EverCommerce is building a comprehensive, vertically tailored, and integrated platform designed specifically to meet the unique end-to-end workflow needs of service businesses. In doing so, we recognize the importance of securing our customers' data, including ensuring its confidentiality, integrity, and availability to satisfy both customer and regularity requirements. As the EverCommerce platform and organization continues to grow, we are looking for an accomplished and experienced security leader to drive the Information Security organization the next level of scale and experience. As the Senior Vice President of Security Operations, reporting to the President, you will build an accountable security-conscious culture, with security infrastructure built on high-quality standards, guidelines, and controls that is regularly tested, reported on, and meets regulatory expectations for the industries we serve.
The successful candidate has prior experience overseeing the design, implementation, monitoring, and governance of an enterprise-wide information security program. A key part of the role is to work collaboratively across our solutions organizations and our centralized operational teams to drive improvements in security posture. To this end, the ideal candidate is comfortable with ambiguity, and possesses the necessary communications skills to lead change across the organization. The ideal candidate is also comfortable in modern DevOps methods and demonstrates the ability to drive cloud-native security practices for SaaS and mobile applications. Additionally, this candidate views advancing security as a strategic and competitive advantage as opposed to constraining innovation.
The EverCommerce team is distributed globally, with more than 40 office locations around the world. With a widely distributed team, we are used to working remotely across different time zones. This role can be based anywhere in the United States. If you're close to one of our offices, you're welcome to work in-office, hybrid, or 100% remote - totally your call. For this role, you must be eligible to work in the United States without sponsorship.
Skills and Qualifications:
- Serve as the top security executive, leading an ongoing and successful corporate-wide program, and driving a culture of security throughout the company
- Create a strategic security roadmap based on current state gap analysis and continuous improvement. Define a multi-year plan and budget, and execute against the roadmap
- Translate technical risks into interpretable organizational risks for a wide range of corporate audiences, including the Board and senior leadership
- Manage a growing a team of talented information security professionals
- Earn our customers' trust through the execution and maintenance of effective externally-facing documentation, security questionnaires, and audits
- Partner with our legal, compliance, technology, and internal controls teams to ensure our practices are in line with corporate and regulatory policies
- Design and lead the implementation of security projects, working cross-functionally with our technology, HR, and business teams
- Advise and implement security tactics across DevOps and CI/CD practices operating in the public cloud
- Stand up a SOC to detect and mitigate potential threats, and lead the investigation of issues
- Lead internal and external security audits using a rigorous and repeatable methodology, and provide consistent reporting of results
Benefits & Perks:
- 7-10+ years of experience in security leadership with executive management responsibilities at a SaaS company
- Experience as a key actor (auditor, domain owner, etc) in security certifications such as PCI, SOC 2, ISO27001, and HIPAA
- Proven track record implementing and managing incident response, threat intelligence, DLP, IAM, SOC management, security architecture, and risk assessments
- People and budget management experience
- Superior written and verbal communication skills necessary to drive cross-functional collaboration, create executive leadership awareness and alignment, and build confidence with external auditors and customers
- Thorough understanding of the software development lifecycle and the corresponding role and impact of information security
- Working knowledge of best practices for operating in the public cloud, including tactics for software deployment, continuous delivery, and infrastructure-as-code
- Willingness to take ownership of problems, drive alignment, and push forward with solutions
- Ability to operate at both strategic and operational levels
- Hands-on experience in several key areas of cyber security, including PEN testing, secure coding techniques, vulnerability management, network administration, event management, forensics, DLP, threat management, IAM, and risk assessment
- Battle-tested in stressful and high-pressure incident response scenarios
- Relevant professional certifications such as CISSP
- Flexibility to work where/how you want - in-office, remote, or hybrid
- Continued investment in your professional development
- Robust health and wellness benefits
- 401k with up to a 4% match
- Monthly wellness stipend
- Start with 17 days of PTO, 11 holidays, and a day off to volunteer each year
- Employee Stock Purchase Program
- Student Loan Repayment Program
: The target base compensation for this position is $175,000 to $225,000 in Colorado and most remote areas. Final offer amounts are determined by multiple factors including candidate experience and expertise and may vary from the amounts listed above
EverCommerce is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We look forward to reviewing your credentials and getting to know more about your experience!
This job has expired.