Information Security Leader

Cvent is a leading meetings, events, and hospitality technology provider with more than 4,800 employees and ~22,000 customers worldwide, including 53% of the Fortune 500. Founded in 1999, Cvent delivers a comprehensive event marketing and management platform for marketers and event professionals and offers software solutions to hotels, special event venues, and destinations to help them grow their group/MICE and corporate travel business. Our technology brings millions of people together at events around the world. In short, we're transforming the meetings and events industry through innovative technology that powers the human connection.

About the Role

You are an experienced and dynamic cybersecurity leader able to provide regional, executive-level support for a variety of programs and initiatives as well as manage the day-to-day operations of Cvent's India Information Security team based in Gurgaon, India. In this role you will be responsible for supporting regional teams to execute a variety of information security programs and processes as well as deliver solutions for technology risk management, data and infrastructure protection, customer security assurance, and compliance of Cvent's SaaS product platform and company computing resources.

Key Responsibilities

Support Global Strategic Leadership:

• Collaborate with Global Information Security leadership and functional peers to maintain and implement a comprehensive information security strategy aligned with Cvent's business objectives as well as global SaaS product and corporate computing operations
• Collaborate with regional executive leadership to ensure adequate resourcing and support for Cvent India Information Security team operations and initiatives
• Provide executive-level support for regional security risk assessment and treatment activities as well as security operations with an emphasis on collaborating with regional executive leadership and other stakeholders to develop, promote, implement, and monitor security practices
• Support global security governance and reporting activities, including regular updates to regional senior management on the state of information security practices most relevant to Cvent India

Team Management and Oversight:

• Lead and mentor the Cvent India Information Security team with an emphasis on coaching and developing teams, managers, and key individual contributors
• Maintain alignment and operational consistency between the Global Information Security team and the Cvent India Information Security team on information security policies, processes, and practices
• Foster a culture of continuous improvement, innovation, and learning across Cvent India Information Security teams
• Ensure effective coordination and communication between Cvent India Information Security teams as well as between the Cvent India Information Security team and regional stakeholders and teams to maintain productive, positive working relationships and deliver a cohesive security posture

Application & Cloud Security:

• Provide oversight and executive-level support for adoption of security best practices in software development and cloud security, including secure architecture design, software and infrastructure threat modeling, vulnerability management and remediation, and full-stack security hardening

Security Operations:

• Provide technical oversight and executive-level support for the design, implementation, and maintenance of security controls for Cvent's global SaaS platform and corporate computing resources
• Provide technical oversight and support for effective 24/7 security monitoring, incident response, threat hunting, and threat intelligence capabilities

Compliance and Risk Management:

• Provide oversight and executive-level support for activities to achieve and maintain compliance with industry standards and regulations relevant to Cvent's global SaaS operations (e.g., ISO 27001, ISO 27701, SOC 2, PCI, GDPR, CCPA, and others)
• Provide oversight and support for third-party vendor risk assessment and risk treatment activities
• Oversee and contribute to the development and maintenance of information security policies, standards, procedures, and guidelines, as required

Security Assurance:

• Provide oversight and executive-level support for customer assurance support activities related to security and which are geared to establishing and maintaining customer trust in Cvent's security posture and practices

Stakeholder Management:

• Serve as a key executive representative and liaison between the Global Information Security and Cvent India Information Security team as well as between other Cvent India departments and divisions
• Collaborate with Sales, Legal, and Product teams to address customer security concerns and requirements
• Innovation and Continuous Improvement:
• Stay abreast of emerging security threats, technologies, compliance frameworks, and best practices, particularly those relevant to the global SaaS industry
• Foster and promote development of innovative security processes and solutions to enhance Cvent's security and compliance posture
• Continuously assess and improve the effectiveness of the Cvent India Information Security team as well as the respective security programs, initiatives, and day-to-day activities

Qualifications

Education:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field; Master's degree preferred
• Relevant industry certifications such as CISSP, CISM, CRISC, or CCSP

Experience:

• 15+ years of experience in information security, with at least 8 years in an information security leadership role and experience in various information security domains including, but not limited to, cloud and infrastructure security, data protection, security risk and compliance, application security, vulnerability management, and security incident response
• Strong technical knowledge of cybersecurity principles, technologies, and best practices
• Solid understanding of security risk management methodologies and compliance frameworks, including familiarity with relevant global data privacy and protection laws and regulations relevant to SaaS platforms and operations
• Proven track record in managing information security for a global SaaS company
• Technical Skills:
• Deep understanding of cloud security architectures and best practices, particularly related to the AWS platform
• Proficiency with DevSecOps principles and practices
• Proficiency with endpoint detection and response tools, security information and event management (SIEM) systems, vulnerability management and data loss prevention platforms, and security operations center (SOC) management
• Knowledgeable of a variety of IT asset, risk, and vulnerability management technologies to support risk assessment, treatment planning, and reporting, configuration management and hardening, vulnerability assessment/scanning, and risk and/or vulnerability remediation activities
• Knowledgeable of application security methodologies and secure software development practices
• Knowledgeable of security threat intelligence, threat monitoring, incident response, and threat hunting practices and techniques.

Soft Skills:

• Exceptional leadership and team management abilities
• Strong leadership, executive presence, and persuasive communications skills; ability to effectively articulate complex cybersecurity concepts to both technical and non-technical audiences to build consensus and achieve cross-functional alignment on security priorities
• Excellent stakeholder management and negotiation skills; demonstrated ability to influence and drive positive change across an organization at all levels
• Strong business acumen with the ability to align security initiatives with business objectives
• Adaptability and resilience in a fast-paced, dynamic environment