ciso

Welcome to the future of cloud networking and security
Cato Networks is the first company to converge enterprise networking and security into one centralized and global service that is delivered by cloud. It is led by networking and security pioneer Shlomo Kramer (Check Point, Imperva) and early investor (Palo Alto Networks, Exabeem, Trusteer and more). Cato's unique technology inspired a brand-new product category, later named "SASE" by Gartner and a market expected to reach $25 billion by 2027.

This is your opportunity to get on the rocket ship and join a company that is building a cutting-edge enterprise network and secure cloud platform, and is on a fast track to becoming the worldwide market leader – don't miss it

Now we're looking for an experienced CISO to join the Cato team. You will be responsible for all aspects of our security programs such as Enterprise information security assurance, policy, compliance, and security audits, vulnerability and security assessments, including testing of our infrastructure, internal applications, and solution offerings. In addition, you will be in charge of the incident response and security awareness employee training.

Responsibilities

• Enhance and implement the security strategy, including objectives, architecture, information access model, budget, schedule, staffing, and vendor engagement.
• Ensure that Cato Networks' solution and service offerings meet required compliance levels.
• Represent the security program externally with customers, prospects, and partners, and internally with employees.
• Collaborate with the Operations and Engineering teams to integrate security requirements into the product roadmap, implementation, operation, and support.
• Collaborate with IT and HR on corporate security, physical security, workplace safety matters, and personnel security.
• Develop and maintain our privacy program, own GDPR/CCPA compliance, handle data-subject requests, conduct DPIAs, and train the business on privacy best practices.
• Manage security incidents in the production and IT environments.
• Lead remediation from audit findings or security incidents.
• Own the company's security awareness program and training.

Requirements

• 10+ year track record of progressive experience in network and information security and risk management
• Proven experience in managing AppSec, SecOps, and GRC teams.
• Experience designing, implementing, and leading security and risk management programs.
• Experience in managing compliance projects – SOC2, ISO 27001, PCI.
• A solid technical background with strong knowledge of cloud security models and controls.
• Demonstrated experience in data-protection and privacy (e.g. acting as a DPO or equivalent).
• Deep familiarity with GDPR, CCPA, and other global privacy regulations, plus hands-on exposure to privacy by design and DPIA processes.
• Outstanding communication, interpersonal, and relationship building skills; the ability to work well in a cross-functional, matrix management environment.
• An organized, responsive, and engaged problem-solving mindset and approach.