As CISO, you will own Rain's security governance, risk, and compliance strategy, with a particular focus on ISO certification and regulatory readiness, while partnering closely with engineering, infrastructure, legal, and operations teams.

Requirements

Own and drive Rain's information security and compliance strategy, with a primary focus on ISO 27001 (and related standards) readiness, certification, and ongoing maintenance
Serve as the executive owner for security compliance programs (e.g., ISO 27001, SOC 2, vendor risk, customer security reviews)
Design, implement, and continuously improve Rain's security governance framework, including policies, standards, and risk management processes
Partner closely with Engineering, Infrastructure, Product, Legal, and Operations to embed compliance and security requirements into technical and business workflows
Lead and manage external audits, certifications, and assessments, acting as the primary point of contact for auditors and assessors
Translate regulatory, customer, and partner security requirements into practical, scalable controls that align with Rain's architecture and operating model
Own the risk management lifecycle, including risk identification, assessment, prioritization, and executive reporting
Establish and track security and compliance metrics, reporting posture, progress, and risk to executive leadership and the board as needed
Oversee incident response governance, ensuring policies, playbooks, and escalation paths meet compliance and regulatory expectations

Benefits

Unlimited time off
Flexible working
Easy to access benefits
Retirement goals
Equity plan
Rain Cards
Health and Wellness

Requirements

Own and drive Rain's information security and compliance strategy, with a primary focus on ISO 27001 (and related standards) readiness, certification, and ongoing maintenance
Serve as the executive owner for security compliance programs (e.g., ISO 27001, SOC 2, vendor risk, customer security reviews)
Design, implement, and continuously improve Rain's security governance framework, including policies, standards, and risk management processes
Partner closely with Engineering, Infrastructure, Product, Legal, and Operations to embed compliance and security requirements into technical and business workflows
Lead and manage external audits, certifications, and assessments, acting as the primary point of contact for auditors and assessors
Translate regulatory, customer, and partner security requirements into practical, scalable controls that align with Rain's architecture and operating model
Own the risk management lifecycle, including risk identification, assessment, prioritization, and executive reporting
Establish and track security and compliance metrics, reporting posture, progress, and risk to executive leadership and the board as needed
Oversee incident response governance, ensuring policies, playbooks, and escalation paths meet compliance and regulatory expectations

Benefits

Unlimited time off
Flexible working
Easy to access benefits
Retirement goals
Equity plan
Rain Cards
Health and Wellness

CISO

About the Company

Job Description

Requirements

Benefits

Similar Jobs

CISO

Security Engineer

Communications Director

CISO

About the Company

Job Description

Requirements

Benefits

Similar Jobs

CISO

Security Engineer

Communications Director

Job Details

About Rain