hero

Companies you'll love to work for.

Chief Information Security Officer

HoneyBook

HoneyBook

IT
Tel Aviv-Yafo, Israel
Posted on Jun 17, 2024

Here is the gist:

HoneyBook is the leading clientflow management platform that makes it easy for independent business owners to sell and deliver their services online. Offering powerful tools for communication, contracts, invoicing, payments, and more, the platform puts independent professionals in control of their process and client experience. HoneyBook is trusted by over 100,000 service-based businesses in the United States and Canada that have booked more than $10 billion in business on the platform.

Our culture is built on five core values that inform everything we do. We encourage collaboration, feedback, ownership and have a growth mindset. We know experience comes in many different forms, some visible on your resume, others not. No one candidate will be a 100% perfect match to our description, so if you thrive in a fast-paced, intellectually-charged environment and have similar experience to what we are looking for, we encourage you to apply.

We are looking for an experienced Chief Information Security Officer to join our vibrant Security team in Tel- Aviv!

This role is critical in ensuring that our innovative, member focused, platform is backed by the highest standards of security and compliance. Reporting to the CTO, this position will play a key role in safeguarding our company's information assets and enhancing our Information Security Program.

Join us if you're ready to apply your expertise in a role that's both challenging and rewarding, and see the direct impact of your work on the business.

Here are a few of the things you will do:

  • You will lead and manage the Information Security and Information Technology teams.
  • Manage the Security and IT teams budget.
  • Strategic Leadership: Develop and implement a multi-year security strategy and roadmap to anticipate and address security challenges in alignment with company growth objectives. Update the Company’s Leadership team quarterly on the state of the Company’s security posture.
  • Program enablement: Drive the evolution of security capabilities, including IT Security, DevSecOps, and Security Operations, to support the company's high-growth trajectory.
    • Build usable security solutions that support business innovation while mitigating risks.
    • Drive the adoption of secure development practices and tools, ensuring the integrity of software products and infrastructure in cloud-native environments.
  • Compliance Management: Ensure that HoneyBook adheres to all relevant laws, regulations, and standards, such as PCI DSS, SOX, ISO 27001, etc... Craft and maintain security policies, standards, and procedures to protect company assets and data.
  • Security Awareness: Build and maintain security awareness culture via training, phishing simulations, newsletters and more.
  • Security Audits: Manage and oversee all aspects of security audits, both internal and external, to ensure compliance with industry standards and regulatory requirements.
  • Risk Management: Implement and maintain a robust risk management framework to identify, evaluate, and mitigate risks associated with IT, information security and third-party risk management.

Interested? Here's what we're looking for:

  • Experience with ‘born in the cloud’ tech companies, at pre-IPO or post IPO stage.
  • At least 10 years in Information Security with 5+ years in a management / senior management role, managing security and IT teams.
  • Experience with tech stack similar to: AWS, JAMF, OKTA, JumpCloud, S1, Wiz
  • Professional certifications such as CISSP, CISM, CCISO, or equivalent are highly desirable.
  • Exceptional leadership, communication, analytical, and technical skills.
  • Deep understanding of IT infrastructure and cloud security principles.security and privacy controls, incident response, business continuity and disaster recovery concepts.
  • Familiarity with DevSecOps, Secure Development, and Cloud Security best practices
  • Proven experience delivering PCI-DSS, SOC 2 Type 1 and Type 2, ISO 27001, and SOX 404 gap assessments and audits, and compliance with privacy regulations like CCPA and GDPR.
  • Adept at working with internal Product & Engineering, Legal, People & Culture, Finance and GTM teams, and external partners and auditors.
  • Ability to work during critical incidents or to support coverage requirements

Our core values:

  • People come first - As we explore opportunities and work through challenges.
  • Raise the bar - We push for greatness - for ourselves and our members.
  • Own it - Trust and ownership let us make decisions with confidence.
  • We love what we do - And what we create for our members.
  • Keep it real - Authenticity, respect and transparency are at our core.

The opportunity at HoneyBook is huge – our primary customers today are creative businesses that generate in aggregate $150B in revenue per year in the US. Founded in 2013, HoneyBook is based in San Francisco and Tel Aviv, has raised $498M and is funded by Tiger Global Management, Norwest Venture Partners, Aleph, Hillsven Capital, OurCrowd, Durable Capital Partners LP, Vintage Investment Partners, Battery Ventures, Citi Ventures, Zeev Ventures and 01 Advisors.

Follow us on Instagram, Facebook and Medium and catch the latest stories about HoneyBook. Read about what our employees are saying about us on Glassdoor.

Applicant Information
When you apply for a job or an independent contractor/agent position with HoneyBook, we collect the information that you provide in connection with your application. This includes name, contact information, professional credentials and skills, educational and work history, and other information that may be included in a resume or provided during interviews (which may be recorded). This may also include demographic or diversity information that you voluntarily provide. We may also conduct background checks and receive related information.

We use applicants’ information to facilitate our recruitment activities and process applications, including evaluating candidates and monitoring recruitment statistics. We use successful applicants’ information to administer the employment or independent contractor relationship. We may also use and disclose applicants’ information (a) to improve our Services, (b) as otherwise necessary to comply with relevant laws, (c) to respond to subpoenas or warrants served on HoneyBook, and (d) to protect and defend the rights or property of HoneyBook or others.

Our Privacy Policy is here.