Vp, Information

Company Description

Nexthink is the global leader in digital employee experience management. Our products allow enterprises to create highly productive digital workplaces for their employees by delivering optimal end-user experiences. Through a unique combination of real-time analytics, automation and employee feedback, Nexthink gives IT teams the insight they need to empower and even delight people at work.

Headquartered in Switzerland with US headquarters in Boston, Nexthink also has offices in France, UK, Germany, Spain and UAE. Our growing team of Nexthinkers is proud to be making the digital work lives of over sixteen million employees across 1,000 customers more productive.

**Job Description**:
We are looking for an individual who has strong cloud security technical fundamentals and has been involved in securing software development and deployment processes. Excellent communication skills and comfort in working with executive leadership and with customers are essential for the role.

The role will report to the CTO and work closely with Architecture, Development, SRE, Legal, Support, Product Management, and Sales leadership in leading the security function for Nexthink.

The VP of Information and Product Security’s responsibilities include but are not limited to:

- Drive Nexthink's security vision, continually update strategy to meet this vision and maintain a multi-year security roadmap.
- Consistently communicate and advocate for security best practices while reporting performance effectiveness to executive stakeholders.
- Lead the implementation of next-gen security solutions and ensure compliance with changing laws and regulations.
- Oversee the development of information security policies, standards, and procedures that are aligned with industry best practices.
- Evaluate and adapt security measures to mitigate emerging threats and vulnerabilities, with a focus on protecting software integrity and data security for customers.
- Lead and mentor a high-performing team, handling performance management, workload balancing, and succession planning.
- Provide hands-on technical leadership in the design, implementation, and enforcement of security measures.
- Conduct regular audits and assessments to identify areas for improvement
- Collaborate closely with Product, IT, Legal, and other departments to align security initiatives with company objectives
- Act as a main point of contact for security matters with external vendors and partners.
- Facilitate interdepartmental training and development programs focused on security best practices.
- Ensure compliance with Federal, FedRAMP, and DoD regulations
- Build and maintain relationships with government agencies and other stakeholders in the security compliance landscape.
- Develop and enforce cloud security policies, including incident response protocols.
- Manage operational and capital budgets for the cyber security department.
- Lead security briefings for executive stakeholders.
- Draft comprehensive yet accessible reports for both technical and non-technical audiences.
- Quick adaptability to a fast-pace security landscape, staying abreast of new technologies and approaches..

**Qualifications**:

- Advanced degree in technology-related fields like Computer Science or Engineering is preferred.
- Minimum of 10 years in progressive leadership roles within information security, with a focus on corporate and product security in a SaaS environment
- Strong technical background, with experience in designing, implementing, and managing security solutions
- Decisive and well-informed decision-making, coupled with creative problem-solving abilities.
- Excellent people management skills, including performance monitoring, motivation, and fostering a positive work environment.
- Proven ability to understand and comply with security regulations, and work with key stakeholders to ensure compliance.
- Ability to communicate security-related concepts to diverse audiences, technical, legal and executive, orally and in writing in an easily understood and actionable manner.
- Expert knowledge in compliance frameworks: ISO 27001, NIST, CSF, Fedramp and privacy related laws.
- Formal certifications such as CompTIA Security+, CISSP, CISM, CISA, and/or CEH are preferred.
- Excellent interpersonal and communication skills
- Knowledge of Agile software engineering best practices

**Key personality traits**

**Self-Confident and Results Orientated**: An intelligent, decisive, self-confident and results-orientated individual who possesses a combination of mental flexibility, creativity, analytical ability and sound judgment.

**Innovation/ Growth Oriented**:Encouraging people to innovate, create and be open to change. Empowering people and having a bias for action and an urgency to move forward.

**Fosters teamwork**: Creating a work culture that values collaboration.

LI-Hybrid

Additional Information

At Nexthink, we offer one of the most comprehensive and generous ben