Chief Information Security Officer (CISO) at Upwork
Upwork ($UPWK) is the leading tech solution for companies looking to hire the best talent, maintain flexibility, and get more done. We’re passionate about our mission to create economic opportunities so people have better lives. Every year, more than $2 billion of work is done through Upwork by skilled professionals who want the freedom of working anytime, anywhere. Top companies connecting with extraordinary talent around the globe? Upwork is how.
Upwork’s Chief Information Security Officer, or CISO, will lead the security and information technology teams and will be responsible for all aspects of Information Security across Upwork including data privacy & security policies, and strategic prioritization and funding of security initiatives. You will lead development, implementation and maintenance of information security infrastructure and processes that align with Upwork’s security and data privacy needs. Additionally, this role will oversee corporate information technology teams responsible for endpoints, user provision and deprovisioning and secure authentication.
- Lead Upwork’s award-winning Information Security team, including Security Engineering function, data privacy and compliance
- Work hand-in-hand with leaders in Engineering, Product, Legal, Finance and IT teams to create a Security & Privacy culture and to constantly improve the security and privacy of company, employee and customer data
- Ensure that all security monitoring systems and processes are functional and effective
- Build collaborative relationships with key business partners
- Actively participate in Upwork’s software development lifecycle to ensure that developers are trained in and are following secure coding practices as well as privacy-by-design standards
- Monitor changes in industry-relevant legislation and accreditation
- Maintain and enhance Upwork’s Security Incident Response Plan, test the effectiveness of the program and coordinate incident response across the company
- Align with and report in a dotted-line style to Upwork’s legal function and Audit, Risk and Compliance Committee chair of Upwork’s Board of Directors
- Co-lead Upwork’s Enterprise Risk Management (ERM) program, as well as Upwork’s General Data Protection Regulation (GDPR) and upcoming California Consumer Privacy Act (CCPA) efforts
- Drive Upwork’s SOC2, PCI and SOX Information Technology General Controls (ITGC) implementations as well as other certifications that meet our needs
- Present ongoing updates and analysis to the Audit, Risk and Compliance Committee of Upwork’s Board of Directors
- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
- Experience as a hands-on information security professional who is able to technically lead and implement a strategic plan at the same time
- Experience implementing and maintaining SOC2, SOX and ITGC compliant systems
- Ability to create and execute against an information security and privacy vision by forging partnerships and leading by example
- Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM)
- Experienced leader who has successfully built security programs in either an online marketplace or cloud-based, fast-paced, public companies and/or higher-profile organizations
- Hands-on leadership style (a “player/coach”) with technical experience solving security challenges
- Demonstrated ability to effectively communicate complex security technology matters in an easy-to-understand manner to executives, teams and individual contributors across the organization
Come change how the world works.
At Upwork, you’ll shape talent solutions for how the world works today. We’re a remote-first organization supported by offices in Santa Clara and Chicago, working together to create exciting remote work opportunities for a global community of professionals.
Our vibrant culture is built on shared values and our mission to create economic opportunities so that people have better lives. We build amazing teams, put our community first, and have a bias toward action. We encourage everyone to bring their whole selves to work and grow together through development opportunities, mentorship, and employee resource groups. Oh yeah, we’ve also got amazing benefits.
Check out our Life at Upwork page to learn more about the employee experience.
Upwork is proudly committed to recruiting and retaining a diverse and inclusive workforce. As an Equal Opportunity Employer, we never discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.