Jobs · Information Technology · Texas

Chief Information Security Officer

Accruent · Austin, TX · 1 wk ago
Information TechnologyFull-time

About the role

The Chief Information Security Officer (CISO) owns enterprise security strategy, risk management, and compliance for the FAL Group of companies under Fortive (Accruent, Gordian, and ServiceChannel) all of which are SaaS / data platform companies in the Facilities and Asset Lifecycle space.

This is a senior management role reporting directly to Chief Digital and Services Officer at Accruent, with regular visibility and dotted line reporting accountability to the executive teams at all three operating companies as well as security and IT leadership at Fortive.

Responsibilities

  • Own and continuously evolve the company’s information security strategy, aligned to business objectives.

  • Take existing security in excellence practices, communities, executive constructs, and awareness/culture programs and continue to grow them and integrate them as part of the larger security strategy.

  • Lead and develop a high-performing security organization spanning security operations, vulnerability and threat management, security engineering, governance/risk/compliance (GRC), application security, AI security, and all associated cyber or cyber adjacent incident response.

  • Set and manage the security budget, including build-vs-buy decisions on tooling and managed services. Ensure the team is budgeted appropriately to meet, interact, grow, develop, and build connections in security across the operating companies, Fortive, and the local security communities they serve.

  • Establish security architecture standards across cloud infrastructure, AI, application development, and data platforms.

  • Be the consistent voice for security across the three businesses translating asks from Fortive (parent company), calibrating messaging from Fortive to the three executive teams, owning messaging from the operating company back to Fortive, and insulating the operating companies from business impact wherever possible.

  • Maintain clear visibility of security posture and strategic programs to the three executive teams, owning cyber considerations for enterprise risk management initiatives, and self-attesting risk assessment initiatives.

  • Chair and lead the Information Security Council (ISC) at each operating company, raising security awareness, calibrating updates, and driving resolution of critical cyber risk through executive collaboration and partnership.

  • Own the company’s compliance posture across SOC 2 Type II, ISO 27001, Cyber Essentials Plus, CMMC, ISO 42001, and applicable frameworks (HIPAA, GDPR, CCPA, SOX as relevant to the customer base and internal requirements).

  • Lead audit cycles end-to-end — evidence collection, auditor relationships, remediation tracking, and timely certification renewal, while streamlining these operations to minimize business impact.

  • Maintain a current risk register and ensure control gaps are tracked to closure with assigned owners and deadlines and appropriately lead executive risk management escalations with the information security councils at each operating company.

  • Serve as the executive owner of the security review process for enterprise sales — including security questionnaires, customer audits, and contractual security terms.

  • Partner with Sales and Legal to reduce security-related sales cycle friction, treating security posture as a competitive differentiator rather than a cost center.

  • Represent the company in customer-facing security discussions, including Executive Briefing Center engagements with strategic prospects.

  • Own the enterprise risk management program, including third-party / vendor risk assessment for the company’s supply chain and subprocessors.

  • Build and maintain the incident response plan; lead the response to any security incident, including coordination with Legal, Communications, and executive leadership.

  • Conduct regular tabletop exercises and ensure the organization is prepared for both technical and reputational dimensions of a security event.

  • Lead regular response tests, tabletops, and resiliency exercises with key business areas and the executive teams at all three operating companies.

  • Present security posture, risk trends, and program maturity to the Fortive security team and Fortive CISO on a monthly basis.

  • Serve as a key stakeholder in technical and security diligence processes, including those associated with financing events or M&A.

  • Advise the executive team on emerging threats, regulatory changes, and their business implications.

Qualifications

  • 10+ years in information security, with 5+ years in a senior leadership role (CISO, VP Security, Director of Security or equivalent) at a SaaS or data-intensive company.

  • Demonstrated ownership of SOC 2 and/or ISO 27001 programs, including direct experience managing audit cycles to successful certification.

  • Experience managing executive stakeholders at multiple lines of business at the same time, and nuanced understanding of conglomerate/operating company model.

  • Strong working knowledge of cloud security (AWS, GCP, and Azure), modern application security practices, and data protection regulations relevant to the company’s markets.

  • Track record of building or scaling a security function, including hiring and developing a team.

  • Experience supporting enterprise sales cycles through customer security reviews and questionnaires.

  • Track record of driving security culture, awareness, trust, and delivering on promises on time with quality across executive teams, and at an employee level.

Preferred Qualifications

  • Prior experience leading security at an operating company in a conglomerate/operating company model.

  • Strong track record of maintaining best in class team engagement, retention, growth and development of team and in driving enterprise-wide trust around security.

  • Relevant certifications: CISSP, CISM, or equivalent.

  • Experience with CMMC, FedRAMP, HIPAA, GDPR, or other regulatory frameworks.

Similar jobs

Security Officer

Lifepoint Health®Hancock, MI· 2 wk ago
Information Technologyapply on jobs.lifepointhealth.net

Security Officer

Securitas Security Services USA, Inc.Solway, MN· 1 wk ago
Information Technology$17/hrapply on ekaw.fa.us2.oraclecloud.com

Security Officer

Securitas Security Services USA, Inc.Auburn Hills, MI· 1 wk ago
Information Technology$20/hrapply on ekaw.fa.us2.oraclecloud.com

Security Officer

Pacific SecurityMoses Lake, WA· 2 wk ago
Information Technology$17.5–$18.5/hrapply on pacsecurity.exacthire.com

Security Officer

Prairie MeadowsAltoona, IA· 2 wk ago
Information Technology$20/hrapply on workforcenow.adp.com

SECURITY OFFICER

Oneida HealthOneida, NY· 2 wk ago
Information Technologyapply on paycomonline.net