybersecurity, risk management, continuity, and emergency response planning, and ensures compliance at all levels of the organization. The successful candidate is an experienced operator who leads by influence and thrives in autonomy and complete ownership managing our risk and vulnerabilities.


      • Strategic Security
      • Guide strategic investment in SaaS platform security technology.
      • Adopt and adapt a security framework that includes a road map, assessment, vulnerability management, gathering and reporting security metrics, develop and manage budget and investments.
      • Understand Citrine’s current and emerging needs and be able to match those needs with effective and efficient solutions.
      • Simplify systems, automate, and reduce the manual management of security processes while maintaining a very strong security posture.
Security Awareness
      • Influence, promote, and enhance the security awareness culture of the organization, including educational programs that support alignment and adoption of Infosec practices across the company.
      • Own continuous innovation, improvement, and communication of all security processes and procedures.
      • Communicate and collaborate with senior managers to align on expectations, while fostering a supportive and contributing environment that encourages innovation, adoption, and improvement.
      • Manage the security team, encouraging innovation and improvement as well as professional growth.
Security Compliance
      • Own the security compliance practice: maintain our certification in ISO27001, GDPR, and other programs.
      • Ensure compliance with relevant laws, regulations, and standards around information security; understand obligations of different authorities and frameworks to support growth.
      • Build a system for engaging with our technology and product teams to effectively introduce and implement new application and security concepts into the platform.
      • Maintain investment in any additional efforts required to ensure excellence in all aspects of security.
Security Operations
    • Develop, innovate, implement, and monitor all policies and procedures that keep Citrine and our customers safe.
    • Oversee daily security operations, including coordinating across the organization at all levels, and advising around best practices and developments.
    • Handling and coordinating responses to security incidents such as breach, attack, loss, and subsequent review of policies and education.
    • Auditing and reporting, managing compliance audits and working with customers and regulators to demonstrate compliance and resolve issues.
    • Lead the security organization and continue to build and cultivate a world-class team.

Skills and Experience

    • 10+ years experience in security-related positions and managing a security team, preferably in a SaaS cloud-based environment.
    • Proven experience establishing security best practices and procedures for information security, and security compliance.
    • Communications excellence and customer-first mentality: innovate, inspire, and influence on security excellence across the entire company and with external stakeholders.
    • Direct experience advocating for security needs to technical and non-technical stakeholders, internally and externally.
    • Willing to be on call and available 24/7 for emergencies.
Job Overview
Job alerts

Subscribe to our weekly job alerts below and never miss the latest jobs

Sign in

Sign Up

Forgotten Password

Job Quick Search