LastPass

SaaS

PrincipalBusinessInformationSecurityOfficer

Ottawa, Ontario, Canada Remote Friendly

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Principal candidates.

The Brief

“Principal Business Information Security Officer at LastPass. Skills: Risk advisory, GRC, Risk management, Stakeholder alignment, Cross-functional partnerships. Lead and mature LastPass's modern, outcome-led risk advisory function. Drive the evolution of our GRC operating model”

What You'll Achieve.

Strengthens LastPass's operational resilience and stakeholder trust; Aligning security, compliance, and business objectives; Enable fast, secure decision-making; Maintaining clear accountability; Building predictable, scalable governance frameworks; Ensure risk management framework remains repeatable, scalable, and consistently applied; Embed GRC in business decisions; Ensuring risks and tradeoffs are clearly understood; Drive clarity, alignment to risk appetites, and accountable decisions; Support leadership understanding, prioritization, and decision-making

Industry & Context.

SaaS

Problems you'll solve

Complex problem solving

What They're Looking For.

Must Have

Proven experience in security, risk management, or GRC, Deep expertise in risk analysis, including quantification, frameworks, and risk-informed decision-making, Experience building or evolving risk programs, Demonstrated ability to lead technical and executive-level discussions, Facilitate risk governance committees, Drive stakeholder alignment, Track record of building cross-functional partnerships, Influencing decisions, Communicating complex risk topics in clear, actionable terms, Experience providing just-in-time security or risk guidance in fast-paced product, engineering, or SaaS environments, Facilitation skills, Communication skills, Storytelling skills, Ability to create concise, executive-ready summaries and risk narratives, Ability to coach and mentor team members, Growth-oriented mindset

Nice to Have

Certifications such as CISSP, CISM, CRISC, CISA, Security+, or related certifications in information security or audit, Experience working with global teams

What You'll Do.

Lead and mature LastPass's modern

outcome-led risk advisory function

Drive the evolution of our GRC operating model

Embed insight-driven decision support across the organization

Scale our BISO-aligned advisory model

just-in-time risk guidance

Lead the continued evolution of LastPass's risk management framework

Design and scale the BISO-aligned advisory model

Define engagement patterns

and partnership rhythms

Provide just-in-time risk advisory for product development

and other high-impact initiatives

Build cross-functional partnerships

Partner with Governance and GRC Engineering to integrate risk insights with standards

continuous control monitoring signals

and assurance workflows

Lead technical and executive-level risk discussions through Risk Governance Committees

executive-ready risk narratives

How You'll Work.

Team & Collaboration

Partnering with cross-functional teams; Serve as the primary strategic partner to BizTech; Enable advisory support across Product, Engineering, GTM, Legal, HR, and Security; Work closely with teams across Hungary, Portugal, Canada, and the United States; Embed risk insight into daily decision flows; Strengthen alignment; Build cross-functional partnerships; Serve as a trusted advisor; Coach GRC Analysts; Partner with Governance and GRC Engineering; Lead technical and executive-level risk discussions through Risk Governance Committees

Communication Scope

Translate complex technical and business risks into actionable, business-aligned recommendations; Create concise, executive-ready summaries and risk narratives; Communicate complex risk topics in clear, actionable terms

Full Job Description

About LastPass LastPass delivers Secure Access Essentials, helping individuals and organizations manage and protect access to AI, applications, and credentials straight from the browser. Trusted by more than 100,000 businesses and millions of users worldwide, LastPass blends strong security with everyday simplicity. From discovering unapproved AI and applications to reducing login friction and securing credentials across the business, LastPass helps teams and individuals stay productive, minimize risk, and remain prepared as their environments evolve. Curious about our products? Visit our website and try it free! We welcome new ideas, support your growth, and recognize your value, if this aligns with what you are looking for in your next career move, Join Us! LastPass is looking for a Principal Business Information Security Officer: In this role, you will lead and mature LastPass's modern, outcome-led risk advisory function. You will drive the evolution of our GRC operating model, embed insight-driven decision support across the organization, and scale our BISO-aligned advisory model. Partnering with cross-functional teams, you will deliver clear, just-in-time risk guidance that enables fast, responsible innovation. About the team: The GRC team strengthens LastPass's operational resilience and stakeholder trust by aligning security, compliance, and business objectives. We partner closely with cross-functional teams across the organization to enable fast, secure decision-making, while maintaining clear accountability and building predictable, scalable governance frameworks that support the company's continued innovation and long-term success. If you are passionate about complex problem solving and motivated by scale, then this is the role for you! Who will you work with? In this role, you will serve as the primary strategic partner to BizTech while also enabling advisory support across Product, Engineering, GTM, Legal, HR, and Security. You will work closely with tea

Free ATS check

Applying for this Principal Business Information Security Officer role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 21 detected · ranked by frequency

Risk advisory ×3

Risk analysis ×3

Risk quantification ×3

Risk frameworks ×3

Risk-informed decision-making ×3

Security guidance ×3

Risk guidance ×3

GRC ×2

Risk management ×2

Stakeholder alignment ×2

Cross-functional partnerships ×2

GRC operating model evolution

Insight-driven decision support

BISO-aligned advisory model scaling

Risk management framework evolution

Supplier decisions

Architecture reviews

Risk narratives

Risk reports

Risk dashboards

BEHAVIOURAL

Passion for complex problem solvingMotivated by scaleCuriousWelcomes new ideasSupportive of growthRecognizes valueGrowth-oriented mindsetWilling to challenge the status quoIntroduce scalable, modern practices

Role Details

Experience 10–99 yrs

Level Principal

Work Mode Remote-first

Category security

AI-Extracted Insights

Domain Areas

information-securityrisk-managementgrcsaas-environments

Certifications

CISSPCISMCRISCCISASecurity+

How to Apply on Greenhouse

Create a Greenhouse profile before applying — it saves time across multiple applications.
Upload your resume as a PDF; the parser handles it better than Word.
Answer all knockout questions carefully — wrong answers auto-reject before a human sees you.
Enable email notifications to track application status in real time.

ANONYMOUS · UNFILTERED

What do employees actually say about LastPass?

Real rants from real employees. Read before you apply.

Read Company Rants →