Chief Information Security Officer - Southern NH- Hybrid

Chief Information Security Officer - Southern NH
- Hybrid

We are looking to add to our executive leadership team by adding a dedicated Chief Information Security Officer (CISO).

This is a hybrid position, with 3 days per week in our Nashua, NH headquarters.

Overview

As a critical member of our leadership team, you will be responsible for protecting our digital assets, data confidentiality, ensuring compliance with cybersecurity regulations, and building a robust security infrastructure to prevent potential threats. The ideal candidate is an experienced cybersecurity leader with a strong background in information security, risk management, and a proven ability to lead cybersecurity teams. We are targeting a strategic cybersecurity professional and a visionary seeking a challenging role where s/he can become a key player in protecting our organization's future.

Objectives

• Leading the development and implementation of the information security strategy.

• Overseeing the protection of company data, intellectual property, and technology assets from cyber threats.

• Developing and enforcing security policies, procedures, and protocols that align with business goals and regulatory requirements.

• Identifying and mitigating security risks, ensuring the organisation remains resilient against emerging threats.

• Ensuring the company’s compliance with industry standards and regulations.

• Managing security audits, compliance assessments, incident response processes, and investigating security breaches.

• Collaborating with cross-functional teams to integrate security measures into the company’s IT and business operations.

Responsibilities

• Enterprise Security Leadership:
Own the overall security strategy for internal systems, networks, and data assets across the enterprise.

• MSP & Hosting Security:
Design and enforce robust security controls for Managed IT and hosting services, ensuring compliance with industry and national standards and requirements.

• SaaS & Product Security:
Support application and public cloud stack security for internal solutions, embedding “security by design,” and supporting Dev Sec Ops  cultural transformation.

• Cloud Security Architecture:
Ensure secure architecture around integration between public cloud, private cloud, and IT systems.

• Champion and govern identity and access management (IAM), encryption standards, zero-trust frameworks, and secure Dev Ops practices.

• Lead efforts to harden APIs, integrations, and third-party connectors through audit and testing internal technology systems.

• Customer & Industry Engagement:
Act as the company’s external security authority, engaging with customers, partners, and industry groups to represent as a thought leader in cybersecurity for accounting professionals.

• Partner with Sales and Customer Success to reassure large enterprises and key customers about data protection and continuity of service. Be a strong voice at the table on our behalf with our customers. Lead and listen, bringing industry perspective and expertise to the table.

• Partner with product engineering, infrastructure, and operations teams to integrate security practices into development pipelines. Identify areas of opportunity for our organization to improve.

• Governance, Risk & Compliance (GRC):
Establish and lead the company’s GRC programs, policies, and risk management frameworks. Ensure adherence to applicable regulations and certifications.

• Security Incident Response & Resilience:
Build and maintain robust security incident detection, response, and recovery plans; lead post-mortem analyses and continuous improvement initiatives.

• Security Operations & Monitoring:
Oversee 24/7 security operations, including threat intelligence, vulnerability management, and monitoring of cloud and MSP environments.

• Lead Operations of Security Products and Systems:
Oversee implementation of customer facing security solutions, including endpoint management and office management.

• Team Leadership:
Build and mentor a high-performing security team, developing leadership capacity and instilling a culture of proactive risk management. Engage as a senior leader in our organization, mentoring…