We are looking for an accomplished leader to be our Chief Information Security Officer (CISO) to lead our information security team.

The Chief Information Security Officer (CISO) will be accountable for Redis Labs Information Security and Risk & Compliance program and creating a culture of Cybersecurity by working with Product, Engineering, IT, Internal Audit, and Business Leadership.

Our ideal candidate will lead all aspects of application security, corporate security, security operations, and technology risk and compliance. You will partner with various teams to develop, implement, maintain, and continually improve the strategic and risk-based Information Security, Data Privacy, and Risk & Compliance programs.

Data is the lifeline of every business, and Redis Labs helps organizations reimagine how quickly they can process, analyze, make predictions with, and take action on the data they generate. As the home of Redis, the most popular open-source database, we provide a competitive edge to more than 8,000 global businesses with Redis Enterprise. We have major strategic partnerships with cloud vendors Amazon Web Services, Microsoft Azure, and Google Cloud. We’re a unicorn with a company valuation of more than $2 billion and have raised more than $347 million in funding. We’re growing fast and expanding our staff across our five global offices.

Responsibilities:

• Set the vision and strategic direction for the information Security and Risk & Compliance program and align to best practice standards.
• Attract, develop, and retain a highly talented team. 
• Conduct a thorough evaluation of our security posture, identify gaps, and set priorities, then create and execute a security program.
• Lead security assessment and testing processes, including but not limited to penetration testing, vulnerability management, and secure software development at a global level.
• Plan for and manage incident response plans while minimizing the effect on the business.
• Develop and extend security tooling and automation efforts across the organization.
• Be responsible for the design and architecture of security systems and controls.
• Supervise the governance of security policies and security controls.
• Lead compliance activities including external audits, regulatory compliance projects, and overall information security reviews.
• Drive appropriate new certifications and refreshes with internal partners, external vendors, and agencies (SOC2, HIPAA, ISO27K, GDPR, FedRamp, etc.).
• Drive the monthly ISOC meeting with a multi-functional audience to highlight key areas of focus and provide a status on the security program to internal partners.
• Educate the organization about threats and implement threat protection measures.
• Manage relationships with external information security technology vendors and specialized information security professional services firms.

• Strong communication, technical, and project management skills
• The ability to effectively work cross-functionally and bring people along to support your vision for Cyber
• 15+ years of relevant experience in the information security space, preferably with both large and small, high-growth companies
• 7+ years of experience with information and network security and vulnerability management, with growing leadership responsibilities
• Expert experience with cloud security, platforms, and services, including an understanding of current security offerings from leading cloud service providers (e.g. AWS) and their applicability to securing a SaaS enterprise security environment
• Hold known industry security certifications such as CISSP, CISM, CSP
• Experience in the evaluation and implementation of industry-standard enterprise-wide information security technologies and concepts, including but not limited to Application Security, Cloud Security (AWS), Data Loss Prevention, Security Event Management, GRC Tools, Threat and Vulnerability Management, and Identity and Access Management
• Familiarity with industry security standards including NIST 800-53, ISO 27001, and ISO 27018 as well as current data privacy regulations, including GDPR and regional standards
• Strong understanding and experience with Secure SDLC and DevSecOps or security automation

Redis Labs is continuing to hire with all interviews, and onboarding is done virtually due to COVID-19. To ensure our employees’ safety, employment at Redis Labs would be fully remote until further notice from the local governments. While many of our roles have the flexibility to stay remote, this position will require to be present in our Mountain View, CA office once it re-open. 

As an equal opportunity employer, Redis Labs Inc. is committed to a diverse workforce. Employment decisions regarding recruitment and selection will be made without discrimination based on race, color, religion, national origin, gender, age, sexual orientation, physical or mental disability, genetic information or characteristic, gender identity and expression, veteran status, or other non-job-related characteristics or other prohibited grounds specified in applicable federal, state and local laws.