Vice President Information Security

Hey you! 👋  Want to work for one of the fastest growing SaaS companies in the world? 📈 We’re building the next generation of learning software that companies like AWS, Netflix, Opentable and L’Oreal rely on to deliver training 💻 We believe learning is for everyone, and that we all have something we can learn from each other. We rely on one another to continuously innovate our products and processes to create an exceptional experience for our employees, customers and partners.

Still not sure? We are a culture where values are at the center of everything we do. We also embody what we call the Docebo Heart. We trust our teammates, assume the best of one another, and also hold space for all the differences that make us better. 💙

So what are you waiting for? Apply today! Join 800+ global Docebians and change the way people learn. 

Are you ready to be a part of the learning revolution? 🚀

About This Opportunity:

We are actively seeking a VP of Information Security who embodies a mix of humility and entrepreneurial spirit. This role demands a professional who can effortlessly juggle project management, people leadership, and hands-on mentorship, all grounded in a robust understanding of cyber and information security. As a direct report to the CIO, you will play a critical role in guiding our organization through the nuances of information security governance & compliance, corporate IT security, product security, and cloud infrastructure security. This role is an exceptional opportunity for someone eager to make a meaningful impact in a dynamic and innovative environment.

Reports to: Chief Information Officer Location: Toronto (CA) or London (UK) - Hybrid

Responsibilities:

• Develop and implement a forward-thinking cybersecurity strategy, acting as a strategic advisor to senior leaders and identifying opportunities for innovation and growth.
• Cultivate and articulate a progressive vision for the company's future security landscape.
• Instill a culture of security throughout the organization via public speaking, training programs, and stringent accountability measures.
• Oversee and refine our security posture and roadmap, ensuring alignment with Docebo’s business objectives and industry best practices.
• Collaborate with key stakeholders such as our CPO, CTO, and other executives to ensure the integrity of our products and systems.
• Champion adherence to and compliance with recognized industry security standards, conducting internal audits and coordinating with external auditors as necessary.
• Inspire and guide a high-performance cybersecurity team, setting clear objectives, and milestones, and maintaining accountability.
• Expand your expertise in our products, technologies, and systems to drive informed decisions.
• Manage security-related contractual and legal matters; author and maintain comprehensive internal and external policy and process documentation.
• Implement and track security metrics to ensure effectiveness and enable continuous optimization.
• Promote a culture of distributed security responsibility, improving training and awareness across the organization.
• Provide hands-on mentorship and support to your team, fostering a collaborative and inclusive environment.
• Prioritize and plan cybersecurity projects effectively, setting clear success criteria and detailed implementation plans.
• Engage in pragmatic collaboration with tech and product leaders, justifying cybersecurity initiatives with clear value, cost, and risk assessments.
• Represent Docebo in professional forums, including negotiations and interactions with industry peers, regulators, auditors, and other external stakeholders.

Requirements:

• At least 8 years of relevant experience in technology and/or cybersecurity, including a minimum of 3 years in a senior leadership role.
• Recent experience in SaaS or Product Software Companies.
• Proven experience in scaling security practices in a rapidly growing organization.
• Hands-on experience with in-house software development teams, particularly in securing web and mobile applications, and in cloud environments.
• Broad expertise in both corporate IT security and product cybersecurity.
• Demonstrated ability to lead change and ensure the delivery of projects with a high standard of quality and timeliness.
• Deep knowledge of infrastructure security, with a strong focus on cloud-based security practices and technologies. AWS cloud expertise is preferred.
• Proven track record of growing and developing a team in tandem with fast-paced company growth.
• A business-first, solution-oriented mindset in security, extending beyond traditional risk and gap analysis.
• The capability to operate both in detail-oriented tasks and in developing overarching security strategies and frameworks.
• Strong regulatory knowledge, including familiarity with Privacy Laws, SOC2, ISO27001, and an understanding of the changing dynamics in AI. FedRamp experience is advantageous.