Chief Information Security Officer

We are seeking a highly experienced and visionary Chief Information Security Officer (CISO) to lead our organizations cybersecurity strategy and protect our digital assets sensitive data and information systems. The CISO will oversee the development implementation and management of comprehensive security programs and ensure compliance with regulatory requirements. This IT leadership role requires a strategic thinker strong leadership skills and technical expertise in cybersecurity practices. 

This position is open to candidates in the Seattle area. You will have a hybrid remote/inoffice schedule working from our casual petfriendly office at least three days a week. 

Key Responsibilities: 

Strategic Leadership 

• Collaborate with CIO to develop and execute a robust enterprisewide cybersecurity strategy. 
• Align security initiatives with business objectives ensuring risk mitigation without hindering innovation or operations. 
• Provide expert guidance to the IT leadership team on current and emerging cybersecurity threats and best practices. 

Risk Management 

• Identify evaluate and mitigate cybersecurity risks through proactive measures and incident response planning. 
• Oversee periodic risk assessments audits and penetration tests to maintain a strong security posture. 
• Implement and maintain cybersecurity frameworks such as NIST ISO 27001 or similar. 

Operational Oversight 

• Lead the design deployment and management of security architecture policies and procedures. 
• Monitor and respond to security breaches cyber incidents and vulnerabilities. 
• Establish and oversee the Security Operations Center (SOC) and incident response teams. 
• Compliance and Governance 
• Ensure compliance with applicable laws regulations and industry standards (e.g. GDPR NYDFS PCI DSS OSHI SOX). 
• Develop and enforce security policies standards and guidelines across the organization. 
• Work closely with legal compliance and 3rd party audit teams to address regulatory requirements. 
• Collaboration and Communication 
• Build and maintain relationships with internal stakeholders including IT HR and legal departments. 
• Engage with external partners such as vendors insurance agencies government agencies and industry groups to enhance the organizations security framework. 
• Deliver clear and actionable reports on cybersecurity performance and risks to the board of directors and executive management. 

Team Leadership 

• Build appropriate org structure and recruit mentor and manage a highperforming cybersecurity team. 
• Foster a culture of security awareness and continuous improvement throughout the organization. 

Qualifications & Experience: 

Education and Experience 

• Bachelors or Masters Degree in Computer Science Information Security or a related field. 
• 10 years of progressive experience in cybersecurity including leadership. 
• Certifications such as CISSP CISM CISA or equivalent are preferred. 

Technical Expertise 

• Indepth knowledge of cybersecurity technologies tools and trends. 
• Experience with cloud security endpoint protection threat intelligence and security analytics. 
• Proficiency in developing and managing security budgets and resource allocation. 

Leadership and Communication 

• Proven ability to lead crossfunctional teams and drive strategic initiatives. 
• Excellent communication and presentation skills with the ability to convey complex security concepts to nontechnical audiences. 
• Strong decisionmaking problemsolving and crisismanagement skills. 

Core Competencies & Skills: 

Strategic Thinking and Vision 

• Ability to develop and execute a longterm cybersecurity strategy aligned with business goals. 
• Awareness of emerging trends threats and technologies to futureproof the organization. 

Risk Management Expertise 

• Proficient in identifying assessing and mitigating risks across the enterprise. 
• Skilled in implementing risk management frameworks (e.g. NIST ISO 27001). 
• Strong understanding of business impact analysis and prioritization of risk response. 

Technical Proficiency 

• Deep understanding of cybersecurity tools technologies and practices including: 
  • Network security 
  • Endpoint protection 
  • Cloud security 
  • Threat intelligence 
  • Security Information and Event Management (SIEM) systems 
• Handson experience with incident response vulnerability management and forensics. 

Leadership and Team Development 

• Strong leadership skills to inspire and manage cybersecurity teams. 
• Experience in recruiting mentoring and retaining top talent in the cybersecurity field. 
• Ability to foster a culture of security awareness across the organization. 

Regulatory and Compliance Knowledge 

• Expertise in global and industryspecific compliance requirements such as: 
  • GDPR NYDFS OSHI PCI DSS SOX 
• Ability to navigate audits and maintain compliance with cybersecurity laws and regulations. 

Communication and Stakeholder Management 

• Strong written and verbal communication skills to articulate complex security issues to nontechnical audiences. 
• Proficiency in preparing and presenting security updates and risk assessments to the board of directors and Csuite executives. 
• Skilled in collaborating with crossfunctional teams and external stakeholders. 

Incident Response and Crisis Management 

• Expertise in managing security breaches and developing robust incident response plans. 
• Strong decisionmaking skills under pressure to minimize damage and ensure swift recovery. 

Financial Acumen 

• Ability to develop and manage a cybersecurity budget effectively. 
• Understanding of costbenefit analysis for security investments and resource allocation. 

Analytical and ProblemSolving Skills 

• Proficiency in analyzing large volumes of data to identify potential security issues. 
• Creative problemsolving to develop innovative and effective solutions to complex security challenges. 

Collaboration and Influence 

• Adept at building relationships with internal and external stakeholders. 
• Ability to find winwin solutions that balance security needs without stifling innovation or negatively impacting customer experience. 
• Ability to influence organizational culture to prioritize cybersecurity. 

Ethical Judgment and Integrity 

• High ethical standards in handling sensitive information and making decisions. 
• Commitment to transparency and accountability in security practices. 

Compensation: 

• The pay range for this position is $200$250K on a fulltime schedule. 
• Along with base salary Trupanion employees may be eligible for monthly bonuses. 
• We want all employees to be invested in Trupanions success so we grant Restricted Stock Units to all new team members. Our new hire grants vest over 4 years.  

Additional Information :

All your information will be kept confidential according to EEO guidelines.

Benefits and Perks:

• Full medical dental and vision benefits at no cost to the employee
• Four weeks of paid time off and 9 paid float holidays (you can decide which days are most important to you!)
• Fiveweek sabbatical after five years of employment
• Open casual petfriendly and fun office environment
• Free medical health insurance for your pet (1 dog or cat)
• Paid time off to volunteer at nonprofit organizations
• Seattle Office Amenities: Free onsite gym free dog walking services for office pets during business hours free parking and paid ORCA cards.

For more information about Trupanion visit

Learn more about how Trupanion has revolutionized our industry and the reimbursement model:

Trupanion is an equalopportunity employer and embraces diversity. We are committed to building a team that represents a variety of backgrounds abilities perspectives and skills.

We will ensure that individuals are provided reasonable accommodation to participate in the job application or interview process perform essential job functions and receive other benefits and privileges of employment. Please contact us to request accommodations.