SaaS companies operate at the intersection of speed, scale, and trust. The CISOs who succeed in this environment aren’t just defending infrastructure; they’re shaping product strategy, guiding global teams, and enabling growth without friction. Below is a curated list of security leaders whose work reflects what modern SaaS security leadership looks like today.
Michael Fanning — Splunk
As CISO of Splunk, Michael Fanning leads one of the most comprehensive global security organizations in enterprise SaaS. With more than 20 years in cybersecurity and technology, he oversees everything from security engineering and IAM to product security, detection and response, GRC, and security awareness. His experience scaling high-performing teams of up to 300 people makes him a defining example of security leadership at SaaS scale.
Jason Loomis — Freshworks
Jason Loomis brings rare breadth to the CISO role, spanning IPOs, M&A, SaaS, e-commerce, healthcare, and financial services. At Freshworks, he leads a 70+ person global security organization covering application security, cloud and hybrid environments, SOC, GTM security enablement, and more. Increasingly, Loomis is also a leading voice on AI security and governance, aligning programs with emerging frameworks like ISO/IEC 42001, the EU AI Act, and NIST’s AI RMF.
Robert Phan — ID.me
Currently CISO at ID.me, Robert Phan previously served as CISO at JumpCloud, where he helped secure a cloud-directory platform trusted by thousands of organizations. His background reflects deep experience in identity-centric SaaS environments, where security, privacy, and availability are inseparable from the product itself.
Lea Kissner — LinkedIn
Few security leaders have shaped industry practices as profoundly as Lea Kissner. Now CISO and VP of Engineering at LinkedIn, Kissner previously helped pioneer privacy engineering, Google’s Zanzibar access-control system, and BeyondProd. Her career includes leading large-scale security and compliance transformations under intense regulatory and adversarial pressure, making her one of the most influential figures in modern SaaS and platform security.
Kayla Williams — Devo
An award-winning CISO, Kayla Williams is known for building and scaling security programs across SaaS, cloud, and global financial services. During her tenure as CISO at Devo, she focused on embedding security into the SDLC, strengthening data governance, and enabling innovation through secure design. Her advisory roles across the CISO community further extend her impact on how SaaS companies think about risk and resilience.
Ryan Kazanciyan — Wiz
As CIO and CISO at Wiz, Ryan Kazanciyan oversees IT, security engineering, and risk and compliance for one of the fastest-growing cloud security platforms. His background spans incident response at Mandiant, product leadership at Tanium, and security engineering at Meta. Few CISOs combine deep technical credibility, product intuition, and operational leadership as seamlessly as Kazanciyan.
Kim Larsen — Keepit
Kim Larsen brings more than two decades of leadership experience across government, defense, and IT into his role as Group CISO at Keepit. With deep expertise in governance frameworks such as NIS2, ISO 2700x, CMMC, and FedRAMP, Larsen is known for aligning security strategy tightly with business outcomes, an increasingly critical skill in SaaS organizations operating across regulated markets.
Dennis Dayman — Constant Contact
Dennis Dayman’s career spans more than 30 years at the intersection of security, privacy, data governance, and email ecosystems. Having served as CISO or Chief Privacy and Security Officer at companies like Code42, Proofpoint, Return Path, Eloqua, and Constant Contact, Dayman brings a rare longitudinal perspective on how SaaS security programs evolve through acquisitions, regulatory change, and platform growth.
Wyman Lewis — Raptor Technologies
Wyman Lewis has built and led security programs across SaaS and technology organizations, including Apptega and Auctane, before becoming CISO at Raptor Technologies. His leadership is defined by close partnership with executive teams and a focus on operational excellence, ensuring security programs don’t just exist, but actively support business performance.
Ben de Bont — ServiceNow
As CISO of ServiceNow, Ben de Bont leads security for one of the most widely adopted enterprise SaaS platforms in the world. His long tenure reflects deep experience managing security at scale, balancing innovation with resilience, and aligning security leadership with national and global risk considerations through organizations like Business Executives for National Security.
Marnie Wilking — Booking.com
Marnie Wilking serves as Chief Security Officer at Booking.com, bringing more than 20 years of experience across financial services, healthcare technology, and e-commerce. Known for positioning security as a business enabler, Wilking has built global risk and cybersecurity programs that support digital transformation while meeting demanding regulatory requirements.
Frank Balonis — Kiteworks
Frank Balonis combines deep technical roots with decades of leadership experience. As CISO and SVP of Operations at Kiteworks, he oversees security and operations for a secure content communications platform trusted by global enterprises. His career reflects a strong emphasis on building durable teams and delivering consistent, world-class service in SaaS environments.
Sean Duca — Cisco
With over 20 years in cybersecurity, Sean Duca has led security and technology initiatives across the Asia-Pacific region at Cisco. Known for blending strategic vision with practical execution, Duca has played a key role in aligning cybersecurity services with customer outcomes, bridging the gap between security strategy, customer experience, and business value.
Shaun Khalfan — PayPal
As CISO at PayPal, Shaun Khalfan leads global cybersecurity, product security, and cyber risk for one of the world’s most trusted digital commerce platforms. His work centers on enabling secure, high-velocity innovation while maintaining resilience and trust at massive scale—an essential mandate for fintech and SaaS leaders alike.
Why These CISOs Matter
What unites these leaders is not just their titles, but their influence. They are shaping how SaaS companies think about trust, product security, AI risk, governance, and growth. In an industry where security failures quickly become business failures, these CISOs demonstrate how modern security leadership can be both protective and catalytic.