VP Information Security

About The Position

Requirements

• 12+ years in Information Security, with at least 5 years in a senior leadership role overseeing enterprise-wide accountability for a mid-to-large organization (2,000+ users).
• Advanced mastery of GLBA, FTC Safeguards Rule, and state privacy regulations within the financial services sector.
• Deep hands-on experience building and maturing frameworks based on NIST CSF, ISO 27001, or CIS Controls.
• Demonstrated expertise in cloud security architecture (Azure/AWS preferred), Zero Trust principles, and modern ransomware defense strategies.
• Proven track record of successfully leading organizations through regulatory examinations and external audits.
• CISSP certification (required).
• Currently reside within a local commuting distance of Madison, WI.

Nice To Haves

• Master’s Degree in Cybersecurity (preferred)

Responsibilities

• Strategic Leadership: Develop and execute a multi-year security strategy aligned with global business goals and evolving regulatory landscapes.
• Executive Partnership: Act as a key advisor to the Chief Privacy Officer, Chief Compliance Officer, and Legal team to align security controls with GLBA, FTC Safeguards, and state privacy laws.
• Enterprise Risk & Reporting: Mature our security governance and provide executive-level reporting on risk exposure, remediation progress, and overall security posture.
• Security Operations: Oversee threat detection, vulnerability management, and modern ransomware defense. Lead cross-functional incident response and tabletop exercises with executive stakeholders.
• Cloud & Infrastructure: Establish secure architecture across IaaS, PaaS, and SaaS (Azure/AWS), embedding "Security by Design" into system operations and Identity & Access Management (IAM).
• Third-Party Oversight: Lead the design and monitoring of third-party risk management (TPRM) programs, ensuring vendor contracts meet rigorous data protection standards.