VP of Information Security
New York, NY | Direct Hire
Title: Vice President, Information Security
Salary: Competitive - (Dependent upon experience)
Our client is seeking a VP of Information Security who is a hands-on leader and responsible for all of their business’ information security, risk, and compliance activities. In this role, you’ ll have visibility and accountability to our clients executive leadership team as well as customers. Constant collaboration with the larger technology organization is crucial, with separation in reporting to uphold proper compliance and separation of concerns.
Technical responsibilities include partnering with the technology and operations teams to ensure data breach prevention, development and implementation of security best practices, and appropriate metrics for assessment. Corporate responsibilities focus on a broad understanding of business requirements, compliance against key regulatory standards such as FedRAMP, timely risk assessments, training of company staff, and advocating with customers.
The ideal candidate will maintain a pragmatic balance between control and enablement of the business, and be able to make and communicate appropriate trade-offs. Leadership responsibilities include direct leadership of a small team of hands on security engineers and analysts, growing with the scope of the business.
Assess our clients development and operation environments to identify risks and gaps related to information security, including potential data breach risks
Define, champion, and execute the overall corporate IT security strategy, roadmap and governance structure with the buy-in from operational and business stakeholders
Communicate information security and compliance risks to management to ensure proper awareness and decision making. Understand business processes and information system requirements and the associated information risk in those processes.
Implement all IT security, data breach, and regulatory compliance programs including legal requirements, industry regulations, and best practices.
Develop corporate information security and risk policies, training and education. Provide managerial and technical guidance on the development of information security policies, guidelines, standards, procedures, and responsibility designations
Ensure business requirements include security requirements, and are aligned with and support security mission, policies and procedures and their relationship to security, privacy and compliance requirements.
Oversees security incident response planning and participates in the investigation of security breaches.
Has at least 5 years of leadership experience in information technology security in a high-growth startup or consulting environment. Experience with practical security in cloud environments a strong plus.
Proven leadership across the organization ranging from planning, project management and budgeting to activities expounding the value of information security
Strong client and regulator facing experience, leading risk and compliance initiatives for technology products that hold highly sensitive and/or regulated data
Experience in consulting with business and technology leaders including discovery, solutions definition, analysis and evaluation, executive presentations, facilitation, documentation, implementation, business process modeling, change management.
Knowledge of current technical security and data breach prevention protocols and standards including all IT security, data breach, and regulatory compliance, legal requirements, industry regulations, and best practices (SOC 1 & 2, FedRAMP)
If you feel like you are the right fit for the job above, please click the apply online button below and I will be sure to reach out ASAP!