VP, Information Security - Technology Management

About The Position

Requirements

• 10+ years of experience managing the implementation and operation of security architecture and tools in a cloud-native environment.
• Experience with Application Security, Vulnerability Management, Security Operations, and DevSecOps.
• Understanding of key cyber security tools to ensure that they are consistently deployed, executed, and continuously improved.
• Strong background in IAM and credentials management solutions and technologies.
• Experience effectively communicating at senior levels within a customer organization.
• Experience leading high performing multi-disciplinary teams with a focus on attracting and developing talent.
• Background in cyber security monitoring and measurements.
• Experience with implementing security solutions for AWS, Azure and/or GCP.
• Experience with Microservices architecture.
• Experience with Docker, Istio, Apigee, ECS, EKS, and Kafka.
• Experience with managing security with SaaS providers.
• Strong background in cyber security controls frameworks and regulatory requirements.
• Experience leading complex security infrastructure consolidation and modernization efforts.
• Strong written and verbal communication skills.

Nice To Haves

• Active CISSP certification or equivalent is preferred.
• Financial services industry experience and strong project management acumen.

Responsibilities

• Develop the cybersecurity architecture while ensuring alignment with broader functional and corporate strategies.
• Lead the development and implementation of strategies for maturing the enterprise cyber security posture to meet or exceed industry standards in a complex, on-prem/multi-cloud environment undergoing digital transformation.
• Define and drive implementation of the Fannie Mae Cyber Security Strategy in alignment with the Fannie Business and Enterprise Risk Management strategies.
• Drive adoption of cyber security best practices for emerging technology areas including multi-cloud, ML, AI, etc.
• Evaluate emerging cyber security solutions and incorporate into Cyber Security Enterprise-wide architecture.
• Drive the standardization and guiding principles for overlaying security architecture patterns over enterprise architecture.
• Develop technical strategies and multi-year roadmaps spanning across all InfoSec domains.
• Establish detailed InfoSec technical integration/API architecture for the integration of security tools.
• Identify and establish tools selections criteria based on current and evolving business needs.
• Lead the prioritization, strategy, and development of cyber services for enterprise.
• Drive the technical security standards of virtualization, cloud infrastructure, and public cloud offerings.
• Drive security controls, tools, processes and risk management alignment with common information security standards.
• Lead integration architecture and security requirements of common infrastructure security technologies.
• Lead the design of security controls for business solutions including application-level access and entitlement management.
• Be a contributing member of a balanced team within an Agile development or DevOps environment.
• Lead the cybersecurity technology transformation to cloud and ensure the ongoing relevance, viability and scalability of cybersecurity applications and systems.

Benefits

• Broad range of Health, Life, Voluntary Lifestyle, and other benefits and perks that enhance an employee's physical, mental, emotional, and financial well-being.