Vice President, Chief Information Security Officer (CISO)

Holman•Mount Laurel, NJ

1d•$275,430 - $426,915•Hybrid

About The Position

Holman is a family-owned, global automotive services organization anchored by our deeply rooted core values and principles that have enabled us to continue Driving What’s Right throughout the last century. Our teams deliver the Holman Experience by treating our customers and each other as we would like to be treated, and creating positive, rewarding relationships all around. The automotive markets Holman serves include fleet management and leasing; vehicle fabrication and upfitting; component manufacturing and productivity solutions; powertrain distribution and logistics services; commercial and personal insurance and risk management; and retail automotive sales as one of the largest privately owned dealership groups in the United States. Holman is currently accepting applications for the position of Vice President, Chief Information Security Officer.

Requirements

15+ years’ experience at a senior management level; multiple levels of reporting relationships strongly preferred
Prior 5+ years in deep, hands-on, technical cyber security roles
Has extensive knowledge and experience within own function and general knowledge of areas, departments and/or function(s) within and across other disciplines
Experience with contract and vendor negotiations and management including managed services
Demonstrated experience complying with Privacy and Security rules and regulations
Bachelor's degree in a related field required
Proficient in various desktop tools including MS Office Programs (i.e. Outlook, Excel, Word, PowerPoint, Project, Visio, SharePoint etc.)
Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST
Strong foundational understanding of secure software engineering principles and cloud security controls.
Experience with any cloud service offerings (Google, AWS , Azure)
Proven understanding of security controls and technologies including but limited to SIEM, DLP, WAF, IPS, and firewalls.
Strong knowledge of rules and regulations related to information and security data confidentiality (i.e. PCI, NIST, NSA)

Nice To Haves

Master’s preferred
Certified Information Systems Security Professional (CISSP)
Certified in Risk & Information Systems Control (CRISC)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
PCI-ISA
OSCP

Responsibilities

Deeply integrate into the business to understand the ‘why’ to build balanced, thoughtful plans to ensure security, compliance, and privacy are in lockstep with every move
Interact with Holman’s Board and Executive team, and will represent security practices and concerns to internal teams, vendors, and customers
Develop Holman’s security roadmap throughout our security engineering practice, building a strong security engineering function to effectively identify vulnerabilities before production and investing in automation and machine learning techniques where possible
Oversee an Enterprise Product Security function that partners with developers to mitigate any product / external facing threats proactively and ensure proper development practices that align to security standards
As Holman migrates to the public cloud, partner with technology to implement modern security standards, specifically related to application development and delivery
Lead teams across application security, infrastructure security, identity, compliance, IT, data privacy, and security engineering
Assess the current state of Holman’s security practices, highlighting areas for immediate and long-term changes
Manage and provide actionable insights to engineering, oversee pen tests and various compliance reports
Ensure risk controls are implemented and fully monitored throughout our system lifecycle
Evangelize security-first practices, policies, and procedures across the broader company - particularly all teams building code - and ensure updated documentation and processes to address vulnerabilities in production
Integrate with and provide technology leadership to Holman’s overall security Governance, Risk and Compliance programs
Own all Security Events and Incident Management (SEIM)
Participate on the overall technology leadership team helping shape the vision of the IT Employee Experience
Stay abreast of the shifting security landscape, and communicate across Executive teams to ensure alignment
Lead overall business continuity and disaster recovery from strategy through execution
Perform all other duties and special projects as assigned

Benefits

Health Insurance
Vision Insurance
Dental Insurance
Life and Disability Insurance
Flexible Spending and Health Savings Accounts
Employee Assistance Program
401(k) plan with Company Match
Paid Time Off (PTO)
Paid Holidays, Bereavement, and Jury Duty
Paid Pregnancy/Parental leave
Paid Military Leave
Tuition Reimbursement
Paid sick leave benefit that meets the mandated requirements (for part-time and temporary employees in geographic areas with statutory paid sick leave)