Head of Information Security | Rapidly Growing SaaS Provider
This critical role was responsible for cybersecurity governance of over US$1 trillion in contractual value. NGS Global’s sound methodology and lack of off-limits constraints enabled us to attract and secure a best-in-class leader.
Our client was a rapid growth, well-funded provider of an enterprise contract management platform in the cloud, helping companies increase contract velocity, protect against risk by ensuring regulatory and policy compliance, and optimize their commercial relationships by maximizing revenue and reducing costs. An analyst-validated industry leading solution, it is used by the largest of global corporations across more than 90 countries. The firm manages in excess of 7.5 million contracts in more than 40 languages, governing over US$1 trillion in value.
Our client’s business was growing at over 70% every year and they were looking to significantly improve their information security function; not only to secure their internal IT systems but also to secure client data hosted on their platform.
This was obviously a critical role, as our client’s business was about helping their clients manage their contracts, and this meant that sensitive data, belonging to clients, was hosted on their cloud. They needed this leader to be a hands-on professional with the ability to identify and mitigate all potential security risks as well as deploy technologies that would ensure continuous protection. S/he had to come from a strong technical background, ideally with global product companies and in-depth know-how of global security standards.
At the same time, since this role would also be involved in helping the sales team to respond to the security questionnaires of prospective clients, the person had to have good communication skills and a flair for engaging with client-side information security executives. Additionally, the need to follow secure product development practices meant that the person had to be able to work closely with the product engineering organization.
Strategy and Approach
The search was both exciting and challenging as our client was looking for an executive who not only brought strong hands-on experience with public cloud platforms like Azure, Amazon Web Services or Google Cloud Platform, but was also adept at compliance and security protocols. We followed a structured process to scope out the talent landscape by focusing on three potential candidate types:
• Senior information security leaders with global and Indian SaaS companies as well as large digital businesses
• Information security practice leaders with IT service providers, engaging with global clients in banking, financial services, insurance, telecommunications or healthcare
• Former product development professionals from global cybersecurity product companies who were now in an information security leadership role.
This helped us build an exhaustive list of potential candidates who we interviewed to assess their knowledge and the security situations they might have mitigated. Partners working on the project had a working knowledge of cybersecurity, to ensure meaningful conversations with both client and candidates from an executive and technical perspective.
After interviewing several candidates, we shortlisted six out of whom one was offered the position by our client. This person had 24 years of experience both as a hands-on IT security architect as well as a cybersecurity leader with global software product and information services companies.
Our NGS Global Value-Add
• Structured research based on first principles that enabled us to discover the right candidates.
• Willingness – and ability – to invest time in thoroughly understanding the domain and industry, in order to qualify candidates appropriately, and provide meaningful, requirement-specific updates to the client.
• Minimal off-limits constraints that allowed us to access almost the entire candidate universe from where we were able to find the ideal person who was offered the position.