VP Information Security

About The Position

Requirements

• 12+ years of experience in Information Security, with 5+ years in a senior leadership role guiding security engineering or operations for a mid-to-large organization (2,000+ users).
• Strong working knowledge of GLBA, FTC Safeguards Rule, and financial sector privacy regulations, with a focus on translating them into technical reality.
• Deep technical roots in building and scaling frameworks like NIST CSF, ISO 27001, or CIS Controls.
• Hands-on familiarity with cloud security architecture (Azure/AWS), Zero Trust principles, and modern defensive strategies.
• Proven experience preparing technical environments and teams for successful regulatory examinations and external audits.
• CISSP certification required

Nice To Haves

• Master’s Degree in Cybersecurity or a related technical field preferred.

Responsibilities

• Design and drive a practical, multi-year security roadmap that scales with global business goals and adapts to evolving threat landscapes.
• Partner closely with Privacy, Compliance, and Legal teams to build smart, automated security controls that naturally meet GLBA, FTC Safeguards, and state privacy requirements.
• Mature our security governance, translating complex technical risks into clear, actionable insights for leadership to help guide business decisions.
• Guide and mentor the teams handling threat detection, vulnerability management, and modern ransomware defense.
• Lead collaborative, cross-functional incident response drills and tabletop exercises.
• Champion "Security by Design" across our cloud ecosystems (Azure/AWS), ensuring robust architecture across IaaS, PaaS, SaaS, and Identity & Access Management (IAM).
• Shape our third-party risk management (TPRM) programs, collaborating with procurement to ensure vendor partnerships maintain high data protection standards without creating bottlenecks.

Benefits

• relocation support