VP, Cybersecurity

About The Position

Requirements

• 15+ years of experience in cybersecurity, security architecture or computer network defense or equivalent
• Strong, proven skills at indirect leadership through influence to ensure all employees are practicing best in class security management
• In-depth knowledge and experience with relevant National Institute of Standards and Technology (NIST) standard, ISO27001 specifications, SOC2 TYPEII attestation and PCI-DSS certification
• Direct experience handling advanced cybersecurity incidents and associated incident response toolsets
• Proven subject matter expertise in computer forensics, incident response and follow-up, intrusion analysis, malware analysis, and security engineering
• Demonstrated ability to identify and address risks associated with business processes, operations, information security programs and technology projects
• Deep understanding and practical use of security principles, architecture and emerging technologies
• Solid understanding of Windows, *NIX, and Cloud Security (AWS and Azure)
• Managing the design and implementation of digital security solutions, including continuous monitoring and improvements to those solutions
• Managing third party suppliers and partners of security related tools and services
• Pragmatic hands-on knowledge and experience with security considerations of cloud computing, including data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, Advanced Persistent Threats (APTs), data loss and Denial of Service (DoS) attacks
• Demonstrated experience in identity and access management (IAM)
• Prior management of an enterprise-level incident response team and security operations center

Nice To Haves

• Experience with ethical hacking and penetration testing
• Advanced degree in cybersecurity or related fields
• Certified Information Systems Security Professional (CISSP)
• Certificate of Cloud Security Knowledge (CCSK)
• Certified Ethical Hacker (CEH)
• Certified Information Systems Auditor (CISA)
• SANS Institute related certifications

Responsibilities

• Own and evolve enterprise-class security systems
• Implement and maintain compliance with multiple standards (ISO27001, SOC2 TYPE 2, GDPR & PCI-DSS)
• Align standards, frameworks and security with overall business and technology strategy
• Identify and communicate current and emerging security threats
• Design security architecture elements to mitigate threats as they emerge
• Work with software applications leaders to ensure software applications meet highest security best practices and address OWASP, SonarQube and Qualys findings
• Create solutions that balance business requirements with information and cyber security requirements
• Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
• Provide training and foster awareness of security best practices to company team members
• Conduct regular system tests and ensure continuous monitoring of network and applications security
• Establish and test disaster recovery procedures and conduct breach of security drills
• Promptly respond to all security incidents and provide thorough post-event analysis

Benefits

• Health, dental, and vision insurance
• Competitive 401(k) matching
• Paid Time Off
• High-growth oriented environment with results-driven team
• Direct influence over the future of our cyber security strategy