Please Note: This is a Utah-based hybrid position which will require some regular in-office days each week. Additionally, employment with BambooHR is contingent on passing both a background and credit check. 

About Us

Our mission is simple: we want to set people free to do great work. People love our software—and it turns out that people love working here too. We've been recognized as a "Best Company to Work For” and we're proud of our team for creating software that makes an impact in the lives of HR pros and employees all over the world. Join us in our mission to set people free to do great work while upholding the highest standards of security and ethics.

BambooHR is a leading SaaS (Software as a Service) organization dedicated to delivering secure and innovative solutions to our customers. We are seeking a highly experienced and motivated individual to join our team as a Vice President of Information Security. As a key member of our leadership team, reporting to the Chief Technology Officer (CTO), you'll champion our security vision and strategy, inspiring a culture of security consciousness across the company. You'll collaborate with cross-functional teams to proactively identify and mitigate risks, ensuring the integrity of our software infrastructure, data assets, and customer trust. Your expertise will be instrumental in establishing BambooHR as a recognized thought leader in cybersecurity.

Essential Job Duties

  • Develop and implement a comprehensive security vision and strategy that aligns with business objectives, key results, and industry best practices.
  • Lead the development and execution of a long-term security roadmap, incorporating emerging technologies and industry trends.
  • Serve as a key advisor to the executive team on cybersecurity risks and opportunities, providing strategic guidance on complex security issues.
  • Explore and recommend opportunities for security to be a strategic advantage in BambooHR’s market position.
  • Establish the company as a thought leader in cybersecurity representing the security strategy, investments, and innovation in company updates, board meetings, industry forums, partners, and regulatory bodies.
  • Oversee security certification, training, and awareness programs for employees, preserving the culture of security within the company.
  • Drive continuous improvement in security programs for threat modeling, vulnerability scanning, and audits and incorporating the highest standards of security in the software development life cycle.
  • Increase efficiency in incident detection, investigation, response, reporting, and postmortem working in partnership with peers and leaders across the company.
  • Research and recommend industry-proven tools, processes, and standards for engineering, identity, access, and operations security.
  • Build and empower a high-performing security team by recruiting and retaining top talent, fostering a collaborative environment, and prioritizing professional development through mentorship and training.
  • Create customer-facing publications, videos, and presentations to represent the company's approach and commitment to safeguarding sensitive information.

What You Need to Get the Job Done 

  • 10+ years of experience designing and implementing technology solutions for cloud security, network security, and application security.
  • Experience in implementing solutions for identity, access, and operations security.
  • Bachelor's degree in computer science, computer engineering, cybersecurity, or related field; equivalent experience also accepted.
  • Relevant certifications such as CISSP, CISM, or equivalent.
  • Experience with cloud platforms (e.g., AWS, GCP) and containerization, large data sets, relational databases, and warehouses.
  • Ability to drive initiatives that require collaboration and accountability across a company.
  • Advanced experience with compliance frameworks (SOC II, SOX, GDPR, PCI)
  • Demonstrated leadership in guiding and motivating a high-performing organization.
  • Passion and excitement for security that is contagious.
  • Strong executive verbal, visual, and written communication skills with the ability to communicate complex security topics to audiences of varying technical aptitudes.

What Will Make Us REALLY Love You

  • Regarded as a trusted and seasoned thought leader who can influence and inspire business partners and leaders.
  • Enthusiasm for inspiring continuous growth and improvement of people, process, and products. 

What You'll Love About Us

  • Great Company Culture. We’ve been recognized by multiple organizations like Inc, Salt Lake Tribune, Glassdoor, & Comparably for our great workplace culture.
  • Make an Impact. We care about your individuality by giving you freedom to grow and create within the company, regardless of your position.
  • Rest and Relaxation. 4 weeks paid time off, 11 paid holidays, and we pay you to go on vacation (ask us about this)!
  • Health Benefits. Medical with HSA and FSA options, dental, and vision.
  • Prepare for the Future. 401(k) with a generous company match, access to a personal financial planner, and both legal and life insurance.
  • Financial Peace University. We pay for a one year subscription and you walk away with financial savvy and a bonus.
  • Give back. Get paid to give your time to the community: ask us about this!
  • Educational BenefitsWhether you are a previous student, or currently enrolled in higher education, we can help cover some of those expenses.
  • Amazing Office Amenities. We’ve got incredible benefits at our Draper headquarters including a full size gym, pickleball courts, a great office cafe, and free fountain drinks! Ask us more about our office!
  • In-Person Onboarding! All new hires get to experience our in-person onboarding class, Bamboo Beginnings, at our Draper, UT headquarters! Ask us more about Bamboo Beginnings!
  • Flexible Work Models. In-office, work-from-home, or hybrid, depending on position and location.

 

About Us

Our mission is simple: we want to set people free to do meaningful work. People love our software—and it turns out that people love working here too. We've been recognized as a "Best Company to Work For” and we're proud of our team for creating software that makes an impact in the lives of HR pros and employees all over the world.

Review

BambooHR is committed to the full inclusion of all qualified individuals and will ensure that persons with disabilities are provided reasonable accommodations throughout the hiring process.  If you would like to request accommodations, please let your recruiter know.

BambooHR is An Equal Opportunity Employer--M/F/D/V
Because our team members are trusted to handle sensitive information, we require all candidates that receive and accept employment offers to complete a background check before being hired.

For information on California Privacy Policy, click here.

Apply for this Job

* Required

resume chosen  
(File types: pdf, doc, docx, txt, rtf)


Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in BambooHR’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.


Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.


Enter the verification code sent to to confirm you are not a robot, then submit your application.

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.