Head of Information Security, C3.ai

$200-295k

+ Equity

AWS
GCP
Azure
Expert level
San Francisco Bay Area

More information about location

Office located in Redwood City, CA

C3.ai

Enterprise AI application development platform

Job no longer available

C3.ai

Enterprise AI application development platform

1001+ employees

B2BArtificial IntelligenceEnterpriseAnalyticsInternet of ThingsMachine LearningSaaSData Analysis

Job no longer available

$200-295k

+ Equity

AWS
GCP
Azure
Expert level
San Francisco Bay Area

More information about location

Office located in Redwood City, CA

1001+ employees

B2BArtificial IntelligenceEnterpriseAnalyticsInternet of ThingsMachine LearningSaaSData Analysis

Company mission

C3's mission is to help industry leaders leverage enterprise AI at an unprecedented scale to thrive in the digital era.

Job

Company

Role

Who you are

  • Bachelor’s degree in computer science, Information Management Systems, Cybersecurity or related field. Advanced degree preferred
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials. CCNA, CEH, ISO27001 auditor or implementer experience is a plus
  • Minimum 10 years of experience in information security management
  • Significant experience in leading an information security program with a deep understanding of information security and compliance frameworks such as COBIT, ISO27001/27017, NIST, SOC 2, HIPAA, etc. Knowledge of government-related security frameworks such as FedRAMP and CMMC is a plus
  • Knowledge of privacy regulations/legislation such as GDPR, CCPA/CPRA
  • Experience with contract and vendor negotiations and management including managed services
  • Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various levels in the company
  • Strong leadership abilities, with the capacity to articulate and implement a strategic vision for the organization's security posture
  • Proficiency in cyber security tools, especially endpoint security solutions, intrusion prevention systems, data loss prevention systems
  • Experience with and understanding of vulnerability assessment, application security testing and penetration testing tools and services
  • Proficient in leading security incident investigation and response
  • Well-versed in cloud technology and security, including GCP, Azure and AWS security, Office 365 security, cloud DLP
  • Knowledge in industry standard software development practices
  • Hands-on experience in security assessment, cloud architecture, threat modeling, and policy writing
  • In-depth comprehension of secure SDLC, DevSecOps, or security automation
  • Ability to communicate effectively with customers and other external information security and privacy professionals

What the job involves

  • As the Head of Information Security, you will be responsible for protecting the organization's assets, applications, systems, and technology while enabling and advancing business initiatives
  • Develop, implement, and monitor comprehensive enterprise cybersecurity and IT risk management program leveraging secure processes, procedures and systems used to prevent, detect, mitigate, and recover from cyberattacks
  • Build and drive a cybersecurity strategy and framework, with initiatives to secure the organization's cyber, information and technology assets while providing leadership to the enterprise's information security organization
  • Formulate best practices and set security standards, while preparing and documenting information security policies, procedures and protocols
  • Lead security assessment processes of internal assets, encompassing penetration testing, vulnerability management, and secure software development
  • Analyze the costs, value, and risks of cybersecurity activities and recommend actions within a budget
  • Continuously evaluate and manage the cyber and technology risk posture of the organization
  • Proactively spot security issues and threats, devising robust processes and systems to safeguard against them
  • Manage a robust incident management process
  • Convey information security and data privacy operational goals, relaying their impact to stakeholders
  • Keep ahead of security needs by implementing programs or projects that mitigate risks
  • Ensure that all internally written code is cyber secure by performing regular application security and penetrations tests
  • Conduct real-time analysis of immediate threats, triage and remediate as necessary
  • Lead cybersecurity operations and implement disaster recovery protocols and business continuity plans with business resiliency in mind
  • Make sure that data and intellectual property is safe from external and internal threats
  • Lead security incident investigations and forensic data collection activities during a security breach and conduct post-mortem exercises to prevent reoccurrence
  • Act as the focal point for security incident response planning and cyber security breach remediation
  • Lead the effort for conducting vulnerability scans, reviews, and remediation activities to ensure a secure environment and to ensure that the products and services that C3.ai develops are secure
  • Manage the ongoing security awareness training and education program for employees
  • Provide leadership and fostering a culture of cybersecurity awareness and ensuring continued training and development
  • Implement and manage the cyber governance, risk, and compliance frameworks and processes
  • Lead compliance endeavors, including external audits, regulatory compliance initiatives, and overarching security evaluations
  • Collaborate with the Security Committee to develop and implement information security policies, standards, procedures, and guidelines
  • Interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services
  • Partner with business stakeholders across the company to raise awareness of risk management concerns and assist with business technology planning
  • Conduct and lead information security risk assessments, support audits (SOC 2, HIPAA, ISO 27001/27017, Cyber Essentials), and select controls to mitigate risks
  • Work with the legal/privacy teams to ensure compliance with privacy regulations
  • Report on Cybersecurity by providing the business leaders, board of directors or senior executives in area of cybersecurity risk profile and posture of organization, notable cybersecurity incident and improvement programs
  • Engage with outside stakeholders, including customers, vendors, partners, compliance bodies, and other legal/regulatory authorities
  • Deliver strategic risk guidance, evaluating and suggesting technical standards and controls
  • Work with executive leadership to determine acceptable levels of risk for the organization
  • Work with the most senior levels or the organization to liaise with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture
  • Communicate with executive leadership on IT risk issues and the security program

Otta's take

Sam Franklin headshot

Sam Franklin

CEO of Otta

C3.ai is a leading enterprise AI software provider for accelerating digital transformation. C3.ai delivers a comprehensive and proven set of capabilities for rapidly developing, deploying, and operating large scale AI, predictive analytics, and IoT applications for any enterprise value chain in any industry.

At the core of the C3 AI Suite is a powerful model-driven AI architecture that dramatically enhances the productivity of data scientists and application developers while future-proofing applications against underlying IT evolution. The C3 AI Suite is supposed to be 10 to 100x faster and more reliable than other solutions or DIY approaches, enabling robust delivery of production applications with less code and cost.

The C3 AI Suite seamlessly works with existing data storage, sources, tools, and infrastructure investment, while flexibly operating in a private, hybrid cloud, or multi-cloud environment. Having incorporated OpenAI's ChatGPT and other AI software from Google and academia in its enterprise search product, investors are anticipating a huge surge in business for this innovative company.

Insights

Led by a woman
Top investors

Some candidates hear
back within 2 weeks

24% employee growth in 12 months

Glassdoor (3.5)

Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon

Company

Funding (last 2 of 6 rounds)

Jan 2018

$100m

SERIES F

Mar 2017

$11m

SERIES E

Total funding: $221.8m

Company benefits

  • Paid Parental Time Off: For US employees, mothers are eligible for up to a total of 10 to 12 weeks of paid parental time off with your newborn. All parents, including those adopting children, are eligible to take up to a total of 4 weeks of paid parental time off
  • Hybrid Work: C3 AI employees may choose to work from home and office
  • Advanced Degrees: Lifelong learning is a part of C3 AI. That’s why we will cover the total cost for employees to earn a master’s degree in computer science online. Those who complete the degree get three more big perks—a $25,000 cash bonus, a guaranteed 15% raise and a stock grant
  • Continuous Education: C3 AI holds monthly employee training sessions as well as weekly lunch-and-learns. C3 AI also encourages further education by offering bonuses for the successful completion of select online courses
  • Relax and recharge: In the United States, C3 AI offers 15 days of paid time off every year. As your tenure with the company grows so does your paid time off! C3 AI also offers 10 paid public holidays around which you can build your vacation leave
  • Health Coverage: C3 AI offers competitive coverage. Our program includes medical, dental, and vision
  • Equity: Restricted stock units are granted to all full-time C3 AI employees
  • Free gym membership: To help keep you at the top of your game, C3 AI offers employees a free gym membership at our state-of-the-art fitness facility
  • Catered lunches daily: C3 AI provides a fully stocked snack area and beverage refrigerator that contains everything from energy drinks to sodas and iced tea. Every day C3 AI provides a catered, gourmet lunch so that the team can relax together and share ideas
  • Commuter check program: C3 AI offers tax saving commuter benefits program
  • Travel assistance: Employees are provided global health insurance while traveling for business
  • Ping-pong and pool tables: C3 AI has been known to host ping-pong and pool tournaments, allowing you to step away from the monitor. This is the perfect opportunity to enjoy coworkers while hitting a white ball at them
  • Friday happy hour: Relax and unwind at the end of the week at C3’s weekly Friday Happy Hour. Enjoy good food, good drinks and great company at our office
  • Flexible spending accounts: C3 AI offers both Health Care and Dependent Care Flexible Spending Accounts. Both accounts enable you to pay for essential health and wellness before you pay taxes on it
  • Life insurance: C3 AI offers short term / long term disability, life insurance and AD&D insurance
  • Additional leave benefits: C3 AI offers paid time off for bereavement and jury leave
  • Continental breakfast: It’s the most important meal of the day. C3 AI offers breakfast five days a week, including oatmeal, cereal, fruit, and delicious coffee
  • 401K: C3 AI offers fund options via Charles Schwab for retirement savings

Company values

  • Innovation - Our ambition is to solve problems that have never been solved before
  • Curiosity - We are self-learners, fulfilled by continuous knowledge acquisition to accelerate innovation
  • Integrity - We comport ourselves with unwavering ethical integrity, respect, and courtesy
  • Collective Intelligence - The respect we have for the intelligence and capabilities of one another fosters boundless collaboration

Company HQ

Redwood City, CA

Founders

Patricia House

(Vice Chairman)

Previously Marketing Director at Oracle for 3 years and Executive Vice President at Frame Technology for 4 years

Thomas Siebel

(Chairman & CEO)

Previously Senior Vice President at Oracle for 6 years and CEO of Gain Technology for 2 years

Salary benchmarks

We don't have enough data yet to provide salary benchmarks for this role.

Submit your salary to help other candidates with crowdsourced salary estimates.

Share this job

View 52 more jobs at C3.ai