Chief Information Security Officer

CHIEF INFORMATION SECURITY OFFICER
 

THE POSITION IN A NUTSHELL  

Sciens is seeking a Chief Information Security Officer (CISO), who will be responsible for establishing and operating a right-sized, risk-based cybersecurity program that protects the company, supports growth initiatives, and aligns with value-creation objectives. This role balances hands-on execution with strategic oversight, ensuring security enables business performance and mergers & acquisitions (M&A) activity.

The key objectives of the role will be to:

• Reduce cyber risk that could impact valuation
• Establish repeatable, scalable security controls across the company
• Support due diligence, integrations, and audits
• Build a roadmap that will improve cyber maturity without enterprise-level cost or complexity
• Provide clear, board-level visibility into risk posture

• Deliver measurable reduction in critical vulnerabilities and incident risk
• Perform successful audits and customer security assessments
• Improve/reduce cyber insurance terms and premiums

WHAT YOU’LL BE DOING (and doing well!) 

1. Security Strategy & Governance

• Develop and maintain a pragmatic cybersecurity strategy and roadmap aligned to business objectives
• Define security policies, standards, and procedures appropriate for a fast growing SMB environment
• Establish cybersecurity governance, risk appetite, and reporting mechanisms
• Present cyber risk updates to executive leadership and private equity (PE) stakeholders in plain business terms

2. Risk Management & Compliance

• Identify, assess, and prioritize cyber risks using a risk-based approach
• Oversee vulnerability management, penetration testing, and remediation efforts
• Lead compliance initiatives, such as SOC 2, ISO 27001, NIST, CMMC, HIPAA, PCI-DSS
• Ensure third-party and vendor risk management processes are in place

3. Incident Response & Resilience

• Own the incident response plan, tabletop exercises, and breach readiness
• Lead response to security incidents, ransomware events, or data breaches
• Coordinate with legal, insurance, forensics, and external advisors as needed
• Oversee backup, disaster recovery, and business continuity planning

4. Technology & Operations

• Oversee core security tooling (IAM, endpoint security, SIEM/MDR, email security, cloud security)
• Ensure secure configuration of cloud, SaaS, and on-prem environments
• Partner closely with IT and operations teams to embed security into operations
• Make cost-effective build vs. buy decisions

5. M&A Support

• Support cybersecurity due diligence for acquisitions
• Assess security posture of acquisition targets and provide risk summaries
• Lead or advise on post-acquisition security integration and remediation
• Align security maturity with PE exit strategy (strategic buyer or IPO readiness)

6. Culture & Awareness

• Build a security-aware culture through training and phishing simulations
• Act as a business-friendly security advisor
• Educate leadership on cyber risk, insurance implications, and regulatory exposure

WHAT WE LIKE ABOUT YOU

• Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent work experience).
• 10+ years in information security, IT risk, or cybersecurity leadership
• Experience in SMB, PE-backed, or high-growth environments
• Strong working knowledge of:
  • Cloud security (AWS, Azure, GCP, SaaS)
  • Identity & access management
  • Endpoint and network security
  • Incident response and ransomware defense
  • Proven ability to communicate cyber risk to non-technical executives and investors

• Experience with at least one recognized security framework (NIST, ISO, CIS)

• Excellent problem-solving and analytical skills.
• Strong communication and interpersonal abilities.
• Ability to manage multiple projects and meet deadlines in a fast-paced environment.

PREFERRED QUALIFICATIONS

• Prior experience supporting private equity portfolios or M&A
• Experience standing up a security program from scratch
• CISSP, CISM, or equivalent certification

WHAT WE’RE BRINGING TO THE TABLE 

• Competitive salary based on qualifications.
• Paid time off plan and holidays.
• 401(k) matching.
• Short term and long-term disability.
• Medical, dental, and vision plans with options.
• Life insurance.
• Company laptop.
• Professional career development opportunities.
• Tuition reimbursement program.