The ultimate source for official answers about a business online should be the business itself. However, when consumers ask questions on company websites, too often they are left in the dark with wrong answers. Yext (NYSE: YEXT), the Search Experience Cloud, solves this problem by organizing a business's facts so it can provide official answers to consumer questions wherever people search. Starting with the company website, then extending across search engines & voice assistants, businesses around the world, like Taco Bell, Marriott, & Jaguar Land Roveras well as organizations like the U.S. State Departmenttrust Yext to radically improve the search experience on their websites & across the entire search ecosystem.
The Chief Information Security Officer (CISO) will be accountable for the overall Yext Information Security & Risk & Compliance program & crafting a culture of Cybersecurity working with Product, Engineering, IT, Internal Audit & Business Leadership! In this role they will lead all aspects of application security, corporate security, security operations & engineering, & technology risk & compliance outside of direct management of SOX & ITGC. They will partner various teams to develop, implement, maintain, & continually improve the strategic & risk-based Information Security, Data Privacy, Risk & Compliance program. They own & drive product security of the Yext platform & products working with the Engineering team. They will also partner & support our revenue team on key deals, representing the information security program.
What You'll Do
- Set the strategic direction for the overall Information Security, Risk, & Compliance program & alignment to standard methodologies
- Develop the goals & a roadmap for the overall program, working various teams
- Manage the security budget, working closely with Yexts financial planning team.
- Be the leader & advocate when coordinating with peers in Engineering, IT, HR, & other business functions that impact Yexts security posture.
- Work closely with the Engineering & Product teams to help craft & execute on product security as our product evolves.
- Drive appropriate new certifications & refreshes with internal partners, external vendors & agencies (SOC2, HIPAA, ISO27K, GDPR, FedRamp, etc.)
- Drive the monthly ISOC meeting with a multi-functional audience to highlight key areas of focus & provide a status on the security program to internal partners.
- Partner with sales leadership on key deals.
- Be responsible for the design & architecture of security systems & controls.
- Supervise the governance of security policies & security controls.
- Build & be responsible for a continuous improvement culture related to the information security program
- Ensure compliance with changing privacy & data protection laws & regulations (e.g European regulations)
- Identify risks & impactful plans to protect the business as our products & services evolve.
- Maintain a current understanding of the cyber threat landscape impacting Yext & our industry.
What You Have
- Bachelors degree or similar college level education in business, technology or related field
- Hold a known industry security certification such as those from ISC2 or ISACA.
- 15+ years of relevant work experience including demonstrable ability to lead & coordinate critical programs & multi-functional efforts
- Strong working knowledge & understanding of key concepts in Information Security, Risk Management, & Compliance, including application security, network security, & security operations
- Understanding of corporate Governance, Risk, & Compliance functions
- Consistently demonstrated growth in their own skills & leadership
- 10+ years of experience with information & network security & vulnerability management, with growing leadership responsibilities
- Experience with regulatory compliance, such GDPR & HIPAA
- Familiarity with well-established security standards & frameworks such as ISO 27001, NIST SP 800-53 & COBIT.
- Excellent written & verbal communications skills, with demonstrated ability to clearly articulate to both technical & non-technical audiences!
Yext is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ethnicity, religion, creed, national origin, ancestry, genetics, sex, pregnancy or childbirth, sexual orientation, gender (including gender identity or nonbinary or nonconformity and/or status as a trans individual), age, physical or mental disability, citizenship, marital, parental and/or familial status, past, current or prospective service in the uniformed services, or any characteristic protected under applicable law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know.