Senior Director - Product Security (Deputy CISO)

Your Opportunity :

Are you a seasoned security leader with a passion for technology and a knack for planning New Relic is seeking a driven Deputy CISO to partner with our CISO and shape the future of cybersecurity for our leading observability platform. In this highimpact role youll guide and mentor our security teams drive strategic initiatives and collaborate closely with senior leadership across the business. If youre a metricsdriven problemsolver who thrives in a fastpaced environment this is your chance to make a real difference.

We are seeking a highly motivated and experienced Deputy CISO to join our growing Information Security team. This is a critical role that partners closely with the CISO to provide technical leadership and guidance ensuring the confidentiality integrity and availability of New Relics systems and data.

As a key member of the security leadership team you will:

• Lead and mentor: Guide and develop a highperforming team of security professionals fostering a culture of growth and innovation.
• Drive strategy: Partner with the CISO to execute the overall security strategy ensuring alignment with business objectives and contributing to budget discussions and resource allocation.
• Influence decisions: Participate in highlevel security decisionmaking providing recommendations and insights to senior leadership.
• Oversee operations: Manage and oversee key security functions including attack surface management offensive security continuous monitoring and secure operations technologies.
• Collaborate effectively: Work closely with Legal Compliance Engineering and Product teams to integrate security into all aspects of the business.
• Champion excellence: Promote security best practices and awareness across New Relic staying abreast of emerging threats and technologies.

Career Growth Opportunities:

This role is designed to be a stepping stone to greater leadership within New Relic or the broader cybersecurity industry. Here are some potential career paths:

• CISO Succession: This role is a natural path to becoming a CISO either at New Relic or another organization. The role involves assuming CISO responsibilities when needed and reporting to the executive leadership. Youll gain invaluable experience working closely with a CISO and managing a complex security program at a growing and highly dynamic business.
• VP or Sr. Director Level Security Roles: This role can prepare you for other senior security leadership positions such as VP of Security Operations Sr. Director of Information Security or VP of Product Security.
• Industry Thought Leader: The high visibility of this role combined with your contributions to New Relics security posture can position you as a thought leader in the cybersecurity community. Youll have opportunities to speak at conferences publish articles and engage with industry peers.
• Strategic Influence: You will drive strategic initiatives and shape the cybersecurity landscape allowing you to make a significant impact and gain recognition.
• Team Mentorship and Growth: Mentoring team members and enhancing their skills provides leadership experience and growth.
• Exposure to Diverse Cybersecurity Domains: The role covers various cybersecurity aspects such as governance risk management and technology which broadens your expertise.
• Technological Leadership/Innovation Roles: Working with cuttingedge technologies like AI and GenAI and involvement in M&A activities and new product launches can lead to roles focused on technological innovation within cybersecurity.

Career Paths Weve Seen:

Individuals in similar Deputy CISO roles have successfully transitioned into:

• CISO positions at both public and private companies.
• Leadership positions in cybersecurity consulting firms.
• Executive Leadership: Success in a highprofile role like Deputy CISO can lead to further advancement within the organizations executive ranks particularly for those with strong leadership and strategic thinking skills.
• Industry Opportunities: The experience and skills gained make candidates highly competitive for similar or more advanced roles at other organizations potentially in different industries. VPlevel roles leading global security teams.
• Consulting: Individuals with extensive expertise in information security can move into consulting roles advising or even board positions other organizations on their security strategies

Key Performance Indicators (KPIs) and Metrics:

The Deputy CISO will be measured on the following KPIs and metrics with specific goals and milestones:

Security Posture Improvement:
Goal: Improve overall controls maturity yearoveryear leveraging CIS scoring.

Milestone: Achieve a tangible reduction in exploitable vulnerabilities within the first six months.

Quota: Define and lower average timetoremediation for critical vulnerabilities.

Security Program Maturity:

Goal: Advance the security program maturity level by one stage (e.g. from defined to managed) within the next two years based on a recognized framework (e.g. NIST Cybersecurity Framework CIS etc).

Milestone: Coordinate the completion of a gap analysis and codevelop a roadmap for achieving the target maturity level within the first six months.

Quota: Implement new or drive improvement of existing security controls to address identified gaps within the first year.

Team Performance and Development:

Goal: Improve employee satisfaction and retention within the security team.

Milestone: Implement a formal mentorship program for junior team members within the first quarter.

Quota: Achieve an 85% or higher employee satisfaction rating within the security team. Maintain a low number of regrettable departures.

Collaboration and Communication:
Goal: Enhance collaboration and communication between the security team and stakeholders.

Milestone: Establish regular crossfunctional security interviews or surveys with key stakeholders within the first month.

Quota: Achieve regular positive written feedback and recognition for Information Security from partner teams on security collaboration.

Strategic Initiatives:

Goal: Successfully execute key strategic security initiatives such as implementing a zerotrust security architecture or enhancing cloud security posture.

Milestone: Create clear tracking of progress against milestones deliverables and timelines for each initiative

Quota: Achieve 90% key milestones for each strategic initiative as planned.

What youll do

• Provide technical leadership and guidance to security teams responsible for:
• Security engineering and automation
• Incident response
• Vulnerability management
• Product application and infrastructure assurance
• Penetration testing
• Enterprise security
• Security consultation and guidance
• Partner with the CISO to execute the overall security strategy ensuring alignment with business objectives.
• Develop and maintain detailed roadmaps and documentation for key security initiatives and be a key point of engagement for Engineering and Product organizations.
• Develop and maintain detailed roadmaps and documentation for key security initiatives.
• Track and report on key security metrics to measure program effectiveness and identify areas for improvement.
• Contribute significantly to security budget discussions and resource allocation.
• Create valuable and impactful security operations recommendations that inform technical decisions while managing change and competing demands.
• Foster a culture of collaboration and knowledge sharing within the security organization.
• Growing inspiring and retaining a diverse highperforming team of security professionals that are forwardlooking and adaptive to emerging security technologies and threats.

This role requires

• 10 years of experience in cybersecurity with 5 years in a leadership role.
• Experience working in a SaaS or cloudbased business.
• Strong technical background in security engineering incident response vulnerability management and cloud security SIEM EDR and SOAR.
• Deep understanding of security best practices frameworks and industry standards especially as they pertain to SW development and engineering organizations.
• Excellent communication collaboration and interpersonal skills.
• Ability to influence and build consensus across different teams and levels.
• Passion for mentoring and developing security talent.
• Relevant industry certifications (e.g. CISSP CISM CCISO) are a plus.
• Proven ability to create and execute detailed security plans and roadmaps.
• Strong analytical and problemsolving skills with a meticulous attention to detail.
• Experience with developing and tracking security metrics.
• Excellent organizational and documentation skills.
• Selfmotivated and able to work independently with minimal supervision.
• Possesses excellent interpersonal relationship building and influencing skills; has demonstrated success in influencing key decision makers and business partners to build positive working relationships and in gaining support for cybersecurity investment to execute against strategic initiatives.
• Deep understanding of cybersecurity program planning and managing interdependence across a complex technology landscape including governance risk management architecture technology onboarding vulnerability management awareness and training and cyber thirdparty risk management. Experience in the development implementation and operationalizing ongoing cyber capabilities / solutions.
• Strong understanding and knowledge of common information security management frameworks such as ISO/IEC 27001 and the NIST CSF.
• Experienced in general cybersecurity regulatory and compliance (e.g. SOX SOC2 HITRUST FedRamp DFARS CMMC etc.).

Bonus Characteristics for Success:

• Planning and Organization: You thrive in creating order and structure and you enjoy developing detailed plans and roadmaps to achieve security objectives.
• MetricsDriven: You have a passion for data and metrics and you use them to measure progress identify trends and drive improvements in security programs.
• Documentation: You understand the importance of clear and concise documentation and you have a knack for creating and maintaining it.
• SelfMotivation: You are a selfstarter who can take initiative and work independently to achieve goals.
• ProblemSolving: You enjoy tackling complex security challenges and finding creative solutions.

Fostering a diverse welcoming and inclusive environment is important to us. We work hard to make everyone feel comfortable bringing their best most authentic selves to work every day. We celebrate our talented Relics different backgrounds and abilities and recognize the different paths they took to reach us including nontraditional ones. Their experiences and perspectives inspire us to make our products and company the best they can be. Were looking for people who feel connected to our mission and values not just candidates who check off all the boxes.

If you require a reasonable accommodation to complete any part of the application or recruiting process please reach out to .

We believe in empowering all Relics to achieve professional and business success through a flexible workforce model. This model allows us to work in a variety of workplaces that best support our success including fully officebased fully remote or hybrid.

Our hiring process

In compliance with applicable law all persons hired will be required to verify identity and eligibility to work and to complete employment eligibility verification. Note: Our stewardship of the data of thousands of customers means that a criminal background check is required to join New Relic.

We will consider qualified applicants with arrest and conviction records based on individual circumstances and in accordance with applicable law including but not limited to theSan Francisco Fair Chance Ordinance.

Headhunters and recruitment agencies may not submit resumes/CVs through this website or directly to managers. New Relic does not accept unsolicited headhunter and agency resumes and will not pay fees to any thirdparty agency or company that does not have a signed agreement with New Relic.

Candidates are evaluated based on qualifications regardless of race religion ethnicity national origin sex sexual orientation gender expression or identity age disability neurodiversity veteran or marital status political viewpoint or other legally protected characteristics.

Review our Applicant Privacy Notice at Experience:

Exec