Chief Information Security Officer

Chief Information Security Officer at Rightworks

Rightworks offers the only intelligent cloud purpose-built for accounting firms and professionals. Backed by award-winning support, our fully managed IT and applications ensure customers have secure, reliable, on-demand access to their technology. We provide a curated software ecosystem that simplifies the complexity of running an accounting firm or small business, supported by a community of thought leaders, peer networks, and educational resources.

Our success is made possible by leveraging decades of specialized experience in leading accounting firms, SMBs, and technology companies. Thousands of firms and SMBs count on us to run their business every day.

Job Overview

The Chief Information Security Officer (CISO) will be responsible for defining and executing the company’s enterprise-wide security strategy across internal systems, customer-facing MSP offerings, and SaaS products. The CISO will ensure the confidentiality, integrity, and availability of all systems and data while positioning Rightworks as a trusted leader in secure cloud services for the accounting industry.

As a direct report to the CTO, the CISO will play a strategic role in overall technology leadership. This position participates as a strong voice in the technical leadership team, with specific responsibilities for leading and executing Rightworks Security strategy and operations.

This is a hybrid position, with 3 days per week in our Nashua, NH headquarters.

Responsibilities

• Enterprise Security Leadership:
Own the overall security strategy for internal systems, networks, and data assets across Rightworks.

• MSP & Hosting Security:
Design and enforce robust security controls for Rightworks’ Managed IT and hosting services, ensuring compliance with industry and national standards and requirements.

• SaaS & Product Security:
Support application and public cloud stack security for Rightworks solutions, embedding “security by design,” and supporting Dev Sec Ops  cultural transformation.

• Cloud Security Architecture:
Ensure secure architecture around integration between public cloud, private cloud, and IT systems.

• Champion and govern identity and access management (IAM), encryption standards, zero-trust frameworks, and secure Dev Ops practices.

• Lead efforts to harden APIs, integrations, and third-party connectors through audit and testing Rightworks technology systems.

• Customer & Industry Engagement:
Act as the company’s external security authority, engaging with customers, partners, and industry groups to represent Rightworks as a thought leader in cybersecurity for accounting professionals.

• Partner with Sales and Customer Success to reassure large enterprises and key customers about data protection and continuity of service. Be a strong voice at the table on behalf of Rightworks with our customers. Lead and listen, bringing industry perspective and expertise to the table.

• Partner with product engineering, infrastructure, and operations teams to integrate security practices into development pipelines. Identify areas of opportunity for our organization to improve.

• Governance, Risk & Compliance (GRC):
Establish and lead the company’s GRC programs, policies, and risk management frameworks. Ensure adherence to applicable regulations and certifications.

• Security Incident Response & Resilience:
Build and maintain robust security incident detection, response, and recovery plans; lead post-mortem analyses and continuous improvement initiatives.

• Security Operations & Monitoring:
Oversee 24/7 security operations, including threat intelligence, vulnerability management, and monitoring of cloud and MSP environments.

• Lead Operations of Security Products and Systems:
Oversee implementation of customer facing security solutions, including endpoint management and office management.

• Team Leadership:
Build and mentor a high-performing security team, developing leadership capacity and instilling a culture of proactive risk management. Engage as a senior leader in our organization, mentoring engineering and infrastructure leaders, and contributing to enterprise architecture strategy.

Requirem…