Chief Information Security Officer; CISO
Listed on 2026-07-13
-
IT/Tech
Cybersecurity, Information Security, IT Consultant, IT Project Manager
Chief Information Security Officer (CISO)
Remote-friendly
Position SummaryThe CISO is a senior technology leader responsible for Illumia’s enterprise-wide information security strategy, program, and culture. Reporting to the CTO, this role serves as the company’s top security leader — translating cyber risk into business language, protecting customer and institutional data, enabling compliant product growth, and building a world-class security organization.
This is both a transformation and leadership role. The CISO will unify two legacy security programs (Transact and CBORD) into a single, cohesive operating model while maintaining continuous compliance and operational readiness. The ideal candidate thrives in complex, multi-product SaaS environments, understands how security is evolving in an AI-first world, and can operate confidently in the boardroom while remaining deeply trusted by engineering and product teams.
SecurityProgram
Illumia follows NIST’s cybersecurity framework and maintains a public Security and Trust Center (). Current certifications and compliance posture include:
- SOC 2 Type I and Type II (including SOC 2+ HITRUST Type II for healthcare products)
- PCI DSS v4.0.1 across multiple product lines; listed on Visa’s Global Registry of Service Providers
- TX-RAMP and GovRAMP authorizations
- HIPAA Security Compliance for healthcare products
The CISO will inherit this foundation and be expected to evaluate, evolve, and unify it into a single enterprise-class security operation.
Key Responsibilities- Define and evolve a multi-year enterprise security roadmap across all three business units, aligned to business objectives and risk appetite
- Serve as primary security advisor to the executive leadership team and primary security liaison to Roper Technologies
- Lead the unification of security programs, toolsets, and policies inherited from Transact and CBORD
- Lead Security Operations, GRC, Application Security, and Cloud Security functions
- Own SOC 2, PCI DSS, HITRUST, TX-RAMP, GovRAMP, FERPA, and HIPAA compliance programs
- Secure SaaS platforms and cloud environments through secure SDLC, vulnerability management, and penetration testing programs
- Partner with Engineering and Product to embed security by design without impeding delivery velocity
- Establish AI security governance to manage AI tool adoption and AI-specific risks across the organization
- Lead or manage security operations (SIEM, EDR, XDR, threat intelligence) through in-house, MSSP, or hybrid models
- Own the incident response program and business continuity / disaster recovery testing
- Oversee corporate IT security including endpoint protection, patch management, and identity hygiene
- Establish cross-business unit security governance to drive consistency while accommodating domain-specific requirements
- Recruit, develop, and retain a high-performing security team; manage external vendors, MSSPs, and auditors
- Maintain and evolve the public Security and Trust Center
- 12+ years in information security, with 4+ years as CISO, Deputy CISO, or VP of Security
- Proven leadership at a B2B SaaS or cloud-native company; experience scaling security through mergers, acquisitions, or platform consolidation
- Deep expertise in cloud security architecture (AWS, Azure, and/or GCP), secure SDLC, and modern threat detection and response
- Hands‑on leadership of SOC 2 Type II and PCI DSS audits; PCI Level 1 experience strongly valued. HITRUST, GovRAMP, or TX-RAMP experience is a plus
- Experience with FERPA, HIPAA, or other education and healthcare regulatory frameworks
- Demonstrated ability to communicate security risk to non-technical executives, boards, and parent company leadership
- Track record building and scaling security teams, including organizational design and vendor management
- Experience in a portfolio company or PE-backed environment is a plus
- Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field required;
Master’s or MBA preferred - CISSP, CISM, CCSP, CISA, CRISC, or CCISO strongly preferred
Experience with modern security platforms across cloud security (Wiz, Prisma…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).