Colleagues of Ignacio Martinez call him “Chief Worrier”—and with good cause. As vice president of security, risk, and compliance for Smartsheet, Martinez has a big job. He not only oversees these areas for Smartsheet itself but also helps Smartsheet’s customers understand and have confidence in how they are handled. He says that coworkers tell him, “You protect us from everything,” which is a lot to live up to.
Even with so many possible risks to manage, Martinez reports that beyond occasional concerns about where his teenage children are, he generally stays calm. “Don’t worry,” he says. “Start planning.”
Martinez credits much of his composure to the nearly thirty years of consulting he did in the security and risk areas prior to moving into industry and taking his position at Smartsheet. Years of working with a variety of companies exposed him to various industries and disciplines as well as the risks clients faced. The result? Confidence in his ability to assess any risks that might arise and his ability to help teams construct courses of action.
He explains that risks that appear new for any individual company won’t necessarily feel unexpected or panic inducing for someone who has shepherded multiple organizations through similar situations before. “It might not be normal for a lot of people, but when one has seen it before, one can formulate a plan,” the VP says, leaning on the mantra by which he has learned to live.
Martinez came to Smartsheet intrigued by its challenges. Currently, the software as a service (SaaS) company is in the midst of a massive global expansion, which provides Martinez with plenty of opportunities to utilize his experience and expertise. One of those opportunities began six months after his arrival in August 2017, when he planned and then led the company in a strategy to achieve FedRAMP authorization, which is a security standard for cloud services in federal spaces.
After a long and expensive year that involved the formulation of a multidisciplinary team, the creation of an entirely new instance of Smartsheet, and undergoing third-party assessment, the company got the thumbs-up to deploy the platform and begin to address a large federal demand for Smartsheet’s technology.
FedRAMP authorization is hardly the only success Smartsheet has experienced with Martinez’s support. Since his onboarding, the company has more than tripled in size, approaching a four-hundred-million-dollar annual run rate—not to mention it also went public. “I have watched and helped this company go from a start-up to a major enterprise,” Martinez says.
A key to this success, and something Martinez prides himself on, is building well-taught and functioning teams. As he puts it, “My goal is that no one would miss a beat if I was suddenly gone.” Unsurprisingly, given Martinez’s scope of expertise and influence, the teams he works with regularly are diverse in both purpose and operation. They include corporate security and compliance teams that directly report to the VP.
He also has heavy involvement with an engineering information security department as well as the attorneys on the legal team—all of whom work closely with Martinez and run negotiations and drafts.
Of course, Martinez’s facility for teamwork also extends to the partners with which he interacts on a regular basis at Smartsheet. One such partner is Founder and CEO of Anitian Andrew Plato, who explains, “Working with Ignacio was a tremendously rewarding experience. Ignacio has a deep understanding of risk and security in the cloud. His leadership, patience, and compassion united multiple parties—all working at different cadences—into a cohesive effort that got Smartsheet across the finish line quickly.”
Martinez’s enthusiasm for education, talent building, and teamwork also shows itself in his efforts outside of Smartsheet. Dedicated to expanding educational drive in Hispanic communities, he volunteers with a program that puts at-risk youth through private high schools and mentors them into the college years.
“People worry about the unknown. I have confidence because I’ve seen this before.”
In speaking with these young men, Martinez shares his family’s story to show a model for potential. His grandfather, whom he knew well as a child, moved his family to the United States when Martinez’s father was five years old. The family worked as itinerant laborers, but his grandfather insisted that all his children attempt to go to college in order to take advantage of the education available to them. All of Martinez’s aunts and uncles received graduate degrees, and his father, who earned a PhD in organic chemistry, held top-secret posts with the US government.
“Face new worlds,” Martinez tells kids. “Take advantage of education and then there is nothing you can’t do.”
The ingrained understanding that reaching out for opportunity and challenges is impactful will continue to resonate with Martinez as his work at Smartsheet stretches into the future. As he readies himself to take on his next tasks, he talks about a focus on privacy, explaining, “Our customers want to know their data is safe and want to know how it is handled.” He understands that customers, not just the company, seek “protection from everything.”
Keeping these concerns front and center, Smartsheet has a focus on protecting customers’ data in cutting-edge ways, all while pushing on towards its first billion-dollar year. Characteristically, as Martinez describes the company’s path, he is both enthusiastic and calm. He is ready.
Looking forward to exciting changes and growth at Smartsheet, Martinez knows that, as with every company he has worked for, risk is part of the equation. “To make money in business it is all about risk and reward,” he says. Maintaining this knowledge, and, of course, always willing to plan, the vice president feels prepared for what is to come at Smartsheet. “People worry about the unknown,” he says. “I have confidence because I’ve seen this before.”
Kratos, an accredited FedRAMP Third Party Assessment Organization (3PAO), provides cybersecurity services across all commercial sectors, Department of Defense, and Intelligence Community to meet FedRAMP, CMMC, PCI, FISMA/NIST and other cybersecurity frameworks. Our capabilities include strategic cybersecurity consulting, cloud security, penetration testing, continuous monitoring, and 3PAO compliance and assessments. [email protected]