Role Description We are hiring a Field CISO to be the public voice of HeroDevs in the AppSec and security-leadership community. - Lead the category conversation externally - Speak at major events such as RSA, Black Hat, BSides, OWASP Global, and regional CISO summits. - Publish original thought leadership: essays, research-backed reports, points of view. - Convene a CISO and AppSec advisory council and host an in-person dinner program in top metros. - Sell from the front by partnering with AEs and CRO on strategic accounts. - Translate value for prospects connecting EOL OSS exposure to metrics their boards track. - Pressure-test our positioning and product with insights from the buyer's perspective. - Coach the field by training AEs, SEs, and CSMs on engaging with security leaders. Qualifications - An AppSec or security leader with experience in application security, product security, or a significant portion of a security program. - Active voice in the community with an audience of practitioners. - Operator credibility from having done the work. - Commercially fluent, able to hold executive conversations. - Builder’s temperament, energized by ambiguity and willing to define a category. Requirements - Recent experience in a respected company, likely as CISO, Deputy CISO, VP or Head of AppSec, or VP or Head of Product Security. - Comfortable being the named, attributable face of a point of view. - Authority comes from practical experience. - Ability to partner cleanly with a sales team. Benefits - Executive-level base plus meaningful equity. - No quota; measures include category leadership, influenced pipeline, and internal leverage. Logistics - Reports to: CEO - Location: Remote, US-based with 30 to 40 percent travel for events, customer meetings, and team offsites. How to apply Send a short note. Skip the cover letter. Tell us why this problem is worth your attention right now. Include a link or two to something you have published or a talk you have given that you are proud of. We read everything. We move fast on the right people. At HeroDevs, we believe in the power of diversity, equity, and inclusion to drive innovation, creativity, and success. We are committed to creating a workplace that embraces and celebrates individual differences. We encourage people of all backgrounds and experiences to apply.

• Drive new business development by prospecting and selling Virtual Perimeter Guard to commercial businesses. • Execute a high-volume, high-activity sales process including outbound calls, field visits, and product demonstrations. • Build rapport and win new customer opportunities quickly. • Deliver persuasive presentations and articulate clear business cases for adopting Interface’s Virtual Perimeter Guard solution. • Collaborate with Marketing, Product, and Revenue Operations teams to align sales efforts with product launches and campaigns. • Track and analyze key metrics including pipeline health, activity levels, win/loss rates, and quota attainment. • Consistently achieve or exceed monthly, quarterly, and annual sales targets.

• Lead API’s global cyber defense program • Own API’s cyber defense strategy across threat intelligence, detection, incident response, and product fraud and abuse • Lead and manage the SOC MSSP, ensuring 24x7x365 monitoring, investigation, and response • Manage API’s cloud security posture across AWS and Azure • Partner with engineering to embed security into product development • Lead containment, recovery, and postmortem activities for security incidents • Apply NIST, MITRE ATT&CK, and the Cyber Kill Chain to guide security architecture • Develop and maintain scorecards that measure SOC effectiveness and organizational risk • Identify and implement automation technologies to improve threat detection

• mature, lead and deliver the firm’s service offerings around system-wide views of threat-driven risks and applying them to the testing of systems and services that the firm delivers. • Partner with sales and delivery teams to support pre-sales engagements, scope assessments, and solution development efforts • Mentor and develop managers, leads, and senior consultants • Influence hiring standards, interview calibration, and onboarding for senior technical roles within the practice • Define and maintain practice playbooks, severity models, and exploitation guidelines • Lead offensive security team members for Cyber Advisors, maximizing the efforts and satisfaction of all offensive security team members. • Mature the program and methodology that shapes how Cyber Advisors approaches Threat Emulation, to include defining the rules and parameters for ethical hacking of systems, software and networks to identify and mitigate potential vulnerabilities • Set direction and oversee the performance of penetration tests and Threat Emulation simulations on targets across all Cyber Advisors partners and customers • Assisting in the sales process with potential or existing clients, and acting as a client’s primary program contact for projects delivered by Cyber Advisors’ Threat Emulation team • As necessary, perform scoped and open-ended assessments on internal and external facing systems • Perform threat and vulnerability research to identify new ways of achieving the program’s mission and act as a source for innovation within the cybersecurity industry • Participate and contribute to Cyber Advisors’ social media presence on various platforms