Startup Careers

Be a part of our family by contributing to our portfolio companies’ innovation and success. Browse open positions below with Intel Capital portfolio companies.

Corporate Manager of Information Security (CMIS) at Nexant
Salt Lake City, UT, US

Scope, purpose and nature of role

The CMIS is the company’s thought-leader for information risk and security management and related activities throughout the organization.  This position will report directly to the Head of the Legal Department.  The CMIS is responsible for interpreting the business and information needs and wants of the organization and then developing and implementing strategies concerning the protection of our information assets, ensuring our compliance with relevant laws and regulations, governing and (at a high level) managing the information risk and security management function, and most of all supporting/enabling achievement of business objectives.  The CMIS has interests in, collaborates with and seeks alignment of the entire organization since information is a valuable yet vulnerable resource throughout.  Where appropriate, the CMIS also liaises with external stakeholders such as auditors, service providers, customers and authorities such as industry regulators on significant matters.

The primary functions of the CMIS are to (1) inspire and coordinate the wide variety of activities associated with identifying, evaluating and treating information risks throughout the organization, (2) manage the company’s information security management program, and (3) lead the company’s security committee.  The role includes but stretches well beyond IT risk and security, touching on aspects such as compliance, physical security, personnel security, incident management, business continuity and more.  A further objective is to liaise with and provide relevant, timely, credible information and sound professional advice to senior management concerning the organization’s information risk profile and the status of information risk treatments.

·         Takes the lead on privacy matters for management and staff throughout the organization, is accountable for the adequacy of the company’s privacy arrangements as a whole, including our privacy framework and compliance with privacy-related obligations (especially privacy laws and regulations).

·         Develops strategic planning processes to align information requirements and supporting systems and infrastructure with legislative requirements and the strategic goals of the company.

·         Ensures that the information resources of the company are managed as a corporate asset.

·         Plans and coordinates with the Director of IT and other BU Information Security Managers to implement systems to effectively manage the company’s information assets and the development of tools, systems and information technology infrastructure to maximize the access and use of a company’s information resources.

·         Ensures that information security policies and governance practices are established to ensure   the security, confidentiality, and privacy of information resources and supporting IT systems with the company’s overall information security plan.

·         Coordinates the development and implementation of information management practices including policies, standards, guidelines and procedures; assist business units to define and understand their responsibilities in relation to information management; assist business units to identify their information needs and requirements.

 

Distinguishing characteristics of the ideal candidate

The following personal traits are high on our wish-list:

·     Visionary, a big-picture thinker with a broad perspective on information risk and security, governance, compliance etc., and a solid appreciation of how information security protects, supports and enables the business over a strategic scope and timescale;

·     A natural leader with demonstrably strong leadership capabilitiese.g. highly influential and motivational, a good bidirectional communicator both in writing and face-to-face;

·     Combining strong personal integrity (grit) with pragmatism, willing to stand up for what’s right for the organization, yet open to alternative means of achieving it.

·     Realistic and pragmatic in approach, for example understanding that although minor privacy incidents are practically inevitable, they are worthwhile learning points and improvement opportunities;

·     Able to see the bigger picture and think strategically where appropriate, since privacy is just one of many business and information issues of concern to the company;

·     Capable and willing to establish effective, productive working relationships with various managers, staff and other professionals (including third parties) on privacy, security and related matters, guiding them where relevant, responding to their concerns and collaborating on mutually beneficial solutions.

 

Qualifications, skills and experience

The following are relevant and desirable for this role: 

·     Business management: MBA or equivalent, plus extensive real-world management experience involving contact with senior management, departmental/corporate management, budgeting, strategic planning, management reporting and metrics, legal and regulatory compliance, formulation and management of information security policies, forensics, fraud etc;

·     Information risk and security management: CISM, master’s degree or similar; at least 10 years work experience including at least 5 years in the field; genuine hands-on experience with relevant approaches, standards, methods, frameworks etc.;

·     Project Management: Project and personnel management experience, good at scheduling and managing time, people, budgets, tasks etc. and working to dynamic priorities;

·     Compliance/legal and information risk management background: with exposure to the broader aspects of privacy including information security, IT, ethics and incident management, HR, auditingetc.;

·     IT audit skills (e.g. able to assess risks, ask the right questions and get to the bottom of things, plus write and present formal management reports): ideally qualified to CISA or equivalent;

·     Hands-on experience of ISMS design and implementation;

·     Excellent communication skills, both written and oral, able to demonstrate the ability to write well and present confidently, evangelically even (check in the interview process);

·     Candidates must be willing to undergo extensive background checks to verify their identity, character, qualifications, skills and experience, and suitability for the role.

 

Salary and Benefits (U.S.) 

Nexant offers competitive salaries based on candidate's qualifications. Nexant also offers three weeks paid vacation per year, eleven paid holidays per year, a 401(k) plan with employee matching funds and an overall comprehensive benefits package. 

 

About Nexant

Nexant is a globally recognized software, consulting and services leader that provides innovative solutions to utilities, energy enterprises, chemical companies and government entities worldwide. Founded in 2000 and headquartered in San Francisco, Nexant and its 500+ employees work from 32 global offices providing deep technical expertise and regional knowledge to improve customer engagement, boost operational efficiency, reduce costs and achieve superior business results.

Nexant supports clients through four distinct business units: 

 

  • Nexant Energy Software has developed and commercialized a number of industry-leading software platforms and applications, including Nexant iEnergy®, Nexant Grid360™, and Nexant iHedge®
  • Nexant Utility Services works with clients to drive customer energy savings, ensure cost-effective program design, implementation and management, and promote customer engagement
  • Nexant Energy & Chemicals Advisory provides strategic planning, project development, competitor analysis, market and price forecasting, and NexantThinking™, a subscription program and online product portal .
  • Nexant Government Services assists developing countries with energy sector policies, infrastructure, financing, and access to affordable electricity.