Principal Business Information Security Officer

In this role, you will lead and mature LastPass's modern, outcome-led risk advisory function. You will drive the evolution of our GRC operating model, embed insight-driven decision support across the organization, and scale our BISO-aligned advisory model. Partnering with cross-functional teams, you will deliver clear, just-in-time risk guidance that enables fast, responsible innovation.

The GRC team strengthens LastPass's operational resilience and stakeholder trust by aligning security, compliance, and business objectives. We partner closely with cross-functional teams across the organization to enable fast, secure decision-making, while maintaining clear accountability and building predictable, scalable governance frameworks that support the company's continued innovation and long-term success.

In this role, you will serve as the primary strategic partner to BizTech while also enabling advisory support across Product, Engineering, GTM, Legal, HR, and Security. You will work closely with teams across Hungary, Portugal, Canada, and the United States to embed risk insight into daily decision flows and strengthen alignment.

• Lead the continued evolution of LastPass's risk management framework to ensure it remains repeatable, scalable, and consistently applied
• Design and scale the BISO-aligned advisory model, defining engagement patterns, communication flows, and partnership rhythms that embed GRC in business decisions
• Provide just-in-time risk advisory for product development, engineering changes, supplier decisions, architecture reviews, and other high-impact initiatives, ensuring risks and tradeoffs are clearly understood
• Build strong cross-functional partnerships, serving as a trusted advisor who translates complex technical and business risks into actionable, business-aligned recommendations
• Coach GRC Analysts to adopt advisory behaviors, apply the risk framework consistently, and deliver high-quality just-in-time support across their aligned business areas
• Partner with Governance and GRC Engineering to integrate risk insights with standards, continuous control monitoring signals, and assurance workflows
• Lead technical and executive-level risk discussions through Risk Governance Committees, driving clarity, alignment to risk appetites, and accountable decisions
• Produce clear, executive-ready risk narratives, reports, and dashboards that support leadership understanding, prioritization, and decision-making

• Proven experience in security, risk management, or GRC, with a strong record of delivering advisory support to technical and business teams
• Deep expertise in risk analysis, including quantification, frameworks, and risk-informed decision-making, with experience building or evolving risk programs
• Demonstrated ability to lead technical and executive-level discussions, facilitate risk governance committees, and drive stakeholder alignment
• Strong track record of building cross-functional partnerships, influencing decisions, and communicating complex risk topics in clear, actionable terms
• Experience providing just-in-time security or risk guidance in fast-paced product, engineering, or SaaS environments
• Strong facilitation, communication, and storytelling skills, with the ability to create concise, executive-ready summaries and risk narratives
• Ability to coach and mentor team members to strengthen advisory skills and ensure consistent application of risk processes
• Growth-oriented mindset, willing to challenge the status quo and introduce scalable, modern practices

• Certifications such as CISSP, CISM, CRISC, CISA, Security+, or related certifications in information security or audit
• Experience working with global teams

• Market-leading password manager
• High-growth, collaborative environment with inclusive teams
• Remote-first culture
• Competitive compensation
• Flexible Paid Time Off policies, including but not limited to: Quarterly Self-Care Days (4 extra paid days off annually) and Volunteer Days
• Parental leave
• Comprehensive health coverage, including dependents
• Home office setup support
• LastPass Families free account for up to 5 members
• Continuous learning and development opportunities, including an annual learning stipend to invest in your growth
• Peer-to-peer recognition through Motivosity
• Employee Assistance Program for well-being support
• Remote work stipend to support your home office needs
• Short-Term or Remote-Centric Work Arrangements for added flexibility

Unlock your potential with us - your skills, experience, and unique perspective matter more than just checking the boxes. Apply today, and let's build the future together!

We’re building an inclusive community that reflects the people of all races, genders, sexual orientations, national origins, backgrounds, and perspectives who share our world.

For all US based jobs please review our Applicant Privacy Notice

For all EU based jobs please review our Candidate Privacy Notice 

Please review our CCPA Notice