Chief Information Security Officer

About the role

The Chief Information Security Officer (CISO) is responsible for defining and executing Keyfactor's enterprise-wide security strategy to safeguard customer data, product integrity, and corporate assets,. This role provides strategic leadership in building and maintaining a robust internal security posture, encompassing governance, risk management, compliance, and secure operations, while also serving as the external face of security to customers, partners, and regulators. The CISO ensures that Keyfactor's security practices inspire confidence, support business growth, and maintain industry-leading standards in digital trust and identity management. Applicants must be legally authorized to work in the United States.

Responsibilities

• Strategic Leadership
• Develop and implement a comprehensive enterprise security strategy that protects internal systems, operations, and corporate assets while reinforcing customer trust externally.
• Serve as the executive authority on information security, risk management, and security compliance, ensuring alignment with corporate objectives and regulatory requirements.
• Collaborate with product, engineering, and business teams to embed security design principles and practices across all Keyfactor offerings.
• Represent Keyfactor externally to customers, partners, industry forums, and regulators to strengthen trust, demonstrate compliance, and communicate security commitments.
• Security Operations and Governance
• Lead enterprise security operations, including threat detection, incident response, vulnerability management, and proactive risk mitigation.
• Maintain and continuously improve the Information Security Management System (ISMS), driving adherence to ISO 27001, SOC 2, FedRAMP, and emerging standards such as ISO 42001 for AI.
• Define and enforce security policies, procedures, and standards that ensure both internal resilience and external assurance for clients and partners.
• Risk Management and Compliance
• Conduct enterprise-wide risk assessments, audits, and reviews to identify, quantify, and mitigate security threats internally and across customer-facing services.
• Partner with Compliance and Legal teams to maintain adherence to global data protection, privacy, and regulatory standards (e.g., GDPR, CCPA, FedRAMP, AI).
• Act as the executive sponsor for security certifications, audits, and customer assurance initiatives that validate Keyfactor's external trust posture.
• Provide Keyfactor senior leadership periodic assessments on current and emerging threats and the organizations posture to remediate those threats.
• Ensure that Keyfactor's corporate security training and awareness program is optimized to engage employees and improve security culture.
• Product Security and Customer Assurance
• Collaborate with product and engineering teams to integrate security into the full product lifecycle, including design, development, deployment, and maintenance.
• Champion secure software development practices, cryptographic innovation, and identity management solutions that protect customer data and enhance trust.
• Serve as the point of contact for customers and partners regarding security concerns, audits, and assurance programs, strengthening Keyfactor's reputation as a trusted provider.
• Leadership and Team Development
• Build, lead, and mentor a high-performing global security organization focused on both internal protection and external assurance.
• Establish clear objectives, performance metrics, and professional development pathways for security, risk, and compliance teams.
• Foster a culture of proactive risk management, operational excellence, and cross-functional collaboration.
• Minimum Qualifications, Education, and Skills
• Extensive experience (approximately 15+ years) in information security, including senior leadership or CISO-level roles.
• Deep expertise in cryptography, PKI, identity management, cloud security, and enterprise security architecture.
• Demonstrated experience leading enterprise security strategy in SaaS or cloud-native organizations.
• Strong knowledge of regulatory and compliance frameworks, including ISO 27001, SOC 2, FedRAMP, GDPR, and emerging AI governance

Benefits

Additional Information

About Keyfactor Our mission is to securely connect the world: humans, machines, and AI. Keyfactor is the leader in trust infrastructure for AI and machines, helping the world's largest enterprises and government agencies take control of the cryptographic identities that safeguard every digital interaction. Behind the platform is a global team of people who care deeply about the work and each other. We move fast, think big, and show up for one another every day. If you're looking for work that matters and a team that brings out your best, we hope you'll trust your future with Keyfactor! Title: Chief Information Security Officer Location: United States; Remote, EST Experience: Executive Job Function: Executive Employment Type: Full-time Industry: Computer and Network Security

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at keyfactorinc? Share your experience