Chief Information Security Officer (CISO)

8+ years in information security with increasing ownership across GRC, security engineering, and/or product/app security. Experience building or maturing a security program at a SaaS, data, cybersecurity, or privacy-focused company. Practical experience with SOC 2 and/or ISO 27001. Strong understanding of cloud security (preferably AWS): networking, IAM, secret management, logging/monitoring. Comfortable meeting with customers, prospects, and partners to explain Optery’s security posture. Excellent written and verbal communication skills. Startup-friendly mindset.

Own information security strategy, roadmap, and policies aligned to security and privacy products. Lead and extend the security program mapped to common frameworks (SOC 2, ISO 27001, CIS, NIST). Partner with engineering to embed secure SDLC practices. Design and run an incident response program. Oversee identity and access management across core systems. Lead vendor and third-party security reviews. Partner with GTM, finance, ops, and sales to complete security questionnaires and customer diligence. Work with product/legal to ensure data flows and retention/erasure practices align with consumer privacy laws. Define, track, and report security KPIs/KRIs. Train and evangelize security practices across a distributed team.