Overview
CISO Jobs in Walnut Creek, California, USA at ASG
Title: CISO
Company: ASG
Location: Walnut Creek, California, USA
Type: Full Time
Category: IT/Tech, Security
Chief Information Security Officer (CISO) – Alpine Software Group
We are seeking an experienced, strategic CISO to drive and elevate security initiatives across our
diverse
portfolio of companies. As a key leader within Alpine Software Group (Hold Co), you will work across a range of operating companies (OpCos) to set the vision for security, recommend best practices, and drive compliance and security upgrades in line with the strategic goals of the organization.
While you will not directly lead security at any individual OpCo, you will leverage your influence and collaborate with OpCo leaders to foster a culture of security, provide guidance, ensure OpCos are operating securely in accordance with industry standards, and utilize security to drive growth.
Company Description
ASG is an unconventional group of market-leading SaaS software companies, serving industries ranging from behavioral health to transportation to childcare. ASG believes deeply in the power of people and data to grow great organizations, and that sharing knowledge, expertise, and resources across its community of businesses drives exponential growth. ASG has acquired over 50 businesses since its inception in August of 2016.
We are backed by Alpine Investors and operated by world-class People
First
TM leaders. Founders of leading SaaS companies continue to trust ASG to grow their businesses and build even stronger legacies for the future. To learn more, visit
Key Responsibilities
• Develop and Lead Cybersecurity Strategy:
Work with executive
leadership
and portfolio companies to create a cybersecurity vision, strategy, and roadmap that protects OpCo value effectively.
• Security Program Oversight and Mentorship:
Serve as a trusted advisor to OpCo leaders, helping to develop and refine their security strategies. Provide recommendations for enhancing security posture through process, technology, and policy improvements.
• Drive Security Best Practices:
Promote shift-left security practices across all OpCos, including secure coding, on-prem and cloud infrastructure security, and incident response protocols through awareness training, partnerships, and direct support.
• Compliance Initiatives:
Lead the coordination and implementation of compliance initiatives (e.g., SOC 2, PCI-DSS, HIPAA, GDPR) across the portfolio. Assist OpCos with preparing for audits and ensuring ongoing compliance with relevant regulations and standards. Support OpCos in third-party assessment engagements and follow-up remediation.
• Risk Management & Security Assessments:
Lead security risk assessments across the OpCos. Help identify vulnerabilities, prioritize risks, and design action plans for mitigating security gaps. Encourage OpCos to adopt a consistent risk management framework.
• Application Security & Penetration Testing:
Coordinate regular application security testing (App Sec) and penetration testing across all OpCos, ensuring secure coding practices and
continuous improvement
in the security of web, mobile, and API applications. Provide or contract qualified assistance in remediating critical application security vulnerabilities.
• Incident Response & Crisis Management:
Provide
leadership
and support during security incidents across the OpCos, e…
