Bluebeam
Dallas, Texas
At Bluebeam, we empower people to advance the way the world is built. We create smart software solutions that make construction sites more efficient, connected, and safe and improve the lives of design and construction professionals everywhere.
This position will provide leadership and accountability for Bluebeam’s information security program. It is responsible and accountable for establishing, planning, administering, and evaluating the overall policies, goals, and procedures company-wide for the information security program. Relevant, collaborative leadership experience, proven execution ability, and technical cybersecurity competency are key indicators of success for this role.
• Defines and owns a multi-year cybersecurity roadmap and key performance
indicators focused on reducing cyber risk.
• Creates quarterly, annual, and long-term cyber security and cyber risk
management goals, articulates strategies, define metrics, and provides
necessary updates to executive leadership and the Security Steering
Committee.
• Builds and inspires a highly skilled and diverse Security team. Fosters a culture
of trusted cross-functional partnership, service, and continuous improvement.
• Partners with Product & Engineering leadership for the development, planning, and
execution of major security initiatives, ensuring secure development and overall
technology and security planning in line with Bluebeam’s product roadmap and R&D
innovations team.
• Oversees product review assessments and promotes the implementation of security
technologies.
• Collaborates with peer members of the greater global Nemetschek security team and
leads security initiatives for the US-based brands to establish and promote appropriate
security standards throughout the Nemetschek Group and provides an effective
governance structure to ensure cyber compliance and accountability.
• Mentors internal Bluebeam and Sister Brand security team members.
• Leads Security Incident Responses, Vulnerability assessments, Third Party Information
Security assessments, Data Protection and Encryption, Identity & Access Management,
and Privileged User Access to protect both customer and employee data.
• Coordinates responsive actions for disaster recovery, business continuity, and incident
response plans.
• Develops and coordinates response plans to ensure timely response to information
risk-related incidents.
• Builds and inspires a highly skilled and diverse GRC and Privacy team, staying abreast of
new regulations affecting the business and driving a culture of compliance throughout
the organization.
• Partners with business stakeholders across Bluebeam and the Nemetschek group to
raise awareness of risk management concerns, including advising system owners on the
security posture of their systems.
• Oversees the continued development and maintenance of Bluebeam’s processes,
policies, and technical controls in support of certifications programs and continual
compliance with ISO/IEC 27001/2, SOC 2, and applicable privacy regulations and
ensures ongoing compliance thereof.
• 10+ years of enterprise cybersecurity or relevant technology/risk management experience
• 3+ years of experience directing the activities of other managers running information security
teams
• 2+ years of experience in GRC and data privacy regulations
• Hands-on experience leading one or more of the following functions is required: GLBA/privacy,
third-party risk management, cyber resilience planning/response, strategy/board reporting
• Demonstrated experience in cloud and mobile technologies, including multi-tenancy data storage
preferably with AWS infrastructures.
• Demonstrated experience in establishing and maintaining common security frameworks (SOC2,
ISO27001, NIST)
• Broad, current knowledge of regulatory and voluntary standards-based compliance related to cloud
and mobile applications and data confidentiality (e.g. CCPA, GDPR, PCI, SOC2, ISO 27001) and
experience implementing and fostering compliance maturity.
• Experience with software-as-a-service companies and securing cloud architectures.
• Exceptional communication skills, including written deliverables, oral presentations, and the ability to
facilitate crucial conversations at all levels of the organization.
• Track record of leading enterprise projects and cross-functional initiatives to success, on time, and
within budget.
• People-focused, entrepreneurial start-up culture with the backing of a stable, global, corporate entity
- Nemetschek
• Competitive compensation and benefits package (medical, dental, education reimbursement, 401k,
wellness resources)
• Work-life balance fostered through a culture of diversity, inclusion, and appreciation of individual
lifestyle needs
• You will have the opportunity for continuous professional development
Apply Online
11-Jun-2024