Chief Information Security Officer

Chief Information Security Officer

Location: New York City, NY

Reports to: CTO

About AlphaSense: 

The world’s most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on proven AI, AlphaSense delivers insights that matter from content you can trust. Our universe of public and private content includes equity research, company filings, event transcripts, expert calls, news, trade journals, and clients’ own research content. Our platform is trusted by over 4,000 enterprise customers, including a majority of the S&P 500.

Founded in 2011, AlphaSense is headquartered in New York City with over 2,000 people across the globe and offices in the U.S., U.K., Finland, India, and Singapore. Come Join Us!

About the Role: 

AlphaSense is seeking a Chief Information Security Officer to ensure the security, efficiency, and effectiveness of our information technology (IT) infrastructure, systems, and data. The Chief Security Officer will safeguard our digital assets, drive innovation and efficiency, and ensure alignment between IT Security and business objectives. Additionally, the Chief Security Officer will oversee CloudOps to manage the security, delivery, optimization, and performance of workloads running in cloud environments.

What You’ll Do: 

• Information Security:
  • Develop and implement comprehensive information security policies, procedures, and standards to protect the organization's data and information assets.
  • Monitor and assess potential security risks and vulnerabilities, and implement measures to mitigate them.
  • Ensure compliance with relevant regulations, standards, and industry best practices related to information security.
• Cybersecurity:
  • Ensure successful compliance audits across SOC2, ISO and others that are typical for public companies
  • Lead the organization's cybersecurity efforts, including the development and implementation of cybersecurity programs, technologies, and controls.
  • Coordinate incident response and management in the event of a cybersecurity breach or incident.
  • Foster a culture of cybersecurity awareness and training among employees.
• Cloud Operations:
  • The CISO must design and implement comprehensive security strategies for cloud environments, including evaluating the IT threat landscape and devising policies to reduce risk
  • The CISO must establish:
    • Cloud-native and third-party monitoring tools for threat detection
    • Intrusion detection and prevention systems
    • Incident response plans specific to cloud environments
  • Technology Implementation: The CISO leads the adoption of modern security practices including:
    • Zero trust model implementation
    • Security integration in DevOps pipeline
    • AI and machine learning for threat detection
  • The CISO ensures cloud operations adhere to:
    • Data protection laws (GDPR, HIPAA)
    • Industry-specific regulations
    • Regular security audits
    • Reporting requirements to senior management
• Strategy and Planning:
  • Develop and execute the organization's security strategy and roadmap in alignment with its business objectives and goals.
  • Identify and prioritize security initiatives and projects that deliver the greatest value to the organization.
  • Ensure effective governance, budgeting, and resource allocation for security projects and initiatives.
• Vendor and Third-Party Management:
  • Evaluate, select, and manage relationships with vendors, suppliers, and service providers to ensure quality, value, and compliance with contractual agreements.
  • Negotiate contracts and service level agreements (SLAs) with vendors to optimize costs and service delivery.
  • Drive the adoption of cutting-edge technologies that facilitate efficiency and competitive advantage.
• Team Leadership and Development:
  • Build, develop, and lead a high-performing security team, fostering a culture of collaboration, innovation, and continuous learning.
  • Provide mentoring, coaching, and professional development opportunities to team members to enhance their skills and capabilities.
  • Deploy productivity tools including the latest generative AI tools for typical Security and support activities
• Stakeholder Engagement and Communication:
  • Collaborate with executive leadership, business units, and other stakeholders to understand their security needs, priorities, and concerns.
  • Communicate security strategies, initiatives, and performance metrics to stakeholders in a clear, concise, and timely manner.
  • Create training materials and collaborate with training program directors on the security and privacy of data and assets within the organization.

Who You Are:

• Educational Qualifications: Bachelor's degree in Computer Science, Information Security, or related field; Master's degree or MBA preferred.
• Experience: Minimum 10-15 years of experience in cybersecurity, with 5 years in a senior leadership role.
• Technical Skills: Extensive experience in cybersecurity, data protection regulations and industry best practices. Proficiency in cybersecurity tools, technologies, and frameworks (e.g., NIST, ISO 27001).
• Industry Certifications: CISSP, CISM, CISA, CCSP, and other relevant cybersecurity certifications.
• Leadership Qualities: Proven experience in leading and managing security teams. Strong strategic thinking, problem-solving, planning, and decision-making skills.
• Communication Skills: Excellent communication and interpersonal skills; ability to communicate technical concepts to non-technical stakeholders.
• Strategic Planning: Ability to develop and execute security strategies aligned with organizational goals. Experience in vendor management, contract negotiation, and budget management.
• Business Acumen: Strong business acumen and understanding of the company's industry, market, and competitive landscape. A forward thinker with a startup commercial mindset with strong IT controls.
• Continuous Learning: Commitment to staying current with the latest trends, developments, and best practices in cybersecurity.

AlphaSense is an equal-opportunity employer. We are committed to a work environment that supports, inspires, and respects all individuals. All employees share in the responsibility for fulfilling AlphaSense’s commitment to equal employment opportunity. AlphaSense does not discriminate against any employee or applicant on the basis of race, color, sex (including pregnancy), national origin, age, religion, marital status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any other non-merit factor. This policy applies to every aspect of employment at AlphaSense, including recruitment, hiring, training, advancement, and termination.

In addition, it is the policy of AlphaSense to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations, and ordinances where a particular employee works.

Base Compensation Range*:   $275,000 - $345,000

Additional Components: You may also be offered a performance-based bonus, equity, and a generous benefits program.

*For base compensation, we set standard ranges for all US-based roles based on function, level and geographic location, benchmarked against similar stage growth companies and internal comparables. In order to be compliant with local legislation, as well as to provide greater transparency to candidates, we share salary ranges on all job postings regardless of desired hiring location. Final offer amounts are determined by multiple factors including geographic location as well as candidate experience/expertise and may vary from the amounts listed above.

Salary : $275,000 - $345,000