Chief Information Security Officer
Chief Information Security Officer
AvidXchange is seeking a Chief Information Security Officer to play a critical role in safeguarding our company's sensitive information, intellectual property, and customer data. You will be responsible for developing and implementing robust information security strategies, policies, and procedures, ensuring compliance with industry regulations and standards, and proactively identifying and mitigating cybersecurity risks. This role requires a seasoned professional with a deep understanding of financial technology, regulatory compliance, and a track record of successfully leading information security initiatives in a high-growth environment.
Join us in our mission to redefine the financial landscape with innovation, security, and seamless money movement. As our Chief Information Security Officer, you will be at the forefront of safeguarding our company and customer data while ensuring compliance with industry regulations, making a significant impact on the fintech industry's future.
What you’ll do:
- Provide visionary leadership and strategic direction for the company's information security program.
- Collaborate with the board, executive and senior management and other stakeholders to align security initiatives with business objectives.
- Build and lead a skilled and motivated information security team to execute security strategies effectively.
- Stay current with relevant financial industry regulations, laws, and best practices, ensuring the company's compliance.
- Execute the company’s PCI compliance program and other data privacy initiatives.
- Develop and maintain a comprehensive understanding of money movement regulatory requirements and ensure that our systems and practices are in accordance with these guidelines.
- Conduct regular risk assessments to identify and prioritize cybersecurity risks and vulnerabilities.
- Engage with key partners and customers, including prospects, on information security related matters
- Implement effective risk mitigation strategies and controls to safeguard critical assets and data.
- Oversee incident response plans and lead efforts to respond effectively to security incidents and breaches.
- Develop, implement, and maintain information security policies, standards, and guidelines.
- Conduct regular audits to ensure adherence to security policies and recommend improvements as needed.
- Promote a strong security culture within the organization through training and awareness programs.
- Educate employees and stakeholders about cybersecurity best practices and potential risks.
- Evaluate the security posture of third-party vendors and partners, ensuring compliance with security requirements.
- Establish vendor risk management processes to minimize potential security risks associated with external collaborations.
- Lead the response to security incidents, coordinating efforts across relevant teams.
- Conduct post-incident analysis and implement measures to prevent future occurrences.
- Evaluate and recommend security technologies, tools, and services to enhance the company's cybersecurity capabilities.
- Ensure the security of the company's networks, systems, and applications through regular assessments and vulnerability management.
What we’re looking for:
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Advanced certifications in information security, such as CISSP, CISM, or CISA, are highly desirable.
- Minimum of 10 years of experience in information security, with at least 5 years in a leadership role.
- Proven experience in the fintech industry, preferably in a company dealing with money movement and financial transactions.
- In-depth knowledge of: money movement regulatory requirements and compliance frameworks, such as PCI-DSS, NYDFS cybersecurity regulations, GDPR, and AML/KYC; IT general controls (ITGC), and system and organization controls reports (SOC reports).
- Strong understanding of cybersecurity best practices, risk management, and incident response.
- General understanding of public company requirements as it relates to cyber security
AvidXchange is a leading provider of accounts payable (“AP”) automation software and payment solutions for middle-market businesses and their suppliers. By trade, we are a technology company, but if you ask anyone who works here, they’ll tell you our people are at the core of who we are. We focus on creating a culture of Diversity, Inclusion & Belonging, and are proud to be a safe place where teammates can bring their whole selves to work. At AvidXchange, mindset is everything. We are Connected as People, Growth Minded, and Customer Obsessed. These three mindsets represent our culture – who we are, who we’ve always been, and they guide us to improve every day. Since our founding in 2000 in Charlotte, NC, we’ve created a company of over 1,600 teammates working in one of our 5 offices across the U.S., or remotely. AvidXchange is proud to be Certified™ as a Great Place to Work®. The prestigious recognition is based on anonymous data from our teammates and makes official what our teammates have known for years – that AvidXchange is a Great Place to Work®.
Who you are:
- A go-getter with an entrepreneurial mindset – that means you are not afraid of taking risks, winning big or facing the unknown.
- Someone who understands that business is people centric. Connecting with others as humans first allows you to develop mutually beneficial working relationships.
- Focused on making a difference for our customers. AvidXchange exists to help solve complex problems for our customers so we can all realize our potential.
What you’ll get:
AvidXchange teammates (we call them AvidXers) get the perks and prestige of a publicly traded tech company paired with the flexibility of a founder-led startup. We help our AvidXers develop as professionals and as human beings, providing work/life balance, development programs, competitive benefits and equity options. At AvidXchange, we are building more than a tech company – we are building an experience. We remain committed to a culture where you can fully be 'you’ – connected with others, chasing big goals, and making a meaningful impact. If you want to help us grow while realizing your potential and creating stories you’ll tell for years, you’ve come to the right place.
- 18 days PTO*
- 11 Holidays (8 company recognized & 3 floating holidays)
- 16 hours per year of paid Volunteer Time Off (VTO)
- Competitive Healthcare
- High Deductible Heath Plan Option that has $0 monthly premium for teammate-only coverage
- 100% AvidXchange paid Dental Base Plan Coverage
- 100% AvidXchange paid Life Insurance
- 100% AvidXchange paid Long-Term Disability
- 100% AvidXchange paid Short-Term Disability
- Employee Assistance Program (EAP) - Provides counseling services, legal and financial consultations and health advocacy for Teammates and their eligible dependents
- Onsite Health Clinic with Atrium Health** - available to Teammates and their eligible dependents
- Retirement 401k Match up to 4%
- Parental Leave: 8 weeks 100% paid by AvidXchange***
- Discounts on Pet, Home, and Auto insurance
- BrightDime Financial Wellness Tool, offered free to teammates
- WeeCare Childcare Service: helps teammates find affordable daycare, childcare, and tutors 40% less expensive than traditional daycare centers
- Perks at Work: free discount program that provides teammates the opportunity to save on items from electronics, movie tickets, car buying, vacations, and more
- Onsite gym fitness center, yoga studio, and basketball court****
- Tuition Reimbursement up to the federal maximum of $5,250*****
- Hybrid Workplace Flexibility
- Free parking
*Fully granted from beginning of year, pro-rated if hired mid-year
**Charlotte location only
***Must be full-time for at least 3 months
****Charlotte location only
*****Must be full-time for at least one year
Equal Employment Opportunity
AvidXchange is an equal opportunity employer. AvidXchange is committed to equal employment opportunity in accordance with applicable federal, state, and local laws. AvidXchange will not discriminate against applicants for employment on any legally recognized basis. This includes, but is not limited to veteran status, race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age and physical or mental disability.
- Job Family Information Technology
- Job Function Information Technology Leadership
- Pay Type Salary
- Employment Indicator Executive