Vice President, Information Security

Worker Sub-Type:

Regular

 Job Description: 

Responsibilities

• Leads information security subject matter expertise & policies
• Designs (automates) and monitors information security controls / commitments across endpoint /  network / application security, vulnerability / threat management, logging / SIEM, and crypto services
• Oversees incident response & remediation functions
• Conducts penetration testing, forensics and red team exercises
• Lead and motivate a team of security professionals to help ensure the company continues to operate in a secure and stable environment.
• Leverage information security and technology resources within the organization to lead strategic security planning with IT Technology/Operations, development teams, and users across the organization to ensure a secure infrastructure, applications, and overall data security.
• Communicate and ensure compliance with organizational security policies and standards; proactively work with business units to implement practices that meet defined policies and standards for information security
• Provide support, guidance, mentoring and education, to ensure that appropriate monitoring and controls are in place for compliance with established security policies and procedures
• Direct comprehensive security assessments for all organizational information systems and advise on mitigating vulnerabilities
• Provide subject matter expertise to management on a broad range of information security standards, best practices, and compliance requirements.
• Coordinate use of external resources involved in the information security program including negotiating vendor contracts and fees.
• Develop business-relevant metrics to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation and increase the maturity of the security program
• Strong interpersonal skills, communication skills and keen ability to collaborate and knowledge share to drive productivity and foster healthy relationships between employees.

Objectives

• Enable business objectives via integrated security
• Protect organization & customers with enhanced information security program
• Proactive risk and compliance management via establishing the right governance model and measured & reported KRI/KPI
• Cyber prepare the organization via customized cyber simulation exercises, integrated incident response plans etc.

Qualifications

• 15+ years of progressive experience across Security, Technology and Compliance
• Demonstrated leadership in setting and executing information security strategy, driving security operations and incident response.
• Working experience in security requirements for Sarbanes-Oxley, ISO Certifications, SOC2, Data Privacy laws, and PCI etc.
• Extensive knowledge of risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies, and security attack pathologies
• Strong leadership, analytical and problem-solving skills
• Extensive interpersonal skills with the ability to work effectively with end-users, IT peers, managers, and vendors and a keen ability to collaborate and knowledge share to drive productivity and foster healthy relationships between employees

#LI-NR1

Scheduled Weekly Hours:

40