• Job Description

  Req#: 6859814002

  At Lyft, our mission is to improve people’s lives with the world’s best transportation. To do this, we start with our own community by creating an open, inclusive, and diverse organization.

  Lyft is looking for a Chief Information Security Officer (CISO) to lead our global cyber and data security programs to secure and enable our ability to improve people’s lives with the world’s best transportation. This leader will be responsible for all aspects of information security across the enterprise, including Web and Mobile application security, Cloud, Infrastructure and device security, Security Awareness Training, Policy, and Compliance.

  We seek a proven leader with the ability to define and execute our cybersecurity strategy and drive rigor of our operations, while building a highly skilled and diverse team. This position will partner across functions to drive major security initiatives and will be responsible for effectively communicating goals, risks, and strategic solutions to the Executive Leadership Team and Lyft’s Board of Directors.

  As an innovative and resourceful partner entrusted to protect the Lyft’s environments, systems, data, customers, and users, it is critical for Lyft to build and maintain appropriate security safeguards that are designed to protect the confidentiality and integrity of our products and systems for our customers and internal users.

  You will scale the security organization and drive the program to its next level. You will report to and partner closely with the EVP, Platform Engineering as well as Legal, Product, and Operational leaders to develop and implement a robust framework and appropriate technology and tools. You will interact with broader executive leadership to communicate on our evolving needs, matching the size and complexity of our organization with security strategy and operations right-sized for our stage of growth and the information we safeguard.

  Responsibilities:

  • Define and own a multi-year cybersecurity roadmap and key performance indicators focused on reducing cyber risk
  • Build and inspire a highly skilled and diverse Security team. Foster a culture of trusted cross functional partnership, service, and continuous improvement
  • Create quarterly, annual, and long-term cyber security and cyber risk management goals, articulate strategies, define metrics, and provide necessary updates to executive leadership and the Board of Directors
  • Partner with Product & Engineering leadership for the development, planning, and execution of major security initiatives. Support Lyft’s secure Software Development Lifecycle
  • Collaborate with Lyft’s Audit Committee to establish appropriate security standards and provide an effective governance structure to ensure cyber compliance and accountability
  • Lead Security Incident Response, Third Party Information Security Assessment, Data Protection and Encryption, Identity & Access Management, and Privileged User Access to protect customer and employee data
  • Define cyber security governance and control strategies for emerging technologies such as cloud & containerization, block-chain and distributed computing

  Experience:

  • A Degree in Information Technology or Engineering (Advanced Degree Preferred)
  • Key Industry certifications in Information Security, such as CISSP, CISM and CISA
  • 15+ years of experience in Information/Cybersecurity in a public or large private technology company with a global customer base
  • 7+ years people management experience across a global organization, with hands-on experience building diverse teams while promoting an inclusive organization
  • A demonstrated knowledge of information security standards (e.g., NIST, ISO-27001), rules and regulations related to information security and data confidentiality (e.g., PCI, NIST, NSA) and other various security standards and policies
  • Experience implementing controls and mitigating risks related to GDPR, PCI, HIPAA and other information security and data privacy standards
  • A strong understanding of Cloud Security Mode and key principles, such as CSPs Shared Responsibility Models, Security and Infrastructure as Code, Preventive/Reactive Guardrails, Containerization, Server-less Computing, Continuous monitoring/drift detection, and the importance of end-to-end automation
  • Strong interpersonal and communication skills with the ability to influence at all levels of the organization, while being able to simplify complex topics for understanding and critical decision making by Executive Management and the Board
  • Ability to understand not only emerging industry trends as far as cyber security is concerned but also the landscape of emerging threats, making appropriate adjustments within the cybersecurity program

  Benefits:

  • Great medical, dental, and vision insurance options
  • Mental health benefits
  • Family building benefits
  • In addition to 12 observed holidays, salaried team members have unlimited paid time off, hourly team members have 15 days paid time off
  • 401(k) plan to help save for your future
  • 18 weeks of paid parental leave. Biological, adoptive, and foster parents are all eligible
  • Pre-tax commuter benefits
  • Lyft Pink - Lyft team members get an exclusive opportunity to test new benefits of our Ridership Program

  Lyft is an equal opportunity/affirmative action employer committed to an inclusive and diverse workplace. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status or any other basis prohibited by law. We also consider qualified applicants with criminal histories consistent with applicable federal, state and local law.

  Starting in September 2023, this role will be in-office on a hybrid schedule — Team Members will be expected to work in the office 3 days per week on Mondays, Wednesdays, and Thursdays. Additionally, hybrid roles have the flexibility to work from anywhere for up to 4 weeks per year.

  The expected base pay range for this position in the San Francisco Bay area is $292,500 - $325,000. Salary ranges are dependent on a variety of factors, including qualifications, experience and geographic location. Range is not inclusive of potential equity offering, bonus or benefits. Your recruiter can share more information about the salary range specific to your working location and other factors during the hiring process.

• About the company

  Lyft, Inc. develops, markets, and operates a mobile app, offering vehicles for hire, motorized scooters, a bicycle-sharing system, and food delivery.

Notice