Position Summary
The Chief Information Security Officer (CISO) owns enterprise security strategy, risk management, and compliance for the FAL Group of companies under Fortive (Accruent, Gordian, and ServiceChannel) all of which are SaaS / data platform companies in the Facilities and Asset Lifecycle space. This is a senior management role reporting directly to Chief Digital and Services Officer at Accruent, with regular visibility and dotted line reporting accountability to the executive teams at all three operating companies as well as security and IT leadership at Fortive. The CISO is accountable for protecting customer data, enabling enterprise sales through compliance readiness, and building a security program that scales with the company’s growth trajectory through operating company specific security strategy and program management aligned with Fortive’s baseline posture and policy, but extended to meet the needs of each individual operating company.
This role sits at the intersection of technical security leadership and business strategy. The successful candidate will be equally comfortable running an incident response, presenting risk posture to the executive teams, and walking an enterprise prospect’s security team through the company’s controls during the sales cycle. The successful candidate will also be a seasoned communicator across, upstream to the executive teams and downstream to the business with a clear track record of calibrating communication (written, verbal, and in-person) appropriately to ensure success of the overall security program.
Key Responsibilities
Security Strategy & Program Leadership
- Own and continuously evolve the company’s information security strategy, aligned to business objectives.
- Take existing security in excellence practices, communities, executive constructs, and awareness/culture programs and continue to grow them and integrate them as part of the larger security strategy.
- Lead and develop a high-performing security organization spanning security operations, vulnerability and threat management, security engineering, governance/risk/compliance (GRC), application security, AI security, and all associated cyber or cyber adjacent incident response.
- Set and manage the security budget, including build-vs-buy decisions on tooling and managed services. Ensure the team is budgeted appropriately to meet, interact, grow, develop, and build connections in security across the operating companies, Fortive, and the local security communities they serve.
- Establish security architecture standards across cloud infrastructure, AI, application development, and data platforms.
- Be the consistent voice for security across the three businesses translating asks from Fortive (parent company), calibrating messaging from Fortive to the three executive teams, owning messaging from the operating company back to Fortive, and insulating the operating companies from business impact wherever possible.
- Maintain clear visibility of security posture and strategic programs to the three executive teams, owning cyber considerations for enterprise risk management initiatives, and self-attesting risk assessment initiatives.
- Chair and lead the Information Security Council (ISC) at each operating company, raising security awareness, calibrating updates, and driving resolution of critical cyber risk through executive collaboration and partnership.
Compliance & Certifications
- Own the company’s compliance posture across SOC 2 Type II, ISO 27001, Cyber Essentials Plus, CMMC, ISO 42001, and applicable frameworks (HIPAA, GDPR, CCPA, SOX as relevant to the customer base and internal requirements).
- Lead audit cycles end-to-end — evidence collection, auditor relationships, remediation tracking, and timely certification renewal, while streamlining these operations to minimize business impact.
- Maintain a current risk register and ensure control gaps are tracked to closure with assigned owners and deadlines and appropriately lead executive risk management escalations with the information security councils at each operating company.
Customer Trust & Revenue Enablement
- Serve as the executive owner of the security review process for enterprise sales — including security questionnaires, customer audits, and contractual security terms.
- Partner with Sales and Legal to reduce security-related sales cycle friction, treating security posture as a competitive differentiator rather than a cost center.
- Represent the company in customer-facing security discussions, including Executive Briefing Center engagements with strategic prospects.
Risk Management & Incident Response
- Own the enterprise risk management program, including third-party / vendor risk assessment for the company’s supply chain and subprocessors.
- Build and maintain the incident response plan; lead the response to any security incident, including coordination with Legal, Communications, and executive leadership.
- Conduct regular tabletop exercises and ensure the organization is prepared for both technical and reputational dimensions of a security event.
- Lead regular response tests, tabletops, and resiliency exercises with key business areas and the executive teams at all three operating companies.
Governance & Parent Company Reporting
- Present security posture, risk trends, and program maturity to the Fortive security team and Fortive CISO on a monthly basis.
- Serve as a key stakeholder in technical and security diligence processes, including those associated with financing events or M&A.
- Advise the executive team on emerging threats, regulatory changes, and their business implications.
Required Qualifications
- 10+ years in information security, with 5+ years in a senior leadership role (CISO, VP Security, Director of Security or equivalent) at a SaaS or data-intensive company.
- Demonstrated ownership of SOC 2 and/or ISO 27001 programs, including direct experience managing audit cycles to successful certification.
- Experience managing executive stakeholders at multiple lines of business at the same time, and nuanced understanding of conglomerate/operating company model.
- Experience presenting to boards, executive teams — able to translate technical risk into business terms.
- Strong working knowledge of cloud security (AWS, GCP, and Azure), modern application security practices, and data protection regulations relevant to the company’s markets.
- Track record of building or scaling a security function, including hiring and developing a team.
- Experience supporting enterprise sales cycles through customer security reviews and questionnaires.
- Track record of driving security culture, awareness, trust, and delivering on promises on time with quality across executive teams, and at an employee level.
Preferred Qualifications
- Prior experience leading security at an operating company in a conglomerate/operating company model.
- Strong track record of maintaining best in class team engagement, retention, growth and development of team and in driving enterprise-wide trust around security.
- Relevant certifications: CISSP, CISM, or equivalent.
- Experience with CMMC, FedRAMP, HIPAA, GDPR, or other regulatory frameworks.
Fortive Corporation Overview
Fortive’s essential technology makes the world safer and more productive. We accelerate transformation in high-impact fields like workplace safety, build environments, and healthcare.
We are a global industrial technology innovator with a startup spirit. Our forward-looking companies lead the way in healthcare sterilization, industrial safety, predictive maintenance, and other mission-critical solutions. We’re a force for progress, working alongside our customers and partners to solve challenges on a global scale, from workplace safety in the most demanding conditions to advanced technologies that help providers focus on exceptional patient care.
We are a diverse team 10,000 strong, united by a dynamic, inclusive culture and energized by limitless learning and growth. We use the proven Fortive Business System (FBS) to accelerate our positive impact.
At Fortive, we believe in you. We believe in your potential—your ability to learn, grow, and make a difference.
At Fortive, we believe in us. We believe in the power of people working together to solve problems no one could solve alone.
At Fortive, we believe in growth. We’re honest about what’s working and what isn’t, and we never stop improving and innovating.
Fortive: For you, for us, for growth.
About Accruent
Personal development and becoming the best you is all about growth and exploring new skills and opportunities – both in and out of the office. At Accruent, we call this Grow Without Limits, and we’re proud to offer each of our employees the resources, coaching and support necessary to achieve Growth Without Limits in their personal and professional lives. Explore where the path takes you.
Accruent is a leading provider of solutions for unifying the built environment —spanning real estate, physical and digital assets, and the integrated technology systems that connect and control them. Accruent continues to set new expectations for how organizations can use data to transform how they manage their facilities and assets. With U.S. headquarters in Austin, Texas, Accruent serves over 5,000 customers in a wide range of industries in more than 100 countries worldwide.
We Are an Equal Opportunity Employer. Fortive Corporation and all Fortive Companies are proud to be equal opportunity employers. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity or expression, or other characteristics protected by law. Fortive and all Fortive Companies are also committed to providing reasonable accommodations for applicants with disabilities. Individuals who need a reasonable accommodation because of a disability for any part of the employment application process, please contact us at applyassistance@fortive.com.
Pay Range
The salary range for this position (in local currency) is 145,500.00 – 270,600.00