Corporate Vice President, Red Team Program Lead

About The Position

Requirements

• Prior experience in IT system ownership, cybersecurity program coordination, technology risk, project/program management, or related technology governance roles.
• Experience managing cross-functional initiatives involving technology, cybersecurity, risk, business, vendor, and executive stakeholders.
• Demonstrated experience tracking deadlines, dependencies, action items, budgets, deliverables, and outcomes across complex initiatives.
• Prior experience supporting vendor management activities, including coordination of deliverables, timelines, invoicing, and performance expectations.
• Experience preparing executive-facing materials, status updates, metrics, dashboards, or management reporting.
• Familiarity with cybersecurity, cyber defense, technology infrastructure, application environments, identity and access management, incident response, or security operations concepts.
• Prior experience in a regulated financial services, insurance, or similarly complex enterprise environment preferred.
• Bachelor’s degree required or equivalent work experience.
• Project or program management experience or exposure.
• Cybersecurity or technology risk certification preferred, such as Security+, CISSP, CISM, CRISC, or similar designation.
• High-level understanding of cyber defense organizations, including security operations, incident response, threat intelligence, vulnerability management, identity, infrastructure, and application security functions.
• High-level understanding of enterprise technology functions, including application ownership, infrastructure, cloud, networking, end-user technology, and technology operations.
• Working knowledge of risk management, issue management, control remediation, and executive reporting practices.
• Ability to communicate clearly and professionally with technical teams, business partners, risk stakeholders, vendors, and executive audiences.
• Demonstrated ability to build trust and maintain positive working relationships, including in situations involving challenging findings, sensitive topics, or competing priorities.
• Strong organizational, analytical, written communication, and presentation skills.
• Ability to translate technical or complex cybersecurity concepts into practical business language.
• Proven ability to drive accountability and outcomes across teams without direct authority.
• Sound judgment, discretion, and professionalism when handling confidential or sensitive information.
• Self-motivated and detail-oriented, with the ability to manage shifting priorities in a dynamic execution environment.
• Ability to prioritize and deprioritize work based on risk, urgency, stakeholder impact, and available capacity.

Nice To Haves

• Experience supporting offensive security, penetration testing, adversary simulation, purple team, incident response, or cyber resilience programs preferred but not required.

Responsibilities

• Manage the Red Team Program engagement pipeline, including intake, prioritization, planning, scheduling, execution tracking, and post-engagement follow-up.
• Maintain program plans, milestones, deadlines, dependencies, and deliverables across concurrent exercises and related activities.
• Support annual and quarterly planning activities, including exercise selection, resource planning, stakeholder alignment, and program roadmap maintenance.
• Track program risks, issues, decisions, and dependencies, escalating items as appropriate to leadership.
• Help establish and maintain repeatable processes, templates, procedures, and governance documentation.
• Coordinate across cybersecurity, technology operations, risk, business, and control functions to support the successful planning and execution of Red Team engagements.
• Build and maintain positive relationships with stakeholders, including during exercises that may involve sensitive findings, operational disruption concerns, or adversarial scenarios.
• Serve as a point of coordination between the Red Team Control Board, technical operators, defensive teams, technology owners, business stakeholders, and executive audiences.
• Support pre-engagement communications, rules of engagement, stakeholder briefings, deconfliction activities, and post-engagement readouts.
• Exercise extreme discretion and sound judgment when handling confidential plans, sensitive results, and need-to-know communications.
• Support the definition and documentation of engagement scope, objectives, assumptions, constraints, timelines, and success criteria.
• Track observations, findings, themes, and remediation commitments resulting from Red Team exercises and related security assessments.
• Partner with stakeholders to drive follow-up actions, confirm ownership, monitor progress, and support timely resolution of agreed outcomes.
• Help categorize engagement results in a consistent and meaningful manner to support trend analysis, executive reporting, and risk-informed decision-making.
• Maintain accurate records of completed exercises, key outcomes, lessons learned, and program metrics.
• Develop and maintain program reporting, dashboards, and executive-level materials summarizing Red Team activity, outcomes, risks, trends, and remediation progress.
• Translate complex cybersecurity concepts and exercise results into clear, practical, and audience-appropriate communications.
• Support recurring updates to cybersecurity leadership, technology leadership, risk partners, and other executive stakeholders.
• Identify recurring control gaps, organizational themes, and opportunities to improve cyber defense capabilities based on engagement results.
• Ensure reporting is accurate, balanced, actionable, and appropriately sensitive to audience and confidentiality considerations.
• Support selection and management of third-party vendors engaged in Red Team, adversary simulation, or related cybersecurity assessment activities.
• Coordinate vendor onboarding, statements of work, timelines, deliverables, invoices, and performance tracking in partnership with procurement and program leadership.
• Assist with budget planning, expense tracking, forecasting, and analysis for Red Team Program activities.
• Monitor resource needs and constraints, helping leadership prioritize or deprioritize work based on risk, business priorities, capacity, and timing.
• Help ensure vendor activities are aligned with internal standards, engagement objectives, and stakeholder expectations.
• Identify opportunities to improve program structure, execution discipline, reporting consistency, stakeholder experience, and outcome management.
• Contribute to the development and maintenance of Red Team Program standards, operating procedures, and best practices.
• Support alignment between Red Team activities and broader cybersecurity, Technology Risk, Incident Response, Vulnerability Management, and control improvement efforts.
• Help mature the program’s ability to measure effectiveness, communicate value, and drive enterprise-level security improvements.
• Adapt program execution to changing priorities, emerging threats, organizational needs, and operational constraints.

Benefits

• leave programs
• adoption assistance
• student loan repayment programs