Chief Information Security Officer

Demandbase
Summary
Join Demandbase as their forward-thinking Chief Information Security Officer (CISO), reporting to the CFO and leading the global security program. You will drive enterprise-wide security initiatives, lead a world-class team, and safeguard Demandbase's products, infrastructure, and data. This role requires shaping and executing a modern security vision, collaborating with various teams, and serving as the public face of security. The CISO will develop and implement a long-term information security strategy, build and mentor a high-performing security team, and manage global compliance initiatives. This highly visible role demands strong leadership, SaaS security expertise, and exceptional communication skills. The base compensation range is $237,000 - $355,000.
Requirements
- 12+ years in information security roles, with 5+ years at the VP/CISO level in SaaS or technology-forward companies
- Proven success in leading security functions during phases of high growth and scaling
- Strong experience in securing multi-tenant SaaS applications running in public cloud environments (AWS, GCP, Azure), including demonstrated technical depth in public cloud architecture & best practices
- Track record of managing global compliance initiatives—SOC 2, ISO 27001, SOX, GDPR, and emerging AI regulatory standards
- Demonstrated success in attracting, retaining, and developing top security talent in competitive markets
- Deep understanding of secure software development practices, service ownership models, DevSecOps, and modern infrastructure security models (e.g., zero trust, SASE, identity-first security)
- Ability to set strategy, define metrics, and lead day-to-day execution with pragmatism and urgency
- Develop data, mechanisms, and relationships to drive individual accountability for engineering excellence and prudent risk management, in close collaboration with R&D leaders
- Exceptional executive presence and public speaking skills; able to represent Demandbase with customers, partners, regulators, and at industry events
Responsibilities
- Drive Demandbase’s AI productivity strategy by enabling responsible, high-impact adoption of AI-powered tools and platforms across the organization. Partner with cross-functional leaders to ensure AI usage enhances efficiency, supports innovation, and aligns with security, privacy, and compliance standards
- Anticipate and mitigate emerging risks related to AI and machine learning, including generative models, LLM usage, and automation platforms. Establish governance and technical controls to ensure safe AI adoption, protect model inputs and outputs, and maintain compliance with evolving AI-related regulations and frameworks
- Develop and evolve a long-term, risk-based information security strategy that protects Demandbase’s digital assets, customer data, and IP across products and internal systems
- Build, lead, and mentor a global, high-performing team of security experts across disciplines (engineering, operations, and risk). Foster a culture of innovation, accountability, and continuous improvement
- Own the global information security governance framework and IT risk management programs. Establish and report on controls, policies, KPIs, and risk indicators for executive leadership and the Board
- Partner with engineering and DevOps to embed security into the software development lifecycle (SDLC), CI/CD pipelines, and infrastructure. Ensure secure-by-design practices for all cloud-native and customer-facing products
- Partner with compliance on successful execution of global security and privacy frameworks, including SOC 2, ISO 27001, SOX, GDPR, CCPA, and AI-specific regulatory requirements such as the EU AI Act and NIST AI RMF
- Work closely with Legal, Engineering, and Infrastructure teams to operationalize data privacy and security-by-design principles across product and platform development
- Act as a trusted advisor to executive leadership and a credible voice to customers, prospects, and external partners on all matters related to security, trust, and risk posture
- Lead centralized data management initiatives to ensure secure, compliant, and scalable handling of enterprise data across systems. Collaborate across teams to enable unified governance, improve data quality, and reduce risk exposure
- Ensure strategic oversight of business systems and internal tooling, including securing critical platforms, managing third-party SaaS risk, and aligning internal tools with broader security and compliance goals
Preferred Qualifications
CISSP, CCISO, or equivalent; additional certifications in risk, privacy (e.g., CIPP/US, CRISC), or cloud architecture & security (e.g., CCSK, CCSP) are a plus
Benefits
- Up to 100% paid premiums for Medical and Vision coverage
- Range of mental wellness resources, including access to Modern Health
- Flexible PTO policy
- 15 paid holidays in 2025—including a three-day break around July 4th and a full week off for Thanksgiving
- No Internal Meetings Fridays
- Competitive 401(k) plan
- Short-term and long-term disability coverage
- Life insurance