Calendly is the scheduling automation and meeting lifecycle platform used by millions of users for eliminating the back-and-forth emails to find the perfect time — and so much more. We are looking for an experienced and hands-on security leader to drive our company wide security strategy and compliance for our business and products.
A day in the life of a Vice President, Security at Calendly
The VP, Security will report to the Chief Technology Officer and lead our security organization that is responsible for our product security operations and compliance. You will provide strategic direction, technical expertise, and operational leadership to ensure that our company’s information security and compliance programs are effective, efficient, and aligned with our business objectives. You also have a strong technical background and experience in bringing technical solutions to address security-related issues while communicating and managing security risks across the leadership teams.
You will work closely with many departments across Calendly including Product, Engineering, Legal, Sales, and IT to manage identified risks and partner to mitigate vulnerabilities in software, systems, architecture, processes and practices.
On a typical day, you will be working on:
- Developing, managing and setting the vision for the Information Security Program
- Designing the strategy and architecture for security programs that includes: Audit and Compliance functions, Risk Governance, Security Policies and Procedures, Security Awareness Training, Security Information and Event Management, Incident Response Management and Business Continuity Processes
- Developing an end-to-end understanding of all Calendly systems, tools and processes to identify areas of risk and exposure and a roadmap to remedy them
- Ensuring security architecture deliverables reflect and support business, technical, operational, and compliance objectives
- Building out the Security function at Calendly to keep pace with the growth acceleration and industry demands
- Developing and maintaining detailed Security Architecture Plans and Designs
- Reviewing Threat and Vulnerability reports and creating detailed Action Plans to address risks
- Maintaining awareness of IT/ Security industry trends, evaluating new solutions and techniques, and staying aware of emerging threats
- Promoting awareness of Information Security Best Practices and adequate representation across lines of business
- Prioritizing and delegating Risk Assessment activities and ensuring their completion
- Overseeing newly implemented technologies and coordinating internal/external audits
- Ensuring compliance of the Information Security and Risk Management programs with all Regulatory, Contractual, Association, and Client requirements
- Leading compliance efforts consisting of HIPAA, HITRUST, GLBA, SSAE 18 SOC 1 and 2 reporting, client audit responses (For IT, Security, and related items), PCI, and other compliance requirements
What you bring to the Calendly
- Bachelor’s degree in related field at a minimum and a master’s degree in related field highly desirable
- 12+ years of progressive experience in managing Security department staffing, budgets and invoicing, contractors, vendors, and corporate security programs and projects
- CISSP, CISM, or other equivalent security certification required
- CRISC, CISA, CISM preferred
- ITIL Certification preferred
- Hands-on technical experience with telecommunications and network security solutions (Firewalls, IDS/ IPS, SIEM, Vulnerability Assessment Tools), access control systems, cryptography, physical security systems, and secure SDLC methodologies
- Experience working in a remote first corporate environment as Calendly promotes remote first working
- Authorized to work lawfully in the United States of America as Calendly does not engage in immigration sponsorship at this time
What’s in it for you?
Ready to make a serious impact? Millions of people already rely on Calendly’s products, and we’re still in the midst of our growth curve — it’s a fantastic time to join us. Everything you’ll work on here will accelerate your career to the next level. If you want to learn, grow, and do the best work of your life alongside the best people you’ve ever worked with, then we hope you’ll consider allowing Calendly to be a part of your professional journey.
If you are an individual with a disability and would like to request a reasonable accommodation as part of the application or recruiting process, please contact us at [email protected] . Calendly is registered as an employer in many, but not all, states. If you are located in Alaska, Hawaii, Montana, North Dakota, South Dakota, Nebraska, Iowa, and West Virginia, you will not be eligible for employment. Note that all individual roles will specify location eligibility.
All candidates can find our Candidate Privacy Statement here
Candidates residing in California may visit our Notice at Collection for California Candidates here: Notice at Collection
The ranges listed below are the expected annual base salary for this role, subject to change.
Calendly takes a number of factors into consideration when determining an employee’s starting salary, including relevant experience, relevant skills sets, interview performance, location/metropolitan area, and internal pay equity.
Base salary is just one component of Calendly’s total rewards package. All full-time (30 hours/week) employees are also eligible for our Quarterly Corporate Bonus program (or Sales incentive), equity awards, and competitive benefits.
Calendly uses the zip code of an employee’s remote work location, or the onsite building location if hybrid, to determine which metropolitan pay range we use. Current geographic zones are as follows:
- Tier 1: San Francisco, CA, San Jose, CA, New York City, NY
- Tier 2: Chicago, IL, Austin, TX, Denver, CO, Boston, MA, Washington D.C., Philadelphia, PA, Portland, OR, Seattle, WA, Miami, FL, and all other cities in CA.
- Tier 3: All other locations not in Tier 1 or Tier 2