Chief Security Officer

Trilliant offers a universal communications platform that is at the convergence of the smart grid, smart city, and global Industrial Internet of Things (IIoT) applications. We bring together multi-technology solutions, global capabilities, and mission-critical communications to deliver future-proof solutions.

We are a device-agnostic, integrated, multi-technology communication platform that provides flexibility to balance technological capabilities with economic needs. Trilliant is committed to best-in-class solutions that empower our customers and their customers to connect to the world of things.

We are an equal-opportunity employer offering comprehensive benefits and compensation packages with a selection of insurance programs. We have dynamic and collaborative work environments with some of the brightest employees in the world. We invest in people and provide opportunities for our employees to grow hand in hand with our business.

Job Description:

The Chief Security Officer (CSO) is responsible for establishing, overseeing, and continuously improving Trilliant’s enterprise‑wide security strategy across product security, corporate IT security, cloud/infrastructure security, data privacy, and regulatory compliance. The CSO ensures that Trilliant’s technology, operations, and customer solutions meet stringent security expectations of utilities, critical infrastructure operators, regulators, and public‑company stakeholders, while enabling business growth and product innovation.

This role balances risk management, customer trust, regulatory compliance, and operational pragmatism in a global, IoT‑enabled, hardware/software environment. The CSO operates as an independent, enterprise‑level advisor and oversight function, partnering with IT and other functional leaders; day‑to‑day operational security execution remains within the respective delivery teams.

Position Responsibilities:

1. Security Strategy & Governance

• Define and own Trilliant’s global security strategy aligned with business objectives, customer requirements, and regulatory obligations.
• Establish a risk‑based security governance framework, including policies, standards, metrics, and reporting to executive leadership and the Board.
• Serve as executive owner for security risk assessments, remediation prioritization, and acceptance decisions.

2. Product & Solution Security (Critical Infrastructure Focus)

• Provide executive security governance, assurance, and risk oversight for product and solution security in partnership with Engineering and Product leadership.
• Define product security governance and assurance practices (e.g., architecture security requirements, threat modeling expectations, vulnerability management standards, penetration testing approach, and coordinated disclosure) in partnership with Engineering and Product leadership.
• Engineering/Development remains accountable for implementing secure‑by‑design practices and remediating product security issues; the CSO provides independent oversight, assurance, and escalation of material product security risks.
• Ensure alignment with IEC 62443, NERC CIP‑adjacent expectations, and utility customer security requirements.
• Support customer security reviews, RFPs, audits, and contractual security commitments.

3. Enterprise & IT Security

• Provide executive oversight of corporate cybersecurity covering identity and access management, endpoint security, network security, cloud security, and incident response, including risk posture, priorities, and control effectiveness.
• Define and maintain enterprise expectations for incident response, breach notification, and disaster recovery; review readiness and testing; during material incidents, IT leads the technical response while the CSO leads executive‑level coordination, governance, and communications, including post‑incident lessons learned and reporting.
• Partner with IT and business leaders to drive remediation plans and security improvements while maintaining operational efficiency and clear accountability.

4. Compliance, Privacy & Assurance

• Executive owner of ISO/IEC 27001, and security partner/participant for broader management system certifications and audits (e.g., ISO 9001, ISO 14001, ISO 45001), as well as SOC reports and other customer‑required security attestations.
• Oversee privacy and data protection obligations (e.g., GDPR, regional privacy laws) in partnership with Legal.
• Support SOX, internal audit, and external audits as they relate to information security controls.

5. Risk Management & Third‑Party Security

• Lead third‑party and supply‑chain security risk management, including contract security clauses and ongoing monitoring.
• Assess risks associated with manufacturing partners, cloud providers, and strategic vendors.

6. Leadership & Culture

• Establish and sustain a security operating culture and model that leverages cross‑functional teams (IT, Product, Engineering, Legal, Compliance) and external partners to deliver security outcomes.
• Promote a security‑aware culture through training, executive engagement, and clear accountability.
• Act as a trusted advisor to the CEO, CFO, CTO, Legal, Sales, and Product leadership.

Position Requirement:

• 12+ years of progressive responsibility in cybersecurity, product security, or technology risk, including executive leadership experience.
• Strong working knowledge of:
• ISO/IEC 27001
• Familiarity with the security-relevant interfaces of ISO management systems (e.g., ISO 9001, ISO 14001, ISO 45001) and how they intersect with governance, risk, audit evidence, and operational controls
• IEC 62443 (or equivalent operational technology security frameworks)
• Cloud security architectures
• Incident response and vulnerability management
• Experience in presenting security risk and strategy to executive leadership and Boards.
• Proven ability to translate technical risk into business‑level decisions.
• Experience working with or selling to regulated utility customers.
• Background in a global, multi‑country operating environment.
• Familiarity with public‑company governance, SOX controls, and audit processes.
• Demonstrated experience securing IoT, embedded systems, utilities, or industrial/critical infrastructure environments

Educations/Certifications:

• Bachelor’s or Master’s degree in business administration or technology related field
• Relevant certifications (e.g., CISSP, CISM, CISA), strongly preferred but not mandatory.

Trilliant Values:

PASSIONATE - We find the right solutions for customers and exceed their expectations.

ACCOUNTABLE - We work smart and tackle problems with urgency to get the job done.

CONFIDENT - We look to the future and partner with each other to deliver world-class solutions.

ENERGIZED - We are excited and support the growth and direction of Trilliant.