3,966 Chief Security Officer jobs in the United States

JobTarget helps you cut through the noise to reach and convert the best candidates. Our unified platform uses data and automated technology to help you efficiently manage applications and connect with quality talent - regardless of which recruitment systems you already use. Finally, all the pieces of the recruitment process come together seamlessly. Streamline Your Entire Recruitment Process JobTarget is a comprehensive recruitment platform that connects employers to candidates through advanced job advertising technology. We help organizations of all sizes streamline their hiring process, reduce cost per hire by 30%, and engage with qualified candidates 3x faster. Post once, reach everywhere with access to thousands of job boards from a single platform, eliminating fragmented job posting and complex processes. Job Advertising Marketplace Post once, reach everywhere with access to thousands of job boards from a single platform, eliminating fragmented job posting and complex processes. Optimize your recruitment spend with strategic job distribution across our network of 100+ programmatic sites, ensuring your openings reach qualified candidates at the right time and price. Programmatic Advertising Optimize your recruitment spend with strategic job distribution across our network of 100+ programmatic sites, ensuring your openings reach qualified candidates at the right time and price. Streamline your federal contractor compliance requirements with automated posting to state job banks, comprehensive reporting, and documentation to meet OFCCP obligations. OFCCP Compliance Tools Streamline your federal contractor compliance requirements with automated posting to state job banks, comprehensive reporting, and documentation to meet OFCCP obligations. Make data-driven recruitment decisions with unified performance metrics and actionable insights that help you understand what's working, where to optimize, and how to improve hiring results. From Main Street to Wall Street Trusted by Organizations of Every Size JobTarget powers recruitment for organizations of all sizes—from lean recruitment teams to Fortune 500 companies. Our scalable platform delivers the same reliable results whether you're hiring 1 person or 5,000. Cast a wider net with precision. Our comprehensive recruitment advertising platform ensures your jobs appear exactly where your ideal candidates are looking - from niche industry sites to major job boards. With JobTarget, you'll never miss connecting with qualified talent again. Tired of managing job postings across multiple platforms? JobTarget's centralized dashboard brings everything together in one place. Our platform helps your recruitment team organize their workflow and focus on connecting with promising candidates. Limited resources but high hiring expectations? JobTarget's unified platform eliminates fragmented job posting by streamlining distribution to 25,000+ job boards from one central dashboard. Post your jobs where they'll perform best without the complexity of managing multiple systems or siloed processes. Simplify Every Step of Your Recruitment Journey Our centralized tools support the complete recruitment process, eliminating fragmentation and complexity — fitting perfectly into any workflow. Create expert job descriptions that attract qualified candidates. Set competitive salary ranges based on real market data. Optimize your job postings with data-driven insights. JobTarget's technology features prebuilt integrations with 80+ ATS and HRIS systems, enhancing your workflow without disruption. Our unified platform connects seamlessly with your existing processes - eliminating silos and centralizing your recruitment efforts. "JobTarget provided a one-stop hiring hub with tools for recruitment advertising, data analytics, and compliance initiatives that streamlined our entire process." "We don't have to spend hours posting multiple jobs to numerous job listing sites and filling out repetitive information. Additionally, the number of applications submitted in response to our job listings have increased significantly, making it easier to fill our positions." Ready to Transform Your Hiring Process? Join more than 10,000 employers who've simplified their recruitment with JobTarget's unified, centralized platform that streamlines hiring, delivers reliable results, and integrates with any system you already use. #J-18808-Ljbffr

Crisis24, a leading global risk management and security provider, seeks a strategic and highly-motivated executive to serve as Vice President, Operations & Chief Security Officer (CSO). This dual-role executive will oversee Crisis24's Global Security Operations with a cross-functional mandate encompassing client-facing delivery, internal security governance, and enterprise continuity. The role collaborates closely with the VP of Medical Operations and the VP, Global Intelligence to ensure fully integrated, intelligence-led proactive and scalable operations worldwide.

As CSO, this leader will also be directly responsible for designing, executing, and continuously enhancing internal duty of care, corporate security, and business continuity programs (BCP) to protect the organization's assets, personnel, and operations globally.

Primary Location: Annapolis, MD (Crisis24 HQ)

Travel Requirement : Up to 30% globally to support field operations, executive duties, and critical response deployments.

What You Will Work On

1. Global Security Operations Leadership

• Lead and oversee all aspects of Crisis24's Global Security Operations, including the high quality provision of security advice, assistance and crisis response in support of global client requirements.
• Maintain and continuously improve standards for operational readiness, deployment capability, and mission planning for Crisis24's Global Operations Centres and in-country assets.
• Ensure alignment with commercial priorities and client-specific objectives.
• Develop scalable operating models and systems for growth across regions.

• Collaborate closely with:
• VP Operations (Medical): For joint mission coordination, response frameworks, and resource allocation.
• VP, Global Intelligence: To integrate threat intelligence into the provision of advice, operational planning and execution along with wider risk mitigation strategies.
• Drive operational alignment across security, intelligence, and medical platforms for high-risk and time-critical engagements.

• Serve as Chief Security Officer (CSO) for internal corporate risk and physical security programs.
• Develop and enforce global standards and SOPs for:
• Physical security (facilities, access control)
• Travel risk management
• Executive protection as required

• Own Crisis24's global Duty of Care Overwatch program, ensuring policies and resources protect staff in variable-risk environments.
• Design and maintain a global Business Continuity Plan (BCP) that addresses disruption scenarios across Crisis24 operations, locations, and support functions.
• Lead training, simulations, and audits to test crisis readiness and response capacity.

• Participate in the global operations & intelligence leadership team as the global lead of security operations
• Represent Crisis24 at key client engagements, partner events, and industry forums.
• Lead high-performing, geographically distributed teams with a focus on mission impact, compliance, and client excellence.

What You Will Bring

• 15+ years of progressive leadership experience in global security operations, corporate security, or defense/intelligence community.
• Proven ability to manage multidisciplinary global teams in dynamic, high-risk environments.
• Demonstrated experience in business continuity, emergency planning, and organizational resilience.
• Strong understanding of integrated security, intelligence, and medical response frameworks.
• Excellent stakeholder engagement, leadership, and crisis communication skills.
• Bachelor's degree required; advanced degree in Security Studies, International Relations, Business Administration, or similar preferred.

Preferred Attributes

• Background in working with or advising Fortune 500 clients, government agencies, or NGOs.
• Deep cultural fluency and comfort working across regions (Americas, EMEA, APAC).
• Familiarity with digital platforms for field operations, incident tracking, and risk communication.

Protect the data and systems of Crisis24 and its stakeholders by adhering to policies, reporting incidents and potential problems, completing regular training, and identifying opportunities for improvement. Crisis24, A GardaWorld Company is dedicated to equal opportunity in employment.

We are committed to a work environment that celebrates diversity. We do not discriminate against any individual based on race, color, sex, national origin, age, religion, marital or parental status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any factors protected by applicable laws.

• Act as the primary local security contact / adviser for the IT leadership and the IT Business Partners, IT infrastructure, IT Architecture and other local personnel
• Proactively identify non-compliance and areas of potential improvement, and facilitate development and deployment of standard solutions
• Engage with clients and customers as needed to assist the business to achieve its objectives by representing our security program, supporting internal and external audits, assisting in customer communication of security incident, etc.
• Provide regular and timely reporting on the status of cyber security across the region/business unit
• Work with the Compliance and Information Risk Management team to drive policy and regulatory compliance.
• Assist on the implementation and translation of information security policies.
• Oversee technology dependencies outside of direct organizational control. This includes reviewing contracts and the creation of alternatives for managing risk.
• Understand and interact with related disciplines to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management

• Bachelor's degree required, preferably in computer science or information systems
• Minimum of 8 to 10 years of experience in a combination of risk management, information security and compliance
• Ability to communicate clearly and effectively with both technology/development and business partners
• Ability to translate technical/security issues to business users
• Security certifications: CISSP, CISA, CISM, ISO is preferred.

• Medical, Dental, and Vision benefits
• Employer-paid Life and LTD
• 401k w/ matching - once eligibility is met
• Work/life balance
• Paid Volunteer Program
• Flexible working hours
• Unlimited PTO
• Remote work options
• Employee Discounts
• Parental Leave

• Working with talented, collaborative, and friendly people who love what they do
• Professional growth within
• Innovation environment
• On site in HQ Free daily lunches

About Stem Stem (NYSE: STEM) is a global leader in AI-enabled software and services that enable its customers to plan, deploy, and operate clean energy assets. The company offers a complete set of solutions that transform how solar and energy storage projects are developed, built, and operated, including an integrated suite of software and edge products, and full lifecycle services from a team of leading experts. More than 16,000 global customers rely on Stem to maximize the value of their clean energy projects and portfolios. Learn more at Stem's culture embodies diversity & inclusion beyond the traditional facets of gender, ethnicity, age, disabilities, and sexual orientation to include experience, personality, communication, workstyles, and more. At our core, Stem is at the momentous intersection of clean energy and software technology where diverse ideas, experiences, and professional skills converge to make the inclusive culture we have today. Together, we are turning old school thoughts about software and energy into progressive, collaborative, and innovative solutions. By joining our team, you will be collaborating with data scientists, energy experts, skilled salespeople, thought-leading executives and more from a range of backgrounds. This intersection of ideas, beliefs, and skills is what makes us unique enough to lead the world's largest network of digitally connected energy storage systems. What we are looking for: As a Chief Information Security Officer, you will be responsible for establishing and maintaining Stem's enterprise-wide cybersecurity vision, strategy, and program to ensure all information assets and technologies are adequately protected. You will lead the development and implementation of comprehensive security policies, procedures, and controls while ensuring regulatory compliance across multiple frameworks. This role requires both strategic leadership and hands-on expertise in cybersecurity, with a focus on building a security-first culture that aligns with our business objectives and supports our growth in the clean energy sector. Responsibilities: Strategic Security Leadership - Develop and implement a comprehensive cybersecurity strategy that aligns with Stem's business objectives and risk tolerance, ensuring protection of our clean energy technology platform and customer data. Develop and implement cybersecurity and data privacy policies that enable business objectives and satisfy external requirements. Risk Management & Governance - Establish and oversee enterprise-wide cybersecurity risk management program, conducting regular risk assessments and implementing appropriate controls to mitigate identified vulnerabilities. Compliance & Audit Management - Lead SOC 2 Type II audits, ISO 27001 certification processes, and other regulatory compliance requirements. Ensure adherence to industry standards including NIST, Zero Trust, PCI DSS, and relevant data privacy regulations (GDPR, CCPA). Incident Response & Crisis Management - Develop and maintain comprehensive incident response plans, lead crisis communications during security events, and oversee post-incident analysis and remediation efforts. Security Architecture & Technology - Guide the selection, implementation, and management of security technologies including SIEM, endpoint detection and response (EDR), identity and access management (IAM), and cloud security solutions. Team Leadership & Development - Build and lead a high-performing cybersecurity team. Manage relationships with external security providers and consultants. Business Enablement - Collaborate with executive leadership to ensure security initiatives support business growth while maintaining appropriate risk levels. Translate complex security concepts into business-friendly language for stakeholders. Security Awareness & Training - Develop and implement comprehensive cybersecurity awareness programs for all employees, ensuring a security-first culture throughout the organization. Regulatory & Legal Coordination - Work closely with legal, compliance, and privacy teams to ensure cybersecurity practices meet all regulatory requirements and contractual obligations. Budget Management - Develop and manage cybersecurity budget, ensuring efficient allocation of resources while maintaining effective security posture. Third-Party Risk Management - Establish and oversee vendor security assessment programs, ensuring all third-party relationships maintain appropriate security standards. Business Continuity & Disaster Recovery - Develop and maintain comprehensive business continuity and disaster recovery plans, ensuring rapid recovery from security incidents. Requirements: Education: Bachelor's degree in Computer Science, Information Security, or related technical field required. Master's degree in Cybersecurity, Information Systems, or relevant discipline preferred. Experience: 12+ years of progressive experience in information security roles with at least 5 years in senior leadership positions 10+ years of hands-on experience with cybersecurity technologies and frameworks Proven track record of leading SOC 2, ISO 27001, and other compliance audit processes Experience in technology companies, preferably in clean energy, SaaS, or IoT environments Technical Expertise: Deep knowledge of cybersecurity frameworks (NIST, ISO 27001, COBIT, SANS) Extensive experience with security technologies (SIEM, EDR, IAM, firewalls, intrusion detection/prevention) Strong understanding of cloud security (AWS, Azure, GCP) and DevSecOps practices Experience with vulnerability management, penetration testing, and security assessments Knowledge of data privacy regulations (GDPR, CCPA, HIPAA) and their implementation Certifications (Required): CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) or CISA (Certified Information Systems Auditor) Additional preferred certifications: CCISO, CISSP, CGEIT, CRISC Leadership & Business Skills: Proven ability to build and lead high-performing security teams Strong business acumen with ability to align security strategy with business objectives Excellent communication skills with ability to present to executive audiences and board members Experience working with customers on security and compliance requirements Track record of successfully managing security budgets and vendor relationships Industry Knowledge: Understanding of critical infrastructure security requirements Knowledge of energy sector regulations and compliance requirements Experience with IoT security and industrial control systems preferred Familiarity with financial services and energy trading security requirements Salary Range $220,400.00 - $330,600.00 What We Offer: At Stem, you will work in a growing, innovative, mission-driven company with talented colleagues that have a passion for building renewable energy systems.Stem offers competitive compensation as well as a comprehensive set of benefits to support the health and wellness of our employee including: A competitive compensation package, including eligibility for a bonus or commission based on the role, and equity F ull health benefits on the first day of employment (several medical plan options-HDHP and PPO, dental plans, FSA/HSA-with employer contribution, employer paid vision/LTD/STD/Life, variety of voluntary coverage) 401k (pre- or post-tax) on first day of employment 12 paid calendar holidays per year Flexible time-off Learn More To learn more about Stem, visit our stem.com where you'll find information about our solutions, technology, partners, case studies, resources, latest news and more. Here are some relevant links: Company Overview Newsroom Case Studies LinkedIn Stem, Inc . is an equal opportunity employer committed to diversity in the workplace and does not discriminate against any employee or applicant for employment because of race, color, sex, pregnancy, religion, national origin, ethnicity, citizenship, sexual orientation, gender identity, age, marital status, disability, genetic information, military status, protected veteran status or any other factor protected by applicable federal, state or local laws. #J-18808-Ljbffr

Voleon is a technology-driven firm at the forefront of applying advanced AI and machine learning to solve real-world challenges in finance. For over a decade, we have been industry leaders, pioneering the use of AI/ML in investment management. Our continued innovation has established us as a multibillion-dollar asset manager with ambitious plans for the future.

Voleon is growing. As we open offices in more locations, support expanded work-from-home, and expand our capabilities in the cloud, we need security leaders like you to lead the way. We have invested heavily into creating a strong security organization and are looking for someone experienced and passionate in getting us to the next level. We are building a world-class organization, and are searching for a security leader to own this domain.

The Voleon Chief Information Security Officer will serve as the owner of all activities related to the confidentiality, integrity, and availability of Voleon's intellectual property, trade secrets, business, investor, and employee data assets. To be successful in the CISO role, one must have proven success working with executive management to determine acceptable levels of risk for the organization in a time-critical, action-oriented manner, leveraging a highly technical background focused on integrating security risk management and business strategy. This position is responsible for maturing our existing information security management program to ensure that information assets are protected from internal and external threats, working cross-functionally with various teams including research, engineering, finance, legal, and compliance. This role will lead the work of technical information security staff, serving as a liaison between business and technology, planning project stages, assessing business implications, and monitoring progress to ensure deadlines, standards and cost targets are met. The CISO will prioritize projects, solutions, and allocate resources with the assistance of a team of security architects, engineers, and analysts.

The Voleon CISO will work alongside our VP of Engineering, leads of our Research teams, and Chief Operating Officer to meet the needs of the entire organization. Our existing security team and Corporate IT team will report to them, and the CISO will be charged with determining a hiring plan to grow and expand the team as needed.

• Lead the development, execution, and enforcement of security processes, policies, and procedures to protect our valuable trade secrets
• Lead our incident response, threat modeling and threat hunting processes
• Mature defense-in-depth security for the organization to protect proprietary knowledge, critical IT assets, and sensitive data from external and internal threats
• Coach, support and lead the professional development of direct and indirect reports to foster and ensure a positive, open, innovative, and high performing environment for the team
• Drive and own development and strategic execution of the metrics and accountability programs, including SLAs, threat defense, and both operational and project-level KPIs
• Engage directly with our investors and other external parties as they perform due diligence on the organization
• Serve as information security subject matter expert and driver of security culture
• Deliver a secure IT platform built on powerful, capable, modern tools

• 10+ years of information security technology experience
• 5+ years of management experience
• Proven leadership experience across a broad range of software intensive technical environments protecting trade secrets or other critical intellectual property
• Demonstrated track record of delivery of high-quality projects, on-time and on-budget
• Leadership presence and a history of active partnership with senior software development leaders regarding protecting the software development lifecycle
• Multiple years of experience specifically leading the development and management of risk-based security programs leveraging a wide variety of cyber security technologies
• Track record of rapid response, analysis and mitigation of IT security threats
• Self-motivated, results oriented, strategically adept, and passionate about program development and management
• High integrity, excellent judgement - you'll have access to sensitive information and must treat it appropriately
• A degree in computer science, information technology, or a related field

The base salary range for this position is $250,000 to $25,000 in the location(s) of this posting. Individual salaries are determined through a variety of factors, including, but not limited to, education, experience, knowledge, skills, and geography. Base salary does not include other forms of total compensation such as bonus compensation and other benefits. Our benefits package includes medical, dental and vision coverage, life and AD&D insurance, 20 days of paid time off, 9 sick days, and a 401(k) plan with a company match.

"Friends of Voleon" Candidate Referral Program

If you have a great candidate in mind for this role and would like to have the potential to earn 15,000 if your referred candidate is successfully hired and employed by The Voleon Group, please use this form to submit your referral. For more details regarding eligibility, terms and conditions please make sure to review the Voleon Referral Bonus Program.

Equal Opportunity Employer

The Voleon Group is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

Vaccination Requirement

The Voleon Group has implemented a policy requiring all employees who will be entering our worksite, including new hires, to be fully vaccinated with the COVID-19 vaccine. This policy also applies to remote employees, as such employees will be asked to visit our offices from time to time. To the extent permitted by applicable law, proof of vaccination will be required as a condition of employment. This policy is part of Voleon's ongoing efforts to ensure the safety and well-being of our employees and community, and to support public health efforts.

Nightfall AI ( is the unified platform that prevents data leaks and enables secure collaboration by protecting sensitive data and controlling how it's shared. For decades, legacy data leak prevention (DLP) solutions have failed to adequately protect sensitive information. Traditional DLP is outdated, intrusive, and complex - it wasn't designed for today's modern enterprise where users continuously share data across interconnected SaaS applications, endpoints, and now generative AI. Nightfall AI is the first AI-native DLP solution. We leverage AI to achieve twice the accuracy with a fraction of the false positives that overwhelm security teams. Nightfall does this without disrupting modern work patterns. Our AI-native platform spans sensitive data protection across SaaS, email, data exfiltration prevention on SaaS, endpoints, and data encryption. Nightfall's Developer Platform provides an open, flexible environment for developers to integrate our data classification and protection capabilities anywhere, including establishing trust boundaries for AI model building and consumption.

About the Position

As our CISO, you'll be responsible for both safeguarding Nightfall's internal systems and guiding our customers through their own security and compliance journeys. This role uniquely blends strategic security leadership with a field-facing, customer engagement focus .
Responsibilities

Security & Risk Leadership

• Own and evolve Nightfall's overall security strategy, ensuring we stay ahead of emerging threats and industry standards.
• Lead enterprise risk management, compliance, audit readiness, and security operations.
• Oversee our information security architecture, secure SDLC, and incident response processes.
• Partner with Engineering and Product teams to embed security into every layer of our platform.
• Lead efforts for certifications and audits (SOC 2, ISO 27001, etc.).

• Serve as a strategic partner to Sales, Marketing, and Customer Success teams.
• Join customer and prospect conversations as a trusted advisor to address security concerns, explain our controls, and reinforce trust in our platform.
• Represent Nightfall at industry events, webinars, and executive briefings.
• Partner with GTM leadership to align our security posture with customer needs and market demands.

• Proven experience as a CISO or senior security leader in a high-growth B2B SaaS environment.
• Strong understanding of cloud security, DevSecOps, zero trust architectures, and modern compliance frameworks.
• Exceptional communicator with executive presence-comfortable interfacing with CISOs, CIOs, and security decision-makers.
• Experience supporting GTM motions, including joining sales calls, handling due diligence, and presenting to security-conscious enterprise buyers.
• Demonstrated ability to build and scale security teams, processes, and systems in dynamic environments.
• Thrives on multitasking & comfort with ambiguity
• Intellectually curious about data security and AI

• Fluent public speaker or participates actively in a public facing security community
• Thought leadership
• Professional experience at a security startup

A company is looking for a Chief Information Security Officer. Key Responsibilities Lead the development and execution of the enterprise security vision and governance framework Oversee enterprise risk management and compliance with legal and regulatory requirements Manage Security Operations Center functions and ensure business continuity and disaster recovery plans are in place Required Qualifications Bachelor's degree in Computer Science, Information Security, Engineering, or a related field Minimum of 15 years of experience in information security and risk management, with at least 7 years in a senior leadership role Proven track record in developing and executing a comprehensive information security program aligned with business goals Expertise in risk management methodologies and global compliance frameworks Hands-on experience with security operations and crisis incident responseCreate a job alert for this searchChief Information Security Officer • Santa Ana, California, United States #J-18808-Ljbffr

About Stem
Stem (NYSE: STEM) is a global leader in AI-enabled software and services that enable its customers to plan, deploy, and operate clean energy assets. The company offers a complete set of solutions that transform how solar and energy storage projects are developed, built, and operated, including an integrated suite of software and edge products, and full lifecycle services from a team of leading experts. More than 16,000 global customers rely on Stem to maximize the value of their clean energy projects and portfolios. Learn more at

Stem's culture embodies diversity & inclusion beyond the traditional facets of gender, ethnicity, age, disabilities, and sexual orientation to include experience, personality, communication, workstyles, and more. At our core, Stem is at the momentous intersection of clean energy and software technology where diverse ideas, experiences, and professional skills converge to make the inclusive culture we have today. Together, we are turning old school thoughts about software and energy into progressive, collaborative, and innovative solutions. By joining our team, you will be collaborating with data scientists, energy experts, skilled salespeople, thought-leading executives and more from a range of backgrounds. This intersection of ideas, beliefs, and skills is what makes us unique enough to lead the world's largest network of digitally connected energy storage systems.

What we are looking for:

As a Chief Information Security Officer, you will be responsible for establishing and maintaining Stem's enterprise-wide cybersecurity vision, strategy, and program to ensure all information assets and technologies are adequately protected. You will lead the development and implementation of comprehensive security policies, procedures, and controls while ensuring regulatory compliance across multiple frameworks. This role requires both strategic leadership and hands-on expertise in cybersecurity, with a focus on building a security-first culture that aligns with our business objectives and supports our growth in the clean energy sector.

Responsibilities:

• Strategic Security Leadership - Develop and implement a comprehensive cybersecurity strategy that aligns with Stem's business objectives and risk tolerance, ensuring protection of our clean energy technology platform and customer data.
• Develop and implement cybersecurity and data privacy policies that enable business objectives and satisfy external requirements.
• Risk Management & Governance - Establish and oversee enterprise-wide cybersecurity risk management program, conducting regular risk assessments and implementing appropriate controls to mitigate identified vulnerabilities.
• Compliance & Audit Management - Lead SOC 2 Type II audits, ISO 27001 certification processes, and other regulatory compliance requirements. Ensure adherence to industry standards including NIST, Zero Trust, PCI DSS, and relevant data privacy regulations (GDPR, CCPA).
• Incident Response & Crisis Management - Develop and maintain comprehensive incident response plans, lead crisis communications during security events, and oversee post-incident analysis and remediation efforts.
• Security Architecture & Technology - Guide the selection, implementation, and management of security technologies including SIEM, endpoint detection and response (EDR), identity and access management (IAM), and cloud security solutions.
• Team Leadership & Development - Build and lead a high-performing cybersecurity team. Manage relationships with external security providers and consultants.
• Business Enablement - Collaborate with executive leadership to ensure security initiatives support business growth while maintaining appropriate risk levels. Translate complex security concepts into business-friendly language for stakeholders.
• Security Awareness & Training - Develop and implement comprehensive cybersecurity awareness programs for all employees, ensuring a security-first culture throughout the organization.
• Regulatory & Legal Coordination - Work closely with legal, compliance, and privacy teams to ensure cybersecurity practices meet all regulatory requirements and contractual obligations.
• Budget Management - Develop and manage cybersecurity budget, ensuring efficient allocation of resources while maintaining effective security posture.
• Third-Party Risk Management - Establish and oversee vendor security assessment programs, ensuring all third-party relationships maintain appropriate security standards.
• Business Continuity & Disaster Recovery - Develop and maintain comprehensive business continuity and disaster recovery plans, ensuring rapid recovery from security incidents.

Requirements:

Education:

• Bachelor's degree in Computer Science, Information Security, or related technical field required. Master's degree in Cybersecurity, Information Systems, or relevant discipline preferred.

Experience:

• 12+ years of progressive experience in information security roles with at least 5 years in senior leadership positions
• 10+ years of hands-on experience with cybersecurity technologies and frameworks
• Proven track record of leading SOC 2, ISO 27001, and other compliance audit processes
• Experience in technology companies, preferably in clean energy, SaaS, or IoT environments

Technical Expertise:

• Deep knowledge of cybersecurity frameworks (NIST, ISO 27001, COBIT, SANS)
• Extensive experience with security technologies (SIEM, EDR, IAM, firewalls, intrusion detection/prevention)
• Strong understanding of cloud security (AWS, Azure, GCP) and DevSecOps practices
• Experience with vulnerability management, penetration testing, and security assessments
• Knowledge of data privacy regulations (GDPR, CCPA, HIPAA) and their implementation

Certifications (Required):

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager) or CISA (Certified Information Systems Auditor)
• Additional preferred certifications: CCISO, CISSP, CGEIT, CRISC

Leadership & Business Skills:

• Proven ability to build and lead high-performing security teams
• Strong business acumen with ability to align security strategy with business objectives
• Excellent communication skills with ability to present to executive audiences and board members
• Experience working with customers on security and compliance requirements
• Track record of successfully managing security budgets and vendor relationships

Industry Knowledge:

• Understanding of critical infrastructure security requirements
• Knowledge of energy sector regulations and compliance requirements
• Experience with IoT security and industrial control systems preferred
• Familiarity with financial services and energy trading security requirements

What We Offer:

At Stem, you will work in a growing, innovative, mission-driven company with talented colleagues that have a passion for building renewable energy systems.Stem offers competitive compensation as well as a comprehensive set of benefits to support the health and wellness of our employee including:

• A competitive compensation package, including eligibility for a bonus or commission based on the role, and equity
• Full health benefits on the first day of employment (several medical plan options-HDHP and PPO, dental plans, FSA/HSA-with employer contribution, employer paid vision/LTD/STD/Life, variety of voluntary coverage)
• 401k (pre- or post-tax) on first day of employment
• 12 paid calendar holidays per year
• Flexible time-off

Learn More

To learn more about Stem, visit our stem.com where you'll find information about our solutions, technology, partners, case studies, resources, latest news and more. Here are some relevant links:

• Company Overview
• Newsroom
• Case Studies
• LinkedIn

Stem, Inc . is an equal opportunity employer committed to diversity in the workplace and does not discriminate against any employee or applicant for employment because of race, color, sex, pregnancy, religion, national origin, ethnicity, citizenship, sexual orientation, gender identity, age, marital status, disability, genetic information, military status, protected veteran status or any other factor protected by applicable federal, state or local laws.

• Strategic Security Leadership - Develop and implement a comprehensive cybersecurity strategy that aligns with Stem's business objectives and risk tolerance, ensuring protection of our clean energy technology platform and customer data.
• Develop and implement cybersecurity and data privacy policies that enable business objectives and satisfy external requirements.
• Risk Management & Governance - Establish and oversee enterprise-wide cybersecurity risk management program, conducting regular risk assessments and implementing appropriate controls to mitigate identified vulnerabilities.
• Compliance & Audit Management - Lead SOC 2 Type II audits, ISO 27001 certification processes, and other regulatory compliance requirements. Ensure adherence to industry standards including NIST, Zero Trust, PCI DSS, and relevant data privacy regulations (GDPR, CCPA).
• Incident Response & Crisis Management - Develop and maintain comprehensive incident response plans, lead crisis communications during security events, and oversee post-incident analysis and remediation efforts.
• Security Architecture & Technology - Guide the selection, implementation, and management of security technologies including SIEM, endpoint detection and response (EDR), identity and access management (IAM), and cloud security solutions.
• Team Leadership & Development - Build and lead a high-performing cybersecurity team. Manage relationships with external security providers and consultants.
• Business Enablement - Collaborate with executive leadership to ensure security initiatives support business growth while maintaining appropriate risk levels. Translate complex security concepts into business-friendly language for stakeholders.
• Security Awareness & Training - Develop and implement comprehensive cybersecurity awareness programs for all employees, ensuring a security-first culture throughout the organization.
• Regulatory & Legal Coordination - Work closely with legal, compliance, and privacy teams to ensure cybersecurity practices meet all regulatory requirements and contractual obligations.
• Budget Management - Develop and manage cybersecurity budget, ensuring efficient allocation of resources while maintaining effective security posture.
• Third-Party Risk Management - Establish and oversee vendor security assessment programs, ensuring all third-party relationships maintain appropriate security standards.
• Business Continuity & Disaster Recovery - Develop and maintain comprehensive business continuity and disaster recovery plans, ensuring rapid recovery from security incidents.

• Bachelor's degree in Computer Science, Information Security, or related technical field required. Master's degree in Cybersecurity, Information Systems, or relevant discipline preferred.

• 12+ years of progressive experience in information security roles with at least 5 years in senior leadership positions
• 10+ years of hands-on experience with cybersecurity technologies and frameworks
• Proven track record of leading SOC 2, ISO 27001, and other compliance audit processes
• Experience in technology companies, preferably in clean energy, SaaS, or IoT environments

• Deep knowledge of cybersecurity frameworks (NIST, ISO 27001, COBIT, SANS)
• Extensive experience with security technologies (SIEM, EDR, IAM, firewalls, intrusion detection/prevention)
• Strong understanding of cloud security (AWS, Azure, GCP) and DevSecOps practices
• Experience with vulnerability management, penetration testing, and security assessments
• Knowledge of data privacy regulations (GDPR, CCPA, HIPAA) and their implementation

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager) or CISA (Certified Information Systems Auditor)
• Additional preferred certifications: CCISO, CISSP, CGEIT, CRISC

• Proven ability to build and lead high-performing security teams
• Strong business acumen with ability to align security strategy with business objectives
• Excellent communication skills with ability to present to executive audiences and board members
• Experience working with customers on security and compliance requirements
• Track record of successfully managing security budgets and vendor relationships

• Understanding of critical infrastructure security requirements
• Knowledge of energy sector regulations and compliance requirements
• Experience with IoT security and industrial control systems preferred
• Familiarity with financial services and energy trading security requirements

• A competitive compensation package, including eligibility for a bonus or commission based on the role, and equity
• Full health benefits on the first day of employment (several medical plan options-HDHP and PPO, dental plans, FSA/HSA-with employer contribution, employer paid vision/LTD/STD/Life, variety of voluntary coverage)
• 401k (pre- or post-tax) on first day of employment
• 12 paid calendar holidays per year
• Flexible time-off

• Company Overview
• Newsroom
• Case Studies
• LinkedIn